The fast evolution of technologies and their penetration in all spheres of human activities indicate the fourth industrial revolution. The scope of the change is significant, and multiple opportunities are linked to the further rise of science and the emergence of new devices. Numerous industries and spheres already accept the importance of innovative solutions and integrate them into their functioning. Artificial Intelligence is one of the technologies expected to change the nature of things and introduce new approaches to working with information, data, and performing various tasks. AI is hardware or software that possesses behavioral patterns that appear intelligent.
A machine with AI can perform complicated activities that demand complex decision-making and involve thousands of data sets and variables. Using the experience acquired in previous situations, AI makes decisions optimizing its predictions. There is also a concept of machine learning, presupposing that AI can learn through training. Using the already existing data and known examples, the machine processes them and improves the quality of predictions in the next cases, similar to it. AI with machine learning acquires processes similar to human thinking, however, characterized by increased accuracy.
The advantages mentioned above introduce multiple opportunities for applying AI to acquire improved outcomes. For instance, attorneys perform various tasks, and some can be enhanced by using innovative technologies. Machine learning tools can be applied to work with some example documents and train to detect patterns for e-mails, documents, and facts relevant to the scope of the litigation. AI can increase the effectiveness of routine tasks and attain higher accuracy when working with critical information. However, it is vital to realize the limits of using software and relying on results acquired by it. Using their experience, human attorneys make specific solutions using the data available to them, and their role cannot be overestimated, meaning that AI cannot completely replace them.
The theme of AI gives rise to a certain discrepancy between the benefits of its further use and threats created by it. The technology can replace human beings and demonstrate improved outcomes in fundamental spheres. However, the emergence of Big Data threatens the concept of privacy and contributes to the emergence of numerous legal issues. Today, no one can feel completely safe and protected from data theft, and the evolution of AI complicates the situation.
Being equipped with this innovation, malefactors can perform new cybercrimes, introducing new challenges to the law enforcement system and actualizing the need for robust security measures to resist them. The ambiguous nature of AI is also evidenced by the fact that there is a demand for new laws and bills regulating the cybersphere and people’s use of machine learning for illegal purposes. The digitalization of the world becomes a new challenge to law enforcement agencies and spheres as they have to adapt and respond with innovative strategies to regulate AI and machine learning technologies.
Facial Recognition
The recent advances in the development of applications for smartphones contributed to the emergence of new ways of cooperation between people. Under the impact of these innovations, agencies, such as the FBI, and the police, acquired new and potent tools to find and detect suspects and prevent serious crimes. Facial recognition technology belongs to this group as it helps to deanonymize a person and suggests his/her personal data. It is a serious advantage for the authorities; however, the availability of the technology can violate the code of ethics and precondition new crimes and problems.
Facial recognition can be inconsistent with the central values of the Western world and democratic society. The law ensures that people can protect their privacy, and all attempts to interfere should be viewed as illegal. However, facial recognition introduces a radical change in this idea. For instance, the app designed by Clearview AI allows to upload a picture of a person and get access to his/her other photos with links where these images appeared.
The software uses a database containing about three billion images. It means that individuals cannot feel safe anymore and should accept the fact that their anonymity can be disclosed. The practical use of such technologies is apparent and is evidenced by the statistics. About 600 law enforcement agencies use Clearview for various purposes. From this perspective, facial recognition tools became an issue that altered the existing rules of the game and provided legal authorities with an opportunity to act more effectively. However, the ethical dilemma related to the impossibility to remain unrecognized emerges.
The question of whether it is possible to sacrifice privacy to increased security becomes extremely topical regarding the given technology. Experience of Washington Dulles International Airport using a new facial comparison biometrics technology proves the relevance of this method and its promising nature. However, respect to basic human rights means that the application of this tool should be limited. For this reason, the legality of facial recognition tools is often doubted because of several reasons. First, it can be viewed as a rude violation of people’s right to privacy. The Equality Act and Human Rights Act protect people from such actions and ensure their right to remain unrecognized. There is also an ethical side of using this app as it can disclose personal information an individual might prefer to hide or avoid its sharing.
For this reason, there are attempts to create a moratorium on the use of facial recognition by the government until there are special guidelines and limitations that can ensure its appropriate functioning. However, regardless of these attempts, it is possible to predict the further evolution of this technology. Facial recognition offers multiple new opportunities for law enforcement agencies and might increase security levels, especially in emergent situations or when immediate interventions are needed. The rise of technologies alters the legal sphere, and it adapts to these changes by applying new practices and strategies to struggle against crime.
