1 Legal and enforcement framework

1.1 In broad terms, which legislative and regulatory provisions govern AI in your jurisdiction?

As yet, there are no specific regulations on AI in Denmark. Hence, ordinary legislation (eg, data protection laws) and legal principles apply, either directly or by way of analogy or interpretation.

1.2 How is established or ‘background' law evolving to cover AI in your jurisdiction?

Established or ‘background' law plays an important role in Denmark, in particular within civil law areas – such as contracts and torts law – which are important in relation to AI. Thus, although there is no case law as yet, background law will most likely evolve to cover AI before statutory rules are adopted.

With effect for financial years beginning on or after 1 January 2021, certain types of companies must supplement their management report with a statement on data ethics in accordance with the Financial Statements Act.

Data ethics complements companies' processing of personal data and is generally understood as "responsible and sustainable use of data and to create transparency in the company's data management. Data ethics is not just a matter of complying with the law, but is about treating other people's data with respect and doing the right thing, even when no one is looking" (Danish Companies Guide, Danish Business Authority). The responsible, sustainable and transparent use of data includes its use relation to AI.

The following companies are subject to this obligation:

  • large companies in accounting Class C are subject to this obligation if, in two consecutive financial years, they exceed at least two of the following limits:
    • a balance-sheet total of DKK 156 million;
    • net revenue of DKK 313 million; and
    • an average number of full-time employees during the financial year of at least 250;
  • companies in accounting class D – that is, listed companies and public limited companies, regardless of their size; and
  • financial institutions with more than 500 employees, listed financial institutions and life insurance companies, as well as their holding companies.

To fulfil the reporting requirements, the management must apply the ‘comply or explain' principle in its report – that is, it must either report on the company's data ethics policy or justify why the company has opted out of adopting such a policy.

1.3 Is there a general duty in your jurisdiction to take reasonable care (like the tort of negligence in the United Kingdom) when using AI?

Not as yet, but such duty might very well be established by way of interpretation.

Professional IT providers are subject to an enhanced liability standard which will also apply in respect of AI. Accordingly, when determining whether a professional provider of AI products and services has acted negligently, this will be assessed within the context of how a prudent professional provider of similar services would have acted.

1.4 For robots and other mobile AI, is the general law (eg, in the United Kingdom, the torts of nuisance and ‘escape' and (statutory) strict liability for animals) applicable by analogy in your jurisdiction?

Yes – see question 1.1.

1.5 Do any special regimes apply in specific areas?

No – see question 1.1.

1.6 Do any bilateral or multilateral instruments have relevance in the AI context?

Not directly, but various bilateral and multilateral instruments may, by way of interpretation, have relevance in the AI context – for example, with regard to IP rights and trade agreements.

1.7 Which bodies are responsible for enforcing the applicable laws and regulations? What powers do they have?

In Denmark, there is no single authority or body responsible for AI. If a question pertaining to the regulation of AI arises, the authority that administers that particular regulation (eg, the Danish Data Protection Agency with respect to the General Data Protection Regulation) will enforce that regulation subject to its normal powers.

1.8 What is the general regulatory approach to AI in your jurisdiction?

Please see question 1.1.

2 AI market

2.1 Which AI applications have become most embedded in your jurisdiction?

A number of applications are being used in Denmark and new ones are fast emerging. Machine learning, robotics, natural language processing and virtual agents seem to have become the most embedded applications in Denmark currently.

2.2 What AI-based products and services are primarily offered?

AI-based products and services used to make predictions and automation. Predictions can cover almost everything, from market trends, customer behaviour and maintenance needs to energy consumption, diseases and diagnoses, traffic patterns, insurance fraud and crime prevention. Likewise, AI-based automation may cover a broad variety of products and services, from customer service and financial planning to management and optimisation of production, supply chain and business and administrative processes.

2.3 How are AI companies generally structured?

AI companies are generally structured as either:

  • small start-ups (which are often geographically located in clusters with other tech start-ups and next to a university); or
  • divisions in or separate entities of large and well-established companies.

2.4 How are AI companies generally financed?

AI companies are generally financed by private funds provided by investors, business angels and financial institutions, or the founders' own savings. However, the Danish government's national strategy for AI (2019) provides for public investment of approximately €10 million in AI companies. Other, more general public funding financing support schemes also exist.

