Sergio Genovesi,Julia Maria Mönig,Anna Schmitz,Maximilian Poretschkin,Maram Akila,Manoj Kahdan,Romina Kleiner,Lena Krieger,Alexander Zimmermann

DOI: https://doi.org/10.1007/s43681-023-00291-8

2023-05-08

AI and Ethics

Abstract:Abstract In the current European debate on the regulation of Artificial Intelligence there is a consensus that Artificial Intelligence (AI) systems should be fair. However, the multitude of existing indicators allowing an AI system to be labeled as “(un)fair” and the lack of standardized, application field specific criteria to choose among the various fairness-evaluation methods makes it difficult for potential auditors to arrive at a final, consistent judgment. Focusing on a concrete use case in the application field of finance, the main goal of this paper is to define standardizable minimal ethical requirements for AI fairness-evaluation. For the applied case of creditworthiness assessment for small personal loans, we highlighted specific distributive and procedural fairness issues inherent either to the computing process or to the system’s use in a real-world scenario: (1) the unjustified unequal distribution of predictive outcome; (2) the perpetuation of existing bias and discrimination practices; (3) the lack of transparency concerning the processed data and of an explanation of the algorithmic outcome for credit applicants. We addressed these issues proposing minimal ethical requirements for this specific application field: (1) regularly checking algorithmic outcome through the conditional demographic parity metric; (2) excluding from the group of processed parameters those that could lead to discriminatory outcome; (3) guaranteeing transparency about the processed data, in addition to counterfactual explainability of algorithmic decisions. Defining these minimal ethical requirements represents the main contribution of this paper and a starting point toward standards specifically addressing fairness issues in AI systems for creditworthiness assessments aiming at preventing unfair algorithmic outcomes, in addition to unfair practices related to the use of these systems. As a final result, we indicate the next steps that can be taken to begin the standardization of the three use case-specific fairness requirements we propose.

Bryce Goodman,Seth Flaxman

DOI: https://doi.org/10.1609/aimag.v38i3.2741

2016-08-31

Abstract:We summarize the potential impact that the European Union's new General Data Protection Regulation will have on the routine use of machine learning algorithms. Slated to take effect as law across the EU in 2018, it will restrict automated individual decision-making (that is, algorithms that make decisions based on user-level predictors) which "significantly affect" users. The law will also effectively create a "right to explanation," whereby a user can ask for an explanation of an algorithmic decision that was made about them. We argue that while this law will pose large challenges for industry, it highlights opportunities for computer scientists to take the lead in designing algorithms and evaluation frameworks which avoid discrimination and enable explanation.

Machine Learning,Computers and Society

Philippe Besse,Celine Castets-Renard,Aurelien Garivier,Jean-Michel Loubes

DOI: https://doi.org/10.48550/arXiv.1810.01729

2018-10-03

Abstract:Combining big data and machine learning algorithms, the power of automatic decision tools induces as much hope as fear. Many recently enacted European legislation (GDPR) and French laws attempt to regulate the use of these tools. Leaving aside the well-identified problems of data confidentiality and impediments to competition, we focus on the risks of discrimination, the problems of transparency and the quality of algorithmic decisions. The detailed perspective of the legal texts, faced with the complexity and opacity of the learning algorithms, reveals the need for important technological disruptions for the detection or reduction of the discrimination risk, and for addressing the right to obtain an explanation of the auto- matic decision. Since trust of the developers and above all of the users (citizens, litigants, customers) is essential, algorithms exploiting personal data must be deployed in a strict ethical framework. In conclusion, to answer this need, we list some ways of controls to be developed: institutional control, ethical charter, external audit attached to the issue of a label.

Other Statistics,Artificial Intelligence

Jakob Mokander,Prathm Juneja,David Watson,Luciano Floridi

DOI: https://doi.org/10.1007/s11023-022-09612-y

2024-07-07

Abstract:On the whole, the U.S. Algorithmic Accountability Act of 2022 (US AAA) is a pragmatic approach to balancing the benefits and risks of automated decision systems. Yet there is still room for improvement. This commentary highlights how the US AAA can both inform and learn from the European Artificial Intelligence Act (EU AIA).

