ia legality research paper
TRANSCRIPT
-
8/14/2019 IA Legality Research Paper
1/12
Research Paper on Intelligent Agent
INTELLIGENT AGENTS: A CURSE OR A BLESSING?
Submitted to
Prof.Sanskritirani Desai
Digital Business in the Transforming Economy
Submitted By:
Auronil DuttaRoll No. 8,
PGDM (3 Year) (2007-2010)
XAVIER INSTITUTE OF MANAGEMENT,BHUBANESWAR
-
8/14/2019 IA Legality Research Paper
2/12
Article Outline
Abstract
Intelligent agents: the legal dimension
Agents and ordinary software
Security aspects
Competition
Liability
Privacy
Intellectual property
A first step towards agent specific
legislation: the UCITA
CONCLUSION
-
8/14/2019 IA Legality Research Paper
3/12
INTELLIGENT AGENTS: A CURSE OR A
BLESSING? A STUDY ON THE LEGAL
ASPECTS OF THE APPLICATION OF
INTELLIGENT AGENTS
Abstract: Intelligent agents represent a new spawn of software with significant potential
for a wide range of Internet applications. They have been successfully used for personalassistances, intelligent user interfaces, and managing electronic mail. Recently, agents
have been applied to electronic commerce, promising a revolution in the way we conduct
business, whether business-to-business, business-to-customer or customer-to-customer.Agents are a key component in the Internet wide information and electronic commerce
systems that are currently being developed across the globe. But it is not an easy task to
predict how agents will develop into the future. There is still a long way before softwareagents transform how businesses conduct business. The greatest change will occur once
standards are adopted and evolved to unambiguously and universally define goods and
services, consumer and merchant profiles, value-added services, secure payment
mechanisms, complex goals, changing environment. The ultimate test of agent's success will
be the acceptance and (mass) usage by users. The road to the success is most likely to be
laid by developers, suppliers, and many commercial companies, who will join in, as there
are many interesting opportunities for them.
This article encompasses various legal facets of intelligent agents. While dealing with the
legal dimension the article starts with a consideration of a number of avenues that arecommon to intelligent agents. Following this, a number of issues will be probed that are
related to the use of intelligent agents. Finally, a number of conclusions and
recommendations will be contrived pertaining to the significance of the advent of agents
for specific consumers.The aim of this article is to explore this largely new field from alegal perspective. It is therefore designed specifically to the identifying factors relevant to
the application of intelligent agents and is meant to pose questions rather than supply
answers.
Key words: Agent, intelligent agent, and electronic commerce
-
8/14/2019 IA Legality Research Paper
4/12
INTELLIGENT AGENTS:THE LEGAL DIMENSION
Magnitude and nature of the legal dimension of the use of intelligent agents are
ascertained by the practicality of the agents involved and the functions that are
performed.For the purposes of this article we have produced a simplified categorization which
distinguishes between three types of agents:
(a)Passive agents: agents whose functioning and interaction is limited to the user's own
environment: an example is an agent which assists in organizing data on the computer ofthe user.
(b)Active agents: agents that are active in gathering and selecting information, filtering
news lists, processing E-mail etc.
(c)Transaction agents: agents of this kind go one step further than active agents byperforming transactions for or with the consumer. An example is an agent which, on the
basis of a profile of the consumer, orders a CD with music.
On legal aspects, there is a clear difference between the passive agent, and the active
agent and the transaction agent. The passive agent engages in an environment fully
controlled by its user; the active agent and the transaction agent move into the outsideworld.
As regards the passive agent: the legal issues involved majorly reflect those of traditionalsoftware. In case of active agents, especially transaction agents, the situation is, however,
different. The following paragraph will deal with a number of issues that are particularly
relevant for the latter two types of agents. Finally, a number of issues will be studied thatare specific for transaction agents.
