How do people feel about AI?

How can AI technologies be regulated?

AI technologies present special challenges to regulators, as they often cross over the traditional regulatory boundaries of national borders, industry sectors and public and commercial use.

Debates about AI regulation often focus on choosing whether AI should be regulated by law which means through an independent regulator, co-regulated by industry and government or​‘self-regulated’ where there is no law, and industry defines its own rules. 

When AI technologies are regulated by an independent regulator, they are subject to rules established by law by government. The regulator is responsible for making sure that those who use and develop AI technologies follow the rules.

An independent regulator can help ensure that the law is interpreted clearly and enforced coherently. As public institutions, regulators can also publish guidance and offer advice to explain what companies and organisations should do to follow the law. They can also investigate and carry out checks on those who might not be compliant; fine them, where required; and order them to stop a certain activity (e.g. processing personal data in a way that violates people’s privacy).

Co-regulation usually means that industry and government work together to write norms and the mechanisms necessary to make sure these norms are respected. In the case of AI, tech companies and the government may work together to develop codes of conduct or technical standards for developing safe and ethical products. The government may offer companies incentives to comply with these standards. These rules tend to be more open-ended and flexible than legislation.

Self-regulation means that companies are responsible for developing their own norms and rules. Industry representatives from private companies with similar or competing interests negotiate and draft voluntary codes of conduct or set technical standards. In the case of AI, this would mean that tech companies would design the rules, adopt them, and ensure that they are effective, without any government involvement. 

Self-regulation could be beneficial in times of crises – like during natural disasters and health emergencies – when companies have to coordinate to set up rules quickly. However, without independent checks, reports and audits, it may be difficult to objectively assess whether companies are following the rules effectively or working for the benefit of people and society.