Resumen
Muchos países de Latinoamérica están invirtiendo en planes o estrategias de inteligencia artificial (IA) y focalizan en la mejora del desarrollo económico. Una de las características fundamentales de las políticas públicas es el marco regulatorio. Además de las ya ampliamente mencionadas guías éticas, se pueden explorar otras trayectorias normativas como la legislación para la protección de los datos personales y los incentivos económicos. El artículo describe las políticas públicas para la IA de los países de la región que tienen sistemas jurídicos de protección de datos. Utiliza un método cualitativo para evaluar las políticas y estrategias de IA en Argentina, Uruguay, Colombia, México, Chile y Brasil, mediante la descripción de las posibilidades regulatorias en lo relacionado con el uso de la protección de datos. Luego de esta descripción, este estudio abre un debate acerca de los límites y problemas con la utilización de la protección de datos para regular a la IA. Concluye que los países no ofrecen muchas alternativas para evaluar a las inversiones tecnológicas como una posibilidad normativa, aun cuando todos los otros medios confíen en ellos para ser efectivos. También, establece que estas inversiones deben tener en cuenta a la dimensión del valor social para beneficiar realmente a los países.
Abstract
Many Latin American countries are investing on artificial intelligence (AI) plans or strategies focusing on improving their economic development. One crucial feature of any of those public policies is the regulatory framework. Besides the widespread mention of ethical guidelines, one can explore other regulatory paths, like personal data protection law, and economic incentives. The paper describes the AI public policies of the region’s countries that have data protection legal systems. It uses a qualitative methodology to assess AI policies and strategies in Argentina, Uruguay, Colombia, Mexico, Chile, and Brazil, describing their regulatory possibilities regarding data protection usage. After this description, the paper presents a debate about the limits and problems with using data protection to regulate AI. It concludes that the countries gave little space to assess technological investments as a regulatory possibility, even though all the other means rely on them to become effective. Also, it states that these investments must incorporate some social value dimension to actually benefit the countries.
Resumo
Muitos países latino-americanos estão investindo em planos ou estratégias de inteligência artificial (IA) com foco na otimização do seu desenvolvimento econômico. Uma característica crucial de qualquer uma dessas políticas públicas é o marco regulatório. Além da menção generalizada de diretrizes éticas, é possível explorar outros caminhos regulatórios, como a lei de proteção de dados pessoais e incentivos econômicos. Este artigo descreve as políticas públicas de IA dos países da região que possuem sistemas jurídicos de proteção de dados. Ele usa uma metodologia qualitativa para avaliar as políticas e estratégias de IA na Argentina, Uruguai, Colômbia, México, Chile e Brasil, descrevendo suas possibilidades regulatórias em relação ao uso de proteção de dados. Após essa descrição, o artigo apresenta um debate sobre os limites e problemas do uso de proteção de dados para regular a IA. Conclui que os países deram pouco espaço para avaliar os investimentos tecnológicos como uma possibilidade regulatória, embora todos os demais meios dependam deles para se tornarem efetivos. Além disso, afirma que esses investimentos devem incorporar alguma dimensão de valor social para de fato beneficiar os países.
Introduction
Artificial intelligence (AI) has become a subject of great interest for improving economies worldwide. It is also proving to be especially crucial to the future of better public service deliveries. AI applications are being designed to fill voids in areas with cumbersome processes, such as registries or repetitive judicial demands. Notwithstanding the benefits, the ethical elements and the transparency issues in these processes are two worrisome aspects of these innovations. This paper describes the current scenario of the public policies fostering AI in Latin America, and it debates some possible means of regulation, especially data protection law. Many of the AI initiatives are becoming national plans, policies, or strategies in several countries, either described as completed or regarded as in progress. In addition, there is an effort to create a broader cooperation network at the regional level by many sources. One example is the United Nations Economic Commission for Latin America and the Caribbean (ECLAC), which is trying to propose such a movement. Another example comes from the proposal of AI to improve specific tasks, like fighting corruption, as the Organization of American States (OAS) shows (Moss, 2019). The OAS also sponsors the “Red de gobierno electrónico de América Latina y el Caribe” (RedGEALC), which is a network fully involved in advancing this agenda in the region (RedGEALC, 2021). Also, there are some non-governmental initiatives, like IA Latam, which is a network of enterprises and researchers (IA Latam, 2021). Even the Inter-American Development Bank (IADB) sponsored a report delivered by the Fair LAC that comprehensively covers the state of the policies of twelve countries of the region (Gómez Mont et al., 2020). This paper focuses on debating the possible regulatory framework of some Latin American countries, and not the effectiveness of those public policies. All the countries under analysis have data protection statutes. Concerning data protection in the region, it is key to mention the “Red Iberoamericana de Protección de Datos Personales,” which has been performing continuous efforts to improve the national statutes about this subject (REDIPD, 2021).
There already is an ongoing international debate about the need to create institutional mechanisms to regulate AI technologies (Robles Carrillo, 2020). Eduardo Magrani points out the need for reinterpretation of the role of law when designing regulatory solutions for AI (Magrani, 2018). In a broad description, there are two groups of possible remedies to AI’s negative usage. The first is to hold future technologies to ethical standards, both in their production and in their application. This first group intends to create some previous protection by delivering safeguards. The second group of remedies applies legal rules to protect individuals against possible unfair results of AI applications. These legal rules focus on producing means for the individuals to oppose decisions, and to enforce the obligation to previously inform citizens. Moreover, the legal remedies’ premise is that it would not be possible to determine from the start whether a computer application decision would be better or worse than a human decision. These legal solutions are present in many legal systems in a branch that grows worldwide: data protection law. Some well-known provisions are in articles 13, 21, and 22 of the General Data Protection Regulation (GDPR), of the European Union (EU) (Veronese et al., 2019). Many Latin American countries built some legal prescriptions in the same manner.
This article has two sections. The first section describes how Latin America and the Caribbean countries are experiencing two waves of public policies that relate to both data protection and AI. The first wave encompasses statutes and administrative systems for personal data protection, while the second is a wave to approve strategies, plans, and national policies for AI development. Both have an indirect origin in the dissemination of other countries’ public policies, like the EU Digital Single Market. Although it is also clear that other non-European policies may have an impact on the region. The two biggest world economies are on the move. The United States is now coordinating a new Artificial Intelligence Research Resource Task Force (White House, 2021). Also, China has a plan to achieve leadership on the subject by 2030 (Roberts et al., 2020). Thus, the first section also describes the national situation of six countries in the region that have data protection laws and are developing or implementing public policies for AI as well. After describing the potential convergence of those two sets of policies – AI development and personal data protection –, the first section deals with a possible model of regulation for AI. In this first section, there is also some information, country by country, about the current development of those policies to extract the potential application of data protection law to regulate AI. These countries are, specifically, Colombia, Mexico, Argentina, Uruguay, Chile, and Brazil.
The second section brings the debate about the possibilities and limits of meshing data protection with AI. One can consider that using data protection prescriptions to regulate AI would be very difficult since some applications would need access to a vast amount of data to produce predictive results. Some others may consider that it is possible to use legal prescriptions to regulate AI by creating new rights. The paper concludes that any effective regulation combination will demand investments in technological innovation to produce tools and, therefore, results. Also, it indicates the necessity of blending social values into these regulatory technological tools.
The comparison of regulatory models in this paper is based on the methodology of literature review made by Marcio Iorio Aranha, which highlights the necessity of integrating legal analysis into institutional studies. He states that the legal principles are essential gears for understanding the behavior of the information revolution in different national contexts, which applies also to artificial intelligence and its expansion (Iorio Aranha, 2011). It is crucial to mention, along with this author, that comparative literature usually does not intertwine the description of policies with the evaluation of legal frameworks. The originality of the current paper relies exactly on that combined description. In addition, one can evaluate that Iorio Aranha’s methodology is compatible with Roberto Mangabeira Unger’s classic critique about social theory (Mangabeira Unger, 1976). It is usual for policy assessments or even academic research to disregard the role of the law when diagnosing social and political frameworks. This flaw will not appear in this paper. After describing every national policy about AI, some considerations about data protection law will follow. The real purpose of this method will become clear in the discussion section. The evolution of the AI’s fostering policies must be followed by the evolution of the regulatory framework, in which data protection can be one important aspect.
