The new EU AI Act ensures security

AI enthusiasts gathered in Tehnopol Science and Business Park on the 5th of September to learn about the groundbreaking European Union’s AI Act and its correlations with cybersecurity aspects. Product owners, security officers, business owners and all related specialists were brought together within the official side event of the New Nordics AI week.  

Valuable input was provided by top specialists, such as Vattan PS (Lead Organizer of the New Nordics AI Week & Founder of Founderly), Toomas Seppel (Partner and Attorney at Law at Hedman Law Firm), and Sandhra-Mirella Valdma (Cybernetica). The event was moderated by Otto Mättas, AI Mentor at Tehnopol and AI Startup Founder.  

Enhancing the development of AI in Estonia 

The event was introduced by Vattan PS who shared his insights from the New Nordics AI Week as the lead organizer. He gave an overview of the reason why the event series started, stating that regarding AI, nothing remarkable has yet happened in Estonia. “Businesses and startups are getting excited”, he stated, hence bringing together the New Nordic countries. He emphasized that it is important to learn and take full control in the development of AI solutions. “Are you being served or are you creating the services – that’s a choice for you to make”, he concluded.  

Consider the risks of your solution from the start 

Toomas Seppel gave an overview of the EU AI Act and the changes in product development that it brings along with the European-level implementation. Seppel described the Act as a self-guidance tool, foremost developers and product owners need to analyze their solution’s risk in an early phase and make sure that they are compliant with the rules, in order for the market to accept the solution. He also emphasized that the EU AI Act is mainly a consumer-protection act, keeping the balance between consumers and technology.  

Be careful, yet proactive 

As the AI field has boomed over the last decade, almost everybody has the possibility to use AI nowadays. “AI has the possibility to transform industries, drive innovation, improve efficiency and enhance customer engagement”, Sandhra-Mirella Valdma described. She added that most AI solutions are used in customer service. To give an understanding why cyber security is such an important aspect of AI, Valdma presented an example from an AI legal chatbot from New York, which ended up giving small companies malicious legal advice and guided them towards breaking the law. 

She gave an overview of different risk categories of cybersecurity: AI specific, regulatory, and information security. While a lot of solutions use AI models developed by a third party, this opens up possibilities for users of maleficent intent to manipulate the service structures, such as giving false input, uploading malware and more, causing a significant amount of damage to the company. “The best option is to train the model yourself, and having the necessary data in-house – that is the ideal approach”, Valdma emphasized and encouraged to start early, think through all the steps, monitor continuously and collaborate with all the team members related to the AI solution.  

We still need human beings 

The event culminated with a Q&A discussion with the presenters. The panellists discussed a variety of topics – who and how should become the AI officers, how is AI usage being disclosed to clients, what are the future implications for commercial AI use and so forth. The participants concluded that humans are still indeed necessary, for overseeing these new technologies and how these are implemented.  

This event was organised by the AI Development Programme, a cooperation between Tehnopol and the Ministry of Economic Affairs and Communications, with the aim of helping Estonian companies adopt AI solutions. This initiative aims to boost their competitiveness and ensure the sustainability of the Estonian economy in the future.