2.5 To what extent is the state involved in the uptake and development of AI?

In addition to the means of financial support discussed in question 2.4, the state is involved in the uptake and development of AI through many projects carried out within the public sector itself – for example, in the healthcare, energy and transportation sectors – as well as through research projects at universities (which are publicly owned in Denmark).

3 Sectoral perspectives

3.1 How is AI currently treated in the following sectors from a regulatory perspective in your jurisdiction and what specific legal issues are associated with each: (a) Healthcare; (b) Security and defence; (c) Autonomous vehicles; (d) Manufacturing; (e) Agriculture; (f) Professional services; (g) Public sector; and (h) Other?

(a) Healthcare

Thus far, there is no special regulation of AI in the healthcare sector, so the ordinary rules and regulations will apply. The most significant legal issues are data protection and privacy issues. Issues relating to the ownership of IP rights may also arise.

(b) Security and defence

Thus far, there is no special regulation of AI in respect of security and defence, so the ordinary rules and regulations will apply. The most significant legal issues are data protection and privacy issues. Issues relating to the ownership of IP rights may also arise.

(c) Autonomous vehicles

Thus far, there is no special regulation of AI with regard to autonomous vehicles, so the ordinary rules and regulations will apply. The most significant legal issues are product liability, tort, data protection and privacy issues. Issues relating to the ownership of IP rights may also arise.

(d) Manufacturing

Thus far, there is no special regulation of AI with regard to manufacturing, so the ordinary rules and regulations will apply. The most significant legal issues are product liability, tort, data protection and privacy issues. Issues relating to the ownership of IP rights may also arise.

(e) Agriculture

Thus far, there is no special regulation of AI in the agricultural sector, so the ordinary rules and regulations will apply. The most significant legal issues are environmental law issues, product liability issues and compliance issues relating to food production regulation. Issues relating to the ownership of IP rights may also arise.

(f) Professional services

Thus far, there is no special regulation of AI in the professional services sector, so the ordinary rules and regulations will apply. The most significant legal issues are tort liability, data protection and privacy issues. Issues relating to the ownership of IP rights may also arise.

(g) Public sector

Thus far, there is no special regulation of AI in the public sector, so the ordinary rules and regulations will apply. The most significant legal issues are data protection and privacy issues, as well as issues relating to compliance with general rules and principles of administrative law. Issues relating to the ownership of IP rights may also arise.

(h) Other

N/A.

4 Data protection and cybersecurity

4.1 What is the applicable data protection regime in your jurisdiction and what specific implications does this have for AI companies and applications?

The Danish data protection regime consists primarily of the General Data Protection Regulation (GDPR) and the Data Protection Act (502 of 23 May 2018). As AI encompasses a variety of issues regarding data protection (eg, with respect to basic processing principles, the legal basis for processing, data subjects' rights, security), the data protection regime will have significant implications for AI companies and applications.

4.2 What is the applicable cybersecurity regime in your jurisdiction and what specific implications does this have for AI companies and applications?

The Danish cybersecurity regime primarily consists of the EU cybersecurity regime, including the Network and Information Security Directive (2016/1148/EU) and cybersecurity provisions in the EU telecommunications regulations, and the GDPR. Various national rules have also been adopted. As AI challenges cybersecurity in many respects, these rules are vital for AI companies and applications.

5 Competition

5.1 What specific challenges or concerns does the development and uptake of AI present from a competition perspective? How are these being addressed?

From a competition perspective, AI can be used to achieve, or can result in, a restriction of competition in violation of competition law – for example, by using AI tools and applications in a way that constitutes abuse of a dominant position. The competition law aspects of AI are being debated in Denmark, although thus far this has resulted in no specific regulatory initiatives.

6 Employment

6.1 What specific challenges or concerns does the development and uptake of AI present from an employment perspective? How are these being addressed?

The use of AI by employers vis-à-vis employees – for example, for recruitment, control or monitoring purposes – may present challenges from an employment law perspective. These concerns are being debated in Denmark, although thus far this has resulted in no specific regulatory initiatives.

7 Data manipulation and integrity

7.1 What specific challenges or concerns does the development and uptake of AI present with regard to data manipulation and integrity? How are they being addressed?