2. Strategies, plans, and policies for AI in Latin America
It is a consensus in the literature that AI has the potential to cause deep changes in all societies and economies around the world. Voices from Brazil point that out in a research paper published by fellows from the Advanced Institute for Artificial Intelligence (AI2), a consortium of Brazilian entities. They assert that AI’s ascension may have a more significant social and economic impact than the Internet revolution, and those ethical considerations will be crucial (Cóbe et al., 2020). Also from Brazil, Fabrício Polido mentions the exponential growth of AI in the field of regulatory policies and international law and highlights interactions between law and technology in the debate (Polido, 2020). A report sponsored by Stanford University presents a list of many national strategies from several countries (Bradley, Wingfield, and Metzger, 2020). These strategies would be part of what Tim Dutton calls a race towards becoming a global leader in AI (Dutton, 2018). Also, Andrés Ortega presents a hypothesis that this strategy’s production movement happens because of the fourth industrial revolution’s geopolitics. He briefly debates the EU’s global role in the pursuit of the digital economy domain, with the increasing use of AI in search of supremacy in this dispute (Ortega, 2019). Frederico Fernández-Montesinos, from the Spanish Institute of Strategic Studies, shares the same point of view (Fernández-Montesinos, 2019). In short, many researchers and policy analysts are focusing on understanding AI as the new center of national and regional agendas of global geopolitics. But what about its regulation?
As mentioned before, those AI public policies may be intertwined with data protection law when it comes to finding solutions to the unfair usage of applications. For example, in EU law, the former Directive 95/46/CE had control mechanisms applicable to AI in decision-making processes. Recently, the EU updated its data protection system, with the entry into force of the GDPR (Regulation EU 2016/679). This regulation has the legal provision of the right to information about the use of personal data, which is combined with the right to object to the results of the treatment of personal data (Veronese, et al., op. cit.). The GDPR greatly expands the right to object data processing in comparison with the Directive. It is also important to note that the Regulation comes from the Digital Single Market, so the right of opposition is just a small part of a larger policy under construction in the EU (Alexandre Veronese, 2019). This regulatory movement of the EU influenced, to a certain extent, the drafting of national statutes regarding personal data protection in Latin American countries. For example, Chile has had a statute about the subject since 1999 (Ley 19.628). Despite being the first, Chile does not have an autonomous public entity to enforce its framework. That is the main reason why Chile cannot have an adequacy decision from the European Commission (Álvarez Valenzuela, 2016). Argentina was the second country to possess a statute on the topic in Latin America, which was passed into law in 2000 (Ley 25.326). However, the Argentinian debate was whether one could use habeas data as a legal tool to access personal data from automated databases. Some countries of the region followed that trend, with the enactment of national statutes from the early to mid-2000s, such as Uruguay, in 2008 (Ley 18.331). The focus of these statutes changed over time, despite some still lacking a more significant adjustment to the new technologies. These two last countries – Argentina and Uruguay – are benchmarks for the region, because the EU, in terms of personal data, considers them to have an adequate level of protection. Other more recent national statutes, however, already fit into a context of a greater potential of new technologies to create AI regulatory mechanisms. Mexico has had its personal data protection legislation since 2010 (Ley Federal de Protección de Datos Personales en Posesión de los Particulares, 2010). Colombia (Ley Estaturaria 1.581 de 2012), Peru (Ley 29.733), and Dominican Republic (Ley 172/2013) passed statutes into law in 2011, 2012, and 2013. Also, Costa Rica did this in 2011 (Ley 8.968), and both Brazil (Lei 13.709/2018) and Panama (Ley 81/2019) did the same in 2018 and 2019. The table below summarizes the status for the region:
Table 1. Status of data protection statutes and administrative authorities to enforce rights in Latin America.
Status | Countries, statutes, and administrative entities |
Countries that have both national statutes and administrative authorities to enforce data protection rights. | – Argentina (National Statute No. 25.326/2000, and Presidential Executive Order No. 1558/2001; “Dirección Nacional de Protección de Datos Personales / Agencia de Acceso a la Información Pública”).
– Uruguay (Statute No. 18.331/2008, and Executive Order no. 414/2009; “Unidad Reguladora y de Control de Datos Personales”). – México (“Ley federal de protección de datos personales en posesión de los particulares”, 5 July, 2010; “Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos”). – Peru (Statute No. 29.733/2011: “Dirección General de Protección de Datos Personales”). – Costa Rica (Statute No. 8.969/2011: “Agencia para la Protección de Datos Personales”). – Colombia (Statute No. 1.581/2012, and Executive Order No. 1.377/2013: “Superintendencia de Industria y Comercio”); – Brazil (Federal Statute No. 13.709/2018: “Autoridade Nacional de Proteção de Dados”). – Panama (Statute No. 81/2019: “Autoridad Nacional de Transparencia y Acceso a la Información”). |
Countries that have a national statute but lack an administrative authority to enforce rights. | – Chile (Statute No. 19.628/1999).
– Dominican Republic (Statute No. 172/2013). |
Nonetheless, besides the global and regional overview demonstrating advances, the Latin American national statutes do not specifically consider AI applications. In Latin America, plans, directives, and strategies for implementing AI in national economic development policies are evolving. Some countries are ahead of others. Besides that, this region is still in disadvantage when compared to the EU Member-states, as shown in the Stanford University Annual Report (Shoham et al., 2018). This report assesses indicators of AI in various fields around the world, and it has been done for a couple of years now (Zhang et al., 2021). It is the result of a big McKinsey survey with two thousand one hundred and thirty-five participants, questioning them about the incorporation of AI applications into the countries. The report explains the EU’s lead in AI by its engagement on the subject. In the EU, this subject is a part of a comprehensive set of public policies, known as Digital Single Market. Some other evaluations exist, like the Oxford Insights AI Readiness Index that measures the suitability of many countries to deploy AI applications (Oxford Insights, 2020). The paper will mention those indexes again.
There are some efforts to develop cooperation on the subject in the region. ECLAC tries to foster a leading role in the AI subject in Latin America and the Caribbean to pursue a national policy integration process in this global context. In this sense, Márcio B. Braga presents, in his study published in 2002, two phases of ECLAC’s behavior in the face of Latin America’s economic development throughout history. In the first phase, the countries dealt with the structural problems. Economic integration was the core strategy of the 1950s. In the second phase, they focused on macroeconomic cooperation and the insertion of Latin American economies in the international economy; that period covers the 1990s (Bobik Braga, 2002). The first phase encompassed regional economic integration as “the creation of a common market as a necessary response to the demands of the economic growth process in the region, a process that is characterized by the industrialization that substituted imports” (Bobik Braga, op. cit.). This first phase did not succeed for several reasons. Some countries developed their national industrial platforms while others did not. The potential synergies in the regions’ economies were not fully explored (Baer, 1972). In the second phase of integration attempts, there is a clear inspiration in the EU’s integration process, with a concept of “open regionalism.” One can understand, from reading two recent ECLAC’s documents, that a third phase is in place. The first is the report “Industrial and Technology Policies in Latin America,” from 2018 (CEPAL, 2017). The second is the report “Human capital for the digital transformation in Latin America,” from 2019 (Katz, 2018). It is possible to interpret that this third phase, in accordance with ECLAC’s objectives, currently focuses on technological integration. Within this context, AI arises as one of the available mechanisms for economic and social development policies. Therefore, it would not be unreasonable to indicate that ECLAC seeks, contemporarily, to foster the construction of a “Digital Regional Market” for Latin America. The many examples of the aforementioned initiatives – RedGEALC, IA Latam, OAS, and IADB’s support, FairLAC – provide ground to this image.
A necessary concern in these national AI strategies is whether they mesh with personal data protection (Rotondo, 2020). The insertion of principles of data transparency and quality in constructing applications is part of a possible protection system. After all, technical sturdiness is one necessary step to enforce personal data protection. The construction of protective safeguards must transcend “philosophical and argumentative speeches around ethics, safety, responsibility, justice,” that became present in those strategies, as Fabrício Polido presents (Polido, 2020). It is key to have technological investments meshed with social value issues.
Colombia, Argentina, and Uruguay are some of the countries that appear in the world mapping of the Organization for Economic Co-operation and Development (OECD) as having effective efforts on developing policies for AI. This analysis comes from the Observatory of Public Sector Innovation’s charge (OPSI). This project counts with the OECD’s participation and has the support of the Horizon 2020, an EU program. The OECD also intends to create the AI Policy Observatory (AIPO), within an international context in which about 50 countries (including those EU Member-states) have developed or are in the process of developing national AI strategies (OECD, 2020) Of those 50 initiatives that the OECD analyses, 37 of them focus on AI for the public sector or have a broader focus, also covering the digital transformation in national governments (OECD, 2019). The OECD’s data can be combined with one IADB´s report to provide a more accurate view of the policies in Latin America. It is important to mention that only six countries are on the IADB’s radar as having ongoing debates about strategies or having them finished (Gómez Mont et al., 2020).
In OECD’s mapping of Latin America, one can see just five countries: Mexico, Colombia, Chile, Argentina, and Uruguay. This map does not show Brazil, in clear contrast with the IADB’s report that also covers this country:
Table 2. Status of the six Latin American AI strategies (complete or forthcoming).
