ia legality research paper

8/14/2019 IA Legality Research Paper

1/12

Research Paper on Intelligent Agent

INTELLIGENT AGENTS: A CURSE OR A BLESSING?

Submitted to

Prof.Sanskritirani Desai

Digital Business in the Transforming Economy

Submitted By:

Auronil DuttaRoll No. 8,

PGDM (3 Year) (2007-2010)

XAVIER INSTITUTE OF MANAGEMENT,BHUBANESWAR


2/12

Article Outline

Abstract

Intelligent agents: the legal dimension

Agents and ordinary software

Security aspects

Competition

Liability

Privacy

Intellectual property

A first step towards agent specific

legislation: the UCITA

CONCLUSION


3/12

INTELLIGENT AGENTS: A CURSE OR A

BLESSING? A STUDY ON THE LEGAL

ASPECTS OF THE APPLICATION OF

INTELLIGENT AGENTS

Abstract: Intelligent agents represent a new spawn of software with significant potential

for a wide range of Internet applications. They have been successfully used for personalassistances, intelligent user interfaces, and managing electronic mail. Recently, agents

have been applied to electronic commerce, promising a revolution in the way we conduct

business, whether business-to-business, business-to-customer or customer-to-customer.Agents are a key component in the Internet wide information and electronic commerce

systems that are currently being developed across the globe. But it is not an easy task to

predict how agents will develop into the future. There is still a long way before softwareagents transform how businesses conduct business. The greatest change will occur once

standards are adopted and evolved to unambiguously and universally define goods and

services, consumer and merchant profiles, value-added services, secure payment

mechanisms, complex goals, changing environment. The ultimate test of agent's success will

be the acceptance and (mass) usage by users. The road to the success is most likely to be

laid by developers, suppliers, and many commercial companies, who will join in, as there

are many interesting opportunities for them.

This article encompasses various legal facets of intelligent agents. While dealing with the

legal dimension the article starts with a consideration of a number of avenues that arecommon to intelligent agents. Following this, a number of issues will be probed that are

related to the use of intelligent agents. Finally, a number of conclusions and

recommendations will be contrived pertaining to the significance of the advent of agents

for specific consumers.The aim of this article is to explore this largely new field from alegal perspective. It is therefore designed specifically to the identifying factors relevant to

the application of intelligent agents and is meant to pose questions rather than supply

answers.

Key words: Agent, intelligent agent, and electronic commerce


4/12

INTELLIGENT AGENTS:THE LEGAL DIMENSION

Magnitude and nature of the legal dimension of the use of intelligent agents are

ascertained by the practicality of the agents involved and the functions that are

performed.For the purposes of this article we have produced a simplified categorization which

distinguishes between three types of agents:

(a)Passive agents: agents whose functioning and interaction is limited to the user's own

environment: an example is an agent which assists in organizing data on the computer ofthe user.

(b)Active agents: agents that are active in gathering and selecting information, filtering

news lists, processing E-mail etc.

(c)Transaction agents: agents of this kind go one step further than active agents byperforming transactions for or with the consumer. An example is an agent which, on the

basis of a profile of the consumer, orders a CD with music.

On legal aspects, there is a clear difference between the passive agent, and the active

agent and the transaction agent. The passive agent engages in an environment fully

controlled by its user; the active agent and the transaction agent move into the outsideworld.

As regards the passive agent: the legal issues involved majorly reflect those of traditionalsoftware. In case of active agents, especially transaction agents, the situation is, however,

different. The following paragraph will deal with a number of issues that are particularly

relevant for the latter two types of agents. Finally, a number of issues will be studied thatare specific for transaction agents.

Agents and ordinary software

Agents are intelligent computer programs. As far as the relationship between the supplier

of this software and the user is concerned, the principle is that the user acquires a license

to use the relevant software. The relationship between the user and the supplier will inprinciple be regularized by the normal mix of copyright and contract law. The nature and

scope of this license are therefore also relevant to agents. The right to a backup of the

agent applies to the legal interpretation of the contract between the user and the supplier

of the agent software.This situation will hold in particular if the agent software can becompared with other standard applications such as a word processing package or a

browser and in principle to be appropriate for various passive agents.

However, agents will not be available exclusively as ready-made applications. In the case

of the standard software packages we see a striking development in the form of

Application Service Providers (ASPs), which allow users access for a given period to thefunctionality needed. The distribution of software packages is thus being replaced by the


5/12

provision of functionality. A similar situation occurs when agent functionality is provided

temporarily for the performance of a task. A temporary license could apply here.

Depending on the circumstances there may be an affinity with contracts for services.

SECURITY ASPECTS

Security is an important matter throughout the different stages of development of

intelligent agents. Security could even come to play a very prominent role since in the

case of active and transaction agents, a portion of the users environment will roamactively around the Internet without the user being able to monitor directly what is

happening. Furthermore, particularly active agents and transaction agents will carry with

them valuable information for the user, say for example, search profiles. Transaction

agents will in few cases even carry with them their purchase information in a digitalform.

