NGO-Algorithm-Audit
diff --git a/‎config/_default/menus.NL.toml‎
Lines changed: 1 addition & 1 deletion b/‎config/_default/menus.NL.toml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/english/knowledge-platform/policy-observatory.md‎
Lines changed: 12 additions & 23 deletions b/‎content/english/knowledge-platform/policy-observatory.md‎
Lines changed: 12 additions & 23 deletions
diff --git a/‎content/nederlands/knowledge-platform/policy-observatory.md‎
Lines changed: 12 additions & 14 deletions b/‎content/nederlands/knowledge-platform/policy-observatory.md‎
Lines changed: 12 additions & 14 deletions
diff --git a/‎layouts/shortcodes/embed_pdf.html‎
Lines changed: 2 additions & 2 deletions b/‎layouts/shortcodes/embed_pdf.html‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎static/pdf-files/policy-observatory/20230705_DSA_delegated_regulation.pdf‎
295 KB b/‎static/pdf-files/policy-observatory/20230705_DSA_delegated_regulation.pdf‎
295 KB
diff --git a/‎static/pdf-files/policy-observatory/2023_VanBekkum_Using sensitive data to prevent discrimination by AI.pdf‎
715 KB b/‎static/pdf-files/policy-observatory/2023_VanBekkum_Using sensitive data to prevent discrimination by AI.pdf‎
715 KB
diff --git a/‎static/pdf-files/policy-observatory/20240213_JTC21_plenary_FRIAs_stakeholder_panels.pdf‎
2.57 MB b/‎static/pdf-files/policy-observatory/20240213_JTC21_plenary_FRIAs_stakeholder_panels.pdf‎
2.57 MB
@@ -83,7 +83,7 @@ url = "/nl/knowledge-platform/knowledge-base"
     icon = "fa-check"
   [[main]]
   parent = "Kennisplatform"
-  name = "AI beleid observatorium"
+  name = "AI beleidsobservatorium"
   url = "nl/knowledge-platform/policy-observatory"
   weight = 2
   [[main.params]]
 
@@ -1,9 +1,9 @@
 ---
 title: AI Policy Observatory
 subtitle: >
-  AI ethics urgently needs case-based experience and a bottom-up approach. We
-  believe existing and proposed legislation is and will not suffice to realize
-  ethical algorithms. For various policy initiatives, we elaborate below why.
+  There are various policy initiatives for responsible deployment of algorithms
+  and AI. On this page information is collected about these initiatives,
+  including reference material that Algorithm Audit has developed.
 image: /images/svg-illustrations/knowledge_base.svg
 reports_preview:
   title: White papers
@@ -22,27 +22,19 @@ reports_preview:
         conducting independent audits
 ---
 
-{{< tab_header width="2" default_tab="AI-Act" tab1_id="AI-Act" tab1_title="AI Act" tab2_id="DSA" tab2_title="DSA" tab3_id="GDPR" tab3_title="GDPR" tab4_id="administrative-law" tab4_title="Administrative law" tab5_id="FRIA" tab5_title="FRIA" tab6_id="algorithm-registers" tab6_title="Registers" >}}
+{{< tab_header width="2" default_tab="AIAct" tab1_id="AIAct" tab1_title="AI Act" tab2_id="GDPR" tab2_title="GDPR" tab3_id="administrative-law" tab3_title="Administrative law" tab4_id="FRIA" tab4_title="FRIA" tab5_id="algorithm-registers" tab5_title="Registers" tab6_id="DSA" tab6_title="DSA" >}}
 
-{{< tab_content_open id="AI-Act" icon="fa-newspaper" title="AI Act" >}}
+{{< tab_content_open id="AIAct" icon="fa-newspaper" title="AI Act" >}}
 
 The <a href="https://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1623335154975&uri=CELEX%3A52021PC0206" target="_blank">AI Act</a> imposes broad new responsibilities to control risks from AI systems without at the same time laying down specific standards they are expected to meet. For instance:
 
-* **Conformity assessment (Art. 43) –** The proposed route for internal control relies too much on the self-reflective capacities of producers to assess AI quality management, risk management and bias. Resulting in subjective best-practices;
 * **Risk- and quality management systems (Art. 9 and 17) –** Requirements set out for risk management systems and quality management systems remain too generic. For example, it does not provide precise guidelines how to identify and mitigate ethical issues such as algorithmic discrimination;
-* **Normative standards –** Technical standards alone, as requested the European Commission to standardization bodies CEN-CENELEC, are not enough to realize AI harmonization across the EU. Publicly available technical and normative best-practices for fair AI are urgently needed.
+* **Conformity assessment (Art. 43) –** The proposed route for internal control relies too much on the self-reflective capacities of producers to assess AI quality management, risk management and bias. Resulting in subjective best-practices;
+* **Technical standards –** Technical standards alone, as requested the European Commission to standardization bodies CEN-CENELEC, are not enough to realize AI harmonization across the EU. Publicly available technical and normative best-practices for fair AI are urgently needed.
 