Strategy status (OECD) (OECD, 2020) | Strategy status (IADB) (Gómez Mont et al, 2020) | Relation with the public sector (OECD) (OECD, 2020) | |
Mexico | AI strategy completed | Continuity to be explored | Embedded in a broader strategy |
Colombia | AI strategy forthcoming | Yes | Public role recognized, but to support private sector objectives |
Chile | AI strategy forthcoming | In progress | Unable to determine from public materials |
Argentina | AI strategy forthcoming | Continuity to be explored | Embedded in a broader strategy |
Uruguay | AI strategy completed | Yes | Dedicated strategy |
Brazil | Not listed | In progress | Not listed |
The subject is a new trend in the region. Therefore, even the “completed” AI strategies may have various degrees of deployment and maturation. To solve the issue, the IADB’s report assesses many case studies from each country to provide a general evaluation. This paper will not replicate the findings of the IADB’s report. Its main objective is to evaluate that the regulation of AI towards responsible usage may, to some degree, rely on data protection law enforcement. It is clear that AI can provide tools to improve Latin American public services (Abdala, et al., 2019). It is possible to justify the AI regulation not only for increasing wealth. Although, it is reasonable to indicate that some potential threats may arise from the non-regulated usage of AI. One of them may come from the potential lack of transparency in AI decisions. Also, there can be some risks from the potential biases of the algorithm, and the mishandling of the subject’s data. Moreover, the collecting of data to supply the datasets can raise some issues about the ethical implications of selecting variables. The table below summarizes the abstract possibilities of regulation, as a typology created by the authors of the current paper:
Table 3. Possible regulation of AI.
Sources | Scope of regulation with examples | |
General | Sectorial | |
Data protection law | A national statute that has prescriptions about the general misuse of personal data in AI datasets and decisions. Example: Articles 21 and 22 of GDPR. | Specific statutes that cover some areas of usage, like national security, or consumer activities. Example: the legal use of consumer law to protect citizens against discrimination in those relations. |
Ethical charts and principles | A set of abstract rules that targets developers to foster the building of AI applications in accordance with general ethical rules. Example: the proposition of a general regulation in a debate in the EU Parliament (European Commission, 2020). | The application of more or less general ethical prescriptions solely to specific usage, like labor contracts. Example: the necessity for all prescreened AI hiring to demand a deep reevaluation by a human board. |
Economic incentives | The overture of public and private funding to any kind of AI application project that complies with some requirements, whether they are prospective, economic, self-sustainability or ethically driven prescriptions. Example: only allowing expenditures on any projects that have approval from a compliance board. | The funding of AI application projects mainly to cover some specific objectives, like improving local security or fostering economic activity. Example: concentrating efforts of AI expenditures to improve a chosen industry. Trying to block the access to public funding by some AI applications. |
The table above is a prospective effort by the authors to chart the many possibilities of regulating AI applications. First, it is possible to think of sectoral regulations (health, education, or safety, for example) to embody each field’s specificity. Alternatively, it is also possible to think of the production of more general regulation. Second, there are many ways to regulate. Any regulatory model will have to deal with, at least, the three variables that are present in the table. Moreover, any actual regulatory model will have to combine those variables in a dynamic policy to produce the desired effects. In addition, it is important to mention that both the OECD and IADB reports classify Mexico and Uruguay as having “complete” strategies. One can have some skepticism about this for two reasons. The first reason is that the topic is still ongoing, not only in Latin America but worldwide. It is very hard to assess that any country has a fully complete policy. Periodically, those policies and programs will demand adjustments. Even a hypothetical “completed policy” will require some future modifications as the technology develops. The second reason has to do with the concept of deliverance. Is it possible to consider a policy delivered without any evaluation of its effectiveness? It may be measured by what standards? The quantity of functioning AI applications? Moreover, this may be assessed by the total amount of resources invested, or just by the public funds applied? As one can see, those reports are good roadmaps to the start of the trip. However, this subject will demand many different assessments soon.
The next subtopics will describe the six national initiatives of the countries mentioned above, which compose the public policies in Latin America. Along with the national description, the subtopics will show some information about data protection law applicable to AI. Also, the countries under analysis represent the top six positions in the Oxford Insights ranking (Oxford Insights, 2020).
2.1. Argentina
In August 2018, the Presidency of the Nation deployed the national AI Plan, which is still in development to this date (Argentinean Government, “Plan Nacional de Inteligencia Artificial”, 2018). Amidst this initial creation process, the Conference took place on Artificial Intelligence of the Secretariat of Modernization, of the Ministry of Production and Labor and of the Ministry of Education, Culture, Science and Technology (Argentina, 2019). The Argentinean Plan focuses on the competitiveness of the private sector on AI to improve public services. According to the OECD analysis, Argentina established a pivotal point in AI innovation and is an example for all Latin America. The Plan is part of a broad institutional framework in both the Digital Agenda Argentina (Decreto 996/2018) and Innovative Argentina plans (Argentinean Government, “Plan Argentina Innovadora 2020”, 2020). All of them focus on planning efforts until reaching 2030. The original National Plan has three principal axes of applying the AI Plan: knowledge, government, and productive sector. In 2020, the government granted this plan the status of “reference document”.
There already exist, in Argentina, reactions from the civil society concerning AI applications. The Association for Civil Rights (ADC), an organization created in 1995, which acts in themes related to technological development and protection of rights, especially in a regional perspective, has already published material on the application of human rights in the Argentinian Nacional AI Plan (ADC, 2019). This document lists fourteen measures that could be applicable to the AI Plan regarding privacy, safety, and personal data protection. One of them is the utilization of ethics and privacy during the process of designing applications (ethics by design, or privacy by design). Those concepts mean that, since the initial design of new technologies, they must comply with international protective standards. Another point of ADC’s text is the request to clarify personal data processing, especially in machine learning techniques, which demands a comprehensive set of feeding data. Well-informed consent is also a point of concern for ADC, which requires that the National AI plan must better address this issue. The AI plan has some sparse mentions about data protection. Nevertheless, those are too general (Argentina, 2020). Actually, there is no formal legal prescription that recognizes the right of the citizens to object to an automated decision in the national statute. However, there is a proposal to amend the current statute that may bring this right into law (Project number 6234-D-2020, 2020).
Nevertheless, a specific concern is the country’s province’s engagement in applying those developments, with improved transparency in the gradual process of implementing the Plan. The dialogue between public and private sectors, civil society, and academia is another aspect addressed, bringing a multisector perspective to its AI Plan. The reactions are not mere criticism. They are opening a fruitful dialogue, which has unleashed decisive actions. The Massachusetts Institute of Technology (MIT) conducted, in January 2020, the AI Latin American SumMIT, which took place in Argentina, to debate the opportunities and the risks of the use of AI in the region (OAC, 2020). This brief discussion only shows the need to intertwine the AI plan with some future data protection legal prescriptions to create a robust regulatory framework. According to Oxford Insights, Argentina occupies the fourth position in the region (Oxford Insights, 2020).
2.2. Uruguay
This country has consolidated itself as one of the regional leaders in the incorporation of information technologies, including into the provision of public services. The World Wide Web Foundation presents research with many specific uses of algorithms and AI in the country that evidences this growth (World Wide Web Foundation, 2018). The Agency for the Development of Electronic Government and Information Society and Knowledge (AGESIC) is the body responsible for the National Intelligence Strategy for Digital Government (Government of Uruguay, 2019). In April 2019, it published the policy draft. The strategy aims to improve the public sector’s performance and relies on four pillars: governance of AI in the Public Administration, development of capabilities, responsible use of AI, and AI in digital citizenship. The AI strategy is part of the Agenda Uruguay Digital 2020 that received contributions from two public consultations (Government of Uruguay, 2019). The first consultation subject was about the principles that address the AI Strategy (Government of Uruguay, 2020). The principles used in the drafting of the strategy were the purpose, general interest, guaranteeing inclusion and equity, respect for human rights, transparency, liability, ethics, benefit, privacy by design, and safety. The public consultation was concluded in 2020. The IADB report concludes that there is a growing “entrepreneurial momentum,” and that the government can emphasize this to accelerate, along with civil society, a national digitalization, promoting AI for social well-being (Gómez Mont et al., 2020).
According to Oxford Insights, Uruguay is the forty-fourth country in the world on AI development. But this position represents that it is the first country in the region (Oxford Insights, 2020). The ranking also shows a score of four relevant principles for responsible use of IA: privacy, inclusivity, transparency, and accountability. In 2020, Uruguay updated its digital agenda approving “Agenda Digital 2025 – Sociedad Digital Resiliente.”(AGESIC, 2020). This new agenda has twelve goals. Those goals involve different administrative entities. The regulatory framework falls under the “Agencia para el Desarrollo del Gobierno de Gestión Electrónica y la Sociedad de la Información y del Conocimiento” (AGESIC). The responsibility for data protection falls under the “Unidad Reguladora y de Control de Datos Personales (URCDP).” Finally, Uruguay has a data protection law that directly prescribes that the citizens may object to automated decisions. It is in article 16 of the national data protection statute (Ley 18.331, 2008). The same article prescribes the right to receive information about the AI decision process. This legal prescription is a valid measure that the citizens can use to protect themselves against unfair or unreasonable AI-based decisions.
