When considering the introduction of new regulations, full attention must be given to existing regulations and systems, and they must not be extended to AI technology embedded in hardware, including software and services. Changes in the targets of regulation will mean AI system developers being held accountable for issues they cannot be directly involved with, and this may undermine the development and utilization of AI systems.

Since existing safety regulations have not envisioned application to AI technology, a solution to the issue of lack of explicit rules to address new safety risks will take time. Discussions on this issue need to take into account a balance between the benefits for society as a whole—including developers, providers, deployers, and users of AI systems—and the possible risks.

For business operators, it is desirable that the legal position of their businesses is clear, that the credibility of AI-related products and services is enhanced by legal underpinning, and that compliance cost is reduced through the creation of a harmonized framework. We, therefore, welcome the discussion in the inception impact assessment.

A discussion on accountability, which is inevitable in the process of introducing regulations, should give consideration to the areas of AI utilization, social impact, and other background factors. Imposing uniform accountability rules for businesses operating in diverse areas may hinder AI utilization in multiple areas and is, therefore, undesirable.

There are cases where it may not be possible to sort out all AI-related rights and obligations with legal provisions and cases where comprehensive categorization will be difficult. Even in such cases, the legal stability of businesses and the safety of users can be ensured through the clarification of rights and obligations by the parties in a contract. It is desirable to hold discussions on new rules while paying due attention to security and safety guaranteed by voluntary and flexible free contracts by the parties involved.

Striking a balance between innovation and regulation is important for the realization of the interests of an advanced and highly credible data-driven society. Likewise, it is desirable to ensure the harmony of international rules to prevent unnecessary fractionalization. Lack of clarity on what is allowed and not allowed under the regulations is one obstacle to the development and deployment of AI solutions in Europe. Concerns about proof of full compliance with regulations have undermined many business negotiations with both government and the private sector.

Basically, it is desirable not to complicate the legal systems developers must comply with, such as by regulating areas that can be regulated by existing rules and systems under these frameworks (e.g. regulating AI used in medical equipment through regulations on medical equipment). New regulations should be limited to the minimum required, and when considering the introduction of such regulations, compatibility with existing rules and systems should be ensured, and particular attention needs to be paid to preventing overlapping administration.

With regard to areas that existing rules and systems are unable to regulate, considering policies with the "soft law" approach is effective. Under the current situation where it is still premature to define and regulate high-risk AI, imposing prior regulations on AI-enabled products and services without any explicit basis may hinder innovation that will contribute to industrial development and help resolve social issues in Europe.

Therefore, it is better to promote industry-led measures and enhance the credibility of AI in the market by developing a joint government-private sector scheme for the appropriate evaluation of the voluntary steps taken by businesses.

Compatibility with international standards is necessary for the voluntary steps initiated by the industrial sector to be widely recognized and adopted. Continuous investigation, discussion, and improvement for all stakeholders are necessary in the process of determining policies to address the risks relating to the development and utilization of AI applications. Corporate self-governance is particularly important for the protection of fundamental rights.

A consensus has yet to be reached on the definition and correct understanding of biometric data, such as face recognition and dactyloscopy (fingerprint) data, which has been identified as "high-risk AI application," and legal systems pertaining to its utilization have not been established. It is necessary to clarify the definition of the scope and uses of systems such as remote biometric identification and biometric authentication, as well as the difference between the two, ensuring that this issue is discussed carefully, in order not to restrict utilization by the private sector unnecessarily.

The creation of practical guidelines is necessary to clarify the conditions and operational requirements for using remote biometric identification systems. The guidelines must also define remote biometric identification systems and classify their utilization methods.

Evaluation as "high-risk" must be based on the current discourse and definition of "risk" at institutions deliberating international standards. Uniform regulations must not be imposed on diverse sector-specific definitions and methods for risk assessment and management, and measures based on existing regulations in each sector should be considered.

While the criteria for defining high-risk AI set out in the European Commission's white paper are indispensable for the realization of credible AI as an issue for the future, technical validation of these criteria is still very difficult at present. It must also be noted that in cases where the risks of systems using high-risk AI can be fully eliminated or mitigated through physical safety measures and operations, the criteria defining high-risk AI must not be applied uniformly. Therefore, it is desirable to adopt a step-by-step approach to arrive at a realistic timetable and criteria based on a road map to be drawn up after consultations with experts. The substance of the road map and the standards must be consistent with and conform to European as well as world standards.

There are many AI applications, such as those relating to the optimization of production processes and energy use, that do not pose any risks to the fundamental rights and safety being considered in this assessment. The imposition of uniform criteria on all applications will result only in demerits, such as increased cost, for such applications. Therefore, Sub-option 3 under Option 3 is inappropriate.

The standards for fairness, safety, and quality differ for each country, culture, sector, user, and so forth. Therefore, it is necessary to make appropriate choices of measures to be adopted for each AI technology and sector, such as the "soft law" approach and measures based on existing regulations, in order to be able to adapt flexibly to AI and other rapidly evolving new technologies.

In the introduction of regulations, consistency and conformity with laws recognized as a vital framework for the privacy and security of European citizens' personal data, which are also regarded as models by many countries, particularly the General Data Protection Regulation (GDPR), is very important. In order to promote consistency and conformity, cooperation with the European Data Protection Board (EDPB) and national and international data protection bodies in the implementation of such regulations is advisable.

The imposition of conditions on companies developing AI applications that constitute a burden on them may have economic consequences, including weakened international competitiveness of EU companies due to the delay in the launch of products and services in the EU market compared to other economic zones, or even failure to launch them. It must also be noted that the result may impede innovation.

It must be noted that even with uniform rules for EU members, lack of conformity with international regulations, which are important for businesses engaged in global operations, will increase compliance cost.

Regardless of whether there is explicit public intervention, since AI undergoes model changes through learning after the start of service, even if measures that need to be taken by the responsible operators at the start of service are anticipated, these operators may still face unforeseen litigation risks as a result of subsequent model changes, thus compromising the social benefits AI would have generated. For this reason, the terms that suppliers of products and services need to abide by should be clarified to ensure legal certainty.

As stated elsewhere in this document, the extent of the impact of AI on society, the environment, basic human rights, and so forth cannot be measured by the capital or number of employees of the corporate developers but is largely determined by the number of users and the utilization methods of the products and services. Therefore, it is not necessarily appropriate to use the size of the corporate developer or whether it is a small or medium-sized enterprise as a criterion for determining whether it is subject to regulation.

We hope for greater credibility of AI applications in society and greater social acceptance of these applications.

It must be noted that the imposition of conditions on companies developing AI applications that constitute a burden on them may prevent users in EU nations from enjoying the benefits of cutting-edge technology due to delay in the launch of products and services in the EU market compared to other economic zones, or even failure to launch them, with the result of jeopardizing innovation.

The start time for the impact assessment of this initiative should be specified. Furthermore, this assessment should be implemented with ample lead time, taking into account the effect of the COVID-19 pandemic, and with sufficient opportunities to engage in dialogue with the industrial sector.