Introduction

The aim of the Artificial intelligence in education – legislation and recommendations material is to assist the providers of early childhood education and care (ECEC), general education and vocational education and training (VET) (for the sake of simplicity, all of these are hereinafter referred to as education providers) in the development of artificial intelligence (AI) competence and promote the responsible, safe and innovative use of AI. The material includes obligations based on legislation, general recommendations and related background material. The material was drawn up in cooperation between the Ministry of Education and Culture and the Finnish National Agency for Education and is part of the implementation of Finland's Digital Compass.

The material uses the term artificial intelligence (AI) to refer to AI both in general and broadly as a phenomenon and technology. The term AI system is used when referring to the systems, services and applications of education providers that utilise AI. The term generative AI is used in sections that only apply to generative AI. The background material covers various themes, but should be examined as a whole despite this.

The rapid development of AI and the proliferation of AI applications also require education professionals to develop pedagogy, the objectives and content of teaching, learning support and the assessment of learning and competence.  Data, automated decision-making and machine learning are widely used in social media, the banking and financial sector, the press, search services and hybrid influence activities, among others. Technologies utilising AI and the phenomena that they give rise to may also affect the democracy and freedom of expression of societies through automated censorship and provision of information, for example. As AI becomes more common, ways of learning and understanding of information and knowledge will change, but this development will not eliminate the need to learn to read, calculate or master the core content of different subjects, for example.  

Understanding how does AI works and perceiving its impacts are prerequisites for the responsible, safe and innovative use of AI. They also enable the critical assessment of the potential applications and limitations of AI and comprehensive reflection on its benefits and negative impacts. The suitability and potential negative impacts of using AI should be assessed in various situations. In addition, It is important to see AI as a subject of learning in itself. Learners should be provided with support to develop their AI literacy and AI skills and be critical of AI outputs, taking into account their age and learning goals. When deploying AI systems, it must be ensured that the users have sufficient understanding and ability to interpret and critically assess the outputs generated by AI.  

The Artificial intelligence in education – legislation and recommendations material will be kept updated in response to the rapid development of AI technologies and their constantly increasing applications in different areas of society. The material can also be refined as more research data and practical experience are obtained on the use of AI in education. 

General principles 

  1. Education providers are tasked with outlining the use of AI in their own organisations’ operations, such as the administration of studies, teaching, studies and guidance. Education providers are also tasked with assessing the need for staff training and guidance.
  2. Education providers are responsible for the compliance of the AI systems that they provide or have procured for use in their operations. Education providers must assess the obligations imposed by legislation (including the AI Act, the General Data Protection Regulation, the Data Protection Act, the Copyright Act, the Act on Information Management in Public Administration, the Administrative Procedure Act, the Act on the Provision of Digital Services, procurement legislation, the Non-Discrimination Act, the Act on Equality between Women and Men and applicable legislation on education and training, such as the Act on Early Childhood Education and Care, the Act on Primary and Secondary Education, the Act on General Upper Secondary Education, the Act on Vocational Education and Training, the Act on Preparatory Education Leading to an Upper Secondary Qualification, the Act on Liberal Adult Education and the Act on Basic Education in the Arts) and how they are taken into account in practical implementations.  
  3. The use of AI must be in line with the national core curricula and qualification requirements, local curricula drawn up based on them and other statutory tasks of education providers.
  4. When using AI, education providers must ensure that learners are not subjected to marketing, advertising, ideological manipulation or to content or methods detrimental to the learners’ growth and development. Education providers must also take into account any age limits for services and applications utilising AI imposed by legislation or terms of use.
  5. As part of the deployment of AI systems, education providers must assess whether a deployment constitutes a procurement subject to procurement legislation and whether local procurement guidelines should be applied. Education providers must plan and prepare in advance operating instructions on how various AI systems can be deployed locally, how their compliance is ensured and how the process is reliably documented.
  6. Education providers must actively promote equality and non-discrimination in their operations and ensure that the use of artificial intelligence does not result in unlawful discrimination, for example due to algorithmic or data bias.

In terms of the following legislation, the aforementioned principles mean that e.g.: 

AI Act 

7. When planning the deployment of AI systems, education providers must assess whether the AI systems to be deployed fall within the scope of the EU AI Act. If the AI Act applies, the education provider must define the ways in which the system is used and determine its risk level. Based on the risk level, the education provider must then determine the obligations associated with the deployment of the system and plan their implementation.

8. Education providers that use AI systems subject to the AI Act must take measures to ensure, to their best extent, a sufficient level of AI literacy of their staff. 

Data protection, information security and information management 

9. When considering the deployment of AI systems, education providers must verify that the system's data protection, information security and information management comply with legislative requirements. This verification process must be documented and carried out before the deployment of the system. The system must comply with the requirements until it is decommissioned. The verification process must take into account the education provider's obligation to carry out a data protection impact assessment and the prior consultation of the data protection authority in the cases mentioned in legislation.  

10. Education providers must instruct their staff and learners that they are not allowed to enter confidential or non-public information or personal data into an AI system until it has been verified that the system is an environment that meets the requirements for data protection, information security and information management. Such information and data include names, personal identity codes, verbal assessments of learners, pedagogical documents, health information and information related to religious beliefs. It is important to note that the concept of personal data is broad and also covers things such as images and the voice of the learner (such as speech or singing) when the image or voice can be linked to the learner. AI systems may also collect a wide range of data on their users and the use of the system (including through monitoring technologies), which are classified as personal data.  