2.3. Colombia
In November 2019, Colombia published its National Policy for Digital Transformation and Artificial Intelligence of Colombia, a document of the National Council of Economic and Social Policy (CONPES) (Colombia, 2019). The policy aims to comply with the requirements of the technological transformation of OECD. Colombia is not only part of this international organization, but also seeks to comply with the “Recommendation of the Council on Artificial Intelligence” (OECD, 2019). Jhon Caballero Martinez, of the Externado de Colombia University, analyzed the document, comparing it to the OECD policy. He questions whether this could be the beginning of an effective public policy on AI in the country (Martínez, 2019). The answer seems to be positive since the policy fits into the National Development Plan 2018-2022, (Colombia, 2018) and the use of new technologies is one of the strategic components of the National System for Competitiveness and Innovation (SNCI), of Colombia (Colombia, 2020). The SNCI is a broad project of digital transformation of the economy and the public sector. The digital transformation in the public sector involves implementing a digital government from an integrative policy for developing institutional tasks using new technologies, such as AI. This process has taken place in Colombia since 2008, in a program entitled “government online” (Toro-García et al., 2020). The greatest challenge of this digital transformation process, applied to the government, is to present increased efficiency and transparency in the public authority decision-making.
In Colombia, in what concerns AI, there is a private initiative. The government strategies demand the public sector to be an ally of the private initiatives as both a regulator and a facilitator of services. In this sense, the National Policy for Digital Transformation and Artificial Intelligence of Colombia has four specific goals. The first is to lower the barriers that prevent the incorporation of digital technologies in the private and public sectors, to facilitate the digital transformation of the country. The second is to create conditions that facilitate digital innovation in the private and public sectors, to become a mechanism for the development of digital transformation. The third is to strengthen the skills of the workforce to face the Fourth Industrial Revolution challenges. The fourth is to develop conditions to facilitate the readiness of the country for economic and social changes entailed by AI, as well as to boost other innovative technologies. The strategy has fourteen lines of action. Some of them address creating an AI market, building an ethical structure for AI, and, finally, reaching the continuous interaction with the international community and experts. Another line that deserves to be mentioned is the crucial role of academic research in developing an AI market in Colombia (Gómez Mont et al., 2020). The data protection against unfair AI decisions in Colombia is not regulated by data protection law. There is even talk about the need to update the 2012 legislation to deal with automated decisions (Dejusticia, 2019). After all, even the country’s Constitutional Court uses an AI system (Velasco Fuentes et al, 2021) (Colombia, 2020) .
In 2020, Colombia created an Ethical Guideline for AI application in both the public and the private sectors. The “Marco Ético para la Inteligencia Artificial en Colombia” (ethical guidelines) is a document with principles and tools to develop AI (Colombia, 2020). The country, according to Oxford Insights ranking, occupies the third position in the region (Oxford Insights, 2020). The Ethical Guideline may be important to strengthen the responsible use of AI in the country. Another relevant document published in 2021 comes from the International Council for AI in Colombia. It lines up some institutional answers to implement the AI policy (Colombia, 2021).
2.4. Mexico
In 2018, the federal government published a study that relied on the collaboration between the Embassy of the United Kingdom and the consultancies Oxford Insights (United Kingdom) and C Minds (Colombia): “Towards an AI strategy in Mexico: Harnessing the AI revolution.”(Mexico, 2018) This document serves as a basis for constructing an AI strategy for this country. The document focuses its analysis and provides recommendations for five areas. The first is government and public services. The second is data and digital infrastructure. The third is research and development. The fourth is capability, abilities, and Education. The fifth is ethics. Like other countries of the region, the Strategy IA-MX 2018 fits in the National Digital Strategy, which pursues the building of Digital Mexico (Mexico, 2013). The set of regulatory frameworks that compose this strategy is the Federal Telecommunications and Broadcasting Statute (Mexico, 2014), the National Development Plan 2013-2018 (Mexico, 2013), the National Single Window Executive Order (Mexico, 2015), and the Executive Decree on Open Data (Mexico, 2015). A national public consultation was conducted at the end of 2018 to gather inputs about the rights and challenges of digital transformation and AI (Mexico, 2020). The Digital Strategy of Mexico also covers five main points to be implemented until 2030 (IA2030Mx). All of them come from the principles and guidelines of 2018. The first is creating an AI coalition for promoting multi-sector approaches and dialogues. The second is mapping the uses and necessities of the sector and identifying the best government practices. The third is fostering Mexico’s international leadership, emphasizing the OECD and D9, a group that comprises nine countries (New Zealand, 2020). The fourth is publishing recommendations from the report produced after the public consultation. The fifth is working on an AI subcommittee to further the efforts with experts and citizens. The IA2030Mx Coalition coordinated the first National AI Survey and is working on developing a new National AI Strategy proposal through six thematic working groups: ethics, governance, government and public services, research and development skills, capacities and education, data, digital infrastructure, and cybersecurity, and Mexican citizens abroad (Gómez Mont et al., 2020) The government also has created open data initiatives like Mexico City’s Public Innovation Digital Agency (Agencia Digital de Innovación Pública – ADIP) (2018–2024). Furthermore, it is possible to see in Mexico not only federal advances but local initiatives, like the AI agenda in Jalisco with a focus on government innovation and AI. There are many other examples in the IADB report from the cooperation between the entrepreneurs and civil society, as the first AI Hub for social good in the country (fAIr Jalisco) (Gómez Mont et al., 2020). Also, there are many initiatives on AI to solve urban problems in Mexico City (Puga et al., 2021). Those actions allow the IADB to conclude that Mexico is a reference in the region when it comes to the development and implementation of AI for social good, despite the issue of digital inclusion still being a challenge to the country (Gómez Mont et al., 2020). According to Oxford Insights, Mexico occupies the fifth position on AI in Latin America (Oxford Insights, 2020).
Most of the Latin American data protection statutes prescribe four general rights, known as “ARCO” (access, rectification, cancelation, and opposition). The Mexican data protection federal statute (Mexico, 2010) does not prescribe a clear right for citizens to oppose automated decisions. However, one can interpret the possibility of using the general right of opposition against a data treatment (articles 27 and 28) to protect himself. Nonetheless, such a legal pledge would demand some bit of interpretation and robust technical information to prove itself effective in theory. This could be done by mobilizing the principles that Article 6 lists. But it is not possible to oppose a treatment solely with the argument that it was automated. Also, it is not possible to oppose it just by arguing about its unfairness. To do so, it would be necessary to prove some clear illegal features about the treatment. This legal situation repeats itself in some other countries, like Peru and Colombia. However, when it comes to data protection against the government, Mexico has a different statute, passed into law in 2017, and it expressly prescribes the right to oppose automated decisions in article 47 (II) (Mexico, 2017).
2.5. Chile
The Ministry of Science, Technology, Knowledge, and Innovation (MCTCI) enacted a document entitled “Artificial intelligence for Chile: The urgency of developing a strategy,” with suggestions for Chile’s policies. In 2019, the government deployed a plan for developing the “National AI Policy of Chile” until 2020. The National Commission for Scientific and Technological Research is the body responsible for the Chilean strategy. In February 2020, Chile launched a public consultation process for collecting perceptions and questions from civil society organizations, academia, the productive sector, and citizens in general about the use and development of AI in the country. The idea was to incorporate contributions to a national policy until August 2020 (Chile, 2020). The contributions were integrated into the main topics: possible factors in AI development and application, ethics and regulatory aspects, and social and economic impacts (Gómez Mont et al., 2020).
Another form of social participation of this policy of Chile is holding a cycle of several thematic meetings. There is still the utilization of AI for the Chilean administration through the public-private partnership that deployed “Sofia,” a cognitive chatbot, which assists new entrepreneurs to begin new businesses (Abdala et al., 2019). The MCTCI has also created a committee of experts to draft a document entitled “Towards an AI R+D+i+S strategy for Chile.” (Gómez Mont et al., 2020). According to Oxford Insights, Chile is the second country in AI development in Latin America (Oxford Insights, 2020). In 2020, Chile released its policy of science, technology, knowledge, and innovation, which outlines general objectives for the development of new technologies and provides government guidelines on the subject to the country (Chile, 2020).
Even before government initiatives, there was a mobilization from civil society concerning data protection law and AI. In 2018, “Derechos Digitales” published a report entitled “Algorithms and Inequality” to advocate for the need for protection against exclusively automated decisions (Zuazo, 2018). In Chile, data protection against unfair AI decisions is not regulated yet. However, there are two bills (“Boletín 11144-07 and 11092-07”) to update the current data protection statute (Chile, 2017). When these bills pass into law, they will create this right and will establish a data protection administrative authority (Araya Paz, 2021).