 As a member of Dutch standardization body NEN, Algorithm Audit contributes to the European debate how fundamental rights should be co-regulated by product safety.
 
-#### Presentation to European standardization body CEN-CENELEC on stakeholder panels
-
-{{< pdf_frame articleUrl1="https://drive.google.com/file/d/1vadydN4_ZEXJ0h_Sj-4GRUwJSacM0fCK/preview" width_desktop_pdf="12" width_mobile_pdf="12" >}}
-
-{{< button button_text="Learn more about our standardization activities" button_link="/knowledge-platform/standards/" >}}
-
-Our audits take in mind upcoming harmonized standards that will be applicable under the AI Act, excluding  cybersecurity specifications. For each of our technical and normative audit reports is elaborated how it aligns with the current status of AI Act harmonized standards.
-
-{{< button button_text="Case repository" button_link="/algoprudence/" >}}
+{{< button button_text="Learn more about our AI Act Implementation Tool" button_link="/technical-tools/implementation-tool/" >}}
 
 {{< tab_content_close >}}
 
@@ -58,7 +50,7 @@ The [Digital Services Act (DSA)](https://eur-lex.europa.eu/legal-content/EN/TXT
 
 #### Read our feedback to the Europen Commission on DSA Art. 37 Delegated Regulation
 
-{{< pdf_frame articleUrl1="https://drive.google.com/file/d/1v6CApiRsT4vE1e-EXJnHDufk0FyXLHwL/preview" width_desktop_pdf="6" width_mobile_pdf="12" >}}
+{{< embed_pdf url="/pdf-files/policy-observatory/20230705_DSA_delegated_regulation.pdf" width_desktop_pdf="6" width_mobile_pdf="12" >}}
 
 {{< button button_text="Read the white paper" button_link="/knowledge-platform/knowledge-base/white_paper_dsa_delegated_regulation_feedback/" >}}
 
@@ -69,14 +61,11 @@ The [Digital Services Act (DSA)](https://eur-lex.europa.eu/legal-content/EN/TXT
 The GDPR has its strengths regarding participatory decision-making, but it has also weaknesses in regulating profiling algorithms and its focus on fully automated decision-making.
 
 * <a href="https://gdpr-info.eu/art-35-gdpr/" target="\_blank"> Participatory DPIA (art. 35 sub 9)</a> – This provision mandates that in cases where a Data Privacy Impact Assessment (DPIA) is obligatory, the opinions of data subjects regarding the planned data processing shall be seeked. This is a powerful legal mechanism to foster collaborative algorithm development. Nevertheless, the inclusion of data subjects in this manner is scarcely observed in practice;
-* <a href="https://gdpr-info.eu/recitals/no-71/" target="\_blank"> Profiling (recital 71)</a> – Profiling is defined as: “to analyse or predict aspects concerning the data subject’s performance at work, economic situation, health, personal preferences or interests, reliability or behaviour, location or movements”. However, the approval of profiling, particularly when “authorised by Union or Member State law to which the controller is subject, including fraud monitoring”, grants public and private entities significant flexibility to integrate algorithmic decision-making derived from diverse types of profiling. This wide latitude raises concerns about the potential for excessive consolidation of personal data and the consequences of algorithmic determinations. As illustrated by simple, rule-based but harmful profiling algorithms in The Netherlands;
-* <a href="https://gdpr-info.eu/art-22-gdpr/" target="\_blank"> Automated decision-making (art. 22 sub 2)</a> – Allowing wide-ranging automated decision-making (ADM) and profiling under the sole condition of contract agreement opens the door for large scale unethical algorithmic practices without accountability and public awareness.
-
-#### Read Algorithm Audit's technical audit of a risk profiling-based control proces of a Dutch public sector organisation
+* <a href="https://gdpr-info.eu/art-22-gdpr/" target="\_blank"> Automated decision-making (art. 22 sub 2)</a> – Ongoing legal uncertainty what exactly is 'automated decision-making' and 'meaningful human interaction' given the <a href="[https://](https://curia.europa.eu/juris/liste.jsf?num=C-634/21)" target="_blank">Schüfa court</a> ruling by the Court of Justice of the European Union (CJEU).
 