However it is not suitable or even possible to foresee all developments in relation to

agents, it seems naturalistic to consider that, account must be taken of the development ofagent killers, in other words virus-like software applications that are able to obliterate

agents totally or partially or to defile or modify their instructions or other information.For those who at present go to significant lengths to hack the security systems around

websites and servers, attacking agents would seem to present a real challenge.

It remains to be ascertained to what extent the present criminal laws offer the rightinstruments to address this new form of crime adequately. It is not very improbable that

far reaching security systems will be synthesized for agents. Firstly a security

classification has to be developed and then the certification of agents by reference to aparticular category of security standards and protocols has to be met. Requirements could

then be levied in respect of the security level which the agent must satisfy if it is to be

authenticated or accepted for certain activities. For example, if an agent wants to obtain apermit from the municipality by that time the permit would automatically be issued in

digital form! maybe required to meet a minimum level of security. Such a system will

require surveillance, at least in the form of a concrete examination to determine whetherthe agent complies with the specified level of security. Consequently it will lead to the

evolution of a system of independent check marks for agent security features.

COMPETITION

Various problems centering around competition law can possibly affect the deployment

of agents. Within the agent industry, control over how the process standards are set islikely to be of major importance. It is therefore not unlikely that there could be a battle of

standards comparable to the browser war or the battle of the operating systems. If so,

issues related to the role of consortium, availability to standards, reverse engineering etc.will be relevant. Of course the traditional competition law issues like the distribution of

agents, pricing, tie-in sale etc. will be of importance as well.


6/12

Actual deployment of agents can be pertinent as well from a competition law perspective,

like a suppliers refusal to communicate with a certain type of agents, the setting of safety

standards for a certain transaction not objectively justifiable. The application of agentscould alter the competition landscape in various branches significantly. Agents will allow

for price comparisons on a scale that is so far unprecedented.

LIABILITY

The development and application of agents results in many potential liability issues. Themore the independence of agents the more truthful this is.

Attention has already been paid on various occasions concerning this liability issues

which can come up through the application of artificial intelligence. However, publications about these particular liability issues happened by the use of intelligent

agents are just hardly.

The application of autonomous agents could give rise to formation of interesting liabilitypremises. Because, these agents will travel around independently on the Internet in

conformity with the instructions stored on them and will execute acts in accordance withthese instructions. Numerous potential cases of damage are imaginable in this connection:

as a result of its activities the agent spoil a databank consulted by it

as a result of a fault in its software application the agent performs an incorrecttransaction and starts selling shares rather than buying them.

the agent becomes corrupted by a virus and subsequently infects a website which it

visits the agent has collected a music file for its owner but is kidnapped by a killer agent

before it reaches its owner.

Following factors are of particular relevance to these scenarios:

1. Autonomy of the agent

2. Mobility of the agent3. Dynamics of the environment in which they operate.

The autonomy of the agent implies that they function or can function without repeated

feedback from the user. This potential degree of independence means that in the event ofany damage the user will have tendency to blame this on a design fault. This may involve

a logical error or a defect in the process of protection of the agent. Naturally, it is also

considered that the user may be responsible for causing the damage, for example by usingan agent in an environment for which it was definitely not suitable (e.g. lack of training

or insufficient protection levels).

The mobility of the agent indicates that particular attention must be given to the security

of the agent and the privacy of the user. Two examples have already been sufficed above

of circumstances in which the security of the agent is primary (the examples of the virus

infection and the kidnapping of an agent). In order to get into transactions that are not


7/12

executed on an unidentified basis, an agent will often have to resort to identifying

particulars of its principal. The principal thus will have an express interest to ensure

good security of his agent.

The expression dynamics of the environment connotes that the agent operates in anenvironment that is irregular and in a state of constant flow. An agent must be prepared to

interact with a wide range of logical objects and data. Possible protection against related

risks could be provided by confining the scope of the agent to interact with itsenvironment. A balance must be maintained between the limitations to be enforced in the

interests of security and the flexibility which is essential to operate successfully.

The risks and dangers identified above can be reduced in various ways. For example, theagent could be planned in such a way that its flexibility is limited, thereby increasing the

level of security. A finite lifespan could also be integrated into the design of the agent in

order to forbade it from leading a life of its own forever on the Internet. Alternatively, the

agent could be constructed in such a way that it can interact with other objects only if it isunder the control of its user. This could be achieved, for example, by a requirement that

the agent reports back if it wishes to engage in a dialogue with another object. The usercan then authorize this dialogue and, if desired, monitor it. The incorporation of a recall

mechanism and the possibility for the user to destroy the agent by remote control could

help to limit the risks.