Bulk Collection and Mass Surveillance – US
The digitalization of the modern world and the extensive use of technologies create the basis for vigorous debates. Today, the availability of personal data and methods of surveillance gives rise to multiple concerns. Citizens cannot feel safe and protected because of the threat that their data will be used by third parties without their consent. For this reason, modern society faces the need to find a balance between surveillance and respect of human rights to avoid the further deterioration of the situation.
In the USA, the given sphere is regulated by existing laws and regulations. For instance, the Foreign Intelligence Surveillance Act (FISA) introduces a framework for government agencies to acquire demanded authorization to perform electronic surveillance, physical searches, get access to business records, or trace various devices. The given act is needed to ensure that agencies cannot abuse power and use tools available for them to infringe human rights. However, with the further evolution of technologies and the growth in the number of threats, transparency and privacy issues become more relevant. The ability to spy on people in different regions and collect their personal data triggered multiple debates about the ethical and legal aspects of this process.
From the perspective of the law enforcement sphere, the bulk collection is a beneficial practice increasing the effectiveness of agencies and their ability to control society. However, the most interesting and disputable fact is that transparency, as the basis of a democratic society, might suffer. Multiple agencies can use digital tools to control individuals, their lives and deprive them of chances to remain unrecognized. Applying democratic values, this idea sounds unacceptable and should be prohibited. However, with the growth of terrorist threats and the need to resist them, the task of finding the balance between openness and secrecy becomes more complicated.
National Security Agency and the FBI have the bulk telephone calls program in terms of Section 215 of the USA Patriot Act. The major goal of the incentive is to guarantee a high level of national security by identifying communications between known and unknown terrorism suspects and groups. If the acquired information proves a high level of the terrorist threat, federal agencies start to act to prevent attacks. In such a way, the given system exists to protect the state and its citizens.
That is why regardless of the emergence of constitutional concerns and the direct threat to privacy, the practical use of surveillance remains evident and cannot be disregarded. The authorities and the President justify the need for such measures and emphasize that the government does not spy on ordinary people. Nevertheless, there is a need for higher transparency and special programs to monitor the work of such programs and guarantee that NSA and FBI do not abuse power available for them, and mass surveillance is used for specific purposes such as the need to protect the state. Security of citizens should be viewed as the top priority, meaning that such tools should be integrated into the law enforcement sphere.
Bulk Collection and Mass Surveillance – Europe
In Europe, the situation with mass surveillance also remains tensed. The need to collect data to protect states from various threats, including terrorism, affects the functioning of governmental authorities and preconditions the use of surveillance tools that can help to collect personal information. Additionally, the USA, following FISA, can monitor different communication channels and collect information for their own purposes. Under these conditions, there is a complex situation characterized by the need to observe the Basic law and human rights and, at the same time, to preserve the high level of awareness regarding possible terrorist threats and attacks.
The European Convention can be considered a major document outlining the framework for the cooperation between people and authorities. It states that everyone has the right to private and family life, home, and correspondence. These should be respected, and there shall be no interference except cases when law views such cases as necessary ones and provides the legal basis for applying various measures, including surveillance.
Under these conditions, the principles of democracy prohibit agencies from spying on citizens and collecting their personal data. However, with the rise of threats and their diversification, the need to protect national security, public safety, and economic well-being of the country preconditions the further spread and extensive use of surveillance tools as the method to prevent the crime of new terrorist attacks. It means that there is a certain controversy and disputable question that should be resolved.
Cogitating about the issue, it is possible to predict the emergence of conflicts and multiple claims because of the ambiguous nature of surveillance tools. There are already cases involving parties trying to protect themselves. For instance, in Germany, five lawyers claim the existing legislation providing authorities with an opportunity to monitor correspondence, telephone calls, and other communication means without being informed about these measures.
It violates human rights and can be viewed as the case of interference in their private lives. However, the Court concluded that the existence of such legislation is vital for a democratic society because it meets the interests of national security and helps agencies to work more effectively in protecting citizens. The case shows the existence of a specific problem in Europe linked to mass surveillance and collecting data about people without their consent of them being informed about such actions.
Journalists in Europe also report the interference in their functioning by the Federal Intelligence Service. Working in conflict zones, they experience the pressure of the agency that monitored their telecommunications and information they provided to other parties under the amended version of the Federal Intelligence Service Act. In such a way, the problem of massive surveillance and bulk collection becomes critical topical for Europe. As predicted, the tension level will grow because of the difference in visions between common individuals, National security agencies, and the law enforcement sphere. The need to create a safe environment impacts these parties’ work and establishes new rules that should be followed.
