Technology is developing far faster than the regulatory environment. What are the challenges and priorities facing legislators in Poland and the EU?
It’s difficult to talk about ‘digitalisation’ because what we’re experiencing is a transformation happening on such a great scale and so quickly that it’s hard to describe. Once, when we talked about ‘digital transformation’, we usually thought about the media, telecoms and manufacturing; we thought about transformation that it would happen in a specific area. But now, we see it affects absolutely all sectors. Take agriculture. Many companies active in this sector are highly digitalised, using satellite photos to observe the status of crops, using AI to predict what crop protection should be applied. Today, the digitalisation process is occurring across the entire economy, and across society, touching people’s everyday lives – we’re facing a dramatic change. It’s difficult to predict the outcome of it all, we’re in the middle of a cyclone of change, in the eye of the hurricane, therefore we can only try to form some initial thoughts about the future.
When looking at the role of law and lawyers and legislation, the law has always been lagging behind technology, it’s always been slow to follow any change in society. Some areas of our economy and culture haven’t changed much for centuries; the regulatory environment is stable. Real estate law hasn’t changed much in 2,000 years. For instance, the owner is liable for any loss incurred as the result of something thrown from a window of his building – this is a Roman law regulation. There’s no significant legal change here. It might be enough to look at provisions and find answers to questions that might arise, but in case of technology, it’s not possible. If we can’t find answers to legal issues that arise as a result of completely new technologies, we will have to be flexible.
The proper reaction isn’t to create new set of legal rules. Such rules would be temporary by their nature – they wouldn’t be much good; they were drafted when we didn’t know enough about the nature of the changing situation. Our regulation shouldn’t move too quickly, we should be always trying to adapt. Wait and see is best. Using existing provisions in civil law to adapt to new situations; in case of gaps in the law, the legislator should intervene only where really necessary, if it’s not urgent – wait.
The legal system is not an algorithm. Wherever an algorithm encounters a loop, it stops. But not the law. Civil law, constitutions, obligations contain many legal terms that might be interpreted to influence provisions in contracts related to technology. Concepts such as ‘good will’ or ‘due diligence’ might mean something slightly different today than they did 20 years ago, yet in result these and many other legal constructions will still be valuable in the future.
Although the common-law system in the English-speaking world is based on precedents, whilst our civil-law system is based on legislation, they work in a similar way. Precedents may change. In our civil-law system, there are changing interpretations. Once such interpretation is no longer valid, because everything around it has changed, then not always do you have to wait for the legislator to catch up. Legal provisions in the technological age must be flexible enough to cope with future changes.
Towards the end of last century, there was a wave of enthusiasm for the internet. People were wondering whether we should create a specific code for the internet, and then one day we found that it had become a part of our world. Yes, we needed some special regulations to promote internet service – if internet service providers were to have been liable for content and products hosted on their servers back then, the development of those services would have been blocked. But apart from that, we found that our law does actually cover the internet.
We are living through a similar set of circumstances – the majority of situations arising from cloud computing, AI, Internet of Things (IoT), or blockchain might be regulated using current legislation – but there might be situations where the legislators have to intervene. One example is product liability. Until recently, manufacturers could not control their products once they’ve been sold. They could not update firmware into the product – now they can. In the future when IoT and 5G networks become commonplace, there will be many cases of loss suffered from customers using a product where they no longer control it but the producer does.
Should AI be treated as a human being in law?
Artificial intelligence is another technology that will need some regulation – I expect that the scope will be much narrower than we think. Should regulators ascribe legal personality to AI systems? Why? AI is still a tool – it’s used by people, it may recommend decisions, or automatically execute that decision, for example in the case of autonomous cars – but ultimately, someone must be responsible for its behaviour. We use the word ‘behaviours’; a robot may behave like a human being – but it doesn’t have consciousness. Take for example a machine selling tickets on the underground – it mimics a cashier – but it doesn’t mean it is aware like a human being. When we talk about AI, we tend to skip to some stage in the future where AI might have consciousness. Some academics say this may occur in 30, 40 years’ time, others say never. We don’t know. The techniques of machine learning boil down to the fact that AI is in fact still just software.
The problem with comparing AI to human behaviour derives from the famous Turing Test – if you have a human being in one room and AI in another and you can’t tell the difference, then the AI is said to have passed the test. The problem is that the test is not objective – it’s subjective.
We are at the top of the hype cycle about AI, that’s why discussions are emotional; people expect more from AI than it can deliver. However, we’ll see in next few years some excellent examples of AI solutions, but they will be very narrow and limited to certain use-cases. Don’t expect AI to be similar to human beings, or universal enough to write a poem, play chess and then take a walk. AI will be trained to carry out one task, Google has trained AI to compete with go players, but it would be unable to take on chess players. And then change only one rule and the AI will be defenceless until that rule’s changed back. We are adaptable to changes in circumstances. So many factors influence us every day. Robots and AI can’t adapt as quickly as humans. In the factory, on the production line, answering standard e-mails yes, but they’re not good in the open environment; our world will be still governed by us.
How do you assess the progress of the Polish state when it comes to digitalisation?