Computers and Society,Artificial Intelligence

Sébastien Fassiaux

DOI: https://doi.org/10.1017/err.2023.58

2023-08-05

European Journal of Risk Regulation

Abstract:Personal autonomy is at the core of liberal societies, and its preservation has been a focus of European Union (EU) consumer and data protection law. Professionals increasingly use artificial intelligence in consumer markets to shape user preferences and influence their behaviours. This paper focuses on the long-term impact of artificial intelligence on consumer autonomy by studying three specific commercial practices: (1) dark patterns in user interfaces; (2) behavioural advertising; and (3) personalisation through recommender systems. It explores whether and to what extent EU regulation addresses the risks to consumer autonomy of using artificial intelligence in markets in the long term. It finds that new EU regulation does bring novelties to protect consumer autonomy in this context but fails to sufficiently consider the long-term consequences of autonomy capture by professionals. Finally, the paper makes several proposals to integrate the long-term risks affecting consumer autonomy in EU consumer and data protection regulation. It does so through an interdisciplinary approach, drawing from legal research and findings in the study of long-term thinking, philosophy and ethics and computer science.

Philipp Hacker,Johann Cordes,Janina Rochon

DOI: https://doi.org/10.1017/err.2023.81

2023-12-13

European Journal of Risk Regulation

Abstract:Artificial intelligence (AI) is not only increasingly being used in business and administration contexts, but a race for its regulation is also underway, with the European Union (EU) spearheading the efforts. Contrary to existing literature, this article suggests that the most far-reaching and effective EU rules for AI applications in the digital economy will not be contained in the proposed AI Act, but in the Digital Markets Act (DMA). We analyse the impact of the DMA and related EU acts on AI models and underlying data across four key areas: disclosure requirements; the regulation of AI training data; access rules; and the regime for fair rankings. We demonstrate that fairness, under the DMA, goes beyond traditionally protected categories of non-discrimination law on which scholarship at the intersection of AI and law has focused on. Rather, we draw on competition law and the FRAND criteria known from intellectual property law to interpret and refine the DMA provisions on fair rankings. Moreover, we show how, based on Court of Justice of the European Union jurisprudence, a coherent interpretation of the concept of non-discrimination in both traditional non-discrimination and competition law may be found. The final section sketches out proposals for a comprehensive framework of transparency, access and fairness under the DMA and beyond.

Umut Turksen,Vladlena Benson,Bogdan Adamyk

DOI: https://doi.org/10.1057/s41261-024-00233-2

2024-02-07

Journal of Banking Regulation

Abstract:The fast-paced advances of technology, including artificial intelligence (AI) and machine learning (ML), continue to create new opportunities for banks and other financial institutions. This study reveals the barriers to trust in AI by prudential banking supervisors (compliance with regulations). We conducted a qualitative study on the drivers for adoption of explainability technologies that increase transparency and understanding of complex algorithms (some of the underpinning legal principles in the proposed EU AI Act). By using human-centred and ethics-by-design methods coupled with interviews of the key stakeholders from Eastern European private and public banks and IT AI/ML developers, this research has identified the key challenges concerning the employment of AI algorithms. The results indicate a conflicting view of AI barriers whilst revealing the importance of AI/ML systems in banks, the growing willingness of banks to use such systems more widely, and the problematic aspects of implementing AI/ML systems related to their cost and economic efficiency. Keeping up with the complex regulation requirements comes at a significant cost to banks and financial firms. The focus of the empirical study, stakeholders in Ukraine, Estonia and Poland, was chosen because of the fact that there has been a sharp increase in the adoption of AI/ML models in this jurisdiction in the context of its war with Russia and the ensuing sanctions regime. While the "leapfrogging" AI/ML paths in each bank surveyed had its own drivers and challenges, these insights provide lessons for banks in other European jurisdictions. The analysis of four criminal cases brought against top banks and conclusions of the study indicate that the increase in predicate crimes for money laundering, constantly evolving sanctions regime along with the enhanced scrutiny and enforcement action against banks are hindering technology innovation and legal implications of using AI driven tools for compliance.

