At a glance.
- New EU bill holds AI developers accountable.
- Australian government reacts to Optus breach.
- US Senator calls on federal government to share more data breach intel.
New EU bill holds AI developers accountable.
Last week the European Commission proposed the AI Liability Directive, a new bill aimed at curbing the development and use of “high risk” artificial intelligence. MIT Technology Review explains that in addition to requiring extra checks for uses of AI that pose potential harm (for example, facial recognition software that disproportionately flags faces of color), the bill would also hold AI producers and users accountable by giving individuals and companies that feel they’ve been harmed the right to sue for damages. Tech companies worry that the bill will deter innovation, especially when it comes to software development. Mathilde Adjutor, Europe’s policy manager for tech lobbying group CCIA says under the new bill, “developers not only risk becoming liable for software bugs, but also for software’s potential impact on the mental health of users.”
Consumer advocates disagree, as they feel the legislation will give consumers more power in the face of potentially harmful technology, and some argue the measure doesn’t go far enough. Ursula Pachl, deputy director general of the European Consumer Organization, says the bill puts too much responsibility on the consumer to prove that AI developers are at fault. “In a world of highly complex and obscure ‘black box’ AI systems, it will be practically impossible for the consumer to use the new rules,” she says, especially given the difficulty of proving something as nebulous as discrimination. The proposal will take a couple of years to go through the EU’s legislative process and will likely be amended by members of the European Parliament and EU governments before passage.
Australian government reacts to Optus breach.
We continue to follow the unfolding story surrounding the massive data breach of Optus, Australia’s second largest telecom company. On Sunday, Reuters reports, the Australian government said it blames Optus for the breach and urged the company to speed up its customer notification process. At a televised press conference, Home Affairs Minister Clare O'Neil stated, "We should not be in the position that we're in, but Optus has put us here. It's really important now that Australians take as many precautions as they can to protect themselves against financial crime."
Government Services Minister Bill Shorten added, "We call upon Optus to understand that this breach has introduced systemic problems for 10 million Australians in terms of their personal identification. We know that Optus is trying to do what it can, but having said that, it's not enough. It's now a matter of protecting Australians' privacy from criminals." Android Police notes that information on the breach was requested by government officials at Services Australia six days ago, but Optus, which ran a full-page me culpa in Australian newspapers on Saturday, says it’s still working with government officials to determine which customers were impacted by the incident, especially those whose accounts were no longer active. “We continue to seek further advice on the status of customers whose details have since expired. Once we receive that information, we can notify those customers,” an Optus spokesperson said on Sunday, 7NEWS reports.
The Australian Federal Police (AFP) have launched “Operation Guardian” to protect the breach victims, prioritizing the customers connected to the 10,000 records that were published on a data leak website last week. Prime Minister Anthony Albanese confirmed on Friday that Optus has agreed to pay to replace the passports of impacted customers, the Guardian reports. AFP assistant commissioner Justine Gough says they will provide “multi-jurisdictional and multilayered protection from identity crime and financial fraud” by monitoring online forums for additional leaks and working with the financial sector to detect activity that could be connected to the breach, but she warned that will take time. “There are complex datasets,” Gough stated. It will involve co-operation with law enforcement from across the globe, potentially, given that we are talking about a type of crime that is borderless.” Experts estimate Optus could be dealing with the reputational fallout from the breach for years to come. “People are quite forgiving in the long term, but that can take a couple of years,” University of Sydney associate professor of narratology Tom Van Laer told the Townsville Bulletin.
US Senator calls on federal government to share more data breach intel.
Senator Chuck Schumer (Democrat of New York) is urging the federal government to be more forthcoming in sharing information with the public about data breaches, amNewYork reports. At a press conference on Sunday, the Senate Majority Leader stated, “In roughly the last thirty days, vital and personal information has been hacked at many major US companies, compromising people’s privacy. Yet, if you ask most people about these hacks they don’t even know they occurred and the feds are saying very little…The feds have a law on the books to glean more information on major hacks, so the message today is: give consumers the details and investigate who is hacking,” Schumer said. He referenced the lack of details released about the September cyberattack on Suffolk County, noting that $1 billion was allocated to help the state fight cybercrime in the 2021 Infrastructure Investment and Jobs Act. He added that the Cyber Incident Reporting Act, signed into law in March, gave the Federal Trade Commission and the Justice Department more oversight on hacking incidents, and that the agencies need to step up their efforts to protect victims, the New York Post notes. “It’s a heck of a lot of personal information that’s at risk,” Schumer stated. “We want to know who took it, what they’ve done with it, and what consumers need to do ahead of the problem.”