Its strategy for digitalisation is very good. We started late, after other governments, but there are many actions being undertaken. A central platform is being established for all government bodies so you can approach them in one place. The Profil zaufany (‘trusted profile’) – digital signature – it’s a little complicated in use, but finally it’s in use in so many applications, its used by citizens and administrative bodies. We see more and more initiatives that promote modern technologies. The tender for cloud computing by central administration, will bring about a change attitude within the state administration, open minds to other possibilities and technologies. For those afraid to start on the road to a digital state, cloud computing will help. With the mobile app, mObywatel (‘m-Citizen’), you can now show your ID data, find details of your car, you see all your electronic prescriptions. The Polish government is quite open to digitalisation; some things can be improved but generally the situation is good.
How do things look at the European Union level?
The European Commission is on the path towards a common digital market, creating a new data-based economy, pursuing the strategy, analysing regulations. The commission should only regulate that which you understand how to regulate. Product liability – three years ago the European Parliament adopted a resolution to analyse this issue – last autumn it published a report on how to regulate liability, the ground is quite well prepared in terms of GDPR; e-privacy on is on the horizon. Regulations on non-personal data is interesting – the commission wants to encourage states and producers and owners to make them open, with a prohibition of making any local legislation to localise data on territory of specific states. The Commission tries to encourage producers, generators of data, to share them freely. Regulations to free non-personal data collected – for example smart cities will collect vast amounts of such data – and then commercial entities can put them to good use, collaboration between manufacturers. An example. In the pharma sector, each company usually collected its own set of data to work on new substances. In recent years, pharma companies use AI on their data sets, but they need more data, so sharing data between themselves would result in more effective R&D. However, what would happen to free competition? So the companies used a platform based on blockchain that would separate the data, but would allow AI to see all the aggregated data, but not allow firms to see or collect the data gathered by their competitors. Companies, even very competitive companies, can see a common goal – it’s an example that shows that promoting the sharing of data can accelerate progress in many areas. European Commission thinks about tools like that. We’ll see if this will result in a legal obligation to share, or rather a soft law to encourage firms to share data.
Another example – the aviation sector. Information about the behaviour of the plane’s engines in flight – prediction of problems that might happen within an engine a couple of months before it appears is extremely beneficial, but can happen only if everyone shares that data. It’s in everyone’s interest to share it, leading to better planning, better safety. But there are risks. If you have data about engines, it can show up the behaviour of pilots, their risky habits that can shorten intervals between maintenance. In Lufthansa, this led to a pilots’ protest, unhappy at such flight data being shared.
We are going to witness the same revolution as Web 2.0. In the beginning, the internet was not interactive. It was passive, it was about reading content. Web 2.0 enabled users to generate content, leading to the appearance of Facebook, Twitter and Instagram. In the same way, data from users might be co-hosted, and this interaction will allow for new ways to change our business and culture. I believe that when all companies discover benefits of sharing data and find a way to process it for the benefit of their businesses, the world will change. This could not happen without cloud computing, access to computing power, IoT, collect data, and of course AI and 5G networks that allows for very quick of collection than in the past.
How do you assess the development of blockchain, or distributed ledger technology (DLT), outside of cryptocurrency applications?
Blockchain has moved past the hype stage, it is now tested, prototypes have been built and we’ll see practical use-cases where this technology is applied, but not as widely as we thought a few years ago. Governments and institutions have found the shortcomings of blockchain; it’s not very fast, it takes more time to complete transactions; it is costly compared to solutions in use. Many companies have stopped developing them – there is no business case to justify them. DLT is used in areas where there is a lack of trust between parties – you must provide a solution that records transactions in an environment where there’s no trust. Look at how companies that have started to use blockchain actually use it. They use just parts of it, the encryption, or recording data in such a way that it’s connected to previous data. Banks that claim to have ‘blockchain-based solutions’ often just have a DLT solution sitting on their own network of servers, but as they are the owners of servers, it’s not really blockchain. ‘I’m using tech that makes it extremely difficult to change records, but I’m still the owner of it.’ Real blockchain is about distributed networks of nodes – owned by different entities; records can be falsified on one node, but others can quickly see that, the majority of nodes have to decide whether a record is true or false, changing data on one node doesn’t change anything.
In Poland we don’t need DLT for applications such as land and mortgage registries (księgi wieczyste), we can trust the state, there’s no reason to require such a system. Blockchain will slowly become what it should be – just one of many technologies in the world. It opened the minds of many people, creating solutions that were not possible in the past, allowing for the exchange of values between people who don’t know or trust each other. But it’s not a wonder solution that fits all use-cases. The term ‘smart contract’ is often mentioned in the context of the blockchain environment, but it was coined in the 1990s by Nick Szabo, a US software developer. A smart contract is part of a contract obligation that’s performed automatically – blockchain is particularly suitable where there’s a lack of trust, but it is not always needed. I like the idea of smart contracts – it makes the consumer think that something will happen quickly, something that used to take weeks. Delayed flights are a good example, you fill in application, pay the insurance premium and its zero/one, either your flight was delayed or it was not. If it was, the pay-out can be automatic, within minutes of landing. We’ll see more and more examples of such automation in the business world, but its use will be more limited than we thought.