When folks say AI is taking IT Law by a storm, they really mean it. Give it a few more months and the intro will have a cheesy line stating that picks in IT Law have become picks in AI regulation. But for now, I’m afraid it’s IT Law in general and data protection in particular. Sound check.
🤖 Artificial Intelligence
In a tripartite digital accord, Germany, France, and Italy reportedly reached a consensus on the future regulation of Artificial Intelligence (AI), opting for a model that advocates “mandatory self-regulation through codes of conduct” for foundational AI systems. This agreement, delineated in a joint paper, distinguishes between the technology of AI and its application, suggesting that potential risks stem from usage rather than the technology itself. The paper proposes the use of ‘model cards’ to demystify AI systems for users, outlining their functions, capabilities, and limitations. While initially sanction-free, the framework allows for the introduction of penalties if non-compliance with the code of conduct is later detected, emphasizing a balanced approach to fostering AI innovation while mitigating associated risks. This regulatory strategy underscores a broader global initiative to integrate AI into the economy safely and ethically.
🎩 Competition
The Spanish National Markets and Competition Commission (“CNMC”) formally concluded its investigation into allegations of unfair competition levied against Amazon, Booking, and Tripadvisor by the Organisation of Consumers and Users (OCU), centered around the issue of false reviews on their platforms. The CNMC’s findings exonerate the platforms themselves, pointing instead to third-party sellers as the source of the malfeasance, often offering incentives for positive reviews. Despite the absence of direct platform involvement in these deceptive practices, the CNMC discerned potential contraventions of consumer protection laws and consequently referred the matter to the Directorate General for Consumer Affairs for further examination. This referral underscores the ongoing commitment to maintaining the integrity of consumer rights within the digital marketplace, apparently.
The European Commission is conducting unannounced inspections on enterprises engaged in online sales and delivery of food and consumer goods within two EU Member States, amid concerns of potential infringement of EU antitrust regulations, particularly relating to cartels and restrictive business practices. These inspections are a continuation of a broader investigation initiated in 2022, which now includes allegations of ‘no-poach’ agreements and the exchange of sensitive commercial information. It’s important to note that such inspections do not presuppose any wrongdoing by the companies involved; they are simply a step in the investigative process. The duration of these inquiries is undetermined, as it varies based on case complexity and company cooperation. Watch this space 👀 (if I had a penny for all the times I’ve typed this)
🔏 Data Protection & Privacy
The Italian Data Protection Authority launched an investigation into how public and private websites collect personal data for training artificial intelligence algorithms. This probe aimed to ensure that these sites had adequate security measures to thwart mass data scraping by third parties. It encompassed a wide array of data handlers within Italy’s borders and invited input from various stakeholders on security practices against data scraping. The Authority reserved the right to implement urgent measures following the investigation, based on its findings.
In a serious breach of patient confidentiality, a former NHS medical secretary was found guilty of accessing the medical records of 156 people without authorization. The medical secretary accessed these records over 1800 times within a three-month span, including those of family members and locals from her community, despite her work not requiring such access. Her transgressions, spotlighted by a patient’s complaint, ultimately led her to Worcester Magistrates’ Court where she admitted to her actions and was fined. This case underscores the Information Commissioner’s Office’s resolve to uphold data protection laws, emphasizing that personal curiosity does not justify illegal data access. OBVS.
The Information Commissioner issued a warning to some of the UK’s most frequented websites, cautioning that they faced enforcement action if they failed to align with data protection law. These sites had not provided users with clear choices regarding tracking for personalized advertising, contravening ICO guidelines that dictate the ease of rejecting cookies should match that of accepting them. The ICO responded by writing to the companies responsible, giving them a 30-day deadline to bring their websites into compliance. Stephen Almond of the ICO reflected on the public’s discomfort with ads that seemed uncannily tailored, particularly when they could reveal personal struggles or private matters without consent. With an update promised for January, the ICO has made it clear: websites must amend their ways or prepare to face the music, in line with the ICO’s broader commitment to protecting individual rights within the online advertising landscape. Beware ye who cross ICO.
📄 Recommended Readings
Here’s a few –in no particular order– of recent publications that piqued my interest this week. Remember to grab a cuppa (very important) and settle in for some riveting reading.
Licensing high-risk artificial intelligence: Toward ex ante justification for a disruptive technology by Gianclaudio Malgieri & Frank Pasquale
Taking Fundamental Rights Seriously in the Digital Services Act’s Platform Liability Regime by Giancarlo Frosio & Christophe Geiger
Democratizing AI from a Sociotechnical Perspective by Merel Noorman & Tsjalling Swierstra
Disclaimer: I am in no way affiliated with the authors or publishers in sharing these, and do not necessarily agree with the views contained within. I try to include mostly open access publications due to, well you know, accessibility of knowledge and science.
If you have any thoughts or suggestions on how to make this digest more enjoyable, feel free to drop a line. Your feedback is always welcome!
Featured image generated using DALL·E 3.
