At a glance.
- India decides not to regulate AI.
- Saudi Arabia announces changes to its PDPL.
- Singapore calls for greater action against ransomware attackers.
India decides not to regulate AI.
As we discussed yesterday, rapid advancements in artificial intelligence have governments across the globe discussing how best to minimize the inherent ethical risks and dangers of such technology. A recent move from India’s Ministry of Electronics and IT, however, seems that officials in India, the world’s second largest internet market, feel those concerns are unwarranted. After conducting an assessment of the risks connected with artificial intelligence, the Ministry announced yesterday that it does not see the need to regulate AI tech development, TechCrunch reports. In its statement, the ministry said that AI is a “significant and strategic” area for the nation, and instead of regulation, the Indian government will be implementing efforts to bolster the expansion of the AI sector. “AI is a kinetic enabler of the digital economy and innovation ecosystem. Government is harnessing the potential of AI to provide personalized and interactive citizen-centric services through digital public platforms,” the ministry stated.
Saudi Arabia announces changes to its PDPL.
Lexology reports that Saudi Arabia is set to make a series of amendments to its Personal Data Protection Law (PDPL). The Saudi Arabia Council of Ministers have approved a slate of changes proposed by the Saudi Data & Artificial Intelligence Authority in November 2022 to bring the PDPL more in line with the international data laws like the EU’s General Data Protection Regulation. Key updates include establishing more business-friendly data transfer mechanisms, setting new grounds for data processing, and reducing the number of criminal sanctions for violations of the PDPL’s data transfer restrictions. A registration requirement for controllers has also been removed, and data breaches will no longer have to be reported immediately. (Details on notification timelines are expected to be added in coming months.) The updated PDPL is scheduled to come into effect in September 2023.
Singapore calls for greater action against ransomware attackers.
In the wake of the cyberattack on Singaporean-owned telecom giant Optus, the Singaporean government says it aims to up the ante when it comes to fighting ransomware gangs. While on a visit to Australia, where Optus is the country’s second-largest telecom provider, Singapore’s Minister for Communications and Information Josephine Teo yesterday spoke before the Australian Strategic Policy Institute's Sydney Dialogue. During her speech, ABC reports, she emphasized the need for regulatory interoperability across jurisdictions in order to ensure that threat actors do not receive payment. "What happens when a ransomware attack happens is that there is a need to stop the payment to the ransomware actor. The ransomware actors work across different jurisdictions — they're actually taking advantage of the failure of interoperability to get away. So, the rules and regulations that would allow one jurisdiction to stop the payment to the ransomware actor doesn't work across another jurisdiction." Teo also applauded the efforts of the Counter Ransomware Initiative, which is led by the US and counts Australia among its thirty-six member nations. Teo stated, "The Counter Ransomware Initiative now says: shall we find a way in which notifications can be implemented in each of the member states that are participating in this initiative so that we can all help each other to stop payment of ransom to these actors."