Agents and ordinary software
Agents are intelligent computer programs. As far as the relationship between the supplier
of this software and the user is concerned, the principle is that the user acquires a license
to use the relevant software. The relationship between the user and the supplier will inprinciple be regularized by the normal mix of copyright and contract law. The nature and
scope of this license are therefore also relevant to agents. The right to a backup of the
agent applies to the legal interpretation of the contract between the user and the supplier
of the agent software.This situation will hold in particular if the agent software can becompared with other standard applications such as a word processing package or a
browser and in principle to be appropriate for various passive agents.
However, agents will not be available exclusively as ready-made applications. In the case
of the standard software packages we see a striking development in the form of
Application Service Providers (ASPs), which allow users access for a given period to thefunctionality needed. The distribution of software packages is thus being replaced by the
-
8/14/2019 IA Legality Research Paper
5/12
provision of functionality. A similar situation occurs when agent functionality is provided
temporarily for the performance of a task. A temporary license could apply here.
Depending on the circumstances there may be an affinity with contracts for services.
SECURITY ASPECTS
Security is an important matter throughout the different stages of development of
intelligent agents. Security could even come to play a very prominent role since in the
case of active and transaction agents, a portion of the users environment will roamactively around the Internet without the user being able to monitor directly what is
happening. Furthermore, particularly active agents and transaction agents will carry with
them valuable information for the user, say for example, search profiles. Transaction
agents will in few cases even carry with them their purchase information in a digitalform.
However it is not suitable or even possible to foresee all developments in relation to
agents, it seems naturalistic to consider that, account must be taken of the development ofagent killers, in other words virus-like software applications that are able to obliterate
agents totally or partially or to defile or modify their instructions or other information.For those who at present go to significant lengths to hack the security systems around
websites and servers, attacking agents would seem to present a real challenge.
It remains to be ascertained to what extent the present criminal laws offer the rightinstruments to address this new form of crime adequately. It is not very improbable that
far reaching security systems will be synthesized for agents. Firstly a security
classification has to be developed and then the certification of agents by reference to aparticular category of security standards and protocols has to be met. Requirements could
then be levied in respect of the security level which the agent must satisfy if it is to be
authenticated or accepted for certain activities. For example, if an agent wants to obtain apermit from the municipality by that time the permit would automatically be issued in
digital form! maybe required to meet a minimum level of security. Such a system will
require surveillance, at least in the form of a concrete examination to determine whetherthe agent complies with the specified level of security. Consequently it will lead to the
evolution of a system of independent check marks for agent security features.
COMPETITION
Various problems centering around competition law can possibly affect the deployment
of agents. Within the agent industry, control over how the process standards are set islikely to be of major importance. It is therefore not unlikely that there could be a battle of
standards comparable to the browser war or the battle of the operating systems. If so,
issues related to the role of consortium, availability to standards, reverse engineering etc.will be relevant. Of course the traditional competition law issues like the distribution of
agents, pricing, tie-in sale etc. will be of importance as well.
-
8/14/2019 IA Legality Research Paper
6/12
Actual deployment of agents can be pertinent as well from a competition law perspective,
like a suppliers refusal to communicate with a certain type of agents, the setting of safety
standards for a certain transaction not objectively justifiable. The application of agentscould alter the competition landscape in various branches significantly. Agents will allow
for price comparisons on a scale that is so far unprecedented.
LIABILITY
The development and application of agents results in many potential liability issues. Themore the independence of agents the more truthful this is.
Attention has already been paid on various occasions concerning this liability issues
which can come up through the application of artificial intelligence. However, publications about these particular liability issues happened by the use of intelligent
agents are just hardly.
The application of autonomous agents could give rise to formation of interesting liabilitypremises. Because, these agents will travel around independently on the Internet in
conformity with the instructions stored on them and will execute acts in accordance withthese instructions. Numerous potential cases of damage are imaginable in this connection:
as a result of its activities the agent spoil a databank consulted by it
as a result of a fault in its software application the agent performs an incorrecttransaction and starts selling shares rather than buying them.
the agent becomes corrupted by a virus and subsequently infects a website which it
visits the agent has collected a music file for its owner but is kidnapped by a killer agent
before it reaches its owner.