It is worth highlighting that, of the five countries analyzed, only Uruguay has not signed the “Recommendation of the Council on Artificial Intelligence,” besides being the only one whose strategy already has its final version, according to the body itself in the OPSI research, of OECD. Curiously, Uruguay is the country that is further ahead in the region with its AI plan and has a data protection statute that can provide legal defense measures for the citizens against unfair or unreasonable decisions. The first part signed it as the Member States of OECD: Mexico, Chile, and Colombia; with this last one signing it just before joining the OECD. A second part signed as non-members: Argentina, and Brazil.
2.6. The AI strategy in Brazil
Today, Brazil possesses an AI national strategy designed by the Ministry of Science, Technology, and Innovation. The strategy underwent public consultation between December 12, 2019, and March 2, 2020 (Brazil, 2020). The “Brazilian Artificial Intelligence Strategy” represents the basic policy for the introduction of these new technologies in the country, giving room for the creation of sectoral legal norms, such as the Executive Order for the Internet of Things – Decree No. 9,854, of June 25, 2019, which presents four themes of discussion: industry, health, smart cities, and agriculture. The Brazilian policies rely on a broad system, such as the strategies of the countries analyzed above. There is an Executive Order in force to give legal basis to the National System for Digital Transformation, which is the normative structure of governance for the development of the AI strategy: Decree No. 9,319 of March 21, 2018. The document presents three transversal axes: legislation, regulation, and ethical use, international aspects, and AI governance. These axes were used for the public consultation debates and translated concerns about investment in AI. The AI strategy raises issues about creating barriers to developing such technologies and preserving the users’ rights, notably regarding personal data protection. Ana Claudia Farranha emphasizes that future AI-based public services must preserve users’ rights and that such a goal demands the application of ethical and legal principles (Farranha, 2020). Among such principles, the most important addresses algorithmic transparency. According to Oxford Insights Ranking, Brazil is the sixth-best on AI in the region but scores the lowest in transparency in the responsible use ranking (Oxford Insights, 2020).
There is still the necessity of integration and alignment between the future strategy and other already existing public policies on new technologies, data, and digital governance, such as the Brazilian Digital Transformation Strategy (E-Digital), the Connected Education Innovation Program, the National Internet of Things Plan, and the National Strategy for Digital Governance (e-gov). Also, it is necessary to connect AI to the entry into force of the Brazilian General Personal Data Protection Federal Act (LGPD, acronym in Portuguese), the Brazilian Internet Rights Act (“Marco Civil da Internet” in Portuguese), and the Open Data Policy (Decree No. 8,771, of 2016). The construction of the Brazilian National Data Protection Authority is slowly advancing. The Brazilian data protection statute has the right to object exclusively automated decisions in its article 20 (Lei No 13.709, of 2018). The question is whether it will be enforced (Rodriguez et al., 2020)
Diogo Cortiz da Silva shows that before all these government initiatives of Internet regulation and digital transformation initiatives, the government created, in 2012, the “Startup Program Brazil.” This program tried to foster entrepreneurial practices of innovation through small technology companies (Silva, 2015). AI in Brazil is being constructed not only by the public authorities and companies, but mainly by researchers and academic institutions. The academic sector forms the backbone of the construction of science, technology, and innovation. The primary funding for AI comes directly from the research budget (Tadeu Arantes, 2019). An important source is CGI.br, the entity that manages the registry of domain names on the Brazilian Internet. This entity is developing several initiatives to promote AI, and a preliminary version of its plans is published (NIC.br, 2019). This research initiative supports academic institutions, which have a significant role in developing AI.
3. Discussion: the debate about legal measures against unfair or unreasonable automated decisions.
The calling for ethical measures to regulate AI has become widespread. A similar debate went on about cryptographic systems (Rogaway, 2015). At this point of the paper, it is quite clear that the usage of AI applications may bring some potential threats against citizens’ rights. It seems that only data protection law, currently, has the potential to offer some solutions. Notwithstanding this, one can imagine how complex it would be to reverse some factual situations that may arise after the decision is in effect. An abstract example would be the usage of algorithms to hire persons for jobs. Another could be the usage of an algorithm to decide about immigration issues. What those examples bring forth is that any solution to regulate AI applications should rely on the three afore mentioned possibilities – ethical prescriptions, legal remedies, and economic incentives – along with technical safeguards. Those technical safeguards are crucial to the process. Any evaluation of a decision-making AI system would need experts. The ethical debate is very important. However, one cannot ignore the need for experts to aid in all those three potential regulatory measures.
Some of the legal prescriptions available, in a lot of countries, treat the right to object automated decisions as a formality. The citizen may oppose a result. However, the outcome may be a more transparent logic about the decision, or the right to undergo another evaluation, either by an AI-based application or by a human being. The appraisal of fairness and justice of an automated decision is a very complex issue, and it fits at its core. Tal Z. Zarsky wrote a very interesting article in which he postulates that the GDPR is not compatible with the “age of Big Data” (Zarsky, 2017). The same reasoning applies to AI-based decisions. He brings forward four examples to assess the GDPR’s incompatibility. The first is the limitation of purpose (article 5). Contemporary data-crunching processes are known to use a huge amount of data not only for restricted purposes. The very data-processing of AI applications can be set to find new aspects or inferences. Therefore, he describes that a previous limitation of purpose would hinder new possibilities of data treatments, and could in this way, pose some threats to start-up firms and business models. Moreover, he acknowledges some legal prescriptions that try to ease this problem and bring balance to new treatments in GDPR’s articles 6 and 89. However, they are very abstract and complex to manage. The second incompatibility comes from a similar principle of the GDPR: data minimization (articles 5 and 25). The most innovative AI applications can be used exactly to infer unexpected results or predictions. The minimum feed of data to reach a clear pathed result would impoverish the potentials of predictive AI. The third problem is the legal prescription to limit the data-processing to some categories, like race, ethnicity, political opinions, and so on (article 9). The reason is quite the same as the previous two. In simple data-processing, such limits would pose no difficulties. However, when dealing with the more edgy AI applications, such limitations are not only difficult but almost a drawback to the full performance of the data treatment. Finally, the fourth inconsistency is very useful to the debate of this paper. The author considers that Article 22 of the GDPR poses a clear stopping-risk on Big Data that one can extend to encompass AI applications. As it was described in this paper, this legal prescription grants the citizens a right to object to automated decisions, even allowing its revision by human processing.
The legal solution to the problem is not simple. Sandra Wachtner and Brent Mittelstadt point to the necessity of creating a new right to fair and reasonable automated decisions (Wachter & Mittelstadt, 2019). Neither the GDPR nor the Latin American statutes have such a right to fairness against AI processing results. For them, the balance would come from granting the citizens a new right about “how to be seen.” They compare this contemporary necessity to the “right to be forgotten,” which had recognition by the Court of Justice of the EU. Nonetheless, they are not exactly sure how such a right may pass into EU law. One can critically assess this interesting proposal to emphasize the need for more investments in technical solutions to regulate AI. This reasoning is counterintuitive. As mentioned at the beginning of this paper, scholars and analysts are far more concerned in seeking ethical or legal solutions to such issues. Although, one can bring forward that those ethical or legal solutions will require technological advances to even be applied (Veronese, et al., 2019).
That is why the AI evaluation indexes are so important. One can mention again the Oxford Insights AI Readiness Index, and the Stanford University’s HAI AI Index (Zhang et al., 2021). They measure not only the number of papers published about AI, but also how well-equipped countries are to enable technological solutions.
4. Conclusion
It is undeniable the political relevance that AI has in strengthening national economies. Nonetheless, it is important to evaluate the possibility of effective regulation of these technologies in the international scenario. This reason intensifies the need to develop regulatory policies on the subject. Although local, the strategies and plans possess many similarities and reflect international points of view, like those from ECLAC, OECD, RedGEALC, FairLAC, IADB, and OAS. The Latin American countries’ strategies aim to create a set of principles and foundations for applications of AI with solutions regarding protection and previous safeguards by presenting a set of ethical and data protection elements with which the technologies must comply since its design. Even the insertion of the right to object exclusively automated decisions is being advocated by the “Red Iberoamericana de Protección de Datos Personales”. This network of data protection entities has produced a document with the current standards for contemporary legislation on the subject. Its article 29 prescribes the right to not be affected by exclusively automated decisions (REDIPD, 2017). Thus, the regional panorama is clearly evolving. However, such mechanisms are not enough. After all, the content of a decision produced by a computer program is not previously defined. Some alternative solutions are complementary and necessary. One way is to insert mechanisms for diminishing the potential negative impacts by strengthening personal data protection. One way to do so is to incorporate personal data protection in the initiatives for AI regulation among the countries’ digital transformation actions. Therefore, with the combination of previous safeguards and legal prescriptions to grant protection, it will be possible to create a regulatory framework to minimize risks. The national AI strategies must go beyond just investment plans. They will only achieve their potential once they cover a synergy amidst the central players’ development of technological projects and evaluate these mechanisms’ consequences in the economic, social, and legal fields.
