Developing an Ontology for AI Act Fundamental Rights Impact Assessments
This work addresses the regulatory compliance challenge for organizations deploying AI systems under the EU AI Act, though it is incremental as it builds on existing vocabularies like the Data Privacy Vocabulary.
The authors tackled the need for machine-readable documentation to support Fundamental Rights Impact Assessments (FRIA) under the EU AI Act by developing an ontology based on semantic web standards, enabling the creation and management of FRIA and automated tools for compliance.
The recently published EU Artificial Intelligence Act (AI Act) is a landmark regulation that regulates the use of AI technologies. One of its novel requirements is the obligation to conduct a Fundamental Rights Impact Assessment (FRIA), where organisations in the role of deployers must assess the risks of their AI system regarding health, safety, and fundamental rights. Another novelty in the AI Act is the requirement to create a questionnaire and an automated tool to support organisations in their FRIA obligations. Such automated tools will require a machine-readable form of information involved within the FRIA process, and additionally also require machine-readable documentation to enable further compliance tools to be created. In this article, we present our novel representation of the FRIA as an ontology based on semantic web standards. Our work builds upon the existing state of the art, notably the Data Privacy Vocabulary (DPV), where similar works have been established to create tools for GDPR's Data Protection Impact Assessments (DPIA) and other obligations. Through our ontology, we enable the creation and management of FRIA, and the use of automated tool in its various steps.