Transatlantic Data Flows, Privacy, and Surveillance
The growth of the Internet and other ways of data transmission improved the quality of people’s lives and provided them with multiple opportunities, such as online shopping, chatting, and sending important documents. However, along with the benefits, there are problems associated with the increased amount of data transferred by various means. First, the privacy issues became more topical because of the possibility of interference. Second, this data can have dangerous content, and there is a need for its improved analysis, which makes privacy issues more relevant. For this reason, there are multiple debates on this problem.
First of all, transatlantic data transfer between the USA and EU has always been a disputable issue. The differences in approaches to guaranteeing privacy to parties and data surveillance precondition the need to elaborate a unified approach providing parties with an opportunity to share, process, and analyze data.
The attempts to create a unified vision preconditioned the creation of the Privacy Shield Framework requirement observing the seven principles, such as notice, choice, accountability, security, data integrity and purpose limitation, access, and resource, enforcement, and liability. The paradigm was designed to improve the transatlantic data flow. However, the European Court of Justice invalidated commercial data transfer accords performed in terms of this paradigm as it found the Privacy Shield unable to meet EU privacy standards. It means that there is a need for further collaboration to elaborate new rules for interaction.
The essential aspect of transatlantic data transfer is the inability to find a common solution. The differences in legislation are one of the most common causes for various incentives’ failures. For this reason, the demand for effective monitoring tools peculiar to the USA and the EU affects their cooperation and vision of the paradigm that can provide benefits for all parties. The uncertainty in the legal basis for data transfers causes additional troubles to legislators and law enforcement agencies as they have to adapt to new conditions. Another vital aspect is the constantly increasing amount of data that should be controlled. Agencies in the USA and EU have various methods to deal with it. For instance, Eliminating Abusive and Rampant Neglect of Interactive Technologies Act of 6 2020 adopted in the USA emphasizes the need for improved data surveillance to ensure that the sexual content involving children is detected, traced, and eliminated. The reduction of sexual exploitation can be attained by finding the sources of this information and sharing it with EU agencies for them to respond.
The Consumer Online Privacy Rights Act and the Online Privacy Act of 2019 also outline the major areas that should be given attention, such as private information and how it can be processed by governmental organizations. The idea of behavioral personalization presupposes the use of individuals’ information to customize the content and guarantee his/her comfort. At the same time, behavioral personalization should be performed in ways that infringe the main human rights and contradict the existing law.
Pandemic Surveillance
Another obvious advantage of technologies is the possibility of their implementation to the healthcare service with the primary goal to improve outcomes and ensure that relevant data is provided to caregivers. The current situation with the coronavirus demonstrates the critical importance of the ability to monitor the state of various groups and plan interventions in accordance with the change in the health of the nation. Pandemic and public health surveillance become extremely potent tools necessary for attaining improved outcomes and struggling against disease outbreaks.
The relevance of this concept is evidenced by the current pandemic and the effects it causes on the planet. The poo response to the outbreak of the disease demonstrated the need for better data collection measures as a way to empower the healthcare sector’s response to emergencies. From this perspective, health surveillance becomes fundamental for any state. In the USA, the Centers for Disease Control and Prevention are focused on creating an effective public health surveillance program as the part of the future enhancement of the healthcare sector. Multiple federal, state and local agencies collect and share surveillance data to create a unified approach and outline the current state of the nation.
It helps to create a stepwise approach effective in planning the future interventions and problems that might emerge. Using the relevant population data, the government can also be more flexible in financing various incentives and spheres that require immediate support.
It means that practical health surveillance can be viewed as a key to future progress and improvement. The emergent situations such as the pandemic observed today prove the potency of such measures. South Korea’s example in organizing, managing, and informing its population shows the effectiveness of such measures. The Infectious Disease Control and Prevention Act provided agencies with authority to collect private data from confirmed and potential patients without their consent. It ensured the ability to organize a potent and in-time response and improved management of the Covid-19 outbreak. The example shows that the use of surveillance practices in complex situations can be justified by goals and results attained due to this strategy.
However, collection and sharing of personal patients’ data also trigger vigorous debates as this information is protected by the law, and clients should be informed about such practices or provide their consent. At the same time, the EU emphasizes the fact that the processing of personal data should serve mankind, meaning that the right to the protection of this sort of information is not absolute and, in some cases, it is not applicable. Analyzing these claims in terms of the health of the nation, the use of personal data cannot be viewed as a violation of existing laws as it is collected to improve the response to possible threats. It helps to remain informed and act regarding the situation. This rule is especially applicable in terms of the Covid-19 outbreak as it can be the only way to attain desired outcomes.
