Artificial intelligence: Legislation must mirror existing legislation and methods for cybersecurity

During the Tallinn Digital Summit 2018, I participated in a breakout session on Safty and Security in the age of artificial intelligencealong with four ministers and three other specialists in the area. Below is what I highlighted:

Skärmavbild 2018-10-17 kl. 14.36.45I have recently worked on a number of implementations of cyber security laws in organisations. I would like to briefly explain the need for a legal foundation that enforce safe development of AI systems and, above all, the need for it to be in line with previous cyber security legislation and methods.

Within corporations and other organisations, current risk management regarding IT systems is primarily based on two different points of view. The first is the risks regarding the organisation itself which needs to be managed in order to securely continue with operations. The second is the individual perspective which is regulated by privacy laws, like for example the Data Protection Act. Here, the risks and potential repercussions of mismanagement of personal data are analysed. Within organisations that handle a large amount of sensitive personal information and within government bodies, current legislation requires an independent Data Protection Officer who ensures compliance with existing legal requirements.

From a societal point of view, we have a different legislation which focuses on activities of importance to Europe for example. An example of this is the NIS-Directive which aims to ensure the reliability and security of network and information services which are essential to everyday activities.

The problem is that currently we lack a comprehensive legal framework to protect society – and the rest of the world – against organisations which are irresponsible in their development of artificial intelligence. Furthermore, there are no acknowledged standards, methods or indeed precedents within the area. As a result, as long as the integrity of the management of personal data is maintained, there are currently no restrictions, other than ethical, on any irresponsible development of artificial intelligence.

To manage the gap between regulation and the capability of the new systems, it will be essential to introduce processes within the organisations which focus on the management of risks associated with artificial intelligence. However, there is no need to reinvent the wheel. Current cyber security methods and guidelines can be complemented by our current knowledge of research within artificial intelligence. Notably, potential risks are far more wide-ranging than cybersecurity and have a large impact on fairness, ethics, transparency and accountability.

To manage these risks, I have four suggestions:

The first is to define the fundamental principles that should guide the development of artificial systems from a security, fairness, ethics, transparency and accountability point of view.

The second is to legislate against the irresponsible development of artificial intelligence. This legislation can be similar to the Data Protection Act, but with a focus on the protection of society as opposed to the protection of the individual.

The third is to define a model for the safe development of artificial systems which the legislation can refer to. Such a model could be used to determine whether right tests have been performed and to ensure that correct principles for system architecture and design have been adhered to. I really want to emphasize that such a model should not deviate from but rather complement existing models and processes for secure development like for example Microsoft’s Security Development Lifecycle or Privacy by Design. Any large deviation from existing frameworks may not only jeopardise the ability of the organisations to implement them but may also be prohibitively expensive.

The fourth is that developers of artificial intelligence systems need to have a process for independent verification. An example could be an independent representative who verifies that the organisation complies with the legislation, an AI Protection Officer with a similar position as the current Data Protection Officer.

Finally, I want to re-emphasise that all legislation within the area must mirror existing legislation and methods for secure development. Otherwise we will not get the results we are aiming for.

Åsa Schwarz

The breakout session Safety and security in the age of artificall intelligence had the following participators:

Skärmavbild 2018-10-17 kl. 09.27.42

Brand-new thriller The seven keys is bound for television

Skärmavbild 2017-11-23 kl. 17.27.06The seven keys, the new bestseller from Åsa Schwarz, is about to become an international TV- series if everything goes in accordance with the plans of Yellow Bird. This well-known production company, which has earlier produced mega successes such as the Millennium Series based on the books of Stieg Larsson, has now secured the rights on the title and is currently starting up the project.

– It is almost too good to be true, says the thrilled author.

The seven keys, published this August in both Sweden and Denmark by publisher House of Independents, has quickly become a success in both countries. Åsa Schwarz is hoping that more countries will follow and a TV-series would be a truly grand development. Her thriller has received a great deal of attention, not only due to a captivating mystery, but also because of the thrilling reality behind the story.

Omslag De sju nycklarnaThe story starts out in Stockholm where Rebecka, one of seven IT-professionals in the world who holds a key to the Internet, wakes up with a gun to her head, threatened by someone who wants her key. Her children sleeping in the room next door. When the key-holders are, one after another, victims of an attack Rebecka understands she has to go underground to solve the mystery.