Alessandra Silveira

DOI: https://doi.org/10.21814/unio.8.2.4842

2023-04-30

Abstract:Automated decision-making and profiling are finally being considered before the Court of Justice of the European Union (CJEU). Article 22 GDPR states that “the data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her” – but its provisions raise many doubts to the legal doctrine – and to the referring court in the SCHUFA case. The problem with this case law lies in the opacity of inferences or predictions resulting from data analysis, particularly by AI systems – inferences whose application to everyday situations determines how each of us, as personal data subjects, are perceived and evaluated by others. The CJEU has the opportunity to assess the existence of legal remedies to challenge operations which result in automated inferences that are not reasonably justified. However, the effectiveness of the application of the GDPR to inferred data faces several obstacles. This has to do with fact that the GDPR was designed for data provided directly by the data subject – and not for data inferred by digital technologies such as AI systems. This is the difficulty behind the Advocate General’s Opinion.

Philipp Hacker,Johann Cordes,Janina Rochon

2023-08-24

Abstract:Artificial intelligence is not only increasingly used in business and administration contexts, but a race for its regulation is also underway, with the EU spearheading the efforts. Contrary to existing literature, this article suggests, however, that the most far-reaching and effective EU rules for AI applications in the digital economy will not be contained in the proposed AI Act - but have just been enacted in the Digital Markets Act. We analyze the impact of the DMA and related EU acts on AI models and their underlying data across four key areas: disclosure requirements; the regulation of AI training data; access rules; and the regime for fair rankings. The paper demonstrates that fairness, in the sense of the DMA, goes beyond traditionally protected categories of non-discrimination law on which scholarship at the intersection of AI and law has so far largely focused on. Rather, we draw on competition law and the FRAND criteria known from intellectual property law to interpret and refine the DMA provisions on fair rankings. Moreover, we show how, based on CJEU jurisprudence, a coherent interpretation of the concept of non-discrimination in both traditional non-discrimination and competition law may be found. The final part sketches specific proposals for a comprehensive framework of transparency, access, and fairness under the DMA and beyond.

Computers and Society,Artificial Intelligence

Noelia Collado-Rogriguez,Uta Kohl

DOI: https://doi.org/10.1017/9781108891325.010

2021-07-29

Abstract:The most fascinating and profitable subject of predictive algorithms is the human actor. Analysing big data through learning algorithms to predict and pre-empt individual decisions gives a powerful tool to corporations, political parties and the state. Algorithmic analysis of digital footprints, as an omnipresent form of surveillance, has already been used in diverse contexts: behavioural advertising, personalised pricing, political micro-targeting, precision medicine, and predictive policing and prison sentencing. This volume brings together experts to offer philosophical, sociological, and legal perspectives on these personalised data practices. It explores common themes such as choice, personal autonomy, equality, privacy, and corporate and governmental efficiency against the normative frameworks of the market, democracy and the rule of law. By offering these insights, this collection on data-driven personalisation seeks to stimulate an interdisciplinary debate on one of the most pervasive, transformative, and insidious socio-technical developments of our time.

