What organizations need to prepare for now.
The AI Act, the first major legal framework for the use of AI in the European context, came into force on August 1, 2024. One principle that the regulation emphasizes is that of “human oversight”: actors who provide and use AI should be empowered to make informed decisions about its use. However, the mere involvement of natural persons in the use of AI is not enough, as the past has shown. In our article, we look at the famous case of the COMPAS Recidivism Algorithm and show its relevance for other AI application contexts. We highlight three challenges that will be crucial for the implementation of functioning human oversight in the sense of the AI Act: automation bias, the monitoring and testing of AI applications and the traceability of machine decisions.
To provide AI systems with a legal framework, the European Council finally approved the “Artificial Intelligence Act”i (AI Act for short) on May 21, 2024. Launched by the EU Commission in April 2021 and further developed throughout the last years, the AI Act defines a whole series of principles and measures designed to ensure the safe and responsible use of AI systems throughout their life cycle. The AI Act is a product-centric regulation and follows a risk-based approach (see Info Box 1: The AI-Act). These risk categories can be used to regulate which principles and measures to implement, and by which relevant actors. The list of principles and measures is long and includes for certain AI systems, amongst others, criteria for data quality, for documentation and labeling obligations, for accuracy, robustness, and cyber security, as well as for transparency.i
One principle that is also applied by the AI Act is the principle of “human oversight”. According to this principle, certain AI systems must be designed and developed in such a way that “that they can be effectively overseen by natural persons during the period in which they are in use,” including using “appropriate human-machine interface tools” (HMI) tools (p.196 of the AI Act).
The principle of human oversight was already part of the General Data Protection Regulation (GDPR) published in 2016.ii The GDPR granted data subjects the right not to be subject exclusively to automated decisions regarding the processing of their personal data if these have legal or similarly significant effects. In accordance with this principle, various stakeholders—amongst others, providers and deployers—must now consider under the AI Act which measures, regulations, and processes to harness for such human supervision. The AI Act itself does not initially define their exact implementation in further detail.
The good news is that the idea of adding a human to an algorithm as a supervisor is not new. Often summarized under the term ‘human-in-the-loop,’ a variety of approaches have emerged over the past few years that can help to identify and counteract problematic decision-making tendencies in algorithm-based decision-making systems. The bad news is that the past has also shown that involving a human in machine-based decision-making processes does not automatically produce unbiased, unprejudiced decisions.
The human-in-the-loop approach as a panacea?
The COMPAS case is relevant in two respects for current considerations on how the human oversight required by the AI Act can be implemented. Firstly, it is an early example of a human-in-the-loop system: The scores the algorithm provided are made available to the responsible judges to support their decisions. They are not automated without human involvement. On the other hand, the case is one of many examples that show that a human supervisor alone cannot eliminate all the risks associated with the use of AI. In the case of COMPAS, it was humans who made the final decision, even trained judges who are obliged to be impartial. Nevertheless, the judges seemed to make biased and problematic decisions, and COMPAS continues to be used legally in many US states.viii, ix
What we learn from this: Data-based decision-making systems are here to stay. At the same time, however, they do not automatically make more accurate, objective decisions—even if humans are involved in the decision-making process. This shifts the focus away from merely supervising an AI's decisions by a human towards finding the right structures in which the interaction between human actors and AI is finely tuned to the respective application purpose, use case and context. This results in several fundamental challenges for applying organizations, explained below.
-
1. Thoroughly evaluate automation potentials: Trust is good, control is better.
Firstly, there is a fundamental conflict of interest for users of automated decision-making systems if they are to critically assess their output: The time-consuming investigations into the decisions of AI systems do not correspond to the motivation behind the use of such systems, which is to save work and time. Put more simply, if an AI-based decision-making system has invested the efforts of calculating a data-based decision that is as accurate as possible (based on the data received), this makes it less likely that human users will go to the trouble of critically reflecting on the decision a second time or even contradicting the AI. This so-called “automation bias” can even go so far that the recommendations of a system are accepted even though users have contradictory information.
The AI Act relates the problem of automation bias explicitly to the principle of human oversight and demands that organizations instruct their human supervisors not to trust the decisions of an AI too much. This should especially apply to decisions affecting the protection of health, safety or fundamental rights.
