| |

AI Compliance at Scale via Embedded Data Governance

There are, roughly speaking, three problems to solve for an Artificial Intelligence system to comply with AI regulations in China (see the note here) and likely future regulation in the USA (see the notes on the Algorithmic Accountability Act, starting here):  Using available, large-scale crawled web/Internet data is a low-cost (it’s all relative) approach to…

| | | |

Can an Artificial Intelligence Trained on Large-Scale Crawled Web Data Comply with the Algorithmic Accountability Act?

If an artificial intelligence system is trained on large-scale crawled web/Internet data, can it comply with the Algorithmic Accountability Act?  For the sake of discussion, I assume below that (1) the Act is passed, which it is not at the time of writing, and (2) the Act applies to the system (for more on applicability,…

| | |

Algorithmic Accountability Act of 2022 and AI Design

The Algorithmic Accountability Act of 2022, here, is a very interesting text if you need to design or govern a process for the design of software that involves some form of AI. The Act has no concept of AI, but of Automated Decision System, defined as follows. Section 2 (2): “The term “automated decision system”…

| | |

Does the EU AI Act apply to most software?

Does the EU AI Act apply to most, if not all software? It is probably not what was intended, but it may well be the case.  The EU AI Act, here, applies to “artificial intelligence systems” (AI system), and defines AI systems as follows: ‘artificial intelligence system’ (AI system) means software that is developed with…

| | |

Legal Compliance of Roles and Requirements

The problem of regulatory compliance for a software system consists of ensuring through a systematic, tool-supported process that the system complies with all elements of a relevant law. To deal with the problem, we build a model of the law and contrast it with a model of the requirements of the system. In earlier work,…

| | |

Toward Benchmarks to Assess Advancement in Legal Requirements Modeling

As software engineers create and evolve information systems to support business practices, these engineers need to address constraints imposed by laws, regulations and policies that govern those business practices. Requirements modeling can be used to extract important legal constraints from laws, and decide how, and evaluate if an information system design complies to applicable laws….

| | | |

Choosing Compliance Solutions through Stakeholder Preferences

Compliance to relevant laws is increasingly recognized as a critical, but also expensive, quality for software requirements. Laws contain elements such as conditions and derogations that generate a space of possible compliance alternatives. During requirements engineering, an analyst has to select one of these compliance alternatives and ensure that the requirements specification she is putting…

| | |

Establishing Information System Compliance via Argumentation

This paper introduces a mixed modeling and argumentation framework applied to assess the compliance of requirements with legal norms, and reports the results of its application in an industrial project in healthcare. Domain experts applied a goal-oriented modeling framework for the representation of requirements and norms, then used argumentation techniques to assess the compliance of…

| | |

Theory of Regulatory Compliance for Requirements Engineering

Regulatory compliance is increasingly being addressed in the practice of requirements engineering as a main stream concern. This paper points out a gap in the theoretical foundations of regulatory compliance, and presents a theory that states (i) what it means for requirements to be compliant, (ii) the compliance problem, i.e., the problem that the engineer…