Artificial Intelligence

As yet, there are no specific regulations on AI in Denmark. Hence, ordinary legislation (eg, data protection laws) and legal principles apply, either directly or by way of analogy or interpretation.

Established or ‘background’ law plays an important role in Denmark, in particular within civil law areas – such as contracts and torts law – which are important in relation to AI. Thus, although there is no case law as yet, background law will most likely evolve to cover AI before statutory rules are adopted.

With effect for financial years beginning on or after 1 January 2021, certain types of companies must supplement their management report with a statement on data ethics in accordance with the Financial Statements Act.

Data ethics complements companies’ processing of personal data and is generally understood as “responsible and sustainable use of data and to create transparency in the company’s data management. Data ethics is not just a matter of complying with the law, but is about treating other people's data with respect and doing the right thing, even when no one is looking” (Danish Companies Guide, Danish Business Authority). The responsible, sustainable and transparent use of data includes its use relation to AI.

The following companies are subject to this obligation:

• large companies in accounting Class C are subject to this obligation if, in two consecutive financial years, they exceed at least two of the following limits:
• • a balance-sheet total of DKK 156 million;
  • net revenue of DKK 313 million; and
  • an average number of full-time employees during the financial year of at least 250;
• companies in accounting class D – that is, listed companies and public limited companies, regardless of their size; and
• financial institutions with more than 500 employees, listed financial institutions and life insurance companies, as well as their holding companies.

To fulfil the reporting requirements, the management must apply the ‘comply or explain’ principle in its report – that is, it must either report on the company’s data ethics policy or justify why the company has opted out of adopting such a policy.

Not as yet, but such duty might very well be established by way of interpretation.

Professional IT providers are subject to an enhanced liability standard which will also apply in respect of AI. Accordingly, when determining whether a professional provider of AI products and services has acted negligently, this will be assessed within the context of how a prudent professional provider of similar services would have acted.

Yes – see question 1.1.

No – see question 1.1.

Not directly, but various bilateral and multilateral instruments may, by way of interpretation, have relevance in the AI context – for example, with regard to IP rights and trade agreements.

In Denmark, there is no single authority or body responsible for AI. If a question pertaining to the regulation of AI arises, the authority that administers that particular regulation (eg, the Danish Data Protection Agency with respect to the General Data Protection Regulation) will enforce that regulation subject to its normal powers.

Please see question 1.1.

A number of applications are being used in Denmark and new ones are fast emerging. Machine learning, robotics, natural language processing and virtual agents seem to have become the most embedded applications in Denmark currently.

AI-based products and services used to make predictions and automation. Predictions can cover almost everything, from market trends, customer behaviour and maintenance needs to energy consumption, diseases and diagnoses, traffic patterns, insurance fraud and crime prevention. Likewise, AI-based automation may cover a broad variety of products and services, from customer service and financial planning to management and optimisation of production, supply chain and business and administrative processes.

AI companies are generally structured as either:

• small start-ups (which are often geographically located in clusters with other tech start-ups and next to a university); or
• divisions in or separate entities of large and well-established companies.

AI companies are generally financed by private funds provided by investors, business angels and financial institutions, or the founders’ own savings. However, the Danish government’s national strategy for AI (2019) provides for public investment of approximately €10 million in AI companies. Other, more general public funding financing support schemes also exist.

In addition to the means of financial support discussed in question 2.4, the state is involved in the uptake and development of AI through many projects carried out within the public sector itself – for example, in the healthcare, energy and transportation sectors – as well as through research projects at universities (which are publicly owned in Denmark).

(a) Healthcare

Thus far, there is no special regulation of AI in the healthcare sector, so the ordinary rules and regulations will apply. The most significant legal issues are data protection and privacy issues. Issues relating to the ownership of IP rights may also arise.

(b) Security and defence

Thus far, there is no special regulation of AI in respect of security and defence, so the ordinary rules and regulations will apply. The most significant legal issues are data protection and privacy issues. Issues relating to the ownership of IP rights may also arise.

(c) Autonomous vehicles

Thus far, there is no special regulation of AI with regard to autonomous vehicles, so the ordinary rules and regulations will apply. The most significant legal issues are product liability, tort, data protection and privacy issues. Issues relating to the ownership of IP rights may also arise.

(d) Manufacturing

Thus far, there is no special regulation of AI with regard to manufacturing, so the ordinary rules and regulations will apply. The most significant legal issues are product liability, tort, data protection and privacy issues. Issues relating to the ownership of IP rights may also arise.

(e) Agriculture

Thus far, there is no special regulation of AI in the agricultural sector, so the ordinary rules and regulations will apply. The most significant legal issues are environmental law issues, product liability issues and compliance issues relating to food production regulation. Issues relating to the ownership of IP rights may also arise.

