Artificial Intelligence (Hey Hi) isn't a valid excuse

Summary: Terms like "Artificial Intelligence" have long been used and misused to justify wrong "moderation" and various accidents (such as 'driverless' [sic] cars), but we can help European officials see through the façade and hold reckless companies accountable, in spite of all these disingenuous 'legal hacks' with loopholes they exploit/create (through lobbying)

The EU is conducting a survey about some buzzwords, hype waves, and other nonsense. But eventually it is about liability, it is about who to hold accountable. Today, rather than present the survey, we'll focus on some background information.

The directive and supplementary information use terms such as "Artificial Intelligence" and "Internet of Things", so you know it's not about substance but nebulous concepts. From the main page: "REPORT FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL AND THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE Report on the safety and liability implications of Artificial Intelligence, the Internet of Things and robotics..."

Well, robotics is a real thing, machine learning methods are a real thing (statistics for the most part, albeit formalised within frameworks or sets of methodologies), but "Hey Hi" (AI) and the rest of it suggests we're dealing here not with technical people but politicians infatuated/brainwashed by marketing people and corporate lobbyists.

This other page says: "COMMISSION STAFF WORKING DOCUMENT Evaluation of Council Directive 85/374/EEC of 25 July 1985 on the approximation of the laws, regulations and administrative provisions of the Member States concerning liability for defective products Accompanying the document Report from the Commission to the European Parliament, the Council and the European Economic and Social Committee on the Application of the Council Directive on the approximation of the laws, regulations, and administrative provisions of the Member States concerning liability for defective products (85/374/EEC)..."

This is about Directive 85/374/EEC, whose page says: "In 2020, the Commission published a report on the broader implications for, potential gaps in and orientations for, the liability and safety frameworks for artificial intelligence, the Internet of Things and robotics..."

Of interest:

• Reflections on trusting trust - ACM
• The Software Industry IS the Problem - ACM Queue
• The Software Industry IS STILL the Problem - ACM Queue
• Cybersecurity as Realpolitik by Dan Geer presented at Black Hat USA 2014 - YouTube
• Cybersecurity as Realpolitik - Dan Geer

At this point in time, an associate has noted, "the goal would be to increase general awareness so that informed decisions can be made [...] rather than a call to action at this time it needs to be an awareness [campaign to] bring attention to four links just posted above. In the fourth link it is only part 3 which is relevant. [...] with the proper background knowledge it is an opportunity to nudge things the right direction, perhaps."

“So we are left today with 100s of millions if idiot companies with their idiot bosses and frazzled employees sending attachments and having multiple, conflicting versions of the same document, and having lost messages (via Microsoft Exchange) to add on top of the normal stress.”
      --Techrights AssociatePutting aside buzzwords from EU officials, as the associate has worded it, "the questions in the survey are an attempt at addressing the problems even if they don't know much about the software design underneath. One aspect which can be worthy of copious amounts of text would be the question of how much software is actually fit for purpose and what the protections people should have if they use it as advertised. Microsoft can't have it both ways. They can't both blame the victim at the same time as they are telling the victim that the software should be used in the way they are blaming the victim for using it in."

"For example, they design interfaces to be clicked on and obfuscate a lot of important information, including metadata, while embedding scripts and such, advertising it all as desirable features. Yet when those features are (mis)used the user is blamed instead of the the vendor. Same for attachments. Furthermore the reason e-mail is used as a surrogate for file sharing is that Microsoft killed off Novell NetWare without either replacing the functionality or allowing the market to fill the vacuum. So we are left today with 100s of millions if idiot companies with their idiot bosses and frazzled employees sending attachments and having multiple, conflicting versions of the same document, and having lost messages (via Microsoft Exchange) to add on top of the normal stress."

We shall follow up at a later time/date with suggestions of feedback for the EU. The above background can (or could) help prepare for a potent response, which we'll do separately now that it's over.

This debate as a whole concerns strict liability and with the consultation out of the way we have some critical words.

"Current regulations regarding product liability seem to focus around goods sold and explicitly exclude services," our associate notes. "An increasing amount of software is tied or run on remote servers, putting them into a hybrid category. As these lean towards becoming services (e.g. Microsoft Office) how much of that is being done as a dodge from product liability regulations? Software is covered, technically, but ignored so far. Products, thus software, are covered in particularly when they are used as advertised. Therefore when Microsoft victims use Microsoft products as advertised and still get harmed, Microsoft is technically liable, even if the laws have not yet been enforced that way." [1, 2]

"Council Directive 85/374/EEC of 25 July 1985, article 6.1 could be revisited in the context of proprietary software:"

Article 6

1. A product is defective when it does not provide the safety which a person is entitled to expect, taking all circumstances into account, including:

(a) the presentation of the product; (b) the use to which it could reasonably be expected that the product would be put; (c) the time when the product was put into circulation.

To conclude: "Microsoft should not be allowed to abuse Art. 7b to try to dodge; any holes that exist are there are the time of publication, public or not."

We'll probably say a lot more later today, possibly in a video. ⬆