Skip to main content Accessibility help
×
Hostname: page-component-7dd5485656-pnlb5 Total loading time: 0.001 Render date: 2025-10-29T11:18:09.059Z Has data issue: false hasContentIssue false

2 - Is There a Need for New Digital Human Rights in AI Governance?

from Introduction to Part I

Published online by Cambridge University Press:  24 October 2025

By
Wolfgang Benedek
Edited by
Tiina Pajuste
Tiina Pajuste
Affiliation:
Tallinn University

Summary

Starting from the evolution of the protection of human rights on the internet, the first part of this chapter analyses the proposals for new digital human rights and the methodology of their creation in different forums such as the Council of Europe and European Union as well as related processes in the United Nations Human Rights Council. The second part focuses on the challenges related to the rapid developments in artificial intelligence, such as ChatGPT, for the protection of human rights and regulatory efforts by the Council of Europe, in particular its Framework Convention on Artificial Intelligence, Human Rights, Democracy and the Rule of Law adopted in 2024 and the Artificial Intelligence Act of the European Union dating from the same year. Both instruments are analysed for their potential to protect human and fundamental rights in particular through new digital human rights. The contribution finds possible complementarity between the two regulatory approaches. Giving several examples, it concludes that there is an ongoing process of the concretisation of new digital human rights, which are mainly but not exclusively based on existing human rights.

Keywords

human rightsdigital human rightsinternetartificial intelligenceChatGPTGlobal Digital CompactUnited NationsCouncil of EuropeEuropean Union

Information

Type
Chapter
Information
Human Rights in the Digital Domain
Core Questions
 , pp. 19 - 39
Publisher: Cambridge University Press
Print publication year: 2025
Creative Commons
Creative Common License - CCCreative Common License - BYCreative Common License - NC
This content is Open Access and distributed under the terms of the Creative Commons Attribution licence CC-BY-NC 4.0 https://creativecommons.org/cclicenses/

2 Is There a Need for New Digital Human Rights in AI Governance?

2.1 The Emergence of (New) Digital Human Rights

2.1.1 Introduction

Several recent initiatives have proposed new human rights for the digital sphere. This is in response to new challenges to human rights in an increasingly digitalised world. Recent developments to strengthen the governance of artificial intelligence (AI) have contributed to this debate. However, is there really a need for genuinely new digital human rights or would it suffice to adjust or extend existing rights by interpretation to deal with the new threats from cyberspace? As the proposals claim the emergence of new principles and rights, at which stage is the development of new digital human rights? How have European institutions reacted to the proposals and which regulatory efforts have they undertaken? If the new rights are proposed to be protected at the European level, what about the universal level of a global cyberspace, where there is a threat of increasing fragmentation?

Specific attention will be given to the regulation of AI from a human and fundamental rights perspective. In a dramatic move, a large number of renowned experts and scientists, among them developers of AI, have made a call in an open letter in March 2023 for a pause, a moratorium on the training of AI going beyond ChatGPT 4 in order to provide time to deal with the shortcomings in terms of reliability and some neglected aspects of the new technology. The letter also calls for quicker regulation by governments to provide a proper framework for the development and use of AI. This was complemented by concerns expressed by leading AI developers and even companies. The erratic Elon Musk has welcomed the suggested pause, and in view of the fact that ChatGPT cannot always distinguish between truth and falsehood, announced the development of a ‘TruthGPT’ as an alternative. Prompted by data protection concerns, Italy even temporarily prohibited the use of ChatGPT in order to obtain some assurances. The White House and the US Senate have called on the leaders of major companies to report on their activities. The Council of Europe (CoE) and the European Union (EU) have presented new regulatory approaches to AI, which will be analysed in a comparative way regarding their contribution to the protection of human and fundamental rights.