These restrictions could, however, also result from the environment in which the agent

runs. For example a system could be configured in which both agents and the objects

sought by them are ascribed a given certificate. These credentials could then carry dataabout authorization, security and so forth. This would be a simple way of forbidding an

agent from interacting with an object whose security level is such that it constitutes a

threat to the agent. Finally, the user naturally imposes great influence on the risk profileof the agent. The choice of an agent for a given function and instructions given to the

agent obviously determine to a large extent the likelihood of the occurrence of damage.

Karnow has proposed that the complex debate about the attribution of liability fordamage in relation to the use of agents could be nullified by the introduction of a TuringRegistry, a system by which agents can be used only after they have been licensed. This

certification authority (the Turing Registry) would then evaluate in the risks attached tothe use of the agent in the certification process. This would give rise to questions such as

the probability of the interaction with the agent beyond the domain intended for it, the

situation if the agent contains a virus, how the agent responds to orders given remotely,

whether the agent requires an oversight, what decisions it can make itself, etc. On thebasis of this evaluation the Registry will then issue a certificate for the agent. The agent

will then interact only with systems that also bear a similar certificate issued by the

Registry. If any damage occurs the Registry will make payment without any probe intosuch matters as fault or causal relation.

PRIVACY


8/12

The successful implementation of intelligent agents indicates that they require a personal

profile of the user containing adequate information to enable it to perform its allocated

functions. Depending on the type of agent this profile will vary in the degree of detail andcould contain a wide range of information. In addition to the name and E-mail address of

the user the profile will, for example, contain particulars of his preferences in the fields of

news, sport and literature. More confidential information too may be included in orinferred from the profile concerning, for example, a person's health, religion, financial

position and social contacts. Intelligent agents may pose a threat to the privacy of the user

in view of their properties (autonomy, pro-activeness, social ability and reactivity), theirinability to function properly without possessing a personal profile, and the extent to

which data for the profile are supplied and collected independently.

Research on the subject of intelligent agents and privacy was performed in 1999 by theDutch Data Protection Authority in cooperation with TNO, A Dutch research institute,

and the Canadian Information and Privacy Commissioner. They identified two types of

threats associated with the application of intelligent agents. Firstly, a threat induced by

agents that carry out functions for the user and make personal information available forthis purpose. Second, the threat posed by agents which perform functions for others, for

example when they monitor data traffic, apply data-mining techniques or attemptwithout any basis to draw out personal information from the agent of the user. Moreover,

when an agent is followed by another agent to collect information concerning its task or

user; the privacy of the agent comes at stake. On the basis of various conventions,

statutes and privacy guidelines, a number of basic principles have been formulated thatneed to be observed by users, developers, suppliers and providers in the application and

development of intelligent agents. These basic principles are as follows:

Anonymity: prior to processing of the data it is to be determined whether it is

necessary to process personal data rather than anonymous data. Purpose specification: the aggregation of personal data must serve a specific,

explicit and lawful purpose.

Legitimate grounds: there must be a lawful cornerstone for the processing of

personal data.

Compatible use: the personal data must not be processed if this is in contrary to

the objective for which they have been collected.

Proportionality: the processing of the personal data must be essential and mustbe proportionate to the pre-determined objective.

Data quality: the personal data must be adequate, relevant and not surplus in

relation to the objective for which they have been gathered.

Data subjects rights: the person to whom the data relate has the right toscrutinize the data and to correct them if they are incomplete or inaccurate.

Transparency: if personal data are processed it must be clear to the person

concerned what will be done with the data.

Security: adequate technical and organizational measures must be adopted to

protect personal data against loss or destruction which is unlawful or caused byunanticipated factors and against amendment, unauthorized publication or access

and all forms of wrongful processing.


9/12

Accountability: someone must be responsible for the acts executed by agents in

the course of their duties.

Supervision: an independent regulatory body is required to investigate whetherthe principles referred to above are being honored or not.

As the magnitude of the application of intelligent agents will make it very difficult tomonitor them adequately, the research lists in addition to the principles mentioned above

a series of technologies which can guarantee secrecy in the application of intelligent

agents. These include certification of the working method of agents, recording the actionsof agents, access control, identification and authentication of agents, and integrity

mechanisms for data. It is also recommended that so-called Privacy-Enhancing

Technologies be implemented, which can be incorporated into the intelligent agents

themselves, or a special intelligent agent be developed for this purpose example of whichwould be an intelligent agent which has a pseudo identity.

The debate on privacy has intensified as a result of the application of information

technology and will certainly be diversified to include new aspects as a result of theadvent of intelligent agents.

INTELLECTUAL PROPERTY

Intellectual property is relevant in various ways in relation to intelligent agents. Thisconcerns both the possible intellectual property rights in respect of agents and the results

of the work of agents. Furthermore, the use of agents may have logical implications for

the enforcement of intellectual property rights relating to the work of third parties where

agents play a role in obtaining access to these works.

