EU Implements AI Regulations and Data Protection Measures Ahead of 2024 Elections

The European Union has launched a series of initiatives last week to enhance electoral integrity and address the challenges posed by AI in the lead-up to the 2024 European Parliament elections.

The EU introduced a comprehensive Code of Conduct specifically crafted for the 2024 European Parliament elections. This Code, developed by the International Institute for Democracy and Electoral Assistance (International IDEA) in collaboration with European political parties and the European Commission, sets out clear commitments for maintaining election integrity and promoting fair campaigning practices. As stated in the Code, signatories must "ensure an ethical and transparent use of campaign tools and technologies, including artificial intelligence" and "abstain from producing, using, or disseminating misleading content." Furthermore, "the use of artificial intelligence-generated content is only permitted when clearly labelled."

The European Commission previously issued guidelines under the Digital Services Act, aimed at Very Large Online Platforms and Search Engines. These guidelines are designed to "mitigate systemic risks online that may impact the integrity of elections, with specific guidance for the upcoming European Parliament elections in June." The guidelines recommend that these platforms " clearly labelling content generated by AI (such as deepfakes), adapting their terms and conditions accordingly and enforcing them adequately."

The European Data Protection Supervisor (EDPS) also released its 2023 Annual Report, which emphasized the proactive role of the EDPS in regulating AI applications within EU institutions. The report notes the EDPS's contributions to "shaping of AI by ensuring that the fundamental rights to privacy and data protection, and by extension, its rules and principles continue to apply to any development, use and application of AI tools."

In France, the CNIL has issued its first recommendations on the development of AI systems. These recommendations, developed after a public consultation, provide concrete responses to legal and technical issues related to applying the GDPR to AI. They cover topics such as determining the applicable legal regime, defining purpose and legal qualification of actors, carrying out tests and verifications for data reuse, and taking data protection into account in system design and data management.

Meanwhile, Denmark has designated the Danish Agency for Digitalisation as the national coordinating supervisory authority for the EU's AI Act. The agency will take on a coordinating role across supervisory authorities in Denmark and cooperate with other member states and the European Commission, including the EU's newly established AI Office.