2.1.2 Protection of Human Rights on the Internet

The question of how to protect human rights online was first raised by civil society at the World Summit on the Information Society of the United Nations (UN), which took place in Geneva in 2003 and in Tunis in 2005. While the final documents of those conferences made only a few references to human rights,Footnote 1 the topic became a major concern in their follow-up in the form of the annual Internet Governance Forum (IGF).Footnote 2 For example, on the suggestion of the Association for Progressive Communications, which in 2006 produced an Internet Rights Charter, the Dynamic Coalition on Internet Rights and Principles established at the IGF in Rio in 2007 began elaborating the Charter of Human Rights and Principles for the Internet. The Charter was drafted in a broad process mainly by civil society and academia and presented as a draft version at the IGF in Vilnius in 2010, while the final version was presented at the IGF in Belgrade in 2011. The methodology was oriented towards the Universal Declaration of Human Rights in order to interpret it and other key UN human rights documents such as the International Covenants on Civil and Political as well as on Economic, Social and Cultural Rights, the UN Conventions on the Rights of the Child, and on the Rights of People with Disabilities for the Purposes of the Internet. The only new right identified was the right to access to the internet, which is formulated in Article 1 of the Charter.Footnote 3 The Charter contributed to the general debate on internet rights, which produced numerous proposals.Footnote 4

The UN human rights bodies were thus far largely absent from the topic. Only in 2011 did the Special Rapporteur on the Promotion and Protection of the Right of Freedom of Opinion and Expression, Frank LaRue, produce a report with a focus on the internet.Footnote 5 In 2012, the UN Human Rights Council adopted its first resolution on human rights and the internet in which it used the famous formula that ‘the same rights people have offline must also be protected online’.Footnote 6 This clarified that all human rights, in principle, are also applicable online, but does not exclude taking the particularities of the internet into account. Since that time, the UN has taken up issues related to the internet in several fora and recently prepared the Global Digital Compact that was agreed upon by its Summit for the Future of the Internet in September 2024. The compact deals with digital cooperation, including the application of human rights online.Footnote 7

Already before the UN started to deal with the issue, the CoE engaged in the question of how to apply human rights, in particular the European Convention on Human Rights (ECHR) to the internet, and since has taken the lead among international organisations in the study and regulation of the new challenges to human rights brought by the internet.Footnote 8 Inspired by the Charter on Human Rights and Principles for the Internet, the CoE elaborated a guide on human rights for internet users, which contains a catalogue of the main digital human rights.Footnote 9 The European Court of Human Rights (ECtHR) has developed its case law on the issue, related mainly to access to the internet, freedom of expression,Footnote 10 and the right to privacy and data protection with regard to the new technologies.Footnote 11 The tech community has also shown awareness of the need to give adequate attention to human rights in regard to technological development by coining the concept of ‘digital humanism’.Footnote 12

2.1.3 Proposals for New Digital Human Rights

In recent years, several proposals for new digital human rights have been launched, such as the Charter of Digital Fundamental Rights of the EU, elaborated by a group of mainly German experts and launched with the help of the Zeit Foundation in 2016 and updated in 2018.Footnote 13 The idea was to complement the EU Charter on Fundamental Rights drafted by a Convention in 2000, which became binding as part of the Treaty of Lisbon in 2009. The proposal contains, for example, the right that net neutrality must be provided in a non-discriminatory way (Article 11). Of particular interest are the rights related to automated systems and decisions; for example, that the criteria for automated decisions, such as in regard to digital profiling, must be transparent and be taken by natural or legal persons. Every person must have a right to the independent review of such decisions by a human being (Article 5). The rights should apply to the EU, state and non-state actors, including internet platforms.

Another initiative came in early 2021 from the author and lawyer Ferdinand von Schirach, who suggested six new fundamental rights to complement the EU Charter on Fundamental Rights, among them two new digital human rights: ‘Everyone has the right to know that any algorithms imposed on them are transparent, verifiable and fair. Major decisions must be taken by a human being.’ The other fundamental right proposed was the right to digital self-determination, according to which ‘excessive profiling or the manipulation of people is forbidden’. This proposal was supported by the WeMoveEurope Foundation, which has collected more than 270,000 supporters.Footnote 14 While these definitions lack the necessary precision to be directly legally applicable, they may serve as principles or be concretised depending on the respective context. The proposal included the idea of organising a new Convention to discuss the enlargement of the EU Charter on Fundamental Rights on the basis of these rights. However, this proved not to be realistic. A right to informational self-determination with a focus on data protection is already part of German law.

The proposals are addressed in the first place to the bodies of the EU, such as the European Parliament, the European Commission, and the governments of European states. However, there has been no known direct response to the proposals, while the European Commission and Parliament have developed their own proposals in the field of digital human rights, to be presented later in this chapter.

