Introduction
Cybersecurity refers to the practice where computers, electronic systems, servers, networks, mobile devices, and data are prevented from malicious attacks by hackers and crackers. Cybersecurity can be categorized in numerous ways, such as disaster recovery, business continuity, operational security, and end-user training. Artificial intelligence (AI) means computer discipline that focuses on building smart devices that can perform tasks involving human intelligence. This paper seeks to present the theoretical framework for cybersecurity as a legal risk for AI under European Union (AU).
Theoretical Framework
Cybersecurity is not a new term, and, therefore, many scholars and IT techs have dug deeper into the issues by presenting ways in which kill chains can be utilized to boost the matter. However, there is a gap whereby implementing the actions on the regulatory aspect of the issue has been a challenge. Thus, this paper seeks to fill the gap on whether or not safety and security can be covered in cybersecurity for AI by the same rules that are used in private law. The paper also answers whether different rules can be applied for that matter. The EU has been in the frontline to boost the security of the internet and information networks. Companies that have been vibrant in assisting the EU on this note are the firms that have a significant share in transacting online. Alibaba is known for inventing items that have digital features such as lock cylinders, internal steel cable that ensures maximum security, among other measures.
The ‘European Cybersecurity Industrial, Technology and Research Competence Centre’ (ECITRCC) is the existing body that works tirelessly with networks for various countries in Europe. ECITRCC leverages cybercrime occurrences in cloud computing, which is a key wheel in AI. There has been the formation of a cybersecurity competence community that enhances the knowledge and information power in fighting malice in online transactions. It is expected that more than 22.3 billion devices in the world may have to be linked to the internet by 2025. Therefore, the knowledge-power on integrating technology in the smart and digital wave needs to be leveraged.
According to the private law regulating artificial intelligence, legality and policy development have been key in ensuring that cybersecurity issues are given priority. Therefore, on whether or not to use the same rules on consumer law on AI, the same metrics can be applied but enhanced with modern technical ways to combat any cybercrime occurring. To combat the potential attacks while using cloud-based technology, private legal terms must be addressed to ensure that any breaching party will be held liable during the investigation. The EU encourages regulation of AI by private parties whereby the policy drivers have to give attention to fundamental structures on consumer law when using digital devices.
The EU has adopted various techniques under private law on consumer protection when it comes to AI. First, according to General Data Protection Regulation (GDPR), ‘the data subject shall have the right not to be subject to a decision based solely on automated processing.’ For instance, online traders must be aware of the responsibility for non-performance or damages caused by misconduct in such a network. Therefore, the EU protects against possible data breaches from end-user due to negligence of the manufacturer and trader.
The AI is making cybersecurity critical to regulating transactions of data. The reason why GDPR and consumer protection law on cybersecurity must be adopted is that there has been a realized value in terms of AI control on cybercrime by expanded technology laws. The EU has enacted sweeping legislation that is meant to control people’s rights to privacy and their information use. Therefore, with the current laws on cybercrime, there is a need for efficiency to be addressed, perhaps by having increased power of the consumer when they gain rights of using online platforms.
Data may have a primary purpose, and in most cases, separate utilities might be interrelated, enabling unwanted access and usage of private information. For instance, when a motorist gets an accident with their car, the medical health insurance firms capture data on the vehicle, the location of the incident, the damages, the driver involved, passengers, and names of other elements. This data can be useful in claiming the property damage and personal medical benefits. However, the data can be used for other purposes when given to the analytics who use AI to do their duties. However, with the consumer protection law about incorporated AI and machine learning processes, few opportunities may lead to cybersecurity. Thus, it can be adopted from all involved parties. For autonomous vehicles, they can be protected against cybersecurity issues by creating critical hardware and software elements that have the capability to receive over-the-air updates. The vehicles operating system should incorporate an interface enhanced to repel Cybersecurity risks. Google can be protected from cybercrime issues by having encryption of websites to prevent spam messaging and phishing attacks. National security, on the other hand, can be secured from threats to information insecurity by having sensitization policies that conform to legal compliance to cybersecurity. It can involve issues such as creating firewalls that will block ransomware.
Literature Review
Various individuals have ventured into researching cybersecurity issues and the approach by the EU. Research done by Thomas Kirchberger (2017) suggests that the EU, through Cybersecurity for Artificial Intelligence (C4AI), has explored challenges related to AI, and there have been efforts made to combat the issue. C4AI has established a reliable, trustworthy deployment unit of AI that serves as private law to protect the consumer in the cybercrime ecosystem. The article reveals that the EU has ensured there is safe digital data by having systems that monitor manipulation of user’s data when using cloud-based technology.