– It’s an incredibly fascinating and unexplored setting. That the keys exist in reality as a means to secure the internet traffic, makes it even more exciting. Almost everything depends on the internet functioning, but we are grossly unprepared if something goes wrong, says Marianne Gray, the producer for the project planned to be a TV-series with eight or ten episodes.

Yellow Bird is a Swedish production company focused on the broad international market as shown by the earlier adaptation of The Headhunters by Jo Nesbø and the Millennium Series by Stieg Larsson.

– This series absolutely has international potential, and is not entirely in Swedish. Today we find that content must not necessarily be in English to be of interest to international buyers. ”Local- language” is popular now internationally, says Emelie Franc, associate producer.

-The internet is a global phenomenon so a story like this will naturally raise international interest, adds Emelie Franc.

The author herself can see that the story has potential to work well in a visual format.

– It’s a fast-paced thriller, very much like an action film. I didn’t write the book with an adaptation in mind, but I could visualize every scene very clearly when I wrote it, says Åsa Schwarz. In 2017, Åsa was selected the Security Profile of the year in Sweden.

House of Independents through its literary agency Hoi Agency negotiated the rights. Hoi Agency represents a number of authors connected to the publishing house with regard to foreign book rights as well as associated rights such as film and television.
Lars Rambe, Managing Director of House of Independents, is pleased and proud over the agreement with Yellow Bird which was put into place very quickly.

– Sales of literary and other associated rights are a natural part of our business today. With our broad catalogue of titles there are many good stories to work with and present. A collaboration with a well renowned production company such as Yellow Bird shows that we are on the right track. Furthermore, The seven keys is the perfect book to start with. It doesn’t get much more exciting than this, says Lars Rambe.

With the agreement in place, the producers are excited to get going.

– We are naturally just at the starting point as we recently have acquired these rights. The next step is to find a script writer. We are really keen to get this project started, says Marianne Gray.

Contact Yellow Bird:

Marianne Gray:
Marianne.gray@yellowbird.se
+46 70 871 79 24

Emelie Franc:
Emelie.franc@yellowbird.se
+46 73 897 72 88

THE OPINIONS OF BOOK BLOGGERS

Omslag De sju nycklarnaDuring the last few days there have been a number of blog reviews of The Seven Keys. This makes me happy every time around. Here is a selection:

”Finally catching one’s breath after the story’s breakneck speed, one is struck by the author’s afterword, which really had me thinking in light of the numerous IT scandals of late. Maybe time for politicans and the general public to wake up!”
— Boklysten

”5 points out of 5.
I warmly recommend this book. A really frightening, fast-paced thriller, full of believable characters. No dull stretches; the plot develops page by page. This is an incredibly exciting, top-notch, rather different thriller, and with a plot that may turn out to be for real. Read it!”
–Autumn Leaf

”This book is thrillingly exciting and offers some interesting insights into our everyday IT security. Can anything be hacked? Our cars, our lawn mowers, our pacemakers? Not to mention our mobiles, our iPads, and our laptops? Is there any integrity at all on the Internet?”
— Bookiecookiez

”This is an easy-to-read, well-written, exciting thriller. The short chapters contribute to the fast pacing. Totally in my taste.”
— Ordhyllan

”In light of all the recent IT scandals, The Seven Keys is both topical and thought-provoking. It is far more than just ‘entertainment’! Also, I believe that the thoughts put forth by the author in her afterword are very sensible. We should indeed think a lot more about digital security and be a lot more source critical as pertains to what we read, and share, on the Internet!”
— Fru E:s böcker

”Then there is this thing for which I love the author and the book a bit extra. On two occasions (to which I reacted) the author openly questions the norm of gender roles. To turn the norm around and write ‘male police officer’ instead of ‘police woman’, which is the common way of distinguishing between police officers of different sexes, and to pen in the prejudice that dads out and about with their babies are homosexual nannies, not just dads (since they are supposed to be the bread-winners), is simply fantastic.
This is definitely a winner from the first page to the last.”
— Annas fotnoter

”The main strength of The Seven Keys is how very realistic the novel is. There actually are seven persons around the world who’ve got a key each to the Internet (and one of them is a Swedish woman), and if a nation or a terrorist organisation would get hold of those keys and take over the Internet, the consequences would be disastrous. Our society is dependent on the Internet for food supplies, logistics, healthcare, information, and communication. It is a breathtaking thought that the most important functions of society are so dependent on the Internet that if it would malfunction for any major period of time, we would face very serious problems.”
— Bibliophilia