2.1.4 Methodology for ‘Creating’ New Digital Human Rights

The various initiatives for the progressive development of digital human rights and principles raises the question of how such new rights are being created. There has been an abundance of declarations and recommendations by various institutions, and non-government and inter-governmental organisations, sometimes developed with a multi-stakeholder approach.Footnote 15 With few exceptions, they are all of a soft law nature. Today, this is the norm in the progressive development of international legal obligations. If the authority of the proposed rules is high, they might be respected even without being legally binding. Therefore, the process of creation, whether by state initiatives or in a multi-stakeholder approach, whether by non-government initiatives or by regulatory bodies at the regional or universal level, makes a major difference. The regulation may not only come from public institutions but also from private platforms; for example, by way of self-regulation, which might follow recommendations from the public sphere, thus providing the horizontal protection of human rights – that is, of individuals against private companies. For example, in the case of the Human Rights Oversight Board of Facebook/Meta, individuals can launch appeals against company decisions that limit their freedom of expression.Footnote 16

There is an obvious danger of an inflation of the use of the concept of ‘rights’, which requires appropriate standards for their recognition. Today, we are faced with many claims for new human rights in various fields, but whether they find their way to general recognition and finally into regulatory norm-setting is a process with many factors. Already in 1984, Alston proposed some criteria for quality control in the creation of new human rights, such as the social value added, non-repetition of existing rights, ability to achieve high international consensus, or being sufficiently precise to produce identifiable rights and obligations.Footnote 17 Rights might also be recognised only at national or regional levels, which raises the question whether human rights need universal standing to be recognised as human rights.Footnote 18 For example, the prohibition of the death penalty as a key human right in Europe applies only among the members of the CoE and a number of other states globally, and therefore is not a universal human right. However, this does not affect its human rights character. The Spanish government has drafted a Charter on Digital Rights, which contains a comprehensive set of rights for the digital environment, including the right to digital identity, to public participation by digital means, and the right of access to digital environments for older persons. In several cases, the details of the rights identified are to be specified by the law.Footnote 19

Much depends on the protection needs identified by relevant actors. For example, while the focus in the past was on data protection, leading to various regulatory efforts such as the modernised Convention 108+ of the CoE or the General Data Protection Regulation (GDPR) of the EU, more recently the main concern has been with illicit content such as hate speech and disinformation on the internet, while today the protection of human rights in the development and use of AI takes centre stage. AI is also used for the Internet of Things. This produces non-personal data, which are not covered by the GDPR, but may still raise protection issues. Generally, the rights are to address protection needs, which in the digital environment can be structured into issues related to identity and access such as digital self-determination and protection from blocking and filtering as well as internet shutdowns, issues of protection against illicit digital content such as hate speech, disinformation, defamation, or online violence, and issues related to protection against technological threats such as surveillance, biometrical data use for facial recognition, and the use of AI to interfere with human rights or the harassment of bloggers or of digital human rights defenders.

Not all the digital rights proposed qualify as human rights. As an advocacy non-governmental organisation (NGO), European Digital Rights (EDRi) has established a network of NGOs from different countries to protect and promote digital rights.Footnote 20 In 2014, EDRi also produced a ten-point Charter on Digital Rights aimed mainly at members of the European Parliament preparing for (re-)election. In practice those rights were rather commitments in the form of principles covering a wide range of issues, such as the promotion of encryption or of free software.Footnote 21

Various questions related to the emergence of new human rights have been studied in detail in a recent handbook on new human rights, which also looks at some examples from the digital world.Footnote 22 The development of new human rights is a process starting with the identification of new protection needs, as mentioned, their articulation in the form of rights, and finally their recognition and implementation. Mart Susi identifies several elements of inadequate protection on the basis of existing human rights as a reason for developing new human rights. For rights derived from other rights, he observes a decrease in abstractness.Footnote 23 This could also be said for rights derived from principles such as the right to informational self-determination, which goes back to a decision of the German Constitutional Court in 1983.Footnote 24 In most cases, an evolutionary interpretation as applied by the ECtHR will suffice. For example, the secrecy of correspondence by letter can be extended to personal communication using the internet. But this also needed additional provisions on data protection, as in CoE Convention 108+, to address new privacy needs.Footnote 25

