What should you learn about your rights regarding Artificial Intelligence?

Nowadays, ordinary Twitter users can make legendary horror author H.P. Lovecraft sing the Rick Astley hit Never Gonna Give You Up.


And there is still more to come. The 42nd Global Privacy Assembly, a forum for various national agencies worldwide working to ensure the security of citizens, addressed two specific issues with resolutions: artificial intelligence and facial recognition. It recognised both the benefits of both "whose applications could provide benefits to public safety" and the need to address their potential risks "that pose challenges to security, privacy and ethics". A number of conclusions were reached, including the need to ensure that the providers of these applications and devices "respect and protect the privacy of individuals" as an "obligation" from the design phase. They also stressed that Assembly members, by a wide margin, agreed that the most important matter was to renew the legislative framework to adapt to the new capabilities already enabled by current technologies.

In Europe, new legislation is already in the pipeline: "The European Commission has recently submitted its Proposal for a Regulation laying down harmonised rules on Artificial Intelligence (AI), a new legal framework that aims to define safeguards beyond the GDPR and data protection. This new proposal aims at achieving a technological ecosystem with long term sustainability in relation to AI, one that would strike a balance between our society and technology, especially with regard to the rights and freedoms of individuals", explains the Spanish Data Protection Agency. These clear and updated rules of the game mean that the benefits are exponential.

Researchers Justus Thies, Michael Zollhöfer, Marc Stamminger, Christian Theobalt and Matthias Niebner, hailing from a triumvirate of leading academic institutions (University of Erlagen-Nuremberg, Stanford University and the computer science branch of the Max Planck Institute), jointly posted a YouTube video back on 17 March 2016. It had a very descriptive title: Real-time Face Capture and Reenactment of RGB Videos. George Bush appears one minute into the video, smiling rather comically, opening his eyes wide and making amusing gestures with his lips. All his facial movements were performed by an actor and then transformed by an artificial intelligence algorithm into an appearance of George Bush that never existed. Only a webcam and a standard retail computer were needed for the stunt.

Nowadays, ordinary Twitter users can make legendary horror author H.P. Lovecraft sing the Rick Astley hit Never Gonna Give You Up. In hardly five years, modifying videos, and consequently manipulating the truth by using the face of anyone at all, has become commonplace. Popular apps such as Tik-Tok have filters capable of transforming anyone in front of the camera into a Manga character in real time, including changing gender or age, or even decking them out in the latest fashions. This very same technology can be put to much less amusing uses, as one executive unfortunately found out in 2019. The Wall Street Journal reported that this executive was duped by a hacker who managed to impersonate his superior's voice using a computer programme that emulated it perfectly.

So how can we protect ourselves from this technological wizardry and at the same time leverage it to secure our homes and businesses? In an earlier post, we explained how artificial intelligence boosts all image-related security systems. Machine vision image interpretation, for example, a type of artificial intelligence that focuses on training machines to recognise the elements that make up a static or moving image, has enabled closed-circuit cameras to recognise objects and actions that are invisible to the human eye.

Is there any way to safeguard your security so that these applications remain secure when you use them? The European Data Protection Regulation is the first line of defence. In Spain, the Spanish Data Protection Agency points this blog to two recent publications: One is a guide on Audit Requirements for Personal Data Processing Activities involving AI, while the other provides guidance on the application of the GDPR on products and services that embed Artificial Intelligence. "Both underline that AI can be implemented in line with the principles of the GDPR while still safeguarding citizens' rights and freedoms".