Encryption
The increased data transfer and the spread of the mediated means of communication preconditioned the need for methods to protect information and ensure it will not be available to third parties. For this reason, encryption has become an essential component of Europe’s networks, markets, protecting financial transactions, in-vehicle information, and other elements. However, it also became a barrier to the improved detection, evaluation, investigation, and prosecution of threats by enforcement agencies. The rise of terrorism in Europe demonstrated the police and other National Security agencies faced difficulties in tracing and decoding encrypted messages, which became a source of new vulnerabilities.
For this reason, there is a growing tension between law enforcement capabilities and the technological change peculiar to the modern world. Agencies operating in the field have limited access to various data, and they can use it to improve their functioning. However, the evolution of encrypting technology might limit the FBI or the police’s capabilities as it protects data from unauthorized access and limits investigators’ opportunities. For this reason, there are vigorous debates on how this method should be treated and whether encryption can be allowed for all actors.
The discrepancy lies in the fact that protecting data from unauthorized entries and acting in accordance with the current laws, individuals who use the encryption technology limit agencies representing the law enforcement sphere. It creates the basis for the emergence of multiple precedents and decreased effectiveness of National security agencies. This “going dark” problem becomes a driving force of new laws needed to manage end-to-end encrypted messaging. The central idea is that the ability to decrypt and evaluate data is vital for struggling against terrorism, child abuse, and sexual harassment and exploitation. Having access to all information in various networks, law enforcement can become more effective in investigating minor crimes and gathering evidence to support claims.
However, there is another side to the problem. The introduction of such laws threatens basic human rights. There is also a lack of judicial oversight and secrecy issues linked to such regulations. Multiple law-obedient citizens use encryption technology to protect their personal data and hope for it being unavailable to third parties. In case law enforcement acquires the chance to decrypt all communications, multiple ethical issues might emerge.
The law enforcement sphere faces a serious dilemma nowadays. The necessity to control communication to avoid new terrorist attacks or cyberwar is evident. With the further rise of technologies, the problem will become more topical and demand additional resources to manage it. However, the end-to-end encryption and the users’ desire to protect their data might limit the capabilities of law enforcement and national security agencies. For this reason, the “going dark” problem becomes one of the serious concerns of contemporary society. It demands specific laws and regulations to introduce additional transparency and judicial oversight to ensure that there is no abuse of power and fundamental human rights are observed. Otherwise, numerous ethical issues will emerge.
Malicious use of personal data
The availability of information provides multiple opportunities for both law enforcement agencies and malefactors who might use this data to harm people, blackmail them, harass, or generate benefits. With the further rise of technologies, such issues become more complex and demand more attention. Doxxing is one of the disputable areas attracting attention today. The term states for collecting personally identifiable information (PII) and its further disclosure publically, usually with unethical and dangerous purposes.
It might humiliate an individual, cause serious damage to his/her reputation, and precondition the critical deterioration in the quality of life. Doxxers usually collect information that is available online from multiple sources to reveal the most sensitive facts and use them. However, the problem is that there are no clear rules and laws on how the authorities should act in such situations. Users process data in public domains and do not violate regulations that exist to protect third parties’ interests. That is why there is a debate whether doxxing should be considered an illegal practice as regarding the context, their actions can be treated differently.
Online violence, cyber abuse, and hate speeches are other examples of malicious use of personal data. As against doxxing, the inacceptable nature of these practices is evident, and the law enforcement sphere looks for effective ways to struggle with it. The major problem is that there is difficulty in elaborating criteria determining the legal and illegal actions of cyber abusers. This uncertainty preconditions the emergence of new cases and increased vulnerability of some groups. For instance, women often become the victim of gender, racist, and sexual threats. The problem is complicated by the fact that modern technology offers an opportunity to create deepfakes. There are some cases when a person’s face is swapped to sex scenes involving other people.
It might precondition a serious threat to the reputation of an individual, deteriorate his/her image, and trigger harassment. The availability of this technology shows the increasing scope of the problem and the need for practical tools to respond to it. One of the possible ways is to consider every case and offer a regulation that will help to treat it and provide appropriate punishment. For instance, in the UK, the prohibition of revenge photography helped to minimize the number of sexual photos shared as an attempt to avenge someone.
The use of similar measures for other types of malicious data use can help to improve the situation and ensure that people might feel safe using the Internet and communicating with other individuals. The problems of doxxing, online harassment, and cyber abuse are topical today, and it might become even more complicated if law enforcement agencies do not acquire legal tools to struggle against malefactors and provide them with appropriate punishment. It also means that the technologies give rise to a new era characterized by the shift of priorities towards cybercrime, and the legislation should be altered to adapt to it.
Bibliography
Algorithmic Accountability Act of 2019, S.1108, 116th Cong. (2019-2020).