In view of the particularities of the online domain, Susi developed the non-coherence theory of digital human rights, which claims a change of meaning and scope when human rights are transposed from the physical to the digital world. Accordingly, digital human rights are different by nature from the respective offline human rights.Footnote 26

New human rights may be derived from parent rights (‘implied rights’) or be stand-alone rights. For example, the right to access to the internet has been derived by some from the freedom of expression and information, but others claim that because the relevance of meaningful access to the internet goes far beyond the freedom of expression it should be considered as a stand-alone right.Footnote 27 This is also supported by a report by the Office of the UN High Commissioner for Human Rights on Internet Shutdowns from a human rights perspective, which shows that many more rights are affected than just freedom of expression.Footnote 28 However, while the report refers to international commitments ensuring universal internet access, it does not speak of internet access as a human right, which shows that the right is not yet fully recognised as such at the UN level.Footnote 29

Furthermore, the ‘right to be forgotten’ has been claimed to be a stand-alone right, while its formation is related to the right to privacy and data protection.Footnote 30 Based on a judgement of the European Court of Justice, it has been introduced as part of the GDPR rules of the EU.Footnote 31 In response, Google has received thousands of requests for the deletion of links to personal information. It was largely left to the private company how to deal with these. However, whether a new digital human right has really been created is also being questioned.Footnote 32 So far, it is legally codified only in Article 17 of the GDPR and a few national constitutions, and is thus not generally recognised. However, in Biancardi v. Italy, the ECtHR has upheld the right to be forgotten, without referring to it in that way, against the freedom of expression of a journalist. The delayed de-indexing of an article on criminal proceedings on the internet had been found damaging to the reputation of a person.Footnote 33

Human rights can be individual and collective. Most experts will agree that a human right should be individually enforceable, otherwise we should better speak of principles. But there can also be a collective enforcement, as in the context of social rights. Some universally recognised human rights, such as the right to self-determination, and including the solidarity rights of peace, development, and the environment, can only be realised collectively. They are therefore sometimes called ‘peoples’ rights’. The African Charter on Human and Peoples’ Rights contains several such rights. Therefore, it might be worth also distinguishing between individual and collective digital human rights. For example, some – such as the right to cybersecurity – are quite abstract and need concretisation to be applied to individuals. However, this is nothing unusual if we consider, for example, the right to water and sanitation or the right to a clean, healthy, and sustainable environment recognised respectively in 2010 and in 2022 by the General Assembly of the UN.Footnote 34 Most human or fundamental rights also need concretisation. This is why one function of the various human rights treaty bodies is to elaborate interpretations, mostly in the form of general comments, while the human rights courts can give binding interpretations in individual cases that may provide general directions.

2.2 Governance of AI and Human Rights

2.2.1 Introduction

The impact of the development and application of AI (systems) on human and fundamental rights has become a priority concern for many actors, in particular since the company OpenAI backed by Microsoft has made ChatGPT 3 freely available.Footnote 35 The new technology opens new opportunities, but also new threats, such as the possibility of further facilitating the assessment of people according to their social behaviour (social scoring), as is already in use in China. While it produces astonishing results, which have generated heightened attention and expectations for its potential, there have also been warnings about its disruptive potential for democracy and society at large if used for disinformation. This culminated in the open letter of 22 March 2023 signed by key AI developers and thousands of concerned scientists asking for a six-month moratorium on the training of AI systems more powerful than ChatGPT 4. This is motivated by what the letter calls an out-of-control race, with AI labs ‘developing and deploying ever more powerful digital minds that no one – not even their creators – can understand, predict and control’. One example given is the ‘flooding of information channels with propaganda and untruth’. The uncontrolled race may lead to a ‘loss of control of our civilization’. Consequently, it creates new challenges to democracy and human rights. Time should be taken to introduce much-needed regulation and to address planning and management needs, including the development of shared safety protocols for advanced AI design to be overseen by independent outside experts. AI developers should work with policymakers ‘to dramatically accelerate the development of robust AI governance systems’, including oversight of highly capable AI systems, auditing and certification systems, and liability for harm caused.Footnote 36