-{{< pdf_frame articleUrl1="https://drive.google.com/file/d/17dwU4zAqpyixwVTKCYM7Ezq1VM5_kcDa/preview" width_desktop_pdf="6" width_mobile_pdf="12" >}}
+#### Article summarizing interaction GDPR and AI Act regarding data collection for debiasing
 
-{{< button button_link="/algoprudence/cases/aa202401_bias-prevented/" button_text="Technical audit" >}}
+{{< embed_pdf url="/pdf-files/policy-observatory/2023_VanBekkum_Using sensitive data to prevent discrimination by AI.pdf" width_desktop_pdf="6" width_mobile_pdf="12" >}}
 
 {{< tab_content_close >}}
 
 
@@ -1,29 +1,27 @@
 ---
-title: AI beleid observatorium
+title: AI beleidsobservatorium
 subtitle: >
-  Om concreet aan de slag te gaan met de verantwoorde inzet van algoritmes is
-  het urgent dat praktijkervaring op code-niveau publiek wordt gedeeld.
-  Algorithm Audit is van mening dat abstracte en top-down wet- en regelgeving
-  hier onvoldoende soelaas voor biedt. Per beleidsinstrument lichten we
-  hieronder toe waarom.
+  Er zijn verschillende beleidsinitiativen om algoritmes en AI verantwoord in te zetten. 
+  Op deze pagina wordt informatie bijgehouden over belangrijke Europese en nationale initiatieven, inclusief 
+  materiaal dat Algorithm Audit over het onderwerp heeft ontwikkeld.
 image: /images/svg-illustrations/knowledge_base.svg
 ---
 
-{{< tab_header width="2" default_tab="AI-Act" tab1_id="AI-Act" tab1_title="AI Act" tab2_id="DSA" tab2_title="DSA" tab3_id="AVG" tab3_title="AVG" tab4_id="Awb" tab4_title="Bestuurs recht" tab5_id="IAMA" tab5_title="IAMA" tab6_id="algorithm-registers" tab6_title="Algoritme register" >}}
+{{< tab_header width="2" default_tab="AIAct" tab1_id="AIAct" tab1_title="AI-verordening" tab2_id="GDPR" tab2_title="AVG" tab3_id="administrative-law" tab3_title="Bestuursrecht" tab4_id="FRIA" tab4_title="IAMA" tab5_id="algorithm-registers" tab5_title="Algoritme register" tab6_id="DSA" tab6_title="DSA">}}
 
-{{< tab_content_open id="AI-Act" icon="fa-newspaper" title="AI Verordening" >}}
+{{< tab_content_open id="AIAct" icon="fa-newspaper" title="AI-verordening" >}}
 
-De <a href="https://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1623335154975&uri=CELEX%3A52021PC0206" target="_blank">AI Verordening</a> legt brede nieuwe verantwoordelijkheden op om risico's van AI-systemen te beheersen, maar specifieke normen voor de verantwoorde inzet van algoritmes ontbreken vooralsnog. Bijvoorbeeld:
+De <a href="https://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1623335154975&uri=CELEX%3A52021PC0206" target="_blank">AI-verordening</a> legt brede nieuwe verantwoordelijkheden op om risico's van AI-systemen te beheersen, maar specifieke normen voor de verantwoorde inzet van algoritmes ontbreken vooralsnog. Bijvoorbeeld:
 
-* **Risico- en kwaliteitmanagement systeem (Art. 9 and 17) –** Vereisten voor risico- en kwaliteitmanagement systemen blijven te generiek. De vereisten stellen bijvoorbeeld dat AI systemen niet mogen discrimineren en dat ethische risico's in kaart moeten worden gebracht. Er wordt echter niet toegelicht hoe discriminatie kan worden vastgesteld of hoe waardenspanningen beslecht kunnen worden;
+* **Risico- en kwaliteitmanagementsysteem (Art. 9 and 17) –** Vereisten voor risico- en kwaliteitmanagement systemen blijven te generiek. De vereisten stellen bijvoorbeeld dat AI systemen niet mogen discrimineren en dat ethische risico's in kaart moeten worden gebracht. Er wordt echter niet toegelicht hoe discriminatie kan worden vastgesteld of hoe waardenspanningen beslecht kunnen worden;
 * **Conformiteitsassessment (Art. 43) –** De AI Verordening leunt zwaar of interne controles en mechanismen die zelf-reflectie moeten bevorderen om AI systemen op een verantwoorde wijze in te zetten. Dit leidt echter tot subjectieve keuzen. Meer institutionele duiding is nodig over normatieve vraagstukken;
 * **Normatieve standaarden –** Enkel technische standaarden voor AI-systemen, zoals de Europese Commissie  standaardiseringsorganisaties CEN-CENELEC heeft verzocht te ontwikkelen, zijn onvoldoende om voor de verantwoorde inzet van AI systemen. Publieke kennis over technische én normatieve oordeelsvorming over verantwoorde AI-systemen is hard nodig. Maar juist hier is een gebrek aan.
 
