Theodoros Karathanasis (MIAI AI Regulation Chair) has posted “The FRIA in EU AI Act: Governance, Rights, and Global Jurisdiction” on SSRN. Here is the abstract:
The Fundamental Right Impact Assessment (FRIA) under the EU AI Act presents a critical yet problematic mechanism for mitigating AI’s harms on fundamental rights. The primary challenge is the complex operationalization of FRIA, particularly given deployers’ nascent understanding of diverse fundamental rights beyond data protection, the absence of a comprehensive quantitative assessment methodology, and initial concerns regarding its administrative burden. The working paper conducts an in-depth analysis of FRIA’s multifaceted components and its relationship with existing assessments like the Data Protection Impact Assessment (DPIA), highlighting its broader scope covering non-personal data scenarios and focusing on “interferences” rather than solely “damages”. The most significant result is the EU’s expansive jurisdictional assertion, rooted in “territorializing” extraterritorial obligations and the “eOects doctrine,” wherein FRIA functions as a direct manifestation of internal due diligence to protect human rights globally. This signifies a normative shift from traditional physical territory to a framework, aiming to diOuse EU rights-based standards universally despite challenges like sovereignty conflicts and AI’s black box nature.