Naavi.org

This is a continuation of our discussion on ” Towards AI Regulation in India”.

Presently, any AI algorithm is a piece of computer instruction which creates an automatic functioning of a software/hardware. The automated functioning of the AI device is governed by the provisions of Information Technology Act 2000, Section 11 read with Section 2(za) which inter-alia states as under.

Quote

“An electronic record shall be attributed to the originator if it was sent by the originator himself or by a person who had the authority to act on behalf of the originator in respect of that record or by an information system programmed by or on behalf of the originator to operate automatically”

“Originator” means a person who sends, generates, stores or transmits any   electronic message or causes any electronic message to be sent, generated,   stored or transmitted to any other person but does not include an intermediary; 

Unquote

In view of the above, at present the activity of any AI algorithm would be legally the responsibility of the owner of the algorithm. If the algorithm is embedded into a device such as an autonomous driving vehicle, automated credit rating mechanism, prosthetic device or a humanoid robot etc., the responsibility continues to who ever owns the system and markets it to the consumer. Since the functioning of a final device is a combination of multiple systems, the suppliers of sub systems become contractually related to the final claimant of the owner of the device.

It was in this context that we discussed the responsibility for illegal activities of robots like Sophia which was created by a Hongkong firm and granted citizenship by Saudi Arabia. (refer this earlier article).

However, it is considered better for implementation of law if the law has better clarity. Otherwise if a person approaches the Adjudicator under Section 46 of ITA 2000 or the Director CERT in or a Court and claims damage from the actions of ChatGPT or any other AI algorithm or robot, it is difficult to imagine how the judicial authority would respond.

We therefore need the MeitY to immediately designate a “Artificial Intelligence Authority of India” starting with designation of an official in the MeitY within the powers under ITA 2000. This would be like the “Controller for Online Games” who may be appointed under a gazette notification.

The first step that the AI regulator should initiate is a method to create a registry of AI developers and mandate registration. This means that there should be consequences of non-registration which needs to be developed in the notification.

Obviously this will be opposed and has to be followed through as the first battle for the AI regulation.

A similar development happened in the Bitcoin/Crypto regulation which finally resulted in CBDC as an officially approved Crypto Currency and de-recognition of all other  Private Cryptos.  Similarly, AI developed by registered developers will be “Officially recognized” algorithms with a “White” label and others should be considered as “Grey” or “Black” labelled depending on a criteria.

We can start with this labelling and how the society accepts it over time may be observed and further action taken as and when required.

But the “White” AI developers will be those who voluntarily submit themselves to the ethical boundaries set by the registration and the principles of ethics already being discussed worldwide can be included in the guideline one by one.

One of the requirements we have already discussed in this regard is that every AI developer shall be accorded a unique registration number by the authority which shall be embedded in the developer’s work.

Additionally a set of ethical guidelines would be applicable for the development.

The first set of such principles were proposed by Isaac Asimov in his short story “Runaround” in 1942 and consisted of the following three laws of robotics.

1. A robot may not injure a human being or, through inaction, allow a human being to come to harm.
2. A robot must obey orders given to it by human beings, except where such orders would conflict with the First Law.
3. A robot must protect its own existence as long as such protection does not conflict with the First or Second Laws.

Once AI started developing, experts have been discussing the ethical principles to be followed by AI research and development teams and several sets of principles have emerged.

One such principle was “The principles of Asilomar” developed by a group of experts in AI and ethics at the 2017 Asilomar Conference on Beneficial AI, and they provide guidance on how to ensure that AI is developed and used in a way that benefits humanity and avoids unintended harm could also be used. These principles include the following 23 principles:

1. Research Goals: The goal of AI research should be to create not only a technology but also a world in which the technology is safe and beneficial.
2. Long-Term Goals: Long-term, society-level planning is necessary, including global and national strategies, research programs, standards and regulations.
3. Importance of Value Alignment: It is crucial to align the goals and behavior of AI systems with human values throughout their operation.
4. Control: Every AI system should have accessible and understandable control mechanisms, so that humans can align the goals and behaviors of the system with human values.
5. Human Values: AI systems should be designed and operated so as to be compatible with ideals of human dignity, rights, freedoms, and cultural diversity.
6. Personal Privacy: The privacy rights of individuals must be protected.
7. Sharing: The benefits of AI should be shared widely.
8. Openness: AI research and development should be open, transparent and accessible.
9. Collaboration: Collaboration between researchers and stakeholders is necessary to ensure that AI has a positive impact.
10. Responsibility: Researchers and developers of AI systems have a responsibility to ensure that their systems are robust and verifiable and to avoid creating systems that are a threat to humanity.
11. Safety: AI systems must be safe and secure throughout their operation.
12. Failure Transparency: If an AI system causes harm, it should be possible to find out why.
13. Responsibility for AI Systems: Those designing, building, deploying, or operating AI systems are responsible for ensuring that they do what they are intended to do and do not cause harm.
14. Value Alignment: The beliefs, values and preferences of AI systems should be aligned with human values and ethical principles.
15. Human Control: There should be a way for humans to disengage or overwrite AI systems if they are causing harm.
16. Non-subversion: The power granted to AI systems should be used to preserve human values and to avoid subverting these values.
17. Long-Term Responsibility: Organizations and institutions developing or deploying AI systems have a long-term responsibility to ensure their alignment with human values.
18. Importance of Basic Research: Basic research is necessary to ensure that AI systems are transparent, controllable, and predictable.
19. Risks and Benefits: The risks and benefits of AI should be systematically studied and understood.
20. Diversity: Diverse perspectives and approaches are necessary to ensure that AI benefits humanity.
21. Human augmentation: AI has the potential to significantly enhance human capabilities, but it is important to ensure that such enhancements are safe and beneficial.
22. Ethics and Values: The ethical and moral implications of AI must be carefully studied and considered.
23. Responsibility of AI Developers and Deployers: AI developers and deployers have a responsibility to ensure that AI systems are developed and used in a way that is aligned with human values.

Another such principle is “Turin Principles” developed in 2018 by a group of experts in AI and other principles such as the  Asilomar Principles.

Turin Principles  consist of the following 10 Principles

1. Human control: AI systems should be designed and operated in a way that ensures human control over the technology and its decisions.

2. Transparency: AI systems should be transparent and explainable, so that their functioning and decision-making processes can be understood by humans.
3. Responsibility: Those who design, develop, and operate AI systems should be held accountable for their functioning and impacts.
4. Human values: AI systems should be designed and used in a way that is consistent with human values, including dignity, rights, freedoms, and cultural diversity.
5. Fairness and non-discrimination: AI systems should not discriminate against individuals or groups, and should ensure that everyone is treated fairly and without bias.
6. Privacy: AI systems should respect the privacy of individuals, and the protection of personal data.
7. Environmental and social responsibility: AI systems should be developed and used in a way that is environmentally sustainable and socially responsible.
8. Quality and safety: AI systems should be of high quality and safe, and should be designed to minimize harm and risks to individuals and society.
9. Capacity building: There should be investment in capacity building for individuals and organizations to understand, develop, and use AI in a responsible and ethical manner.

10. Cooperation: The development and use of AI should be based on international cooperation, and the sharing of knowledge, expertise, and best practices.

PS: Note that both the above principles include the “Principle of Accountability” which we have indicated as the first requirement of our set of principles.

Additionally there have been other initiatives such as the “Montreal Declaration for a Responsible Development of AI”, “Partnership on AI”, “IEEE Global Initiative for Ethical considerations in AI and Autonomous systems, “AI Now Institute’s AI Principles etc”.  We shall discuss these principles independently in other follow up articles.

The ethical guidelines suggested  includes “Protection of Privacy” which means that processing of Personal data must be done in accordance with the known principles of Privacy.  If however, processing has to be legal, then any restriction on automatic processing should be subject to the restrictions of law under GDPR/CCPA/ITA2000 or other similar laws.

One of the areas in which some disputes have arisen and settled through judicial process is the exercise of “Right to be forgotten” where search engines have been often mandated by law to specifically remove personal identity references in certain publicly available information.

This apart, there is an issue in the learning process embedded in the self learning AI algorithms which keep collecting and processing information over a time and learning with each new information input.