The first aspect, the intellectual property protection of agents as such, is not a completelynew concept. Agents consist essentially of software. However, the debate is more rarified because agents cannot be compared with ordinary application software. A better

comparison is with expert systems. In the debate on the security of these systems a

distinction is generally made between the shell and the knowledge base. The shellconsists of an inference engine, a knowledge editor and an explanation facility and can be

regarded as an ordinary software application. It indicates that the possibilities for the

legal protection of agents do not constitute a special case.

The situation is however different in the case of a knowledge base. This involves

protection of the knowledge and it is necessary to ascertain what options are offered by

patents, copyright and the database rights. A complication in this respect is thecomplexity of the process by which the knowledge is collected and registered. Various

parties play a role in this connection. Apart from the question of the possible scope of

protection, there is also the issue of who can be regarded as the rightholder(s).

As observed above, this debate is not new. This also directs to the second aspect

described above: the protection of the output of agents. Certain types of agents will beable not only to acquires information independently, but also to process it to a greater or


10/12


11/12

(2) indicate acceptance, regardless of other expressions or actions by the individual to

which the individual has reason to know the electronic agent cannot react.

Negotiations about the contents of a contract will be possible only if the agent can

understand what is meant by the other party. The extent of the knowledge of the agent

therefore plays a definite role. This immediately raises the question of whether the extentof this knowledge can be known to the other party the individual.Here too, the

development of a classification of agents and a system of certificates based on this could

provide a solution.

As regards the acquisition of information by the agent, the UCITA introduces the concept

of a reasonably configured electronic agent. A term included in an electronic record in

order to elicit a reaction from an agent is deemed to be conspicuous if it is presented ina form that would enable a reasonably configured electronic agent to take it into account

or react to it without review of the record by an individual.

CONCLUSIONS

The advent of intelligent agents will be the subject of the next hype once the dust thrown

up by the advent of traditional E-commerce and E-business has settled.. A great deal of

attention is being devoted both in the academic world and in industry for development ofthe different forms of intelligent agents. The functional possibilities also seem

impressive. Intelligent agents can become an important and convenient instrument in

dealing with transaction processes in a truly global and digital economy.

The legal study of intelligent systems is not new. The next generation of intelligent

systems has many more possibilities than traditional, offline systems. This naturallyapplies to active agents and transaction agents. The fascinating feature of the transactionagents is that they provide to create a virtual world in which software robots can imitate

human actions. Agents negotiate and cooperate with one another and even develop a

will of their own. This is of great interest to lawyers. In some areas there will be a needfor new rules, whether recorded in legislation or otherwise. Existing concepts might also

require a new definition to do justice to the advent of intelligent agents. Thus the advent

of intelligent agents will be of great significance to the development of the cyber law.The consequences will be comparable to those of the digital revolution in the second half

of the 20th century. Intelligent agents can become an important ease of use factor while

dealing transaction processes. At the same time, from a consumer perspective a number

of issues need close attention. First consumers have to become comfortable with theintelligent systems concept. Nowadays the trust of consumers in the digital environment

is won with some difficulty. Usage of agents needs further confidence in the possibilities

of the technology. It is the agent that determines the choices on the basis of the usersinstructions. Furthermore it is likely that the rise of intelligent agents will increase the

requirement for privacy protection. Presently a reasonable level of security can be

obtained by creating numerous identities through E-mail addresses with severalproviders. With the rise of real intelligent systems this form of protection is probably of


12/12

no use anymore. The concept of an electronic tail to follow ones behavior in detail

seems uncomfortable. It can be foreseen that the necessity to be active on the Internet

unknowingly will increase. Also some sort of (traffic) rules has to be formulated for thebehavior of agents. In addition to this close attention has to be paid to the security,

identification and authorization of agents.

The developments in these areas will determine whether or not the rise of intelligent

agents will be seen as a curse or a blessing.

Agents are here to stay, not least because of their diversity, their wide

range of applicability and the broad spectrum of companies investing in

them. As we move further and further into the information age, any

information-based organization which does not invest in agent technology

may be committing commercial hara-kiri

References:

1. Article on legal aspect of intelligent agent

2. Intelligent agents and the teaching of e-governance

3. Intelligent agent

4. Article on consumer protection5. Article on legal issues of e-commerce

6. Article onthe ICT Law and Artificial Intelligence and Law Group7. Article on enhancing e-Commerce with Intelligent Agents in collaborative

e-community8. Article on Intelligent Agent and Internet commerce

9. Article on Agent-Based Engineering, the Web, and Intelligence

10. Article on Intelligent agents and e-commerce11. Article on Intelligent Agents for computer and network management

12. Article on Intelligent agents, markets and competition

ia legality research paper

Documents