To this end, it is crucial to determine whether a task is fundamentally solvable by an AI system and not just use it for the sake of automation alone. A Harvard Business School study showed that AI can indeed help to automate certain business-related tasks—but only if they are suitable for AI automation.x For tasks not suitable for AI automation, there is a 19% higher likelihood of incorrect output when AI is used. One can conclude: AI can also be used to automate the production of inaccurate, incorrect, or unfair output.
To escape the automation bias, organizations must always thoroughly investigate automation potentials and check whether they promote the desired results. In the Harvard study, it was creative and language-based consulting activities that could be easily automated using AI: brainstorming product ideas, for example, designing a market launch strategy or writing memos and business documents.ix However, activities involving the evaluation of text, numbers, and figures were less suitable for automation, especially if the data provided was contradictory. The COMPAS algorithm also has its problems with the complexity of human life histories. Whether and how an AI can help in such cases should, therefore, be carefully considered.
-
2. Test, test, test: After the inspection is before the inspection.
A second challenge concerns the problematic decision-making tendencies of an AI system itself. Recognizing them requires a series of precedents that would eventually reveal such a tendency. Without such a series of prior incidents, a human-in-the-loop will not be able to fulfill their role as a firewall for the spread of problematic decision-making tendencies. As a result, problematic decision-making tendencies of an AI only become recognizable and assessable “ex post” and after its use, especially if these tendencies are not evident from the data used, as in the case of COMPAS.
The AI Act also demands that, for certain AI systems (e.g., High-Risk AI systems), users should be provided with instructions for use that contain information about their anticipated characteristics, capabilities, and limitations. Information in these manuals should be based on, e.g., sufficient testing during the development phase of an AI system and on analyses of used data sets. The AI Act requires that the behavior of certain systems must be monitored throughout the entire life cycle and demands to continuously log and monitor the system during its use (record-keeping). This requires suitable organizational structures and processes that enforce such constant supervision.
The AI Act already defines processes and measures that should be used to monitor High-Risk AI systems. However, there are also other approaches beyond the explicit requirements of the AI Act. So-called ‘red teaming’, for example, puts the behavior of an AI system to the test by hacking it in a targeted and structured manner. This is already common practice with some AI providers such as Microsoft and OpenAIxi and is also foreseen in the USA by the Presidential Executive Order on AI.xii In the context of language models, so-called prompt hacks can be used here, which can lead to an AI expressing dangerous or offensive content even though it has been trained to do the opposite.xiii In terms of human oversight, red teaming not only helps to identify the weak points of an AI, but also to develop the skills needed to recognize these weak points.
-
3. Create transparency: Bringing light into the darkness of the black box.
A third challenge concerns the traceability of an AI's decisions for its users. Many of today's AI systems are based on so-called artificial neural networks, which only allow limited insight into their components and functionality. Also, the exact functionality of commercial AI applications will often remain a well-kept trade secret. As a result, in most cases users can only access the data available to the AI (the input) and the decisions it makes based on this (the output).
To ensure such an overview for High-Risk AI systems, the AI Act requires measures that must be adapted to the risks, level of autonomy and context of use of an AI system. The following principle applies: the greater the risks, the more extensive these measures must be. There are already several approaches available for language models. For example, many AI chatbots such as ChatGPT already provide online references in their responses, which users can check if necessary. AI providers also started providing user interfaces in which parts of a question or chat history that have had a particularly strong influence on an AI's answer or decision-making are highlighted.xiv Many providers also provide their chatbots with a verified knowledge base outside the training data to help avoiding incorrect answers.xv
Although these approaches exist, they will face similar challenges to the COMPAS algorithm: It is impossible to predict how users will handle this information and how much they will trust it. It is therefore crucial to sensitize users in advance and point out the limitations and inner workings of AI systems: AI models are trained with historical data, which is not necessarily compiled for reasons of accuracy or fairness, but often due to its availability.xvi AI models calculate their decisions based on probability and not on pre-defined logical rules, which can lead to different answers to the same questions if they are asked repeatedly or by different users. And often the people who develop an AI system are not the ones who understand the context of the application sufficiently well to be able to assess or evaluate all potential risks. It is important to make users of AI systems aware of these basic functionalities and limitations of AI systems.
AI literacy: It takes more than just a human-in-the-loop.
In general, the users of AI systems are the most important influencing factor for the responsible use of AI. This is an aspect that AI has in common with topics such as data protection or cyber security. Also here, it is crucial that users are sensitized and reflect on decisions in their day-to-day work before addressing these issues. The AI Act provides a framework that prescribes guidelines for the responsible use of AI. However, we have seen from the example of human oversight that the implementation of its principles will still raise many questions and that relevant best practices are only just emerging at best.