Júlio César Parente Patrocínio,Débora Barreto Santana de Andrade

DOI: https://doi.org/10.51799/2763-8685v3n2005

2023-12-01

Latin American Journal of European Studies

Abstract:The concept of artificial intelligence has been developed since the beginning of computing in the 1950s, and, since the 2010s, it has advanced more quickly, contributing to various applications. Artificial intelligence applications bring benefits and uses to various social sectors and activities. It improves optimisation and efficiency of factories and companies, diagnosis and treatment of diseases and disabilities, automating activities, operation of social networks and e-commerce platforms, and viability of autonomous cars. It is also present in the operationalization of banks, pharmacies, military forces, education system, among many others. However, along with benefits, artificial intelligence has also generated risks for society and, consequently, litigation. These disputes have been submitted to courts in different countries, generating discussions about specific regulations. In this sense, this article aims to analyse cases involving artificial intelligence in using data, biometric monitoring, algorithmic recommendation and decision-making discussed in European judicial and administrative lawsuits, as well as study the three main European Union regulations which approach that theme: the General Data Protection Regulation, the Digital Services Act, and the Artificial Intelligence Act Proposal.

English Else

Philipp Hacker

2023-07-29

Abstract:As ChatGPT et al. conquer the world, the optimal liability framework for AI systems remains an unsolved problem across the globe. In a much-anticipated move, the European Commission advanced two proposals outlining the European approach to AI liability in September 2022: a novel AI Liability Directive and a revision of the Product Liability Directive. They constitute the final cornerstone of EU AI regulation. Crucially, the liability proposals and the EU AI Act are inherently intertwined: the latter does not contain any individual rights of affected persons, and the former lack specific, substantive rules on AI development and deployment. Taken together, these acts may well trigger a Brussels Effect in AI regulation, with significant consequences for the US and beyond. This paper makes three novel contributions. First, it examines in detail the Commission proposals and shows that, while making steps in the right direction, they ultimately represent a half-hearted approach: if enacted as foreseen, AI liability in the EU will primarily rest on disclosure of evidence mechanisms and a set of narrowly defined presumptions concerning fault, defectiveness and causality. Hence, second, the article suggests amendments, which are collected in an Annex at the end of the paper. Third, based on an analysis of the key risks AI poses, the final part of the paper maps out a road for the future of AI liability and regulation, in the EU and beyond. This includes: a comprehensive framework for AI liability; provisions to support innovation; an extension to non-discrimination/algorithmic fairness, as well as explainable AI; and sustainability. I propose to jump-start sustainable AI regulation via sustainability impact assessments in the AI Act and sustainable design defects in the liability regime. In this way, the law may help spur not only fair AI and XAI, but potentially also sustainable AI (SAI).

Computers and Society,Artificial Intelligence,Machine Learning

Martin Kretschmer,Tobias Kretschmer,Alexander Peukert,Christian Peukert

DOI: https://doi.org/10.48550/arXiv.2311.14684

2023-11-03

Computers and Society

Abstract:The development and regulation of multi-purpose, large "foundation models" of AI seems to have reached a critical stage, with major investments and new applications announced every other day. Some experts are calling for a moratorium on the training of AI systems more powerful than GPT-4. Legislators globally compete to set the blueprint for a new regulatory regime. This paper analyses the most advanced legal proposal, the European Union's AI Act currently in the stage of final "trilogue" negotiations between the EU institutions. This legislation will likely have extra-territorial implications, sometimes called "the Brussels effect". It also constitutes a radical departure from conventional information and communications technology policy by regulating AI ex-ante through a risk-based approach that seeks to prevent certain harmful outcomes based on product safety principles. We offer a review and critique, specifically discussing the AI Act's problematic obligations regarding data quality and human oversight. Our proposal is to take liability seriously as the key regulatory mechanism. This signals to industry that if a breach of law occurs, firms are required to know in particular what their inputs were and how to retrain the system to remedy the breach. Moreover, we suggest differentiating between endogenous and exogenous sources of potential harm, which can be mitigated by carefully allocating liability between developers and deployers of AI technology.