Through the system, there have been few opportunities by malicious parties to compromise privacy that relates to AI hence transformational power to the user. The establishment of the methodology is adopted as a private law since the EU allows certified programs on cybercrime to implement the matter. The EU has fostered a secure ecosystem for AI, such as exploration on roadmaps that enable trustworthy deployment. Therefore, it has been a significant boost on cybersecurity since technically, data is protected hence low risks to end-users.
There has been a collaborative base to have policymakers, technical experts on cybersecurity, and vital corporate organs investigate and mitigate malign cybercrime as a result of AI. Similar research has been undertaken by Sornsuwit & Jaiyen (2019) on the EU’s policy measures to regulate cybersecurity when utilizing AI-centric devices. The article has important tips that the EU has done and comprehends the perspective of private law. First, the union recommends the assessment of security requirements for AI machines by applying private policies on procurements. In that way, companies are monitored to check on operational control after developing and testing the data equipment. Therefore, there is promoted regulation of GDPR concerning data sharing incidents for information security objectives.
Conclusion
To combat cybersecurity for AI, the paper has recommended the use of privacy laws on consumer protection and also GDPR. However, the paper has highlighted there is a need to boost the efforts as the EU has been in the frontline to have effected practices that leverage data privacy. Some of the issues that can be done to keep track of the privacy elements include modeling the parameters such as systems that check the information escalation from the initial purpose. EU’s stand is centered in consumer protection aspects, especially through policies that regard accuracy and security in data usage. The EU’s approach, as noted in the literature review, is mainly towards the limitation of high-risk AI systems in all its designated members.
References
Andreev E, Nikolova M, and Radeva V, ‘Educational NASA Project: Artificial Intelligence and Cybersecurity at A Mobile Lunar Base’, An International Journal vol. 3, no.8, 2020, pp-44-47
Bécue A, Praça I, and Gama J, ‘Artificial Intelligence, Cyber-Threats and Industry 4.0: Challenges and Opportunities’, Artificial Intelligence Review vol. 13, no.7, 2021, pp. 56-59
Gill I, ‘Policy Approaches to Artificial Intelligence Based Technologies in China, European Union and The United States’, SSRN Electronic Journal, vol. 5, no.2, 2020, pp.6-7
Hildebrandt M, ‘The Artificial Intelligence of European Union Law’, German Law Journal vol. 15, no.12, 2020, pp.21-27
Kirchberger T, ‘European Union Policy-Making on Robotics and Artificial Intelligence: Selected Issues’,Croatian Yearbook of European Law and Policy vol. 5, no.2, 2027, pp.6-13
Koos S, ‘Machine Acting and Contract Law – The Disruptive Factor of Artificial Intelligence for The Freedom Concept of The Private Law’, UIR Law Review vol. 8, no.12, 2021, pp.5-8
Noor A and others, ‘Impact of Artificial Intelligence in Robust &Amp; Secure Cybersecurity Systems: A Review’, SSRN Electronic Journal vol. 2, no.7, 2021, pp.9-12
Odermatt J, ‘The European Union as A Cybersecurity Actor’, SSRN Electronic Journal vol. 9, no.21, 2028, pp.66-70
Rajamäki J, and Katos V, ‘Information Sharing Models for Early Warning Systems of Cybersecurity Intelligence’, An International Journal vol. 9, no.4, 2020, pp.45-46
Sornsuwit P, and Jaiyen S, ‘A New Hybrid Machine Learning for Cybersecurity Threat Detection Based on Adaptive Boosting’, Applied Artificial Intelligence vol. 18, no.6, 2019, pp.33-36
Stahl B, Artificial Intelligence for A Better Future (Springer International Publishing 2021)
Strelnyk V, Demchenko A, and Myronenko A, ‘Combination of Intellectual Property Rights and Artificial Intelligence Technology’, Private and public law vol. 3, no.7, 2020, pp.2-4
Taddeo M, ‘Three Ethical Challenges of Applications of Artificial Intelligence in Cybersecurity’, Minds and Machines vol. 53, no.27, 2019, pp.26-29
Tschider C, ‘Regulating the IoT: Discrimination, Privacy, And Cybersecurity in The Artificial Intelligence Age’, SSRN Electronic Journal vol. 7, no.21, 2018, pp.4-5