Between ethics and the law, who can regulate artificial intelligence systems?
We have all begun to realize that the rapid development of AI is truly going to change the world we live in. AI is no longer just a branch of computer science; it has broken out of research labs with the development of “AI systems”—“software that, for human-defined objectives, generates content, predictions, recommendations, or decisions that influence the environments with which they interact” (definition by the European Union).
Bernard Fallery, University of Montpellier

AI applications are everywhere, and they introduce new risks, including the manipulation of behavior. How can we regulate their use?
Pixabay,CC BY
The challenges of governing these AI systems—with all the nuances of ethics, control, regulation, and legislation—have become crucial, as their development is now in the hands of a few digital empires such asGAFA-NATU-BATX…which have become the masters of fundamental societal choices regarding automation andthe “rationalization”of the world.
The complex web where AI, ethics, and law intersect is thus shaped by power dynamics—and collusion—between governments and tech giants. But citizen engagement is essential to advocate for alternatives to a technologicalsolutionismin which “everything that can be connected will be connected and streamlined.”
AN ETHICS OF AI? THE MAJOR PRINCIPLES AT AN IMPASSE
Admittedly, the three majorethical principleshelp us understand how a genuine bioethics has developed since Hippocrates: the personal virtue of “critical prudence,” the rationality of rules that must be capable of being universal, and the assessment of the consequences of our actions in relation to the general well-being.
[More than 80,000 readers rely on The Conversation’s newsletter to better understand the world’s major issues.Subscribe today]
For AI systems, these guiding principles have also served as the foundation for hundreds of ethics committees: the Holberton-Turing Pledge,the Montreal Declaration,the Toronto Declaration, the UNESCO Program… and evenFacebook! But AI ethics charters have yet to result in any enforcement mechanism—or even the slightest censure.
On the one hand, the race for digital innovation is essential for capitalism to overcome the contradictions in profit accumulation, and it is essential for states to developalgorithmic governanceandunprecedented social control.
But on the other hand, AI systems are always both a cure and a poison (a pharmakon in Bernard Stiegler’s sense) and thus continually give rise to diverse ethical situations that cannot be resolved by principles alone but require “complex thinking”—a dialogic approach in Edgar Morin’s sense, as demonstrated bythe analysis of the ethical conflicts surrounding the Health Data Hub.
A RIGHT FOR AI? A BALANCE BETWEEN REGULATION AND GOVERNANCE
Even if broad ethical principles will never be fully implemented, it is through critical discussion of these principles that AI law may emerge. The law faces particular obstacles in this area, includingthe scientific uncertaintysurrounding the definition of AI, the extraterritorial nature of the digital realm, and the rapid pace at which platforms are developingnew services.
In the development of AI law, we can thus observetwo parallel trends. On the one hand, regulation through simple guidelines or recommendations aimed at the gradual legal integration of standards (from technology to law, suchas cybersecurity certification). On the other hand, there is genuine regulation through binding legislation (from positive law to technology, such as theGDPR regulationon personal data).
POWER DYNAMICS… AND COLLUSION
Personal data is often described as a highly coveted new "black gold," because AI systems rely heavily on massive amounts of data to fuel statistical learning.
In 2018, the GDPR became a full-fledged European regulation governing this data,having gained momentum from two major scandals: the NSA’s PRISM surveillance program and the Facebook data breach at Cambridge Analytica. The GDPR even enabled activist lawyer Max Schrems to haveall transfers of personal data to the United Statesinvalidated by the Court of Justice of the European Union in 2020. But instances of collusionbetween governments and tech giantsremain numerous: Joe Biden and Ursula von der Leyen are constantly working to reorganize these data transfers—which are contested bynew regulations.
Today, the Gafa-Natu-Batx monopolies are shaping the development of AI systems: they control possible futures through “predictive machines” and the manipulation ofattention; they enforce the interdependence oftheir servicesand will soon require the integration of their systems intothe Internet of Things. Governments are responding to this concentration of power.
In the United States, a lawsuit seekingtoforce Facebookto sell Instagram and WhatsAppis set to begin in 2023, and an amendment toantitrust legislationis set to be passed.
In Europe, starting in 2024, the Digital MarketsAct (DMA) will regulate acquisitions and prohibit “major gatekeepers” from self-referencing or bundling their various services. As for the Digital ServicesAct (DSA), it will require “major platforms” to be transparent about their algorithms, to promptly address illegal content, and will prohibit targeted advertising based on sensitive characteristics.
But collusion remains strong, as everyone also protects “their” tech giants by invoking the Chinese threat. Thus, under pressure from the Trump administration, the French governmentsuspended payment of its “GAFA tax”—even thoughit hadbeen passed by parliament in 2019—andtax negotiationscontinue within the framework of the OECD.
A NEW AND INNOVATIVE EUROPEAN REGULATION ON THE SPECIFIC RISKS OF AI SYSTEMS
Spectacular advances in pattern recognition (whether in images, text, speech, or location data) are giving rise to predictive systems that pose growing risks to health, safety, and fundamental rights: manipulation, discrimination, social control, autonomous weapons… Following China’s regulation on the transparency of recommendation algorithms in March 2022, the adoption ofthe AIA Act—the European regulation on artificial intelligence—will mark a new milestone in 2023.

Yves Meneceur, 2021, Provided by the author
This groundbreaking legislation is based on therisk level ofAI systems, using a tiered approach similar to that for nuclear risks: unacceptable, high risk, low risk, and minimal risk. Each risk level is associated with prohibitions, obligations, or requirements, which arespecified in the annexesand are still being negotiated between theParliamentand theCommission. Compliance and enforcement will be monitored by the relevant national authorities and the European Committee on Artificial Intelligence.
A CITIZENS' COMMITMENT TO AI RIGHTS
To those who view citizen engagement in the development of AI law as a utopian ideal, we can first point to the strategy of a movement likeAmnesty International: advancing international law(treaties, conventions, regulations, human rights courts) and then applyingitto specific situations, such as the Pegasus spyware case or the ban on autonomous weapons.
Another successful example is the None of Your Business (it’s none of your business):advancing European law(GDPR, Court of Justice of the European Union, etc.) by filinghundreds of complaintseach year against privacy-violating practices by digital companies.
All of these citizen groups, which are working to establish and exercise AI-related rights, take a wide variety of forms and follow diverse approaches. From Europeanconsumerassociations filing joint complaints against Google’s account management practices, to 5G antenna saboteurs who reject the total digitization of the world, to Torontoresidentsthwarting Google’s majorsmart cityproject, and toactivistdoctors advocating for open-source software who want to protect health data…
This emphasis on various ethical imperatives—which are both contradictory and complementary—aligns well with thecomplexethicalframeworkproposed by Edgar Morin, which accepts resistance and disruption as inherent to change.
Bernard Fallery, Professor Emeritus of Information Systems, University of Montpellier
This article is republished fromThe Conversationunder a Creative Commons license. Readthe original article.