I don't know, my impression is that this is written by someone who doesn't understand how law works and making hyperbolic assumptions through cherrypicking. I recall a similar panic and outrage when GDPR was introduced, claiming that it will bankrupt startups and small projects etc.
The EU stuff is usually against large corporations who pose systematic risks. Think about how TikTok makes the US freak out about China spying and manipulations, for EU it's the the same thing but include Facebook and all other large social media too(because American corporations are foreign in Europe like TikTok is foreign in USA). US considers banning TikTok, EU's approach is to regulate how data is processed and used in order to keep open market and mitigate risks.
So as a rule of thumb, Europol doesn't knock on your door when you train a model on data that doesn't meet the requirements. This is probably designed to make countries introduce laws which will hold Google/OpenAI etc. accountable for their services so they can't just shrug and say "ouppsy, it's not our fault the AI did it".
I'm sorry to pop the alarmist narrative, but this is not the legislation which is going to "get you".
> Europol doesn't knock on your door when you train a model on data that doesn't meet the requirements. This is probably designed to make countries introduce laws which will hold Google/OpenAI etc. accountable for their services so they can't just shrug and say "ouppsy, it's not our fault the AI did it".
Your use of “probably” is quite telling. Probably, as in, maybe not, maybe yes, who knows. As the act is phrased today, anyone who publishes a certain type of model, or a derivative of such, is a subject to certain legal obligations. Do you want to risk that Europol or any other task force knocks on your door, or hope every time that you slip under the radar?
Those acts, together with the CRA, are so vague that a lot of people will operate in a grey area. So maybe nobody knocks on your door for a year. Or two. Or five. But when they knock, good luck defending yourself from a legal action based on laws written by people who had so little idea they had to leave so many vague points open to interpretation depending on who doesn’t like you to what extent.
We've been there with GDPR. It didn't help creating the level playing field they officially wanted to achieve. BigTech has law departments whilst local tech startups have to deal with legal battles initiated by third-class legal firms crawling the web.
They just end up making their local tech entrepreneurs flee to US/UK.
Companies do these things all the time, I guess it's fun to imagine that opening offices in other countries is fleeing and that are fleeing to UK because they are having trouble processing personal data when developing drugs but I don't see why would that be the case.
Fun fact: UK data protection laws are about the same as EU.
As an entrepreneur you have to deal with finances, a great product and market competition. Why on earth would you additionally put legal insecurity on top, up until in a couple of years there might be enough jurisdictional rulings putting shallow definitions in EU regulations into context?
Fun fact: Why would UK miss the chance to attract tech companies and get rid of pre-Brexit laws after they went through all the unfortunate hassle Brexit was?
> Why would UK miss the chance to attract tech companies and get rid of pre-Brexit laws after they went through all the unfortunate hassle Brexit was?
Because UK is not made of libertarians who were under the EU opression but all those EU laws were made with UK's contribution and input. The UK has not become the libertarian utopia and will not become the libertarian utopia inside or outside of EU because the British public at large doesn't want it. If anything, probably the Labour party will win the next elections, the libertarians are very unpopular. British are not Americans and most don't trust corporations and want government involvement in protecting them against wrongdoings.
Brexit's biggest con was that EU is some 3rd party and the British public wants something else. In reality, Brits made the EU.
The benefit actually comes from forcing companies to keep good track of the personal data. Now, the personal data is something they need to think about how to handle and store, the downloading part for me so far was about curiosity.
The fact that you can download some data, presented as “all data”, doesn’t mean that it’s actually properly stored and handled. No way to verify or enforce it.
> The benefit actually comes from forcing companies to keep good track of the personal data
Who is checking for that? Can you give me an example of any public authority within the EU that has the operational excellence to even understand how BigTech is collecting and handling data? For Germany I only see Ulrich Kelber who certainly does not have the competence to even understand how BigTech is doing their things.
It's not about going around and checking but being responsible about it. Thanks to GDPR companies do have someone designated to deal with these things and if they screw up and something bad happens they are liable.
And here we are at the core problem: Implementing laws without being able enforce them is not only ridiculous but harmful for the credibility of any governmental institution. This is the core problem of all EU tech regulations.
Instead of developing operational excellence in their prosecution authorities to be able to track down and punish bad actors, they install regulations for everyone and try to simulate competence harming their own economy.
> Implementing laws without being able enforce them is not only ridiculous but harmful [...]
Not all crimes are preventable, which doesn't mean the laws aren't enforceable. Example: even though murder is illegal, people still commit murder, but they are rightfully punished for it, as the law mandates.
> [...] harming their own economy.
Do you have any proof that tech regulation is detrimental to the economy?
Oh they don't flee, they just don't bother to start new ones in the EU.
Which of the new AI labs is setup in EU?
Stability? Midjourney? Anthropic? Cohere? Every single one is either in the US or UK. LLM companies deal with huge legal uncertainties, especially around data and privacy. Hence investors are reluctant to fund any in the EU, and potential founders are deterred. This is all legacy of the GDPR and the 'regulatory superpower' mindset that the EU deluded itself into.
The only new wave AI company from the EU is DeepL, which is going to face really really intense competition from LLMs.
I have no idea why would you claim that with the introduction of GDPR Europe lost on tech. By tech I mean the SV industry, there are many other technologies out there.
Anyway, why all the "tech" is in SV? Do they have GDPR in the other states?
I don't know internals but would bet that it's an implementation of GDPR which happened shortly before Brexit. Do you really think after all that Brexit hassle they will miss the chance to attract tech companies?
Well the point is that Europe is helplessly missing globally competitive innovative shops in important IT sectors. This is a big economical and political problem which is not solved by referring to marginal copycats of existing US services.
As an employee of a European company which is chosen by European and US customers alike _specifically_ for our competence in European market regulation I see opportunity where you see shortage. Of course, we will never join the ranks of public celebrities such as Facebook or Google, but who cares, really. It's very likely you've interacted with our products in one way or another, we've made some revenue with it, and that counts. That the technology is coming from Europe, you'll never know.
Well I am hearing of them for the first time. Yeah I could be an ignorant, or they are not as relevant as you make it sound. A quick wiki search mentions they are best known for providing datasets for Stable diffusion and Imagen.
And if this is your counter example, then it proves my point that the Americans far more innovative currently.
The EU stuff is usually against large corporations who pose systematic risks. Think about how TikTok makes the US freak out about China spying and manipulations, for EU it's the the same thing but include Facebook and all other large social media too(because American corporations are foreign in Europe like TikTok is foreign in USA). US considers banning TikTok, EU's approach is to regulate how data is processed and used in order to keep open market and mitigate risks.
So as a rule of thumb, Europol doesn't knock on your door when you train a model on data that doesn't meet the requirements. This is probably designed to make countries introduce laws which will hold Google/OpenAI etc. accountable for their services so they can't just shrug and say "ouppsy, it's not our fault the AI did it".
I'm sorry to pop the alarmist narrative, but this is not the legislation which is going to "get you".