The Human Rights Council of the UN also reacted by indicating the potential and risks of the emerging technologies and recommending certain measures to protect the human rights of individuals throughout the life cycle of AI systems. It also recommended strengthening the capacities of the Office of the High Commissioner for Human Rights (OHCHR) to advance human rights in the context of new and emerging technologies, and asked it to prepare a mapping report identifying challenges and gaps in this respect.Footnote 37 The report, presented in 2024, identified several gaps, including the provision of advice that should be provided by the OHCHR to Member States and all stakeholders to support them in integrating human rights from the design to the regulation of digital technologies.Footnote 38

This development shows the limitations of the old approach that industry should lead on new technological developments and that regulation can come later in cases where economic considerations lead to the neglect of societal concerns. The corresponding approaches of self-regulation and declarations of ethical principles, while important, are insufficient in such circumstances where the largest tech giants match each other in regard to economic opportunities, while states only pursue their national interests. The Asilomar Principles on Beneficial AI already elaborated in 2017 with the purpose of ensuring the compatibility of the development of AI with human dignity, rights, and freedoms, were already concerned that AI systems remain under human control.Footnote 39 The Organisation for Economic Co-operation and Development (OECD) adopted a set of principles on AI in 2019,Footnote 40 while UNESCO adopted a consensus-based Recommendation on the Ethics of Artificial Intelligence in 2021.Footnote 41 OpenAI on its website expresses its commitment to ensure that artificial general intelligence benefits all humanity, and also commits to the principle of transparency.Footnote 42 However, the training of AI systems is presently taking place behind closed doors without state or societal control. The danger of serious harm created by these developments has led one of the AI pioneers at Google to resign from his position in order to be free to speak out.Footnote 43

The call for the regulation of the development of AI and its application has accelerated ongoing efforts in Europe and beyond.Footnote 44 Besides the EU and the CoE, the US has responded with a non-binding AI Bill of Rights and a White House executive order. The AI Bill of Rights has a focus on addressing challenges to democracy and certain rights such as privacy and non-discrimination with a focus on serving the American people. It also foresees a right to opt out and of access to a human person to consider and remedy problems.Footnote 45 In reaction to the appeals for regulation, the heads of the main companies were called to the White House and the Senate, where even the chief executive of OpenAI called for regulation.Footnote 46 The issue is also on the agenda of the G7.

China has also adopted ‘Interim Measures for the Management of Services of Generative AI’, which are to complement existing laws on network security and data security. The regulation establishes the requirement that the contents should reflect the basic values of socialism, while the law should also prevent discrimination, hatred, violence, fakes, and other content that could interfere with the economic and social order.Footnote 47

These different and partly competing approaches also carry some ideological baggage. American and European values or Chinese socialism create the danger of a further fragmentation of the internet. Accordingly, universal rules for global problems created by the use of generative AI would be necessary to counter the trend of fragmentation and polarisation. Digital constitutionalism aiming at a normative framework for the protection of human rights and the balancing of powers is one approach to addressing these concerns.Footnote 48 Strengthening international cooperation and closing digital divides are the main aims of the UN Global Digital Compact. It contains several principles and objectives for international cooperation and also aims at enhancing governance in the field of digital technologies for which purpose new institutional proposals have been made, such as the establishment of an International Scientific Panel on AI to conduct independent risk assessments and produce annual reports, a Global Dialogue on AI Governance, and a Global Fund for AI for Sustainable Development. In support of stakeholders, the Office of the High Commissioner for Human Rights in Geneva is to provide advice on ensuring human rights.Footnote 49

As the non-binding recommendations and commitments to the self-regulation of AI were considered insufficient and some of the developers themselves were calling for a binding regulation, European regional organisations took the lead in elaborating new rules. Therefore, the efforts of the CoE and the EU will be studied here in greater detail using a comparative approach. Both of these started long before the hype around ChatGPT.

2.2.2 The CoE on AI and Human Rights

From a human rights perspective, major work on the regulation of AI has been undertaken by the CoE, which has traditionally taken the lead in the field of the internet and human rights. The methodology of the CoE aims to establish a committee by decision of the Committee of Ministers (CoM) for a particular topic to produce a report with a recommendation for adoption by the CoM. The committee is supported by the competent staff of the CoE and traditionally follows a multi-stakeholder approach as it brings together experts from Member States and civil society as well as academia, while the business community is also consulted. In the case of AI, the CoE has engaged in numerous activities since 2017 to study pertinent human rights issues and produce recommendations aimed towards guidance and regulation in this field.