Following factors are of particular relevance to these scenarios:
1. Autonomy of the agent
2. Mobility of the agent3. Dynamics of the environment in which they operate.
The autonomy of the agent implies that they function or can function without repeated
feedback from the user. This potential degree of independence means that in the event ofany damage the user will have tendency to blame this on a design fault. This may involve
a logical error or a defect in the process of protection of the agent. Naturally, it is also
considered that the user may be responsible for causing the damage, for example by usingan agent in an environment for which it was definitely not suitable (e.g. lack of training
or insufficient protection levels).
The mobility of the agent indicates that particular attention must be given to the security
of the agent and the privacy of the user. Two examples have already been sufficed above
of circumstances in which the security of the agent is primary (the examples of the virus
infection and the kidnapping of an agent). In order to get into transactions that are not
-
8/14/2019 IA Legality Research Paper
7/12
executed on an unidentified basis, an agent will often have to resort to identifying
particulars of its principal. The principal thus will have an express interest to ensure
good security of his agent.
The expression dynamics of the environment connotes that the agent operates in anenvironment that is irregular and in a state of constant flow. An agent must be prepared to
interact with a wide range of logical objects and data. Possible protection against related
risks could be provided by confining the scope of the agent to interact with itsenvironment. A balance must be maintained between the limitations to be enforced in the
interests of security and the flexibility which is essential to operate successfully.
The risks and dangers identified above can be reduced in various ways. For example, theagent could be planned in such a way that its flexibility is limited, thereby increasing the
level of security. A finite lifespan could also be integrated into the design of the agent in
order to forbade it from leading a life of its own forever on the Internet. Alternatively, the
agent could be constructed in such a way that it can interact with other objects only if it isunder the control of its user. This could be achieved, for example, by a requirement that
the agent reports back if it wishes to engage in a dialogue with another object. The usercan then authorize this dialogue and, if desired, monitor it. The incorporation of a recall
mechanism and the possibility for the user to destroy the agent by remote control could
help to limit the risks.
These restrictions could, however, also result from the environment in which the agent
runs. For example a system could be configured in which both agents and the objects
sought by them are ascribed a given certificate. These credentials could then carry dataabout authorization, security and so forth. This would be a simple way of forbidding an
agent from interacting with an object whose security level is such that it constitutes a
threat to the agent. Finally, the user naturally imposes great influence on the risk profileof the agent. The choice of an agent for a given function and instructions given to the
agent obviously determine to a large extent the likelihood of the occurrence of damage.
Karnow has proposed that the complex debate about the attribution of liability fordamage in relation to the use of agents could be nullified by the introduction of a TuringRegistry, a system by which agents can be used only after they have been licensed. This
certification authority (the Turing Registry) would then evaluate in the risks attached tothe use of the agent in the certification process. This would give rise to questions such as
the probability of the interaction with the agent beyond the domain intended for it, the
situation if the agent contains a virus, how the agent responds to orders given remotely,
whether the agent requires an oversight, what decisions it can make itself, etc. On thebasis of this evaluation the Registry will then issue a certificate for the agent. The agent
will then interact only with systems that also bear a similar certificate issued by the
Registry. If any damage occurs the Registry will make payment without any probe intosuch matters as fault or causal relation.
PRIVACY
-
8/14/2019 IA Legality Research Paper
8/12
The successful implementation of intelligent agents indicates that they require a personal
profile of the user containing adequate information to enable it to perform its allocated
functions. Depending on the type of agent this profile will vary in the degree of detail andcould contain a wide range of information. In addition to the name and E-mail address of
the user the profile will, for example, contain particulars of his preferences in the fields of
news, sport and literature. More confidential information too may be included in orinferred from the profile concerning, for example, a person's health, religion, financial
position and social contacts. Intelligent agents may pose a threat to the privacy of the user
in view of their properties (autonomy, pro-activeness, social ability and reactivity), theirinability to function properly without possessing a personal profile, and the extent to
which data for the profile are supplied and collected independently.
