Regulatory Approaches to Online Harms and Human Rights: Three Case Studies

This is the final version. Available from the Geneva Academy of International Humanitarian Law and Human Rights via the link in this recor

Harnessing the potential of artificial intelligence for humanitarian action: Opportunities and risks

This is the final version. Available on open access from Cambridge University Press via the DOI in this recordData-driven artificial intelligence (AI) technologies are progressively transforming the humanitarian field, but these technologies bring about significant risks for the protection of vulnerable individuals and populations in situations of conflict and crisis. This article investigates the opportunities and risks of using AI in humanitarian action. It examines whether and under what circumstances AI can be safely deployed to support the work of humanitarian actors in the field. The article argues that AI has the potential to support humanitarian actors as they implement a paradigm shift from reactive to anticipatory approaches to humanitarian action. However, it recommends that the existing risks, including those relating to algorithmic bias and data privacy concerns, must be addressed as a priority if AI is to be put at the service of humanitarian action and not to be deployed at the expense of humanitarianism. In doing so, the article contributes to the current debates on whether it is possible to harness the potential of AI for responsible use in humanitarian action

International migration management in the age of artificial intelligence

This is the final version. Available on open access from Oxford University Press via the DOI in this recordArtificial intelligence (AI) has the potential to revolutionise the way states and international organisations seek to manage international migration. AI is gradually going to be used to perform tasks, including identity checks, border security and control, and analysis of data about visa and asylum applicants. To an extent, this is already a reality in some countries such as Canada, which uses algorithmic decision-making in immigration and asylum determination, and Germany, which has piloted projects using technologies such as face and dialect recognition for decision-making in asylum determination processes. The article’s central hypothesis is that AI technology can affect international migration management in three different dimensions: (1) by deepening the existing asymmetries between states on the international plane; (2) by modernising states’ and international organisations’ traditional practices; and (3) by reinforcing the contemporary calls for more evidence-based migration management and border security. The article examines each of these three hypotheses and reflects on the main challenges of using AI solutions for international migration management. It draws on legal, political and technology-facing academic literature, examining the current trends in technological developments and investigating the consequences that these can have for international migration. Most particularly, the article contributes to the current debate about the future of international migration management, informing policymakers in this area of growing importance and fast development

Covid-19 health status certificates: Key considerations for data privacy and human rights

This is the final version. Available from Exeter Centre for International Law via the DOI in this record. The technological solutions adopted during the current pandemic will have a lasting impact on our societies. A variety of initiatives to develop and deploy Covid-19 health status certificates are currently underway. However, it is not sufficient to develop technical solutions for the verification of Covid-19 health status. Because technologies do not evolve in a legal vacuum, the existing laws and regulations must be respected. The risks of implementing such technologies must be anticipated and mitigated as much as possible before any large-scale deployment. This article evaluates the implications of health status certificates for data privacy and human rights and offers an actionable framework for decision-making, informing policymakers in this area of vital national and international interestEconomic and Social Research Council (ESRC

Covid-19 health status certificates: Policy recommendations on data privacy and human rights

This is the final version. Available from University of Exeter via the DOI in this record. Key findings and recommendations This report uses Covid-19 health status certificates as an all-encompassing term, referring to the digital and paper-based certificates that, combined with identity verification, allow individuals to prove their health status (such as the results of Covid-19 tests and vaccination records). It follows from the research that three main barriers to the successful implementation of Covid-19 health status certificates can be identified: 1. Lack of trust 2. Lack of global standards 3. Lack of a holistic approach The research findings suggest that three key sets of measures have the potential to contribute to the responsible implementation of Covid-19 certificates: 1. Inclusion of sunset clauses in legislation 2. Appropriate governance of health data 3. Proactive protection of data privacy Accordingly, it is recommended that: 1. Policymakers should ensure the availability and affordability of Covid-19 tests and vaccines to the whole population to avoid creating a two-tiered society in which only the wealthy have access to mobility and services. 2. Policymakers should ensure that Covid-19 health status certificates are only used during the pandemic and that their use is discontinued once the WHO declares that Covid-19 is no longer a public health emergency of international concern. 3. Policymakers should ensure that Covid-19 health status certificate providers, whether from the private or public sector, abide by the basic data protection principles, including lawfulness, fairness and transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality, and accountability. 4. Policymakers should ensure that Covid-19 health status certificate providers build data protection into the design of these certificates by default, thus contributing towards mitigating known risks to data privacy. 5. Policymakers should ensure that Covid-19 health status certificate providers maintain the confidentiality and security of the information collected and processed. They should prevent any unauthorised access, accidental loss, damage or destruction of the data. 6. Policymakers should request that Covid-19 health status certificate providers undertake data protection impact assessments (DPIA) before implementing specific solutions. That is important as these certificates are likely to result in a high risk to natural persons’ rights and freedoms.Economic and Social Research Council (ESRC

Synthetic data protection: Towards a paradigm change in data regulation?

