Exploring Council of Europe’s Framework Convention On Artificial Intelligence

Written By Doğa Usal

10 December 2024

Doğa Usal

With the fast-paced development of AI systems, the need to regulate such new technologies arose rapidly. Europe is taking the lead in regulating AI, particularly with two key initiatives in this space: (i) the adoption on 21 May 2024, of the EU Artificial Intelligence Act (namely, Regulation 2024/1689) (“EU AI Act”); and (ii) the adoption on 17 May 2024 of the Framework Convention on Artificial Intelligence and Human Rights, Democracy and the Rule of Law (“AI Convention”) by the Committee of Ministers of the Council of Europe (“CoE”).

The present article focuses on the key aspects of the AI Convention, comparing it with the EU AI Act, and discusses its impact on arbitration proceedings. 

Overview

The AI Convention requires that the activities within the lifecycle of AI systems comply with the following fundamental principles (i) human dignity and individual autonomy; (ii) equality and non-discrimination; (iii) respect for privacy and personal data protection; (iv) transparency and oversight; (v) accountability and responsibility; (vi) reliability, and (vii) safe innovation. Signatories to the AI Convention include the European Union (EU), the United States, the United Kingdom, Israel, Norway, Georgia, Moldova, Iceland, Andorra, and San Marino.

Cooperation between CoE and EU bodies

While the CoE is an independent organisation from the EU structure, the ongoing and supportive cooperation between the two bodies can be observed through complementary legislative initiatives. For example, the publication by the EU of the General Data Protection Regulation (GDPR) in 2016, prompted the CoE to update, in 2018, the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention 108), initially adopted in 1981. A similar pattern can be seen with the approval of the EU AI Act, followed by the publication of the AI Convention. Although the two legal instruments are different in scope, they complement each other, as acknowledged by the European Data Protection Supervisor (EDPS) “the EDPS would welcome the inclusion in the convention of provisions aiming at reinforcing the rights of persons impacted by the use of AI systems that would complement the future AI Act”.

EU AI Act vs AI Convention

Besides the interplay between these two legislations, they have a different purpose and sphere of application. Firstly, regarding the purpose, as highlighted by Professor  Jacques Ziller here, on one hand, the AI Convention focuses on ethical principles for AI practices to safeguard fundamental rights. AI Convention is centred around core values and broad principles that should be factored into the design of AI systems. On the other hand, the EU AI Act is more methodical, technical and sets concrete obligations upon providers or deployers of AI systems. Secondly, the two have different spheres of application. Importantly, the AI Convention concerns only the signatory States. The AI Convention needs to be ratified and signed by the Member States of CoE, its application is not direct and varies from one State to another. Whereas the obligations in the EU AI Act predominantly concern private entities (natural or legal persons) and its provisions are directly applicable and binding on the EU Member States with (exception stated in Recital 176*). Also, the AI Convention does not benefit from a judiciary review mechanisms to settle disputes arising from its application. Moreover, the signatories of the AI Convention are not limited to EU Member States. CoE has 46 Member States plus six observers including Japan, the US, and Canada. Also, five more observers States and representatives of other international and regional organizations that worked on AI development such as UNESCO, OECD, and OSCE participated in the drafting of the AI Convention.

Applying the AI Convention

The implementation of the AI Convention will require close cooperation between all stakeholders; States, private actors, public sector bodies, and international organizations. The cooperation of private actors is going to be vital for the development of sectorial soft law. Furthermore, the role and obligations of private actors must be examined since the AI Convention is going to cover both the public and private sectors and it will allow States to decide on how to implement such obligations concerning the private sector either through directly applying the obligations set out in the treaty or through other appropriate measures such as non-binding rules and guidelines. The AI Convention provides for follow-up mechanisms, namely the Conference of the Parties (periodic consultations of official representatives of the Parties) for issues concerning the interpretation, application and amicable settlement of disputes arising from the Convention (Article 23), as well as an obligation for the Parties to set up an oversight compliance mechanisms for transparency, trust, and compliance for obligations of the Convention (Article 26). Potential suggestions for oversight mechanisms include human rights due diligence, impact assessments, regulatory sandboxes, and certifications. It is up to the discretion of Signatory States how to implement the follow-up mechanisms. 

Nevertheless, international organizations voiced concerns about the lack of a proper enforcement system and the high level of generality of the provisions of the Convention. The European Data Protection Supervisor (EDPS) declared in a press release that:

“The EDPS understands that the draft Framework Convention will not be directly applicable (self-executing) in States party to the Convention. The EDPS also understands that there is a need for certain flexibility to accommodate the specificities of national legal systems. Notwithstanding this, the EDPS is concerned that the very high level of generality of the legal provisions of the draft Framework Convention, together with their largely declarative nature, would inevitably lead to divergent application of the Convention, thus undermining legal certainty, and more generally its added value.”

The Effect of AI Convention on Arbitral Proceedings 

The main question while assessing the effect of the AI Convention on arbitral proceedings is whether human rights or similar internationally recognized obligations should be taken into account by arbitral tribunals. The AI Convention is a part of public international law. This can impact how investment arbitration tribunals apply international law. It is a matter of debate whether arbitral tribunals would have the power or duty to enforce human rights in the context of AI practices. Whether that is an implied obligation or whether it requires express reference to the AI Convention, future arbitral awards will shed light on this issue. 


*  The exceptions provided in Recital 176 refer to the protection of health, safety, rule of law from the harmful practice of AI, and the improvement of the internal market of the EU in line with the subsidiary principle of Article 5(3) TEU. A similar exception in scope of application is in Article 3 of the AI Convention where issues of national deference and possible violations of human rights through AI practices fall outside of the Convention’s scope of application.


Doğa Usal

Doğa Usal is a legal intern at Bezen & Partners in Istanbul, Türkiye. Doğa is an alumna of Bahçeşehir

University Faculty of Law. Doğa is former director of seminars at ELSA Istanbul and a Willem C. Vis

Moot Court mootie (30th edition). She is a member of ASA Below 40, Young ISTAC and Young ITA mentee (2024-2025).

https://www.linkedin.com/in/doğa-usal-758a5b25a
Next

Exploring Brazil’s Digital Government and Procurement: AI-Powered Insights