References
– ADC, “Una Perspectiva de Derechos para el Plan Nacional de Inteligencia Artificial,” Asociación por los Derechos Civiles (ADC, July 18, 2019), https://adc.org.ar/2019/07/18/una-perspectiva-de-derechos-para-el-plan-nacional-de-inteligencia-artificial/.
– Alexandre Veronese, “The right of explanation and the right to object automatic decisions: comparing the European Union General Data Protection Regulation (EU/GDPR) with the Brazilian General Data Protection Federal Act (BGDPFA),” CPRLATAM Conference, Cordoba, Argentina, July 1-2, 2019, in coordination with CLT2019, July 1-5, 2019, pp.125-134.
– Alexandre Veronese, Alessandra Silveira, and Amanda Nunes Lopes Espiñeira Lemos, “Artificial intelligence, Digital Single Market and the Proposal of a Right to Fair and Reasonable Inferences: A Legal Issue between Ethics and Techniques,” UNIO: EU Law Journal, vol. 5, no. 2 (2 July 2019): pp. 75-91, https://doi.org/10.21814/unio.5.2.2294.
– Ana Claudia Farranha, “Serviços Públicos e Estratégia Brasileira de Inteligência Artificial: Primeiras Abordagens,” in Derecho, Inteligencia Artificial y Nuevos Entornos Digitales (Seville: Asociación Andaluza de Derecho, Medio Ambiente y Desarrollo Sostenible, 2020), pp. 93-104.
– Andrés Ortega, “Geopolítica de la Cuarta Revolución Industrial,” Economistas, no. 165 (October, 2019): pp. 21-24, https://www.cemad.es/wp-content/uploads/2019/10/Geopolitica-4RI.pdf, 23.
– Andrés Toro-García, Cristian Gutiérrez-Vargas, and Luis Correa-Ortiz, “Estrategia de Gobierno Digital para la Construcción de Estados Más Transparentes y Proactivos,” Trilogía Ciencia Tecnología Sociedad 12, no. 22 (January 31, 2020): pp. 71-102, https://doi.org/10.22430/21457778.1235.
– Carlos Araya Paz, “Transparencia Algorítmica ¿Un Problema Normativo o Tecnológico?” CUHSO (Temuco). Epub (2021), https://scielo.conicyt.cl/scielo.php?pid=S2452-610X2021005000002&script=sci_arttext.
– CEPAL. “Políticas Industriales y Tecnológicas en América Latina,” CEPAL (CEPAL, Santiago, November 2017). https://www.cepal.org/es/publicaciones/42363-politicas-industriales-tecnologicas-america-latina.
– Charles Bradley, Richard Wingfield, and Richard Metzger, “National Artificial Intelligence Strategies and Human Rights: A Review,” Global Partners Digital (Stanford’s Global Digital Policy Incubator, Stanford, CA, April 15, 2020), https://www.gp-digital.org/publication/national-artificial-intelligence-strategies-and-human-rights-a-review/.
– Constanza Gómez Mont et al., “Artificial Intelligence for Social Good in Latin America and the Caribbean: The Regional Landscape and 12 Country Snapshots. ” (Washington, DC: IADB, C Minds, July 2020), https://publications.iadb.org/en/artificial-intelligence-for-social-good-in-latin-america-and-the-caribbean-the-regional-landscape-and-12-country-snapshots.
– Daniel Álvarez Valenzuela. “Acceso a la información pública y protección de datos personales ¿puede el Consejo para la Transparencia ser la autoridad de control en materia de protección de datos?” Revista de Derecho Universidad Católica del Norte, vol. 23, no. 1 (2016): pp. 51-79, https://scielo.conicyt.cl/scielo.php?script=sci_abstract&pid=S0718-97532016000100003&lng=es&nrm=iso.
– Dejusticia, “Colombia: en Mora de Actualizar la Protección de DatosPpersonales para la Era Digital”, (2019), https://www.dejusticia.org/colombia-en-mora-de-actualizar-la-proteccion-de-datos-personales-para-la-era-digital.
– Diogo Silva, “Conhecimento, tecnologia e futuro: Análise do Cenário de Inovação dos Países Emergentes,” (Teses e Dissertações dos Programas de Pós-Graduação da PUC-SP, São Paulo, 2015), https://tede2.pucsp.br/handle/handle/18180.
– Eduardo Magrani. “Governance of Internet of Things and Ethics of Artificial Intelligence.” Revista Direitos Culturais. Santo Ângelo, vol. 13, no. 31 (Set – Dec.2018), pp.153-190, http://dx.doi.org/10.20912/rdc.v13i31.2816.
– European Commission, “Proposal for a Regulation of the European Parliament and of the Council laying down harmonized Rules on Artificial Intelligence (Artificial Intelligence Act) and Amending certain Union Legislative Acts, COM/2021/206 final,” (Brussel, 2020), https://digital-strategy.ec.europa.eu/en/library/proposal-regulation-laying-down-harmonised-rules-artificial-intelligence.
– Fabrício Polido, “Inteligência Artificial entre Estratégias Nacionais e a Corrida Regulatória Global: Rotas Analíticas para uma Releitura Internacionalista e Comparada,” Revista da Faculdade de Direito da UFMG, no. 76 (2020): pp. 229-256, https://doi.org/10.12818/p.0304-2340.2020v76p229, 233.
– Felipe Calderon-Valencia, Juan-Jose Perez-Montoya, Fausto Santos de Morais, “Sistemas de IA en la Experiencia del Supremo Tribunal Federal Brasileño y la Corte Constitucional Colombiana,” The Law, State and Telecommunications Review, vol. 13, no. 1 (May 2021): pp. 143-169, https://periodicos.unb.br/index.php/RDET/article/view/35614/29761.
– Felipe Rotondo, “Inteligencia Artificial, Protección de Datos Personales y Administración Pública,” in Derecho, Inteligencia Artificial y Nuevos Entornos Digitales (2020), pp. 115-130.
– Federico Fernández-Montesinos, “La Inteligencia Artificial como Factor Geopolítico,” bie3. Boletín IEEE, no. 14 (2019): pp. 262-281, https://dialnet.unirioja.es/servlet/articulo?codigo=7264320.
– Huw Roberts et al., “The Chinese Approach to Artificial Intelligence: An Analysis of Policy, Ethics, and Regulation,” AI & Society, vol. 36, pp. 59-76, (17 June 2020), https://link.springer.com/article/10.1007/s00146-020-00992-2.
– IA Latam, “About us,” (2021), https://ia-latam.com.
– Jhon Martínez, “CONPES 3975 De 2019: ¿El Principio de una Política Pública sobre Inteligencia Artificial En Colombia?” Departamento de Derecho Informático (Universidad Externado de Colombia), (2019), https://derinformatico.uexternado.edu.co/conpes-3975-de-2019/.
– Jorge Puga et.al., “Inteligencia Artificial en México: Construyendo una Agenda,” (2020), https://educacion.nexos.com.mx/inteligencia-artificial-en-mexico-construyendo-una-agenda/, accessed June 16, 2021.
– José Tadeu Arantes, “FAPESP Criará Oito Centros de Pesquisa em Inteligência Artificial com o Governo Federal,” (Agência FAPESP, São Paulo) (2019), https://agencia.fapesp.br/fapesp-criara-oito-centros-de-pesquisa-em-inteligencia-artificial-com-o-governo-federal/32196/.
– Katitza Rodriguez et.al., “Un Panorama Retrospectivo y Futuro de la Protección de Datos en América Latina y España,” Eletronic Frontier Foundation, (2020), https://www.eff.org/es/deeplinks/2020/09/look-back-and-ahead-data-protection-latin-america-and-spain.
– Loren Moss, “Organization of American States Redoubles Efforts to Combat Corruption with Big Data, Artificial Intelligence & Analytics,” Finance Colombia (13 August 2019), https://www.financecolombia.com/organization-of-american-states-redoubles-efforts-to-combat-corruption-with-big-data-artificial-intelligence-analytics.
– Márcio Bobik Braga, “Integração Econômica Regional na América Latina: Uma Interpretação das Contribuições da Cepal,” Brazilian Journal of Latin American Studies 1, no. 1 (December 1, 2002): pp. 1-26, https://doi.org/10.11606/issn.1676-6288.prolam.2002.81745.
– Márcio Iorio Aranha, “Diálogo Político-Jurídico na Comparação de Modelos Regulatórios de Comunicação,” Revista Brasileira de Políticas de Comunicação, vol.1, (2011), pp. 1-20. https://repositorio.unb.br/bitstream/10482/9638/1/ARTIGO_DialogoPoliticoJuridico.pdf.
– Margarita Robles Carrillo, “La Gobernanza de la Inteligencia Artificial: Contexto y parámetros generales,” Revista Electrónica de Estudios Internacionales, no. 39 (June 2020): pp. 1-27, https://doi.org/10.17103/reei.39.07.
