Computer Law & Security Review最新文献

This article embarks on a comprehensive examination of two research questions. The first question is “What are the AI-enabled applications, which are developed and deployed in Greece in the border management field?”. The goal is to provide to the reader a thorough listing of these technologies, as well as information regarding the companies that develop them, and the EU funding schemes that support them. By investigating this question, the paper assesses whether there exists transparent information regarding the procurement, development, and deployment phases of such AI tools in Greece, with a keen focus on the accessibility of related documents and data to civil society actors.The second question is “To what extent are the development and deployment of these AI-enabled border management applications in compliance with the applicable data protection provisions?”. There the goal is to register the different breaches of data protection provisions when such AI tools are developed and deployed in practice, taking into account the findings of civil society actors that have challenged the lawful use of such applications in accordance with the related national legal framework enforcing Regulation 2016/679 (GDPR) and transposing the Directive 2016/680.

The power wielded by platforms under "algorithmic governmentality" threatens people's ability to freely self-determine. The European legislation on privacy and, in particular, the GDPR, provide the data subject with certain rights to exercise their own informational self-determination. However, the individual setting of these rights makes them very limited. I will outline a co-regulation proposal that allows subjects to actively participate in the definition of rules for the platform economy. This would allow subjects to self-determine themselves, while giving adequate representation to the collective interests implied in algorithmic relationships.

The European Border and Coast Guard Agency, more commonly known as Frontex, was established in 2004 with “a view to improving the integrated management of the external borders of the Member States of the European Union.” It was tasked with the responsibility of providing technical support and expertise to Member States in the management of borders. Over the years its mandate has increased considerably through amendments to its legislative framework. This expansion has taken place against a background of serious allegations concerning Frontex's role in violating the fundamental rights of asylum seekers through its involvement in pushback operations – the practice of stopping asylum-seekers and migrants in need of protection at or before they reach the European Union's external border. While Frontex's complicity in pushbacks has been widely examined by academics, its transformation into a major surveillance and data processing hub and its compliance (or lack thereof) with the fundamental rights to privacy and protection of personal data have received limited academic attention.

This paper traces the evolution of Frontex over the years and fundamental rights implications of the transformation of its role.

The ever-increasing adoption of AI technologies in the hiring landscape to enhance human resources efficiency raises questions about algorithmic decision-making's implications in employment, especially for job applicants, including those at higher risk of social discrimination. Among other concepts, such as transparency and accountability, fairness has become crucial in AI recruitment debates due to the potential reproduction of bias and discrimination that can disproportionately affect certain vulnerable groups. However, the ideals and ambitions of fairness may signify different meanings to various stakeholders. Conceptualizing fairness is critical because it may provide a clear benchmark for evaluating and mitigating biases, ensuring that AI systems do not perpetuate existing imbalances and promote, in this case, equitable opportunities for all candidates in the job market. To this end, in this article, we conduct a scoping literature review on fairness in AI applications for recruitment and selection purposes, with special emphasis on its definition, categorization, and practical implementation. We start by explaining how AI applications have been increasingly used in the hiring process, especially to increase the efficiency of the HR team. We then move to the limitations of this technological innovation, which is known to be at high risk of privacy violations and social discrimination. Against this backdrop, we focus on defining and operationalizing fairness in AI applications for recruitment and selection purposes through cross-disciplinary lenses. Although the applicable legal frameworks and some research currently address the issue piecemeal, we observe and welcome the emergence of some cross-disciplinary efforts aimed at tackling this multifaceted challenge. We conclude the article with some brief recommendations to guide and shape future research and action on the fairness of AI applications in the hiring process for the better.

The extraterritorial application of artificial intelligence (AI) laws and regulations is a form of global AI governance. The EU and China serve as two different examples of how to achieve the extraterritorial applicability of AI laws and regulations. The former shows an explicit territorial extension with more trigger factors, whereas the latter shows vertical regulation with a narrower territorial scope. Both countries’ legislative motivations differ but also have some commonalities. One of the primary goals of extraterritorial application of domestic laws is to protect citizens within their territory. The digital economy's characteristics make it necessary for AI laws to have extraterritorial effects. Without international conventions or treaties, there is a legal vacuum in AI regulation. Additionally, the extraterritorial application of AI laws and regulations helps a state become a global standard-setter and gain an international sphere of influence. However, the extraterritorial application of AI laws and regulations sometimes functions as a form of legal imperialism. This exacerbates the injustice between great powers and weak countries in AI competition. To justify the legitimacy of the extraterritorial application of AI laws and regulations, it is beneficial to adopt the ‘inner morality of extraterritoriality’, a theoretical framework proposed by Professor Dan Svantesson. In fact, extraterritorial applicability depends on the market size and attractiveness. For other countries, whether their AI laws and regulations are endowed with extraterritorial effects is their prerogative. However, they should consider their soft power before implementing legislation.