Until this changes, all relevant stakeholders must be enabled to make informed decisions about the use of AI. The AI Act refers to this as “AI literacy”i. It comprises the interplay of technical knowledge, experience, education and training, the context in which the AI systems are to be used, and the persons or groups of persons for whom the AI systems are to be used. By considering these aspects, AI literacy should give all relevant stakeholders the necessary concepts to make informed decisions about the use of AI systems.
Organizations that make use of AI are now required to equip their staff with the right skills, resources, and competencies to handle AI responsibly in their day-to-day work. This applies to all AI systems, even if they are not assigned to one of the explicit risk levels in the AI Act and therefore must meet predefined requirements that go beyond transparency and information obligations. Only then can the human oversight required by the AI Act succeed.
Info Box 1: The AI-Act
The Artificial Intelligence Act (in brief: AI Act) is the first product regulation on artificial intelligence that creates a legal framework for the development and use of artificial intelligence (AI) in the EU.i The AI Act also affects companies and organizations outside the EU if they distribute AI systems in the EU or if output from their AI systems is used in the EU.xvii The regulation defines key terms such as “artificial intelligence” and takes a risk-based approach when it comes to regulating AI systems through appropriate measures. The AI Act can be divided into four risk levels for AI systems:
Unacceptable Risk
With this risk level, the AI Act prohibits several AI systems whose risks are unacceptable in its view (see Chapter II, p.171 of the AI Act). These few systems that compromise fundamental rights include, for example, systems that exploit “vulnerabilities of a natural person”, influence people’s behavior using “subliminal techniques” or “purposefully manipulative or deceptive techniques”,” or that evaluate natural persons’ "social behavior” (i.e., social scoring) (see also pp. 24, 29, 42, 152 of the AI Act).
Systemic Risk
This risk level concerns systems of so-called “General-purpose AI models” (GPAI) and their “high-impact capabilities” (see Chapter V, p.259 of the AI Act). These general AI models, which also include Large Language Models (LLMs) such as ChatGPT, can perform a variety of tasks and serve as the basis for many AI systems.
High Risk
This risk level is the main focus of the AI Act (see Chapter III, pp.178-256 of the AI Act). It results in extensive obligations for AI systems regarding documentation, transparency, and human oversight. A whole range of systems fall under this risk level (see Annex III, pp.1-6), including those related to the “biometric verification” and “categorization” of persons, “critical infrastructure”, “employment, workers management and access to self-employment”, and the “access to and enjoyment of essential private services and essential public services and benefits”.
Other Considerations
Certain AI systems pose minimal or no risk to the rights or safety of natural persons. The AI Act provides for minimal obligations for such AI systems. For some AI systems, there are additional transparency obligations under the AI Act (see Chapter IV, p. 256 of the AI Act). These relate to all AI systems that interact with people, generate, or manipulate content and are used to recognize emotions or associate social categories based on biometric data. Examples include spam filters, video games, search algorithms, the infamous deep fakes and chatbots. It must be made clear to users that they are interacting with an AI system.
-
Legal notice
This material is for general information purposes only. It does not contain complete analysis or advice (including legal, financial, or professional advice).
Although we aim to provide accurate and up-to-date information, we would like to point out that, despite careful editing, all information in this work is provided without guarantee. To the extent permitted by law, BearingPoint accepts no liability whatsoever in relation to the use of the content.
The work is protected by copyright. All rights, in particular the rights of distribution, duplication, translation, reprinting and reproduction by photomechanical or similar means or other electronic processes etc. are reserved by BearingPoint.