– María Belén Abdala, Santiago Lacroix Eussler, and Santiago Soubie, “La Política de la Inteligencia Artificial: Sus Usos en el Sector Público y sus Implicancias Regulatorias,” (CIPPEC, 2019), https://www.cippec.org/wp-content/uploads/2019/10/185-DT-Abdala-Lacroix-y-Soubie-La-pol%C3%ADtica-de-la-Inteligencia-Artificial-octubre-2019.pdf.
– Natalia Zuazo, “Algoritmos y Desigualdades,” Derechos Digitales (2018), https://www.derechosdigitales.org/wp-content/uploads/algoritmo_desigualdad_cast.pdf
– NIC.br, “Plano de Trabalho do NIC.br na Área de Inteligência Artificial,” CGI.br Comitê Gestor da Internet no Brasil (2019), https://www.cgi.br/media/atas/Iniciativa-NIC.br-IA.pdf.
– OAC, “Cumbre de Inteligencia Artificial Latinoamericana en MIT,” OAC: boletín de enero febrero 2020 (Observatorio Argentino del Ciperespecio, Buenos Aires, 2020), http://190.12.101.91/jspui/bitstream/1847939/1356/1/2020%2001%20BOLETIN%2020%20OAC.pdf.
– OECD, “AI Strategies; Public Sector Components,” Observatory of Public Sector Innovation, Paris (2020) https://oecd-opsi.org/projects/ai/strategies.
– OECD, “Hello, World! Artificial Intelligence and Its Use in the Public Sector” (OECD Working Papers on Public Governance, Paris, November 2019), https://oecd-opsi.org/wp-content/uploads/2019/11/AI-Report-Online.pdf.
– OECD, “Recommendation of the Council on Artificial Intelligence,” OECD Legal Instruments, Paris, May 21, (2019), https://legalinstruments.oecd.org/en/instruments/OECD-LEGAL-0449.
– Oxford Insights, “AI Readiness Index 2020, ” (Oxford, Oxford Insights, 2020), https://www.oxfordinsights.com/government-ai-readiness-index-2020.
– Patrício Velasco Fuentes et. al., “Decisiones Automatizadas en la Función Pública en América Latina: Una Aproximación Comparada a su Aplicación en Brasil, Chile, Colombia y Uruguay,” Derechos Digitales (2021), https://www.apc.org/sites/default/files/CPC_informeComparado.pdf.
Perú, “Ley nº 29.733: Ley de Protección de Datos Personales,” (El Peruano, Lima, July 3, 2011). https://leyes.congreso.gob.pe/Documentos/Leyes/29733.pdf.
– Phillip Rogaway, “The Moral Character of Cryptographic Work,” (University of California Davis, 2015), https://web.cs.ucdavis.edu/~rogaway/papers/moral-fn.pdf.
– Raphael Cóbe et al., “Rumo a uma Política de Estado para Inteligência Artificial,” Revista USP, no. 124 (March 19, 2020): pp. 37-48, https://doi.org/10.11606/issn.2316-9036.v0i124p37-48.
– Raúl Katz, “Capital Humano para la Transformación Digital en América Latina,” Comisión Económica para América Latina y el Caribe (March 2018), https://www.cepal.org/es/publicaciones/43529-capital-humano-la-transformacion-digital-america-latina.
– REDIPD, “Red Iberoamericana de Protección de Datos Personales,” (2021), https://www.redipd.org/es.
– REDIPD. “Estándares de Protección de Datos Personales para los Estados Iberoamericanos,” (2017), https://www.redipd.org/es/documentos/estandares-iberoamericanos.
– Roberto Mangabeira Unger, “Law in Modern Society: Towards a Criticism of Social Theory,” New York, NY, Free Press (1976).
– Sandra Wachter, Brent Mittelstadt, “Right to Reasonable Inferences: Re-thinking Data Protection Law in the Age of Big Data and AI, ” Columbia Business Law Review, vol. 2 (2019): pp. 494-620, http://robotic.legal/wp-content/uploads/2018/09/SSRN-id3248829.pdf
– Tal Z. Zarsky, “Incompatible: the GDPR in the Big Data Age, ” Seton Law Review vol. 47, no. 4 (2017): pp. 995-1020, https://scholarship.shu.edu/shlr/vol47/iss4/2/.
– Tim Dutton, “An Overview of National AI Strategies,” Medium, n.p., (July 28, 2018), https://medium.com/politics-ai/an-overview-of-national-ai-strategies-2a70ec6edfd.
– Werner Baer, “Import Substitution and Industrialization in Latin America: Experiences and Interpretations.” Latin American Research Review vol. 7, no. 1 (1972): pp. 95-122, https://www.jstor.org/stable/2502457.
– White House, “The Biden Administration Launches the National Artificial Intelligence Research Resource Task Force,” Washington, DC: White House´s Press Room (10 June 2021), https://www.whitehouse.gov/ostp/news-updates/2021/06/10/the-biden-administration-launches-the-national-artificial-intelligence-research-resource-task-force.
– World Wide Web Foundation. “Algoritmos e Inteligencia Artificial en Latinoamérica,” (2018), https://webfoundation.org/docs/2018/09/WF_AI-in-LA_Report_Spanish_Screen_AW.pdf.
– Yoav Shoham et al., “The AI Index 2018 Annual Report,” Stanford, CA: AI Index Steering Committee, (2018).
– Daniel Zhang, Saurabh Mishra, Erik Brynjolfsson, John Etchemendy, Deep Ganguli, Barbara Grosz, Terah Lyons, James Manyika, Juan Carlos Niebles, Michael Sellitto, Yoav Shoham, Jack Clark, and Raymond Perrault, “The AI Index 2021 Annual Report,” AI Index Steering Committee, Human-Centered AI Institute, Stanford University, Stanford, CA, March 2021.
Cited legislation and national reports by country
Argentina
– Argentina, “Ley 25326/2000: Protección de los Datos Personales,” Argentina.gob.ar, Buenos Aires, November 2, 2000, https://www.argentina.gob.ar/normativa/nacional/ley-25326-64790/texto.
– Argentina, “Plan Nacional de Inteligencia Artificial,” Universidad Abierta Interamericana (Presidencia de la Nación, Buenos Aires, August 2018), https://www.uai.edu.ar/ciiti/2019/buenos-aires/downloads/B1/JA-Plan-Nacional-IA.pdf.
– Argentina, “Plan Nacional de Inteligencia Artificial, ” (Buenos Aires, Presidencia de la Nación, 2020), https://ia-latam.com/wp-content/uploads/2020/09/Plan-Nacional-de-Inteligencia-Artificial.pdf.
– Argentina, “Proyecto de Ley – Ley de Protección de Datos Personales,” (Buenos Aires, Camara de Diputados, 2020), https://www4.hcdn.gob.ar/dependencias/dsecretaria/Periodo2020/PDF2020/TP2020/6234-D-2020.pdf.
– Argentina, “Agenda Digital Argentina – Decreto 996/2018,” Boletín Oficial de la República Argentina, Buenos Aires, November 2, 2012, https://www.boletinoficial.gob.ar/detalleAviso/primera/195154/20181105.
– Argentina, “Argentina Innovadora 2030: Plan Argentina Innovadora 2020,” Argentina.gob.ar, Buenos Aires, 2020, https://www.argentina.gob.ar/ciencia/argentina-innovadora-2030/plan-argentina-innovadora-2020.
– Argentina, “Desconferencia sobre Inteligencia Artificial: En el Marco del Proceso de Creación del Plan Nacional de Inteligencia Artificial, se Realizó un Encuentro sobre la Temática en el Centro Cultural de la Ciencia,” Argentina.gob.ar, Buenos Aires, July 5, 2019, https://www.argentina.gob.ar/ciencia/desconferencia-sobre-inteligencia-artificial.
Brasil
– Brasil, “Consulta Pública: Estratégia Brasileira de Inteligência Artificial,” participa.br, n.p., 2020, http://participa.br/profile/estrategia-brasileira-de-inteligencia-artificial.
– Brasil, “Decreto 9.854, de 25 de junho de 2019,” planalto.gov.br, n.p., June 25, 2019, http://www.planalto.gov.br/ccivil_03/_Ato2019-2022/2019/Decreto/D9854.htm.
– Brasil, “Lei nº 13.709/2018: Lei Geral de Proteção de Dados Pessoais,” planalto.gov.br (Presidência da república, Brasília, August 15, 2018), http://www.planalto.gov.br/ccivil_03/_ato2015-2018/2018/lei/L13709.htm.
Chile
– Chile, “Ley 19628: sobre Protección de la Vida Privada,” Biblioteca del Congresso Nacional de Chile, n.p., August 18, 1999, https://nuevo.leychile.cl/navegar?idNorma=141599.