This article tracks developments at the national level in key European countries in the area of IT and communications and provides a concise alerting service of important national developments. It is co-ordinated by Herbert Smith Freehills LLP and contributed to by firms across Europe. This column provides a concise alerting service of important national developments in key European countries. Part of its purpose is to complement the Journal's feature articles and briefing notes by keeping readers abreast of what is currently happening “on the ground” at a national level in implementing EU level legislation and international conventions and treaties. Where an item of European National News is of particular significance, CLSR may also cover it in more detail in the current or a subsequent edition.

This column provides a country by country analysis of the latest legal developments, cases and issues relevant to the IT, media and telecommunications' industries in key jurisdictions across the Asia Pacific region. The articles appearing in this column are intended to serve as ‘alerts’ and are not submitted as detailed analyses of cases or legal developments.

Under its proposed Artificial Intelligence Act (‘AIA’), the European Union seeks to develop harmonised standards involving abstract normative concepts such transparency, fairness, and accountability. Applying such concepts inevitably requires answering hard normative questions. Considering this challenge, we argue that there are three possible pathways for future standardisation under the AIA. First, European standard-setting organisations (‘SSOs’) could answer hard normative questions themselves. This approach would raise concerns about its democratic legitimacy. Standardisation is a technical discourse and tends to exclude non-expert stakeholders and the public at large. Second, instead of passing their own normative judgments, SSOs could track the normative consensus they find available. By analysing the standard-setting history of one major SSO, we show that such consensus tracking has historically been its pathway of choice. If standardisation under the AIA took the same route, we demonstrate how this would lead to a false sense of safety as the process is not infallible. Consensus tracking would furthermore push the need to solve unavoidable normative problems down the line. Instead of regulators, AI developers and/or users could define what, for example, fairness requires. By the institutional design of its AIA, the European Commission would have essentially kicked the ‘AI Ethics’ can down the road. We thus suggest a third pathway which aims to avoid the pitfalls of the previous two: SSOs should create standards which require “ethical disclosure by default.” These standards will specify minimum technical testing, documentation, and public reporting requirements to shift ethical decision-making to local stakeholders and limit provider discretion in answering hard normative questions in the development of AI products and services. Our proposed pathway is about putting the right information in the hands of the people with the legitimacy to make complex normative decisions at a local, context-sensitive level.

Currently the UK does not have a specific anti-cyberterrorism law, instead relying on existing anti-terrorism laws to deal with cyberterrorism. This approach raises a number of problems insofar as it can lead to legislative uncertainty and unpredictability, as well as impacting on carrying risks of over-criminalisation, a lack of counterbalance, violation of principles of proportionality and arbitrariness. In light of these problems, this article aims to offer a critical evaluation of the UK’s existing legal responses to cyberterrorism with reference to the rule of law and basic human rights principles, mainly focusing on the vague and overly broad definition of terrorism, a tendency towards criminalising a wide range of terrorism precursor offences online, pre-emptive strategies and aggravated punishment of cyberterrorism. Based on this analysis, the article argues that applying the extension of existing anti-terrorism laws to combat low-risk cyberterrorism activities runs the risk of exacerbating harms to the values of the rule of law.

This article aims to engage with the scholarly debate on the introduction of a new fundamental right to cybersecurity in EU law. In particular, the legal analysis focuses on three legal challenges brought about by a theoretical framework for development of a new right to cybersecurity. They regard: i) the need for a new right to cybersecurity against the background of the existing fundamental right to security (Art. 6 EU Charter of Fundamental Rights, CFR); ii) the actual content of this new right; and, iii) how such a new right could be implemented. The article concludes by advocating for the need of acknowledging a new right to cybersecurity in EU law.