(f) Professional services

Thus far, there is no special regulation of AI in the professional services sector, so the ordinary rules and regulations will apply. The most significant legal issues are tort liability, data protection and privacy issues. Issues relating to the ownership of IP rights may also arise.

(g) Public sector

Thus far, there is no special regulation of AI in the public sector, so the ordinary rules and regulations will apply. The most significant legal issues are data protection and privacy issues, as well as issues relating to compliance with general rules and principles of administrative law. Issues relating to the ownership of IP rights may also arise.

(h) Other

N/A.

The Danish data protection regime consists primarily of the General Data Protection Regulation (GDPR) and the Data Protection Act (502 of 23 May 2018). As AI encompasses a variety of issues regarding data protection (eg, with respect to basic processing principles, the legal basis for processing, data subjects’ rights, security), the data protection regime will have significant implications for AI companies and applications.

The Danish cybersecurity regime primarily consists of the EU cybersecurity regime, including the Network and Information Security Directive (2016/1148/EU) and cybersecurity provisions in the EU telecommunications regulations, and the GDPR. Various national rules have also been adopted. As AI challenges cybersecurity in many respects, these rules are vital for AI companies and applications.

From a competition perspective, AI can be used to achieve, or can result in, a restriction of competition in violation of competition law – for example, by using AI tools and applications in a way that constitutes abuse of a dominant position. The competition law aspects of AI are being debated in Denmark, although thus far this has resulted in no specific regulatory initiatives.

The use of AI by employers vis-à-vis employees – for example, for recruitment, control or monitoring purposes – may present challenges from an employment law perspective. These concerns are being debated in Denmark, although thus far this has resulted in no specific regulatory initiatives.

AI may lead to the collection and creation of huge amounts of data which are difficult to manage, control and protect, thus also increasing the risk of data being manipulated and compromised by unauthorised third parties. The Danish government’s national strategy for AI (2019) highlights as a basic principle that companies and businesses, when applying AI, should emphasise responsibility, security and transparency. The rules on data protection and cybersecurity (see question 4) aim, among other things, to prevent data manipulation and breach of data integrity.

To our knowledge, thus far there are no widely adopted AI best practices in Denmark.

• Accountability;
• Reliability;
• Transparency;
• Respect for individuals’ fundamental rights;
• Non-discrimination;
• Data ethics; and
• Proportionality.

Compliance with the principles outlined in question 8.2.

As yet, there is no specific regulation of AI; as a result, most legal issues must be described and determined by contract, where possible. The primary risk from a contractual perspective is poor contracting practice, which may lead to issues such as:

• vague or missing definitions;
• unclear descriptions of scope and purpose;
• uncertainty with regard to the division of rights and obligations; and
• unclear or deficient clauses regarding vital issues such as liability, indemnification, data protection, security and ownership of IP rights.

These risks can be mitigated by the development of model and standard contracts for dealing with AI issues.

With regard to liability from a contractual perspective, see question 9.1. With regard to liability issues where no contractual relationship exists, the general rules on product liability and torts law will apply. If these rules turn out to be insufficient to resolve the liability issues that arise from the use of AI, special regulations targeted at AI will have to be adopted. Such regulations will need to address the most pressing liability problems relating to the use of AI: who is to be held liable and on what basis?

The use of AI entails a risk of data being subject to bias and discrimination, especially if this data is subsequently used for decision making. This risk can be mitigated by establishing clear and transparent principles on the use of AI (see question 8.2).

By the normal regulatory regime – that is, patent law, copyright law, the law on trade secrets and so on.

Primarily by public funding schemes. The Danish government’s national strategy for AI (2019) provides for public investment of approximately €10 million in AI companies. Other, more general public funding financing support schemes also exist.

The employment regime in Denmark consists of a number of regulations in combination with general principles of the law of obligations. None of these regulations includes provisions which target AI in particular; but the legislation on employee inventions (Consolidated Act 104 of 24 January 2012) entitles employees to fair remuneration for inventions made in the course of their employment.

Danish law contains no regulations aimed in particular at attracting AI specialists from overseas.

According to several surveys, Denmark enjoys a strong position in the AI sphere, compared to many other European countries. Denmark has long been a frontrunner in digitalisation; and its sophisticated educational system and strong tradition of collaboration between the state, the private sector and universities provide a solid basis for creating a flourishing AI landscape.

No specific legislative reforms have been proposed, but the Danish government’s national strategy for AI (2019) underlines Denmark’s strong focus on AI now and in the immediate future.

• Avail of all the benefits that a rich, well-organised welfare society with a well-educated, internationally oriented workforce can offer.
• Learn to live with the tax system and, in some respects, burdensome bureaucracy.