-
References
i REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL laying down harmonised rules on artificial intelligence and amending Regulations (EC) No 300/2008, (EU) No 167/2013, (EU) No 168/2013, (EU) 2018/858, (EU) 2018/1139 and (EU) 2019/2144 and Directives 2014/90/EU, (EU) 2016/797 and (EU) 2020/1828 (Artificial Intelligence Act). Retrieved 06/06/2024, https://data.consilium.europa.eu/doc/document/PE-24-2024-INIT/en/pdf.
ii Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance), OJ L 119, 4.5.2016, p. 1–88. Retrieved 06/06/2024, https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.
iii Dressel, J. and H. Farid (2018). "The accuracy, fairness, and limits of predicting recidivism." Science Advances 4(1): eaao5580. Retrieved 06/06/2024, https://www.science.org/doi/10.1126/sciadv.aao5580.
iv Larson, J., et al. (2016). "How We Analyzed the COMPAS Recidivism Algorithm." Retrieved 06/06/2024, https://www.propublica.org/article/how-we-analyzed-the-compas-recidivism-algorithm.
v Räz, T. COMPAS: zu einer wegweisenden Debatte über algorithmische Risikobeurteilung. Forens Psychiatr Psychol Kriminol 16, 300–306 (2022). Retrieved 06/06/2024, https://link.springer.com/article/10.1007/s11757-022-00741-9.
vi Christopher, T. and A. Pontón-Núñez (2022). "Automating Judicial Discretion: How Algorithmic Risk Assessments in Pretrial Adjudications Violate Equal Protection Rights on the Basis of Race." Minnesota Journal of Law & Inequality 40(2): 371-407. Retrieved 06/06/2024, https://heinonline.org/hol-cgi-bin/get_pdf.cgi?handle=hein.journals/lieq40§ion=18.
vii Angwin, J., et al. (2016). "Machine Bias: There’s software used across the country to predict future criminals. And it’s biased against blacks.". Retrieved 06/06/2024, 2024, https://www.propublica.org/article/machine-bias-risk-assessments-in-criminal-sentencing.
viii Equivant Supervision (2023) “Why was the COMPAS-R Core created and how does it differ from the standard COMPAS Core?” Retrieved 06/06/2024, https://equivant-supervision.com/why-was-the-compas-r-core-created-and-how-does-it-differ-from-the-standard-compas-core/.
ix Little, L. (2023) “How to avoid the COMPAS problem in healthcare.” Retrieved 06/06/2024, https://medium.com/@laura.h.little/how-to-avoid-the-compas-problem-in-healthcare-906123cd5e12.
x Dell'Acqua, Fabrizio, Edward McFowland III, Ethan Mollick, Hila Lifshitz-Assaf, Katherine C. Kellogg, Saran Rajendran, Lisa Krayer, François Candelon, and Karim R. Lakhani. "Navigating the Jagged Technological Frontier: Field Experimental Evidence of the Effects of AI on Knowledge Worker Productivity and Quality." Harvard Business School Working Paper, No. 24-013, September 2023. Retrieved 06/06/2024, https://www.hbs.edu/faculty/Pages/item.aspx?num=64700.
xi E.O. 14110: Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence, October 30, 2023. 88 FR 75191, pp. 75191-75226. Retrieved 06/06/2024, https://www.whitehouse.gov/briefing-room/presidential-actions/2023/10/30/executive-order-on-the-safe-secure-and-trustworthy-development-and-use-of-artificial-intelligence/.
xii OpenAI Red Teaming Network | OpenAI. Retrieved 06/06/2024, https://openai.com/index/red-teaming-network/.
xiii Red Teaming: Exploiting text completion. How the model responds to biased prompts, prompt injection, gray box prompt attacks etc. Retrieved 06/06/2024, https://doi.org/10.48550/arXiv.2402.04249.
xiv Explainability | Aleph Alpha API (aleph-alpha.com). Retrieved 06/06/2024, https://docs.aleph-alpha.com/docs/explainability/explainability/.
xv https://aws.amazon.com/de/what-is/retrieval-augmented-generation/ What is RAG? - Retrieval-Augmented Generation Explained - AWS (amazon.com). Retrieved 06/06/2024, https://aws.amazon.com/what-is/retrieval-augmented-generation/?nc1=h_ls.
xvi Buolamwini, J. and T. Gebru (2018). Gender Shades: Intersectional Accuracy Disparities in Commercial Gender Classification. Conference on Fairness, Accountability, and Transparency. S. A. Friedler and C. Wilson. 81: 1-15. Retrieved 06/06/2024, http://proceedings.mlr.press/v81/buolamwini18a.html?mod=article_inline&ref=akusion-ci-shi-dai-bizinesumedeia.
xvii Hickman, T. and T. Harper (2024). "The EU AI Act’s extra-territorial scope — Part 2." Data Protection Ireland 17(3). Retrieved 06/06/2024, https://www.whitecase.com/insight-our-thinking/eu-ai-acts-extraterritorial-scope-part-2.
