Suchergebnisse

Business is using artificial intelligence in essentially all sectors of the economy: machine learning is employed to generate knowledge out of big (consumer) data, to optimize processes and to undertake new, previously impossible tasks. This might come with benefits for the consumers and the society, but definitely poses numerous challenges. In this short note, we provide an overview of challenges for EU consumer law and policy stemming from the business's use of AI, and sketch a plan for action. We argue that AI will need to be tackled case-by-case, bottom-up, though with the big picture in mind. It needs to be tackled soon, but we do need to take our time to reconsider the assumptions that have been challenged, and not rush to political conclusions. Moreover, we argue that the role of law is not just to minimize the risks, but also to enable developments in consumer-empowering AI tools. These tools, however, will not be given to us by business. Civil society must take action and fight for them. We cluster the challenges and takeaways by the type of actors that are affected by the business's use of AI. Consumers face the risk of undue influence on their behavior (by targeted personalized commercial practices), exclusion from access to goods and services (ad delivery & price discrimination) and lower quality of information and services in the interaction with artificial agents. Regulators need to revise their governance toolbox, taking into account the specificity of AI's operations (stealth infringement, wide-spread-by-minor damage, automation of reasoning). Also, regulation needs to strike a correct balance between specific cases and the bigger picture, and between commanding and enabling. In EU consumer law, the concepts of unfair commercial practices and unfair contractual terms should be revisited, to take into account the reality of business using AI. In addition, we should consider the usefulness of adopting special data protection rules to supplement the GDPR, by stating what purposes of data processing are lawful in what markets. Civil society should strive to seize the opportunities of AI in the medium-term, making the best use of the exiting legal instruments (UCPD, UCTD, GDPR) in the short-term, and lobby for societal and legal change in the long-term. Finally, academia, in particular legal scholars, must re-consider their role in the debate on AI governance: they should ground their research in empirical findings, acknowledge the limitations of sectoral knowledge and remedy such limitations by engaging in an interdisciplinary and multi-stakeholder dialogue. We argue that the competitive advantage of scholars goes beyond offering concrete policy recommendations. Instead, it concerns a critical reflection on the ways in which the mass deployment of AI challenges the basic assumptions and presuppositions of the existing legal and regulatory theory and practice.

Potential regulation of use of artificial intelligence by business should minimize the risks for consumers and the society without impeding the possible benefits. To do so, we argue, the legal reaction should be grounded in an empirical analysis and proceed case-by-case, bottom-up, as a series of responses to concrete research questions. The ambition of this report has been to commence and facilitate that process. We extensively document and evaluate the market practice of the corporate use of AI, map the scholarly debates about (consumer) law and artificial intelligence, and present a list of twenty five research questions which, in our opinion, require attention of regulators and academia. The report is divided into four sections. The first explains our understanding of the concepts of "artificial intelligence" (a set of socio-technological practices enabled by machine learning and big data) and "consumer law" (various legal instruments concretizing the principles of the weaker party protection, non-discrimination, regulated autonomy and consumer privacy). The second section documents the ways in which the business uses artificial intelligence in seven sectors of the economy: finance and insurance, information services, energy and "smart solutions", retail, autonomous vehicles, healthcare and legal services. For each analyzed sector we study the gains for the businesses stemming from the deployment of AI, the potential gains, but also challenges for consumers, as well as third party effects. In the third section, we repeat the analysis through the lens of four general "uses" of AI by businesses in various sectors: knowledge generation, automated decision making, advertising and other commercial practices and personal digital assistants. Finally, in the fourth section, we present the questions which we believe should be addressed in the next stage of the research. We cluster them into: normative questions about regulatory goals, technological and governance questions about regulatory means, and theoretical questions about concepts and preconceptions.

Recent years have been tainted by market practices that continuously expose us, as consumers, to new risks and threats. We have become accustomed, and sometimes even resigned, to businesses monitoring our activities, examining our data, and even meddling with our choices. Artificial Intelligence (AI) is often depicted as a weapon in the hands of businesses and blamed for allowing this to happen. In this paper, we envision a paradigm shift, where AI technologies are brought to the side of consumers and their organizations, with the aim of building an efficient and effective counter-power. AI-powered tools can support a massive-scale automated analysis of textual and audiovisual data, as well as code, for the benefit of consumers and their organizations. This in turn can lead to a better oversight of business activities, help consumers exercise their rights, and enable the civil society to mitigate information overload. We discuss the societal, political, and technological challenges that stand before that vision.

Two years after its entry into force, the EU General Data Protection Regulation became applicable on the 25th May 2018. Despite the long time for preparation, privacy policies of online platforms and services still often fail to comply with information duties and the standard of lawfulness of data processing. In this paper we present a new methodology for processing privacy policies under GDPR's provisions, and a novel annotated corpus, to be used by machine learning systems to automatically check the compliance and adequacy of privacy policies. Preliminary results confirm the potential of the methodology.