Hannah B van Kolfschooten

DOI: https://doi.org/10.1093/medlaw/fwae029

2024-08-01

Abstract:As the use of Artificial Intelligence (AI) technologies in healthcare is expanding, patients in the European Union (EU) are increasingly subjected to automated medical decision-making. This development poses challenges to the protection of patients' rights. A specific patients' right not to be subject to automated medical decision-making is not considered part of the traditional portfolio of patients' rights. The EU AI Act also does not contain such a right. The General Data Protection Regulation (GDPR) does, however, provide for the right 'not to be subject to a decision based solely on automated processing' in Article 22. At the same time, this provision has been severely critiqued in legal scholarship because of its lack of practical effectiveness. However, in December 2023, the Court of Justice of the EU first provided an interpretation of this right in C-634/21 (SCHUFA)-although in the context of credit scoring. Against this background, this article provides a critical analysis of the application of Article 22 GDPR to the medical context. The objective is to evaluate whether Article 22 GDPR may provide patients with the right to refuse automated medical decision-making. It proposes a health-conformant reading to strengthen patients' rights in the EU.

Nicholas Schmidt,Bryce Stephens

DOI: https://doi.org/10.48550/arXiv.1911.05755

2019-11-09

Abstract:There is substantial evidence that Artificial Intelligence (AI) and Machine Learning (ML) algorithms can generate bias against minorities, women, and other protected classes. Federal and state laws have been enacted to protect consumers from discrimination in credit, housing, and employment, where regulators and agencies are tasked with enforcing these laws. Additionally, there are laws in place to ensure that consumers understand why they are denied access to services and products, such as consumer loans. In this article, we provide an overview of the potential benefits and risks associated with the use of algorithms and data, and focus specifically on fairness. While our observations generalize to many contexts, we focus on the fairness concerns raised in consumer credit and the legal requirements of the Equal Credit and Opportunity Act. We propose a methodology for evaluating algorithmic fairness and minimizing algorithmic bias that aligns with the provisions of federal and state anti-discrimination statutes that outlaw overt, disparate treatment, and, specifically, disparate impact discrimination. We argue that while the use of AI and ML algorithms heighten potential discrimination risks, these risks can be evaluated and mitigated, but doing so requires a deep understanding of these algorithms and the contexts and domains in which they are being used.

Computers and Society,Machine Learning

Janos Meszaros,Jusaku Minari,Isabelle Huys

DOI: https://doi.org/10.3389/fgene.2022.927721

IF: 3.7

2022-10-05

Frontiers in Genetics

Abstract:Despite its promising future, the application of artificial intelligence (AI) and automated decision-making in healthcare services and medical research faces several legal and ethical hurdles. The European Union (EU) is tackling these issues with the existing legal framework and drafting new regulations, such as the proposed AI Act. The EU General Data Protection Regulation (GDPR) partly regulates AI systems, with rules on processing personal data and protecting data subjects against solely automated decision-making. In healthcare services, (automated) decisions are made more frequently and rapidly. However, medical research focuses on innovation and efficacy, with less direct decisions on individuals. Therefore, the GDPR's restrictions on solely automated decision-making apply mainly to healthcare services, and the rights of patients and research participants may significantly differ. The proposed AI Act introduced a risk-based approach to AI systems based on the principles of ethical AI. We analysed the complex connection between the GDPR and AI Act, highlighting the main issues and finding ways to harmonise the principles of data protection and ethical AI. The proposed AI Act may complement the GDPR in healthcare services and medical research. Although several years may pass before the AI Act comes into force, many of its goals will be realised before that.

genetics & heredity

John KC Kingston

DOI: https://doi.org/10.48550/arXiv.1809.05762

IF: 14.4

2018-09-15

Artificial Intelligence

Abstract:The General Data Protection Regulation (GDPR) is a European Union regulation that will replace the existing Data Protection Directive on 25 May 2018. The most significant change is a huge increase in the maximum fine that can be levied for breaches of the regulation. Yet fewer than half of UK companies are fully aware of GDPR - and a number of those who were preparing for it stopped doing so when the Brexit vote was announced. A last-minute rush to become compliant is therefore expected, and numerous companies are starting to offer advice, checklists and consultancy on how to comply with GDPR. In such an environment, artificial intelligence technologies ought to be able to assist by providing best advice; asking all and only the relevant questions; monitoring activities; and carrying out assessments. The paper considers four areas of GDPR compliance where rule based technologies and/or machine learning techniques may be relevant: * Following compliance checklists and codes of conduct; * Supporting risk assessments; * Complying with the new regulations regarding technologies that perform automatic profiling; * Complying with the new regulations concerning recognising and reporting breaches of security. It concludes that AI technology can support each of these four areas. The requirements that GDPR (or organisations that need to comply with GDPR) state for explanation and justification of reasoning imply that rule-based approaches are likely to be more helpful than machine learning approaches. However, there may be good business reasons to take a different approach in some circumstances.