– Chile, “Política Nacional de Ciencia, Tecnología, Conocimiento e Innovación.” (Ministerio de Ciencia, Tecnología, Conocimiento e Innovación). 2020, https://ia-latam.com/portfolio/politica-de-ciencia-tecnologia-conocimiento-e-innovacion-chile/
– Chile, “Proceso de Participación para Contribuir con la Política Nacional de Inteligencia Artificial,” n.p., 2020, http://www.minciencia.gob.cl/Pol%C3%ADticaIA.
– Chile, “Proyecto de Ley Boletín 11144-07 y 11092-07. Regula la protección y el tratamiento de los datos personales y crea la Agencia de Protección de Datos Personales,” Senado, https://www.senado.cl/appsenado/templates/tramitacion/index.php?boletin_ini=11144-07.
Colombia
– Colombia, “Consejo Internacional de Inteligencia Artificial para Colombia,” (Gobierno de Colombia y Banco de Desarollo de America Latina, 2021), https://dapre.presidencia.gov.co/TD/CONSEJO-INTERNACIONAL-INTELIGENCIA-ARTIFICIAL-COLOMBIA.pdf
– Colombia, “Ley Estaturaria 1581 de 2012,” Función Pública (Gestor Normativo, Bogotá, October 17, 2012), https://www.funcionpublica.gov.co/eva/gestornormativo/norma.php?i=49981.
– Colombia, “Marco Ético para la Inteligencia Artificial en Colombia,” (Gobierno de Colombia, Consejería Presidencial para asuntos económicos y transformación digital y Banco de Desarrollo de América Latina). 2020, https://dapre.presidencia.gov.co/AtencionCiudadana/DocumentosConsulta/consulta-marco-etico-IA-Colombia-200813.pdf
– Colombia, “Plan Nacional de Desarrollo 2018-2022: Pacto por Colombia, Pacto por la Equidade,” DNP, Bogotá, 2018, https://colaboracion.dnp.gov.co/CDT/Prensa/Resumen-PND2018-2022-final.pdf.
– Colombia, “Política Nacional para la Transformación Digital e Inteligencia Artificial,” MinTIC (CONPES, n.p., November 8, 2019), https://www.mintic.gov.co/portal/604/articles-107147_recurso_1.pdf.
– Colombia, “Sistema Nacional de Competitividad e Innovación – SNCI,” Colombia Competitiva (SNCI, Bogotá, 2020), http://www.colombiacompetitiva.gov.co/snci.
Costa Rica
– Costa Rica, “Ley nº 8.968: Ley de Protección de la Persona Frente al Tratamiento de sus Datos Personales,” Procuradoría General de la República (SCU, San José, July 7, 2011), http://www.pgrweb.go.cr/scij/Busqueda/Normativa/Normas/nrm_texto_completo.aspx?param1=NRTC&nValor1=1&nValor2=70975&nValor3=85989&strTipM=TC.
Mexico
– Mexico, “Decreto por el que se Establece la Regulación en Materia de Datos Abiertos,” DOF (Diario Oficial de la Federación, Mexico City, February 20, 2015), http://dof.gob.mx/nota_detalle.php?codigo=5382838.
– Mexico, “Decreto por el que se Establece la Ventanilla Única Nacional para los Trámites e Información Del Gobierno” (Diario Oficial de la Federación, Mexico City, February 3, 2015), https://www.dof.gob.mx/nota_detalle.php?codigo=5380863.
– Mexico, “Encuesta Nacional de IA,” Ia2030mx n.p., accessed July 5, 2020, https://www.ia2030.mx/consulta.
– Mexico, “Estrategia Digital Nacional: Mexico Digital,” (Gobierno de Mexico, n.p., November 2013), https://www.gob.mx/mexicodigital.
– Mexico, “Hacia una Estrategia de IA en México: Aprovechando la Revolución de la IA,” (Mexico City, June 2018), https://docs.wixstatic.com/ugd/7be025_ba24a518a53a4275af4d7ff63b4cf594.pdf.
– Mexico, “Ley Federal de Protección de Datos Personales en Posesión de Los Particulares,” Camara de Diputados (Diario Oficial de la Federación, Mexico City, July 5, 2010), http://www.diputados.gob.mx/LeyesBiblio/pdf/LFPDPPP.pdf.
– Mexico, “Ley General de Protección de Datos Personales en Posesión de Sujetos Obligados,” Camara de Diputados (Diario Oficial de la Federación, Mexico City, January 26, 2017), http://www.diputados.gob.mx/LeyesBiblio/pdf/LGPDPPSO.pdf
– Mexico, “Ley Federal de Telecomunicaciones y Radiodifusión,” Camara de Diputados (Diario Oficial de la Federación, July 14, 2014), http://www.diputados.gob.mx/LeyesBiblio/pdf/LFTR_240120.pdf.
– Mexico, “Plan Nacional de Desarollo 2013-2018,” (Diario Oficial de la Federación, Mexico City, May 20, 2013), http://www.dof.gob.mx/nota_detalle.php?codigo=5299465&fecha=20/05/2013.
New Zealand
– New Zealand, “The Digital 9,” New Zealand Digital government, Wellington, (July 1, 2020), https://www.digital.govt.nz/digital-government/international-partnerships/the-digital-9.
Panamá
– Panama, “Ley nº 81, de 26 de marzo de 2019, sobre protección de datos personales,” ANTAI (Gaceta Oficial Digital, Ciudad de Panamá, March 29, 2019), https://www.antai.gob.pa/wp-content/uploads/2019/04/Ley-81-de-2019-Proteccion-de-Datos-Personales.pdf.
República Dominicana
– República Dominicana, “Ley nº 172/2013, de 13 de diciembre de 2013,” (Gaceta Oficial, Santo Domingo, December 15, 2013), https://indotel.gob.do/media/6200/ley_172_13.pdf.
Uruguay
– Uruguay, “Agenda Uruguay Digital 2025 – Sociedad digital resiliente,” (Presidencia de la República Oriental del Uruguay, Agencia de Gobierno Electrónico y Sociedad de la Información y del Conocimento, n.p.), accessed June 15, 2021, https://www.gub.uy/uruguay-digital/comunicacion/publicaciones/agenda-uruguay-digital-2025-sociedad-digital-resiliente/agenda-uruguay-0
– Uruguay, “Consulta Pública Estrategia Nacional de Inteligencia Artificial para el Gobierno Digital,” Camara Uruguaya de Tecnologías de la Información, n.p., 2019, https://www.cuti.org.uy/novedades/1199-consulta-publica-estrategia-nacional-de-inteligencia-artificial-para-el-gobierno-digital.
– Uruguay, “Estrategia de Inteligencia Artificial para el Gobierno Digital,” gub.uy (Presidencia de la República Oriental del Uruguay, Montevideo, 2019), https://www.gub.uy/system/documents/attachments/000/000/003/original/0177491ab68dc7b819694c237a705f4a7ba95e73.pdf.
– Uruguay, “Ley 18.331: Ley de Protección de Datos Personales,” IMPO (La Dirección Nacional de Impresiones y Publicaciones Oficiales, Montevideo, August 18, 2008), https://www.impo.com.uy/bases/leyes/18331-2008.
– Uruguay, “Principios Generales sobre Inteligencia Artificial para el Gobierno Digital,” gub.uy (Presidencia de la República Oriental del Uruguay, Agencia de Gobierno Electrónico y Sociedad de la Información y del Conocimento, n.p.), accessed July 4, 2020, https://www.gub.uy/system/documents/attachments/000/000/001/original/abc45c0eb835393a55232b2d9a3c54446f0c4278.pdf.
Acknowledgments
This paper is part of the project “Document and field research on data protection authorities in Latin America”, funded by the Foundation for Research Support of the State of São Paulo (FAPESP) (https://bv.fapesp.br/pt/auxilios/105576/pesquisa-documental-e-de-campo-sobre-autoridades-de-data-protection-in-latin-america-the-concept). The authors are grateful to the blind reviewers, whose criticisms and recommendations were essential to improve the original text. Nonetheless, solely the authors are accountable to any errors or supervening flaws. Likewise, the authors thank Carolina Ferreira de Medeiros for the text review of the original manuscript.
Author’s Bio
Alexandre Veronese, Ph.D. in Sociology by the Institute of Social and Political of the University of the State of Rio de Janeiro, Associate Professor at the University of Brasilia, Researcher at the Centre of Studies in European Union Law of the University do Minho (Portugal) and the Centre of Policies, Law, Economy and Communication Technologies (CCOM UnB), Coordinator of the Group of Telecommunications Law (GETEL UnB). E-mail: veronese@ccom.unb.br.
Amanda Nunes Lopes Espiñeira Lemos, Ph.D. candidate and Master in Law by the University of Brasília. Fellowship holder of Fiocruz (Brasília). Ex Junior Fellowship at Centro de Estudios de Telecomunicaciones de América Latina (cet.la). Researcher at the Group of Telecommunications Law (GETEL-UnB) and at Laboratory of Public Policy and Internet (LAPIN). E-mail: amandaespineira@gmail.com.