An ethical question arises here whether there should be some rules built into the use of learning inputs which are dated. Humans have an inbuilt mechanism to forget without which we will be burdened with all the bad memories of life. Machines donot forget and hence if the decisions of an AI is based on information which is of a past time,  the outcome may not be correct. Even humans change over a period of time and a person who was a bad person during his teens may become a good person when he is an adult and a saint when he is older. It could be the reverse also where a good person may turn bad over a time.

If AI has to maintain quality, then AI should also be trained to understand what is relevant and what is less relevant and what is not relevant, before arriving at the final decision. Hence some form of weightage based on the time of the learning event needs to be part of the  ML process.

“Ability to forget” should be a quality that a good AI should develop and hence has to be one of the ethical principles that needs to be added to the developing set of Naavi’s Ethical Principles of Artificial Intelligence” (NEPAI).

We shall continue our study of all the sets of principles presently available and arrive at our own version in due course.

I welcome contributions from others in developing this set of principles.

Naavi

OPEN FOR DISCUSSION

Naavi has been a pioneer  in conducting Cyber Law Courses online through Cyber Law College which launched its first course way back in 2000.

Now ITA 2000 has completed 20+ years and lot of experience has been built in the market in terms of Court decisions on Section 66A, Section 79, Section 65B of IEA etc. Not all of these decisions have been consistent but Judges have been exercising jurisprudential thoughts on the cases.

There  is therefore a renewed interest in students and lawyer community on Cyber Law Courses.

To ensure that the flow of knowledge in this area continues, Cyberlawcollege.in has re-launched its online course on “Certificate in Cyber Laws”.

The course is online and a set of recorded videos have been provided to cover the ITA 2000 comprehensively. New Videos covering recent developments on Intermediary guidelines and CERT In guidelines have also been added.

We shall add further videos which will cover application of ITA 2000 on Artificial Intelligence,  Meta Verse, Quantum Computing, Blockchain technology etc.

There will be periodical direct Zoom interaction with Naavi so that students can get their doubts clarified. This is therefore a “Hybrid” program with Online and Offline interaction. There will be an online examination followed by Certification.

The objective is to make this course the most comprehensive course available to a knowledge seeking professional.

The Course is presently priced at Rs 6000/- (Inclusive of GST) and could change upwards in future.

Interested persons can register for the course here.

Cyber Law College.in also offers courses on Data Protection which may also be perused on the website cyberlawcollege.in

Colleges and Law firms can contact for bulk discounts. Please spread the word to your friends

Naavi

PS: This post is not related to the area of Cyber Law or Data Privacy which is the professional activity of Naavi. It is linked to the national interest of India and to Information Warfare issues. I donot subscribe to the view that professionals should shy away from commenting on events of public interest and hence as a past Merchant Banker and Investment journalist who maintained a regular column in a national news paper, I consider it my duty to record my views on this subject. …Naavi

The recent Hindenburg report and the consequent developments in the stockmarkets have hurt a large number of investors in India. The stockmarket drop has hurt not only investors in Adani group shares but investors in other shares also. Hence the development is of interest to all investors irrespective of whether they are supporters of Mr Adani or not.

It is tragic to see uninformed politicians speaking about discussion of the issue in the Parliament, setting up of a JPC etc indicating that they have no idea of the stockmarket operations and what is the responsibility of the Government.

Many in the media are also sensationalizing the drop in market capitalization of Adani shares and his notional wealth coming down showing their ignorance that this has no relation to corporate performance and investor interests.

There is a primafacie evidence to suspect that the report is part of a “Anti India Toolkit” similar to the tool kits used by the opposition parties during the farmer’s agitation.

I have therefore requested SEC, USA to conduct an enquiry on the Hindenburg firm and request SEBI to lodge a formal complaint with SEC. I also urge interested public to send similar emails to SEC or raise a petition to initiate action in USA agaisnt the Hindenburg firm.

The copy of the email sent today to SEC at “Chair@sec.gov”  is as follows:

Quote:

Dear Sir

Unquote:

Naavi

In 2013, Naavi had suggested a concept titled “Privacy Protection Zones” as a solution to India not having a Privacy Law but wanting to retain the data processing business.