AI may lead to the collection and creation of huge amounts of data which are difficult to manage, control and protect, thus also increasing the risk of data being manipulated and compromised by unauthorised third parties. The Danish government's national strategy for AI (2019) highlights as a basic principle that companies and businesses, when applying AI, should emphasise responsibility, security and transparency. The rules on data protection and cybersecurity (see question 4) aim, among other things, to prevent data manipulation and breach of data integrity.

8 AI best practice

8.1 There is currently a surfeit of ‘best practice' guidance on AI at the national and international level. As a practical matter, are there one or more particular AI best practice approaches that are widely adopted in your jurisdiction? If so, what are they?

To our knowledge, thus far there are no widely adopted AI best practices in Denmark.

8.2 What are the top seven things that well-crafted AI best practices should address in your jurisdiction?

  • Accountability;
  • Reliability;
  • Transparency;
  • Respect for individuals' fundamental rights;
  • Non-discrimination;
  • Data ethics; and
  • Proportionality.

8.3 As AI becomes ubiquitous, what are your top tips to ensure that AI best practice is practical, manageable, proportionate and followed in the organisation?

Compliance with the principles outlined in question 8.2.

9 Other legal issues

9.1 What risks does the use of AI present from a contractual perspective? How can these be mitigated?

As yet, there is no specific regulation of AI; as a result, most legal issues must be described and determined by contract, where possible. The primary risk from a contractual perspective is poor contracting practice, which may lead to issues such as:

  • vague or missing definitions;
  • unclear descriptions of scope and purpose;
  • uncertainty with regard to the division of rights and obligations; and
  • unclear or deficient clauses regarding vital issues such as liability, indemnification, data protection, security and ownership of IP rights.

These risks can be mitigated by the development of model and standard contracts for dealing with AI issues.

9.2 What risks does the use of AI present from a liability perspective? How can these be mitigated?

With regard to liability from a contractual perspective, see question 9.1. With regard to liability issues where no contractual relationship exists, the general rules on product liability and torts law will apply. If these rules turn out to be insufficient to resolve the liability issues that arise from the use of AI, special regulations targeted at AI will have to be adopted. Such regulations will need to address the most pressing liability problems relating to the use of AI: who is to be held liable and on what basis?

9.3 What risks does the use of AI present with regard to potential bias and discrimination? How can these be mitigated?

The use of AI entails a risk of data being subject to bias and discrimination, especially if this data is subsequently used for decision making. This risk can be mitigated by establishing clear and transparent principles on the use of AI (see question 8.2).

10 Innovation

10.1 How is innovation in the AI space protected in your jurisdiction?

By the normal regulatory regime – that is, patent law, copyright law, the law on trade secrets and so on.

10.2 How is innovation in the AI space incentivised in your jurisdiction?

Primarily by public funding schemes. The Danish government's national strategy for AI (2019) provides for public investment of approximately €10 million in AI companies. Other, more general public funding financing support schemes also exist.

11 Talent acquisition

11.1 What is the applicable employment regime in your jurisdiction and what specific implications does this have for AI companies?

The employment regime in Denmark consists of a number of regulations in combination with general principles of the law of obligations. None of these regulations includes provisions which target AI in particular; but the legislation on employee inventions (Consolidated Act 104 of 24 January 2012) entitles employees to fair remuneration for inventions made in the course of their employment.

11.2 How can AI companies attract specialist talent from overseas where necessary?

Danish law contains no regulations aimed in particular at attracting AI specialists from overseas.

12 Trends and predictions

12.1 How would you describe the current AI landscape and prevailing trends in your jurisdiction? Are any new developments anticipated in the next 12 months, including any proposed legislative reforms?

According to several surveys, Denmark enjoys a strong position in the AI sphere, compared to many other European countries. Denmark has long been a frontrunner in digitalisation; and its sophisticated educational system and strong tradition of collaboration between the state, the private sector and universities provide a solid basis for creating a flourishing AI landscape.

No specific legislative reforms have been proposed, but the Danish government's national strategy for AI (2019) underlines Denmark's strong focus on AI now and in the immediate future.

13 Tips and traps

13.1 What are your top tips for AI companies seeking to enter your jurisdiction and what potential sticking points would you highlight?

  • Avail of all the benefits that a rich, well-organised welfare society with a well-educated, internationally oriented workforce can offer.
  • Learn to live with the tax system and, in some respects, burdensome bureaucracy.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.