In particular, the Parliamentary Assembly of the CoE adopted a recommendation in 2017 on technological convergence, AI, and human rights,Footnote 50 calling for the drafting of guidelines. In addition, the European Commissioner of Human Rights also came out in 2019 with a recommendation entitled ‘Unboxing Artificial Intelligence: 10 Steps to Protect Human Rights’.Footnote 51 It called for Human Rights Impact Assessments, information and transparency, independent oversight, non-discrimination, data protection, and remedies, to mention just the main steps. Also in 2019, the CoM established the Ad Hoc Committee on Artificial Intelligence (CAHAI), which was succeeded by the Committee on Artificial Intelligence (CAI) in 2021. Having adopted a declaration in 2019 on the manipulative capabilities of algorithmic processes,Footnote 52 one of the first recommendations by the CoM on the human rights impacts of algorithmic systems, with a set of guidelines attached, was adopted in 2020.Footnote 53 Based on a multi-stakeholder consultation, CAHAI with the help of three sub-groups produced a comprehensive feasibility study on a legal framework for the development, design and application of AI.Footnote 54 It came to the conclusion that while there were several applicable instruments, a number of substantive and procedural legal gaps existed that could be best addressed by a new legal framework for which key elements were identified.Footnote 55

In December 2021, after broad consultation, several studies, and conferences,Footnote 56 CAHAI adopted a report entitled ‘Possible Elements of a Legal Framework for Artificial Intelligence, Based on CoE’s Standards on Human Rights, Democracy and the Rule of Law’,Footnote 57 which dealt with issues related to the development, design, and application of AI based on CoE’s standards. For this purpose, the regulatory work of other international organisations such as UNESCO, the OECD, and the EU was taken into account.Footnote 58 It set out the main elements for a transversal convention creating a framework and possible additional legal or soft law instruments to apply generally or to specific sectors, and the public sector in particular. For example, a model for a human rights, democracy, and rule of law impact assessment on a soft law basis was proposed.Footnote 59 Mantelero, who has developed his own Human Rights, Ethical and Social Impact Assessment, critically noted that the CoE approach might be too broad.Footnote 60

Between 2022 and 2024, the CAI negotiated the text for a common legal instrument on AI. The drafts were provided by the secretariat and then discussed in the committee.Footnote 61 The Framework Convention on Artificial Intelligence, Human Rights, Democracy and the Rule of Law was designed as an open convention with a global vocation. There were fifty-seven states participating, among them some already established observer states of the CoE, including the USA, Canada, Mexico, and Japan, and also the EU. The Framework Convention was finally adopted by the CoM in May 2024 to be opened for signature in September 2024 at the meeting of ministers of justice in Vilnius. For it to enter into force, it needs only five ratifications. All states (including the EU) that have participated in its negotiation, as well as other states invited by the CoM of the CoE, can then become parties to the Convention.

The Framework Convention mainly contains principles for respecting existing human rights, but does not formulate new digital human rights. It also covers the obligations to protect the integrity of democratic processes and respect for the rule of law (Article 5).Footnote 62 The Convention contains relevant guidance for its parties such as the obligation to adopt and apply measures to protect human dignity and individual autonomy during the lifecycle of AI systems.Footnote 63 Its framework character implies that there might be additional instruments to address specific issues of AI governance. There are provisions on transparency and oversight, on accountability and responsibility, and on non-discrimination in the implementation of the Convention.Footnote 64 There is also a right to be informed when one is interacting with AI systems.Footnote 65 It also provides for a risk and impact management framework, which includes an obligation on parties to ensure that adverse impacts of AI systems on human rights, democracy, and the rule of law are adequately addressed.Footnote 66 There is no obligatory human rights, democracy, and rule of law impact assessment, but the CoE plans to elaborate a pertinent methodology. Regarding effective remedies, measures are to be foreseen that inform relevant bodies and where appropriate also affected persons about AI systems having the potential to significantly affect human rights, allowing them to contest decisions made or lodge a complaint to competent authorities.Footnote 67 Measures to ensure that AI systems are not used to undermine the integrity of the democratic process and the rule of law are to be adopted.Footnote 68

