This article provides a methodology for the interpretation of AI ethics principles to specify ethical criteria for the development and deployment of AI systems in high-risk domains. The methodology consists of a three-step process deployed by an independent, multi-stakeholder ethics board to: (1) identify the appropriate level of abstraction for modelling the AI lifecycle; (2) interpret prescribed principles to extract specific requirements to be met at each step of the AI lifecycle; and (3) define the criteria to inform purpose- and (...) context-specific balancing of the principles. The methodology presented in this article is designed to be agile, adaptable, and replicable, and when used as part of a pro-ethical institutional culture, will help to foster the ethical design, development, and deployment of AI systems. The application of the methodology is illustrated through reference to the UK Ministry of Defence AI ethics principles. (shrink)

In recent years, the design and production of information systems have seen significant growth. However, these information artefacts often exhibit characteristics that compromise their reliability. This issue appears to stem from the neglect or underestimation of certain crucial aspects in the application of Information Systems Design (ISD). For example, it is frequently difficult to prove when one of these products does not work properly or works incorrectly (falsifiability), their usage is often left to subjective experience and somewhat arbitrary choices (anecdotes), (...) and their functions are often obscure for users as well as designers (explainability). In this paper, we propose an approach that can be used to support the analysis and re-(design) of information systems grounded on a well-known theory of information, namely, teleosemantics. This approach emphasizes the importance of grounding the design and validation process on dependencies between four core components: the producer (or designer), the produced (or used) information system, the consumer (or user), and the design (or use) purpose. We analyze the ambiguities and problems of considering these components separately. We then present some possible ways in which they can be combined through the teleological approach. Also, we debate guidelines to prevent ISD from failing to address critical issues. Finally, we discuss perspectives on applications over real existing information technologies and some implications for explainable AI and ISD. (shrink)

Regulation by design (RBD) is a growing research field that explores, develops, and criticises the regulative function of design. In this article, we provide a qualitative thematic synthesis of the existing literature. The aim is to explore and analyse RBD’s core features, practices, limitations, and related governance implications. To fulfil this aim, we examine the extant literature on RBD in the context of digital technologies. We start by identifying and structuring the core features of RBD, namely the goals, regulators, regulatees, (...) methods, and technologies. Building on that structure, we distinguish among three types of RBD practices: compliance by design, value creation by design, and optimisation by design. We then explore the challenges and limitations of RBD practices, which stem from risks associated with compliance by design, contextual limitations, or methodological uncertainty. Finally, we examine the governance implications of RBD and outline possible future directions of the research field and its practices. (shrink)

Artificial Intelligence (AI) has the potential to influence people’s lives in various ways as it is increasingly integrated into important decision-making processes in key areas of society. While AI offers opportunities, it is also associated with risks. These risks have sparked debates about how AI should be regulated, whether through government regulation or industry self-regulation. AI-related risk perceptions can be shaped by national cultures, especially the cultural dimension of uncertainty avoidance. This raises the question of whether people in countries with (...) higher levels of uncertainty avoidance might have different preferences regarding AI regulation than those with lower levels of uncertainty avoidance. Therefore, using Hofstede’s uncertainty avoidance scale and data from ten European countries (N = 7.855), this study investigates the relationships between uncertainty avoidance, people’s AI risk perceptions, and their regulatory preferences. The findings show that people in countries with higher levels of uncertainty avoidance are more likely to perceive AI risks in terms of a lack of accountability and responsibility. While people’s perceived AI risk of a lack of accountability exclusively drives their preferences for government regulation of AI, the perceived AI risk of a lack of responsibility can foster people’s requests for government regulation and/or industry self-regulation. This study contributes to a better understanding of which mechanisms shape people’s preferences for AI regulation. (shrink)

The EU AI Act is the first step toward a comprehensive legal framework for AI. It introduces provisions for AI systems based on their risk levels in relation to fundamental rights. Providers of AI systems must conduct Conformity Assessments before market placement. Recent amendments added Fundamental Rights Impact Assessments for high-risk AI system users, focusing on compliance with EU and national laws, fundamental rights, and potential impacts on EU values. The paper suggests that automating business process compliance can help standardize (...) these assessments and outlines some methodological guidelines. (shrink)

Risks connected with AI systems have become a recurrent topic in public and academic debates, and the European proposal for the AI Act explicitly adopts a risk-based tiered approach that associates different levels of regulation with different levels of risk. However, a comprehensive and general framework to think about AI-related risk is still lacking. In this work, we aim to provide an epistemological analysis of such risk building upon the existing literature on disaster risk analysis and reduction. We show how (...) a multi-component analysis of risk, that distinguishes between the dimensions of hazard, exposure, and vulnerability, allows us to better understand the sources of AI-related risks and effectively intervene to mitigate them. This multi-component analysis also turns out to be particularly useful in the case of general-purpose and experimental AI systems, for which it is often hard to perform both ex-ante and ex-post risk analyses. (shrink)