The European Union has issued a stern warning to Microsoft, stating that the tech giant could face fines up to 1% of its global annual turnover under the Digital Services Act (DSA).
This warning comes after Microsoft allegedly failed to fully comply with a request for information (RFI) concerning the risks associated with its generative AI tools.
Background on the Inquiry
In March, the EU approached Microsoft and other major tech companies, requesting detailed information about the systemic risks posed by their generative AI tools.
The focus was on understanding how these tools might affect various aspects of society, including civic discourse and electoral processes.
On Friday, the European Commission indicated that Microsoft had not provided some of the requested documents.
Initially, the Commission’s press release suggested that Microsoft had completely ignored the request.
However, an updated version clarified that Microsoft had partially responded, prompting the EU to intensify its enforcement efforts.
The Stakes and Deadlines
Microsoft has been given until May 27 to provide the missing information. Failure to comply could result in significant financial penalties.
While the DSA allows for fines up to 6% of a company’s global annual revenue for major breaches, providing incorrect, incomplete, or misleading information in response to an RFI can lead to a standalone fine of 1%.
Given that Microsoft reported a revenue of $211.92 billion for the fiscal year ending June 30, 2023, the potential fine could amount to billions of dollars.
Systemic Risk Obligations and Enforcement
Under the DSA, larger platforms like Microsoft are subject to stringent systemic risk obligations.
The European Commission oversees these obligations and has a broad range of enforcement tools at its disposal.
This situation places additional pressure on Microsoft, beyond the immediate financial penalties. The enforcement actions could be far more costly than any reputational damage from failing to comply with the RFI.
The Commission is specifically concerned about the risks associated with Bing’s generative AI features, including the AI assistant “Copilot in Bing” and the image generation tool “Image Creator by Designer.”
The EU has highlighted potential risks these tools pose to civic discourse and electoral integrity.
The Impact of Generative AI
Generative AI technologies, such as large language models (LLMs) and AI-powered image generation tools, have been at the forefront of recent technological advancements.
However, these technologies are not without flaws. LLMs, for example, are prone to generating “hallucinations,” or fabricating information presented as fact.
Similarly, AI-powered image generation tools have produced racially biased or potentially harmful content, including misleading deepfakes.
Given the upcoming European Parliament elections, the EU is particularly focused on the potential for AI-fueled political disinformation.
The Commission’s guidelines on electoral integrity specifically identify generative AI as a significant risk. This focus has intensified scrutiny on companies like Microsoft that embed AI into their mainstream platforms.
Microsoft’s Position and Response
In response to the EU’s warning, a Microsoft spokesperson emphasized the company’s commitment to online safety and cooperation with regulators.
“We are deeply committed to creating safe online experiences and working with regulators on this important topic,” the spokesperson said.
Microsoft stated that it has been fully cooperating with the European Commission and remains committed to addressing their questions and sharing its approach to digital safety and DSA compliance.
Microsoft also highlighted its proactive measures to mitigate potential risks across its online services.
“We take steps to measure and mitigate potential risks across our diverse range of online services. This includes actions to prepare our tools for the 2024 elections and safeguard voters, candidates, campaigns, and election authorities,” the spokesperson added.
Additionally, Microsoft expressed its intent to continue collaborating with industry peers as part of the Tech Accord to Combat Deceptive Use of AI in 2024 Elections.
Broader Implications for Tech Giants
This situation underscores the broader challenges tech giants face as they integrate advanced AI technologies into their services.
The EU’s Digital Services Act represents a significant regulatory framework aimed at holding these companies accountable for the systemic risks their technologies may pose.
As AI continues to evolve and its applications become more widespread, regulatory bodies worldwide are increasingly focused on ensuring these technologies are deployed responsibly.
For Microsoft, the immediate priority is to comply with the EU’s request for information and avoid the substantial fines.
However, the broader implications extend beyond financial penalties. The company, along with its peers, must navigate the complex landscape of AI regulation, balancing innovation with compliance and ethical considerations.
The Role of the Digital Services Act
The Digital Services Act, which came into force recently, aims to create a safer digital space where the fundamental rights of users are protected.
The DSA imposes various obligations on digital service providers, particularly those designated as “very large online platforms” (VLOPs) and “very large online search engines” (VLOSEs).
These obligations include conducting risk assessments, implementing risk mitigation measures, and ensuring transparency and accountability in their operations.
Bing, Microsoft’s search engine, was designated as a VLOSE under the DSA in April 2023. This designation subjects Bing to an extra layer of obligations related to mitigating systemic risks, such as disinformation.
The Commission’s focus on Bing’s generative AI features is part of this broader regulatory effort to ensure that digital platforms do not exacerbate societal risks.
Potential Consequences and Future Actions
If Microsoft fails to provide the requested information by the May 27 deadline, the Commission may impose additional penalties, including periodic fines of up to 5% of the company’s average daily income or worldwide annual turnover.
These penalties are designed to compel compliance and ensure that companies take their regulatory obligations seriously.
The Commission’s actions also send a clear message to other tech companies: compliance with the DSA is non-negotiable, and failure to adhere to its requirements will result in significant consequences.
As the EU continues to enforce the DSA, other companies integrating generative AI into their services will likely face similar scrutiny.
Conclusion
The EU’s warning to Microsoft highlights the growing regulatory challenges tech giants face in the era of advanced AI.
As generative AI technologies become more embedded in mainstream platforms, the potential risks they pose to society, including disinformation and electoral interference, are coming under increasing scrutiny.
The Digital Services Act represents a robust regulatory framework aimed at mitigating these risks and ensuring that digital platforms operate responsibly.
For Microsoft, the immediate task is to comply with the EU’s request for information and avoid substantial fines. However, the broader challenge lies in navigating the complex landscape of AI regulation and balancing innovation with compliance and ethical considerations.
As the regulatory environment continues to evolve, tech companies must remain vigilant and proactive in addressing the systemic risks associated with their technologies.