In 2015, Naavi highlighted this need along with other requirements  for Digital India in a Cyber Law Vision 2018 document.

Subsequently, in 2017, the proposal was re-iterated in the context of a discussion on Data Localization in a conclave in Delhi.

Then in 2020, Naavi again pushed the idea directly to the IT Minister and CM of Karnataka at a time.

Unfortunately, all these suggestions were not acted upon for reasons not known.

The details of these suggestions are available in following documents

1. Article in Naavi.org dated February 9 2013 titled “Privacy Protected Zones Required”
2. An article published on Naavi.org on May 4 2015 titled “Cyber Law Vision 2018”
3.  An article published on Naavi.org on July 16, 2017 titled “Data is Experience”…How Do we confine it?, in which the earlier discussions in a conclave in Delhi on July 14/15 was highlighted.
4. Then on November 8, 2020, sent a letter to the IT Minister in Karnataka, under copy to the CM of Karnataka as well as Mr Tejasvi Surya, MP specifically suggesting formation of a “Data Protection Tech Zone” in Karnataka. (Copy available here)

But I am happy  to note that today’s Economic Times carries an article indicating that the Government of India is considering  a similar proposition  along with the DPDPB 2022 to be presented in the Parliament shortly.

As per the indications provided, the entities may be called “Data Embassies” which will be provided diplomatic  immunity from local regulations.

We need to await more details when the Bill is presented in the Parliament.

Naavi

The budget speech of the Finance Minister Mrs Nirmala Seetaraman yesterday highlighted a project investment proposal to create three centers of excellence for Artificial Intelligence to be established in leading educational institutions to realize the objective of “Make AI in India and Make AI work for India”.

Refer article in the420.in

The AI project has multiple dimensions such as

a) AI research for developing Indian capabilities in developing Artificial Super Intelligence as a progressive scientific development.

b) Development of AI for Military and Law enforcement use

c) Development of AI for industrial/Business applications

d) Preventing AI from being developed as a threat to human race

e) Prevention of the use for anti-India activities.

We recognize that future development of AI will have serious impact on the national security and the research activities of these centers would have to be monitored properly and a selection criteria developed to approve projects like approving a project for nuclear research.

Hence before the Government starts funding AI development it has to ensure that an Inter ministerial committee involving MeitY, MHA, PMO are involved in setting the appropriate criteria to select eligible institutions as well as eligible persons to work in such institutions.

It is possible that such institutions will be immediately penetrated by anti-India forces  so that they can spy on the developments.

Hence  we need to develop a negative list of Universities which should not receive this funding. There are many other institutions which should be kept out of the eligibility criteria.

Secondly the individuals who work in these institutions such as the professors need to be carefully chosen with a proper background verification, failing which undesirable interests may usurp the key
positions.

The people selected should be  provided all incentives and protections to ensure that they remain loyal to national interests.

These centers should also be the places where we develop the principles of AI regulation starting with

a) Issue of AI development license

b) Need to incorporate AI development license ID in the set of codes developed

c) Adherence to the accepted ethical principles including documentation

Without accountability and Transparency, no activity should be supported in educational institutions with or without Government funding.

I hope these are incorporated immediately in the guidelines that may be developed during the debate on the proposals.

Naavi

Created by Dalle-E

It is a common idiom to say “Set a thief to catch a thief”. A modified version of this phrase in the ChatGPT era is “Set AI to Catch AI”.

GPTzero.me  is the new tool that has emerged to detect if any text has been generated by ChatGPT or similar AI and not by a human. This tool is developed to help educators to detect if AI has been used to generate text responses in essays and assignments. Just like the “Plagiarism” detection tool, this tool checks the text and identifies the possibility of a text having been generated by an AI.

At first glance it appears to be working reasonably fine and it generates an “Average Perplexity Score” ) measurement of randomness of the text) for the subject text and highlights possible portions generated by AI. Another score called the “Burstiness Score” measures the variation in perplexity.

The product could be useful to preserve the integrity of the education evaluation system as we use today though we need to re-work on our assessment systems soon.

Naavi