K. Yefremova

DOI: https://doi.org/10.37772/2309-9275-2020-1(14)-9

2020-07-03

Law and innovative society

Abstract:Problem setting. Artificial intelligence is rapidly affecting the financial sector with countless potential benefits in terms of improving financial services and compliance. In the financial sector, artificial intelligence algorithms are already trusted to account for transactions, detect fraudulent schemes, assess customer creditworthiness, resource planning and reporting. But the introduction of such technologies entails new risks. Analysis of resent researches and publications. The following scientists were engaged in research of the specified question: D.W. Arner, J. Barberis, R.P. Buckley, Jon Truby, Rafael Brown, Andrew Dahdal, O. A. Baranov, O. V. Vinnyk, I. V. Yakovyuk, A. P. Voloshin, A. O. Shovkun, N.B. Patsuriia. Target of research. The aim of the article is to identify key strategic issues in developing mechanisms to ensure the effective implementation and use of artificial intelligence in the financial services market. Article’s main body. The paper investigates an important scientific and practical problem of legal regulation of artificial intelligence used by financial services market participants. The legal risks associated with the use of artificial intelligence programs in a particular area are considered. The most pressing risks to address targeted AI regulation are fundamental rights, data confidentiality, security and effective performance, and accountability. This article argues that the best way to encourage a sustainable future in AI innovation in the financial sector is to support a proactive regulatory approach prior to any financial harm occurring. This article argues that it would be optimal for policymakers to intervene early with targeted, proactive but balanced regulatory approaches to AI technology in the financial sector that are consistent with emerging internationally accepted principles on AI governance. Conclusions and prospects for the development. The adoption of rational regulations that encourage innovation whilst ensuring adherence to international principles will significantly reduce the likelihood that AI-related risks will develop into systemic problems. Leaving the financial sector only with voluntary codes of practice may encourage experimentation that in turn may result in innovative benefits – but it will definitely render customers vulnerable, institutions exposed and the entire financial system weakened.

Elif Erdemoglu

DOI: https://doi.org/10.1007/978-94-6265-144-9_7

2016-01-01

Abstract:The discussion on the regulation on citizens’ right to privacy grows parallel to the widespread usage and collection of Big Data. This chapter analyses from a law and economics perspective the discussion on the European Union (EU) citizens’ rights to privacy with regards to collection, retention, analysis and transfer of personal data in light of the EU General Data Protection Regulation (GDPR). The GDPR is drafted in coherence with the EU Digital Market Strategy, which aims to create the correct incentives for digital networks and services to flourish by providing trustworthy infrastructure supported by the right regulations. A significant part of achieving this aim would require the EU citizens to trust in using digital services. The GDPR is designed to increase the citizens’ trust to use online and digital services by obliging the service providers to comply with the GDPR. This chapter analyses two key compliance requirements of the GDPR through the economic analysis lens and proposes possible changes to the GDPR in line with the Digital Single Market Strategy of the EU. The scope of this chapter’s analysis is limited to how to cure information asymmetries between the citizens and the data collectors in order to increase the citizens’ trust in using digital services given the fast-changing and delicate legal issues arising from collecting the personal data of the EU citizens. This chapter concludes by suggesting three improvements to the GDPR; more frequent controls for issuing the EU Data Protection Seal, increased independence of the Data Protection Controller and issuance of publicly available, frequent privacy ratings.