 Als lid van het Nederlands Normalisatie Instituut NEN draagt Stichting Algorithm Audit bij aan het Europese debat hoe fundamentele rechten gecoreguleerd kunnen worden door productveiligheidsregulatie zoals de AI Verordening.
 
 #### Presentatie Algorithm Audit tijdens plenaire bijeenkomst Europese standaardiseringsorganisatie  CEN-CENELEC over diverse en inclusieve adviescommissies in Dublin, feb-2024
 
-{{< pdf_frame articleUrl1="https://drive.google.com/file/d/1vadydN4_ZEXJ0h_Sj-4GRUwJSacM0fCK/preview" width_desktop_pdf="12" width_mobile_pdf="12" >}}
+{{< embed_pdf url="/pdf-files/policy-observatory/20240213_JTC21_plenary_FRIAs_stakeholder_panels.pdf" width_desktop_pdf="12" width_mobile_pdf="12" >}}
 
 {{< button button_text="Kom meer te weten over onze standaardiseringsactiviteiten" button_link="/nl/knowledge-platform/standards/" >}}
 
@@ -45,7 +43,7 @@ The [Digital Services Act (DSA)](https://eur-lex.europa.eu/legal-content/EN/TXT
 
 #### Read our feedback to the Europen Commission on DSA Art. 37 Delegated Regulation
 
-{{< pdf_frame articleUrl1="https://drive.google.com/file/d/1v6CApiRsT4vE1e-EXJnHDufk0FyXLHwL/preview" width_desktop_pdf="6" width_mobile_pdf="12" >}}
+{{< embed_pdf url="/pdf-files/policy-observatory/20230705_DSA_delegated_regulation.pdf" width_desktop_pdf="6" width_mobile_pdf="12" >}}
 
 {{< button button_text="Read the white paper" button_link="/knowledge-platform/knowledge-base/white_paper_dsa_delegated_regulation_feedback/" >}}
 
@@ -61,13 +59,13 @@ The GDPR has its strengths regarding participatory decision-making, but it has a
 
 #### Read Algorithm Audit's technical audit of a risk profiling-based control proces of a Dutch public sector organisation
 
-{{< pdf_frame articleUrl1="https://drive.google.com/file/d/17dwU4zAqpyixwVTKCYM7Ezq1VM5_kcDa/preview" width_desktop_pdf="6" width_mobile_pdf="12" >}}
+{{< embed_pdf url="/pdf-files/algoprudence/TA_AA202401/TA_AA202401_Vooringenomenheid_voorkomen.pdf" width_desktop_pdf="6" width_mobile_pdf="12" >}}
 
 {{< button button_link="/algoprudence/cases/aa202401_bias-prevented/" button_text="Technical audit" >}}
 
 {{< tab_content_close >}}
 
-{{< tab_content_open icon="fa-newspaper" title="Administrative law" id="administrative-law" >}}
+{{< tab_content_open icon="fa-newspaper" title="Bestuursrecht" id="administrative-law" >}}
 
 Administrative law provides a normative framework for algorithmic-driven decision-making processes. In The Netherlands, for instance, through the codification of general principles of good administration (gpga). We argue that these principles are relevant to the algorithmic practice, but require contextualisation, which is often lacking. Take a closer look, for instance, to:
 
 
@@ -110,8 +110,8 @@
 {{ $urlHash := substr (md5 $url) 0 8 }}
 
 <div class="row">
-  <div class="col-{{ $mobile_width }} col-lg-{{ $desktop_width }} my-5" style="display:table;">
-    <div class="embed-pdf-container mt-5" id="embed-pdf-container-{{ $urlHash }}">
+  <div class="col-{{ $mobile_width }} col-lg-{{ $desktop_width }} my-3" style="display:table;">
+    <div class="embed-pdf-container mt-0" id="embed-pdf-container-{{ $urlHash }}">
       <div class="pdf-loadingWrapper" id="pdf-loadingWrapper-{{ $urlHash }}">
         <div class="pdf-loading" id="pdf-loading-{{ $urlHash }}"></div>
       </div>