11. Education providers must ensure that their staff and learners are informed of the processing of personal data in a concise, transparent, easily understandable and clear format, taking into account the needs and age of the target group. 

Copyright 

12. The Copyright Act (including its provisions concerning education) also applies to the educational use of AI applications. Education providers are obliged to take copyright issues into account in the procurement, deployment and governance of AI applications and systems and in staff guidelines.  

13. Using copyrighted works to train AI without the copyright holder’s permission is prohibited. Content that is not protected by copyright and open content whose use is not subject to conditions can be entered into AI applications. There is plenty of copyright-free material (such as CC0-licensed material) available that is suitable for the educational use and training of AI.

14. Content generated by AI is generally not protected by copyright because it does not meet the criteria for human creative work. The final content should be primarily created by humans and exceed the threshold of originality in order to obtain copyright protection.

Back to top

  1. Education providers should ensure that the use in teaching of the AI systems that they choose to deploy is pedagogically justified and contributes to the objectives set out in national core curricula and qualification requirements.  
  2. It is important for the users of AI systems, such as staff and learners, to be provided with sufficient training for the responsible use of AI.
  3. The use of AI in education providers’ operations should be as open and transparent as possible. Staff and learners should be informed of any use of AI.
  4. Education providers should consider sustainability perspectives in the deployment of AI systems and provide instructions on their use so that aspects such as energy consumption and social and economic sustainability are taken into account.
  5. Education providers should require the providers of AI systems to provide reliable analysis of their AI systems’s algorithmic and data biases and possible misinterpretations so that any bias and misintepretations are identified and the outputs of the AI can be interpreted accordingly. This analysis should be demanded in good time before the deployment of the system and it should be kept updated during the use of the AI system.
  6. Education providers should take into account the risks arising from overreliance on AI or the use of AI without critical assessment. Education providers should also pay attention to appropriate risk management, especially if the aim is to use AI as part of critical systems or functions.
  7. The use, development and procurement of learning analytics systems must also adhere to the instructions and guidelines of the Framework for Learning Analytics.  
  8. Education providers should include copyright issues in their guidelines on the use of AI in teaching. 
Back to top

General principles 

  1. The hardware and AI systems used in education, such as services and applications that utilise AI, are provided by the education provider. Staff cannot require learners to register or create personal user accounts for services or applications that are not provided by the education provider, nor can learners be required to purchase access rights to such services or applications.  
  2. If AI is used as an aid in the assessment, the assessment of competence and learning must adhere to the national core curriculum or qualification requirements of the level of education in question and take account of the fact that such use may be classified as high-risk under the AI Act and thus be subject to additional obligations related to deployment under the AI Act. Even if AI is utilised as an aid in the assessment process, the decisions related to assessment must be made by the person responsible for assessment and cannot be outsourced to AI. 

Data protection, information security and information management 

3. Staff must refer to the instructions issued by the education provider to determine what information is allowed to be stored in or entered into AI systems. Entering material containing confidential or non-public information or personal data into an AI system is not allowed until the education provider has verified that the system is an environment that meets the requirements for data protection, information security and information management. Such information and data include names, personal identity codes, verbal assessments of learners, pedagogical documents, health information and information related to religious beliefs. It is important to note that the concept of personal data is broad and also covers things such as images and the voice of the learner (such as speech or singing) when the image or voice can be linked to the learner. AI systems may also collect a wide range of data on their users and the use of the system (including through monitoring technologies), which are classified as personal data.

4. The users of an AI system, meaning the staff of the education provider, must have an understanding of the openness and confidentiality of the data being processed and of the types of AI services and applications in which the data are safe to process.  

Copyright

5. Using copyrighted works to train AI without the copyright holder’s permission is prohibited. Content that is not protected by copyright and open content whose use is not subject to conditions can be entered into AI applications. There is plenty of copyright-free material (such as CC0-licensed material) available that is suitable for the educational use and training of AI.

6. Content generated by AI is generally not protected by copyright because it does not meet the criteria for human creative work. The final content should be primarily created by humans and exceed the threshold of originality in order to obtain copyright protection. 

Back to top

  1. Staff should only use AI systems approved by the education provider.
  2. The use of AI should be pedagogically justified and contribute to the objectives of national core curricula and qualification requirements.  
  3. The use of AI in education providers’ operations should be as open and transparent as possible. Staff and learners should be informed of any use of AI.
  4. Teachers and other staff should agree with learners on the principles for the use of AI in studies. The use should be transparent and ethical, and it is important that learners receive sufficiently clear instructions on the use of AI. If it is agreed that AI will not be used, learners should be informed in advance of the consequences of using AI.  
  5. When using AI systems in education, it should be ensured that all users, such as learners and staff, have a sufficient understanding and the ability to interpret and critically assess the outputs generated by AI.
  6. The possible misinterpretations and bias in AI and their impacts should be taken into account in the use of AI. AI misinterpreatation and bias should also be discussed with learners.  
  7. Regardless of the AI systems used, their use should provide added value to teachers, learners or both and support learning, competence and development, including the development of learners’ AI literacy. 
Back to top