Australian Government. Department of Home Affairs, Statement of Principles on Access to Evidence and Encryption, (2018). Web.
BVerfG, Judgment of the First Senate of 19 May 2020 – 1 BvR 2
Centers for Disease Control and Prevention, Public Health Surveillance: Preparing for the Future Public Health Surveillance. CDC. Web.
Chesney, Robert, COVID-19 Contact Tracing We Can Live with: A Roadmap and Recommendations, Lawfare (2020). Web.
Chesney, Robert and Danielle Citron, Deepfakes: A Looming Crisis for National Security, Democracy and Privacy? Law Fare (2018). Web.
Christakis, Theodore, After Schrems II: Uncertainties on the Legal Basis for Data Transfers and Constitutional Implications for Europe. European Law Blog (2020). Web.
Commercial Facial Recognition Privacy Act of 2019, S.847, 116th Cong. (2019-2020).
Congressional Research Service, Encryption and the “Going Dark” Debate. CRS (2017). Web.
Congressional Research Service, Foreign Intelligence Surveillance Act (FISA): An Overview. Reports (2020). Web.
Congressional Research Service, U.S.-EU Privacy Shield, Report (2020). Web.
Consumer Online Privacy Rights Act, S.2968, 116th Cong. (2019-2020).
Department of Health and Human Services, Summary of the HIPAA Privacy Rule. HHS (2013). Web.
Department of Health & Human Services, Public Health. HHS (2020). Web.
Department of Justice Washington, D.C., Remarks by the President on Review of Signals Intelligence. The White House (2014). Web.
EARN IT Act of 2020, S.3398, 116th Cong. (2019-2020).
Edvardsen, Sofia, Here’s How to Interpret Sweden’s First GDPR Fine on Facial Recognition in School. IAPP (2019). Web.
Ethical Use of Facial Recognition Act, S.3284, 116th Cong. (2019-2020).
European Court of Human Rights, Fact Sheet on Mass Surveillance, Factsheet (2020). Web.
European Parliamentary Research Service. The impact of the General Data Protection Regulation (GDPR) on artificial intelligence. Study for the European Parliament (2020). Web.
Hill, Kashmir. The Secretive Company that Might End Privacy as We Know It. New York Times (2020). Web.
Homeland Security, How to Prevent Online Harassment from “Doxxing”, DHS (2017). Web.
Judiciary of England and Wales, The Queen on the Application of Edward Bridges and Chief Constable of South Wales and Others, Press Summary (2019). Web.
Kelnar, David, The Fourth Industrial Revolution: A Primer on Artificial Intelligence (AI). Medium (2016). Web.
Kim, Brian, Lessons for America: How South Korean Authorities Used Law to Fight the Coronavirus. Lawfare (2020). Web.
Koomen, Maria. The Encryption Debate in the European Union. Carnegie (2019). Web.
Liberty v SSHD & SSFCA, EWHC 2057 (2019).
Lyons, Kate, Tom Phillips, Shaun Walker,, Jon Henley, Paul Farrell, and Megan Carpentier. Online Abuse: How Different Countries Deal with It. The Guardian (2016). Web.
Masnick, Mike. Should Doxxing Be Illegal? Techdirt (2019). Web.
Misra, Parth. Here’s How Face Recognition Tech Can Be GDPR Compliant. The Next Web (2019). Web.
Mozur, Paul and Aaron Krolik. A Surveillance Net Blankets China’s Cities, Giving Police Vast Powers. The New York Times, (2019). Web.
Online Privacy Act of 2019, H.R.4978, 116th Cong. (2019-2020).
Policy Department for Citizen’s Rights and Constitutional Affairs. Cyber Violence and Hate Speech Online Against Women. European Parliament, (2018). Web.
Privacy and Civil Liberties Oversight Board, Report on the Telephone Records Program Conducted under Section 215 of the USA PATRIOT Act and on the Operations of the Foreign Intelligence Surveillance Court, (2014). Web.
Stilgherrian. The Encryption Debate in Australia, Carnegie Endowment for International Peace. Carnegie (2019). Web.
Surden, Harry, Artificial Intelligence and Law: Overview, 35, 4, G, Ga.St.U. L. Rev.(2019). Web.
U.S. Customs and Border Protection, CBP at Washington Dulles International Airport intercepted an imposter using new cutting-edge Facial Comparison Biometrics technology, Press Release (2018). Web.
USA FREEDOM Reauthorization Act of 2020, H.R.6172, 116th Cong. (2019-2020).
Whitener, Michael and Raquel Aragon, How Should We Regulate Facial Recognition Technology, IAPP (2019). Web.