Parties should also establish effective oversight mechanisms. However, several general legal safeguards proposed in the elements for a convention by CAHAI, the predecessor of the CAI, such as the right to interaction with a human,Footnote 69 did not make it into the final version of the Convention, although they were partly taken up in the AIA.Footnote 70 With regard to the scope of the Convention, national security interests are excepted. The focus is on regulating public bodies. In view of resistance to including the private sector, the final version provides that parties will declare at the time of signature or ratification whether they will apply the principles and obligations also to private actors.Footnote 71 It seems that a watering down of the Convention was the cost of including the USA and other non-European states in the negotiations. States are free to use the legal tools they consider appropriate in implementing the Convention (Article 3). This would include the possibility of private self-regulation, which has been criticised by civil society, as it could undermine the binding character of the Convention. The general exception for national security has also been criticised.Footnote 72

Like the Data Protection Convention (Convention 108+),Footnote 73 the Biomedicine (Oviedo) Convention and the Cybercrime (Budapest) Convention of the CoE, the Convention will also be open by invitation to non-European states. For this purpose, the interests of future parties from outside the European region, but also in the EU, which was finalising its Artificial Intelligence Act (AIA) in parallel, had to be taken into account in the negotiations.

The CoE therefore moved ahead with a legally binding approach, whereas the field of AI and human rights has so far been primarily the subject of soft law recommendations and guidelines. This approach also goes beyond the ethical dimension covered by UNESCO guidelines,Footnote 74 but aims at legally binding obligations after soft law and self-regulation has been shown to be insufficient. There are obvious advantages and disadvantages to this approach. The advantage of a legally binding obligation and not just a soft law commitment is obvious if we look at the difficulties of having the multitude of recommendations and guidelines in the field respected in practice. The disadvantage is that a convention is negotiated mainly by states, which is also reflected in the composition of the CAI; this includes CoE member and observer states, and representatives of international organisations and private business, while selected members of civil society and academia can only participate if invited as observers. The outcome of the negotiation process needs to be ratified by national parliaments. As in the case of the Cybercrime Convention, only limited membership from non-European states can be expected. In order to achieve greater participation, standards had to be lowered. Therefore, whether the Convention can be expected to produce a valuable global response to the issues at stake is yet to be seen. It might remain a mainly European response to a global challenge, as the other open conventions of the CoE have. However, the effort to open up to the world needs to be recognised.

2.2.3 The EU Act on Artificial Intelligence and Fundamental Rights

The efforts of the EU in the field of regulating AI also aim to have an effect beyond the EU, as the EU, as in the case of the GDPR, aims at a ‘Brussels effect’. In a broad process, the EU has worked on different aspects of AI including its definition and ethical principles, on which the Independent High-Level Group of Experts on AI has produced relevant proposals including guidelines on ethics.Footnote 75 In January 2022, the European Commission presented a European Declaration on Digital Rights and Principles for the Digital Decade, which also contains rights related to the use of AI jointly adopted with the European Parliament and the Council in December 2022.Footnote 76 It focuses on principles and claims that in the digital transformation of Europe people should be at the centre, but, however, avoids saying clearly whether people should have enforceable fundamental rights. The declaration was supposed to serve as a reference work for politics and business.Footnote 77 Under freedom of choice, the rather short declaration also contains principles on AI, such as ensuring transparency about the use of AI, avoiding discrimination, and ensuring that algorithms are not used to predetermine people’s choices, which is reminiscent of some elements of the rights proposed by the WeMoveEurope campaign. This paved the way for the EU AIA to regulate AI.

The proposed EU AIA,Footnote 78 of April 2021, was presented by the European Commission after wide public consultation with the involvement of all interested actors. The explanatory memorandum only saw advantages for fundamental rights,Footnote 79 and indeed compared with the present situation, improvements can be expected. Certain AI practices, such as the evaluation of the trustworthiness of a person leading to a social score, are to be prohibited. For AI, which interacts with humans and uses biometric data, certain transparency obligations should apply.Footnote 80 For non-high-risk AI, providers are encouraged to develop codes of conduct for which the AIA sets a framework.