Research on the subject of intelligent agents and privacy was performed in 1999 by theDutch Data Protection Authority in cooperation with TNO, A Dutch research institute,
and the Canadian Information and Privacy Commissioner. They identified two types of
threats associated with the application of intelligent agents. Firstly, a threat induced by
agents that carry out functions for the user and make personal information available forthis purpose. Second, the threat posed by agents which perform functions for others, for
example when they monitor data traffic, apply data-mining techniques or attemptwithout any basis to draw out personal information from the agent of the user. Moreover,
when an agent is followed by another agent to collect information concerning its task or
user; the privacy of the agent comes at stake. On the basis of various conventions,
statutes and privacy guidelines, a number of basic principles have been formulated thatneed to be observed by users, developers, suppliers and providers in the application and
development of intelligent agents. These basic principles are as follows:
Anonymity: prior to processing of the data it is to be determined whether it is
necessary to process personal data rather than anonymous data. Purpose specification: the aggregation of personal data must serve a specific,
explicit and lawful purpose.
Legitimate grounds: there must be a lawful cornerstone for the processing of
personal data.
Compatible use: the personal data must not be processed if this is in contrary to
the objective for which they have been collected.
Proportionality: the processing of the personal data must be essential and mustbe proportionate to the pre-determined objective.
Data quality: the personal data must be adequate, relevant and not surplus in
relation to the objective for which they have been gathered.
Data subjects rights: the person to whom the data relate has the right toscrutinize the data and to correct them if they are incomplete or inaccurate.
Transparency: if personal data are processed it must be clear to the person
concerned what will be done with the data.
Security: adequate technical and organizational measures must be adopted to
protect personal data against loss or destruction which is unlawful or caused byunanticipated factors and against amendment, unauthorized publication or access
and all forms of wrongful processing.
-
8/14/2019 IA Legality Research Paper
9/12
Accountability: someone must be responsible for the acts executed by agents in
the course of their duties.
Supervision: an independent regulatory body is required to investigate whetherthe principles referred to above are being honored or not.
As the magnitude of the application of intelligent agents will make it very difficult tomonitor them adequately, the research lists in addition to the principles mentioned above
a series of technologies which can guarantee secrecy in the application of intelligent
agents. These include certification of the working method of agents, recording the actionsof agents, access control, identification and authentication of agents, and integrity
mechanisms for data. It is also recommended that so-called Privacy-Enhancing
Technologies be implemented, which can be incorporated into the intelligent agents
themselves, or a special intelligent agent be developed for this purpose example of whichwould be an intelligent agent which has a pseudo identity.
The debate on privacy has intensified as a result of the application of information
technology and will certainly be diversified to include new aspects as a result of theadvent of intelligent agents.
INTELLECTUAL PROPERTY
Intellectual property is relevant in various ways in relation to intelligent agents. Thisconcerns both the possible intellectual property rights in respect of agents and the results
of the work of agents. Furthermore, the use of agents may have logical implications for
the enforcement of intellectual property rights relating to the work of third parties where
agents play a role in obtaining access to these works.
The first aspect, the intellectual property protection of agents as such, is not a completelynew concept. Agents consist essentially of software. However, the debate is more rarified because agents cannot be compared with ordinary application software. A better
comparison is with expert systems. In the debate on the security of these systems a
distinction is generally made between the shell and the knowledge base. The shellconsists of an inference engine, a knowledge editor and an explanation facility and can be
regarded as an ordinary software application. It indicates that the possibilities for the
legal protection of agents do not constitute a special case.
The situation is however different in the case of a knowledge base. This involves
protection of the knowledge and it is necessary to ascertain what options are offered by
patents, copyright and the database rights. A complication in this respect is thecomplexity of the process by which the knowledge is collected and registered. Various
parties play a role in this connection. Apart from the question of the possible scope of
protection, there is also the issue of who can be regarded as the rightholder(s).