This is the final version. Available on open access from SAGE Publications via the DOI in this recordSynthetic data generated through machine learning algorithms from original real-world data is gaining prominence across sectors due to their potential to provide privacy-preserving alternatives to traditional data sources. However, recent studies have raised concerns about the re-identification risks of synthetic data. This article examines the legal challenges surrounding synthetic data protection, with a focus on the European Union's General Data Protection Regulation (GDPR). After briefly explaining the methods of synthetic data generation and discussing their potential for privacy preservation, the article analyses the shortcomings of the personal/non-personal dualist approach under the GDPR. It then assesses the possibility of a paradigm change in data protection legislation, moving beyond this binary categorisation. The article argues in favour of establishing clear guidelines for the generation and processing of synthetic data, prioritising the principles of transparency, accountability and fairness

Taking stock of COVID-19 health status certificates: Legal implications for data privacy and human rights

This is the final version. Available on open access from SAGE Publications via the DOI in this recordThe technological solutions adopted during the current pandemic will have a lasting impact on our societies. Currently, COVID-19 health status certificates are being deployed around the world, including in Europe, the United States and China. When combined with identity verification, these digital and paper-based certificates allow individuals to prove their health status by showing recent COVID-19 tests results, full vaccination records or evidence of recovery from COVID-19. Most countries in the Global South, where vaccination rates are low, have not yet fully implemented such certificates, although several initiatives are currently underway. That is, for instance, the case in the African Union. Yet, it is not sufficient to develop technical solutions for the verification of COVID-19 health status. Because technologies do not evolve in a legal vacuum, the existing laws and regulations must be respected. The risks of implementing such technologies must be anticipated and mitigated as much as possible before any large-scale deployment. Risk mitigation should also underpin strategies throughout the deployment of these certificates. This article evaluates the key legal implications of COVID-19 health status certificates for data privacy and human rights. In doing so, it contributes to the current debates, thus informing policymakers in this area of vital national and international interest.Economic and Social Research Council (ESRC

Human rights and the governance of artificial intelligence

This is the final version. Available from the publisher website.Artificial intelligence (AI) is bound to enable innovation in the decades to come, so much so that some say it has become the new electricity.1 However, if that truly is the case, then policymakers, business and civil society must understand what the opportunities and challenges are before they turn the switch on. AI enthusiasts forecast that such technologies could improve societal well-being, increase productivity and even provide solutions for global climate and health crises. AI could also help fight human rights abuses. Nonetheless, AI presents a variety of challenges that can profoundly affect the respect for and protection of human rights. • Recently, a profusion of initiatives from a variety of actors spanning from the technology industry to international and regional organizations, academia and civil society, have focused on establishing ethical frameworks for the design and implementation of AI solutions. While these valuable initiatives propose to identify core ethical principles applicable to AI, ethics is only one aspect to be taken into consideration. International Human Rights Law (IHRL) is equally, if not more important. • Stakeholders from the private and public sectors, international organizations and civil society should move beyond the calls for more regulation of AI. Regulation is certainly needed, in particular concerning data protection and privacy. Nonetheless, new models of governance, placed alongside regulatory frameworks and existing human rights instruments, are also needed. This research brief identifies two additional avenues to regulation: public procurement and standardization

Rethinking digital identity for post-COVID-19 societies: Data privacy and human rights considerations

This is the final version. Available on open access from Cambridge University Press via the DOI in this record.The COVID-19 pandemic has exposed the need for more contactless interactions, leading to an acceleration in the design, development, and deployment of digital identity tools and contact-free solutions. A potentially positive outcome of the current crisis could be the development of a more data privacy and human rights compliant framework for digital identity. However, for such a framework to thrive, two essential conditions must be met: (1) respect for and protection of data privacy irrespective of the type of architecture or technology chosen and (2) consideration of the broader impacts that digital identity can have on individuals’ human rights. The article draws on legal, technologyfacing, and policy-oriented academic literature to evaluate each of these conditions. It then proposes two ways to leverage the process of digitalization strengthened by the pandemic: a data privacy-centric and a human rights-based approach to digital identity solutions fit for post-COVID-19 societies.Economic and Social Research Council (ESRC

Governance of Digital Technologies and Human Rights

This is the final version. Available from the Graduate Institute of International and Development Studies via the link in this recordFrom the use of online platforms to exacerbate ethnic conflicts to the use of facial recognition technology to persecute dissidents, the threats to human rights posed by digital technologies are varied and numerous. In this context, it is essential that digital governance models go beyond data protection and adopt a holistic approach to human rights protection