As observed above, this debate is not new. This also directs to the second aspect
described above: the protection of the output of agents. Certain types of agents will beable not only to acquires information independently, but also to process it to a greater or
-
8/14/2019 IA Legality Research Paper
10/12
-
8/14/2019 IA Legality Research Paper
11/12
(2) indicate acceptance, regardless of other expressions or actions by the individual to
which the individual has reason to know the electronic agent cannot react.
Negotiations about the contents of a contract will be possible only if the agent can
understand what is meant by the other party. The extent of the knowledge of the agent
therefore plays a definite role. This immediately raises the question of whether the extentof this knowledge can be known to the other party the individual.Here too, the
development of a classification of agents and a system of certificates based on this could
provide a solution.
As regards the acquisition of information by the agent, the UCITA introduces the concept
of a reasonably configured electronic agent. A term included in an electronic record in
order to elicit a reaction from an agent is deemed to be conspicuous if it is presented ina form that would enable a reasonably configured electronic agent to take it into account
or react to it without review of the record by an individual.
CONCLUSIONS
The advent of intelligent agents will be the subject of the next hype once the dust thrown
up by the advent of traditional E-commerce and E-business has settled.. A great deal of
attention is being devoted both in the academic world and in industry for development ofthe different forms of intelligent agents. The functional possibilities also seem
impressive. Intelligent agents can become an important and convenient instrument in
dealing with transaction processes in a truly global and digital economy.
The legal study of intelligent systems is not new. The next generation of intelligent
systems has many more possibilities than traditional, offline systems. This naturallyapplies to active agents and transaction agents. The fascinating feature of the transactionagents is that they provide to create a virtual world in which software robots can imitate
human actions. Agents negotiate and cooperate with one another and even develop a
will of their own. This is of great interest to lawyers. In some areas there will be a needfor new rules, whether recorded in legislation or otherwise. Existing concepts might also
require a new definition to do justice to the advent of intelligent agents. Thus the advent
of intelligent agents will be of great significance to the development of the cyber law.The consequences will be comparable to those of the digital revolution in the second half
of the 20th century. Intelligent agents can become an important ease of use factor while
dealing transaction processes. At the same time, from a consumer perspective a number
of issues need close attention. First consumers have to become comfortable with theintelligent systems concept. Nowadays the trust of consumers in the digital environment
is won with some difficulty. Usage of agents needs further confidence in the possibilities
of the technology. It is the agent that determines the choices on the basis of the usersinstructions. Furthermore it is likely that the rise of intelligent agents will increase the
requirement for privacy protection. Presently a reasonable level of security can be
obtained by creating numerous identities through E-mail addresses with severalproviders. With the rise of real intelligent systems this form of protection is probably of
-
8/14/2019 IA Legality Research Paper
12/12
no use anymore. The concept of an electronic tail to follow ones behavior in detail
seems uncomfortable. It can be foreseen that the necessity to be active on the Internet
unknowingly will increase. Also some sort of (traffic) rules has to be formulated for thebehavior of agents. In addition to this close attention has to be paid to the security,
identification and authorization of agents.
The developments in these areas will determine whether or not the rise of intelligent
agents will be seen as a curse or a blessing.
Agents are here to stay, not least because of their diversity, their wide
range of applicability and the broad spectrum of companies investing in
them. As we move further and further into the information age, any
information-based organization which does not invest in agent technology
may be committing commercial hara-kiri
References:
1. Article on legal aspect of intelligent agent
2. Intelligent agents and the teaching of e-governance
3. Intelligent agent
4. Article on consumer protection5. Article on legal issues of e-commerce
6. Article onthe ICT Law and Artificial Intelligence and Law Group7. Article on enhancing e-Commerce with Intelligent Agents in collaborative
e-community8. Article on Intelligent Agent and Internet commerce
9. Article on Agent-Based Engineering, the Web, and Intelligence
10. Article on Intelligent agents and e-commerce11. Article on Intelligent Agents for computer and network management
12. Article on Intelligent agents, markets and competition