The Artificial Intelligence Strategy of the EU of 2018 was mainly concerned with making the EU a world-class hub for AI.Footnote 81 While committed to a ‘human-centric approach’, it also includes rules for product safety and civil liability. The resolution adopted by the European Parliament in May 2022, on ‘AI in a digital age’,Footnote 82 focused on the competitive situation of the EU in the global context and addressed various sectors including AI and the future of democracy. It mentioned many challenges for the protection of fundamental rights, which were to be fully respected in the digital transition and the development of AI, and called for ex ante risk self-assessments, data protection impact assessments, and conformity assessments.Footnote 83 It was clear that the risk-oriented approach, for example, in the use of face recognition, surveillance, or transparency requirements, did affect significant fundamental rights issues internally and human rights concerns externally. In addition, the participation of AI users and their rights were considered to be key concerns. In reaction to the debate on ChatGPT, the European Parliament requested stricter rules for ‘general purpose models’ of AI, which are trained on broad data at scale and can be adapted to a wide range of distinct tasks. This includes generative AI such as ChatGPT, which can produce new content.

With regard to fundamental rights, the EU Agency on Fundamental Rights provided an overview in 2020 of the main issues related to AI.Footnote 84 There were suggestions for a more specific inclusion of fundamental rights concerns in the AIA.Footnote 85 A total of 115 European civil society organisations, including EDRi and Algorithm Watch, called for a number of amendments to the AIA to strengthen its impact on fundamental rights.Footnote 86 Besides a better mechanism to deal with new risks, the authors called for meaningful rights and redress for people impacted by AI systems, such as the right for the explanation of decisions taken, the right to a judicial remedy, and the requirement of accessibility to all AI systems. NGOs such as Algorithm Watch produced studies on how to protect worker rights when AI is used in the workplace or how to provide access to data for public interest research.Footnote 87

After key committees of the European Parliament such as the Civil Liberties Committee had adopted a position on the AIA in which most of the concerns of civil society, such as the prohibition of predictive policing systems, emotion recognition, and real-time biometric identification in public spaces were taken into account, the EU Parliament adopted its position in June 2023.Footnote 88 The trilogue (an informal inter-institutional negotiation bringing together representatives of the European Parliament, the Council of the European Union, and the European Commission) ended with an agreement in December 2023 and further negotiations on the adoption of the revised draft by the European Parliament in March 2024. After a very tough negotiation process, the AIA was finally adopted on 21 May 2024.Footnote 89 The final text of the AIA was published in the EU Official Journal in July 2024 to enter into force the following month.Footnote 90

The AIA provides for a risk-management system distinguishing between unacceptable risks, high risks, and lower risks in or from AI systems. With regard to high-risk AI systems, which are characterised by posing significant threats to health, safety, or fundamental rights,Footnote 91 before being placed on the market, providers should meet several requirements such as testing and mitigating foreseeable risks to health, safety, fundamental rights, the environment, rule of law, and democracy with the involvement of independent experts.Footnote 92 In Article 5, it defines several prohibited AI practices, such as manipulative techniques impairing the ability of persons to make an informed decision, social scoring and profiling, certain emotion recognition systems, and certain biometric identification systems, although there are numerous exceptions. Still, they create barriers against the violation of fundamental rights.

The AIA has binding force only in Member States of the EU, but there is the expectation that, similar to the GDPR, it will set a global standard for companies, and thus also have extra-territorial impact.Footnote 93 In this context, it is worth noting that the GDPR already sets some applicable standards of relevance for AI applications, such as the prohibition of automated decisions related to individuals except if they give their consent (Article 22), thus applying the principle of human intervention (human in the loop) regarding data controllers. The Digital Service Act of 2022, which came into force in 2024, regulates online platforms with provisions relating to liability for the deletion of illicit and fake content and to remedies. In line with the competences of the EU, the objectives of the AIA are not focused on fundamental rights issues, but more broadly on risks related to the use of AI and their impact on economic and commercial as well as consumer concerns. It deals with the use of a trustworthy AI in products and services, and thus also adopts a harmonising and conformity-oriented approach. Accordingly, its first objective is described as ensuring safety and conformity of AI systems with fundamental rights during the whole AI lifecycle. For this purpose, it distinguishes different risk categories. Unacceptable risks, such as social scoring or the use of biometric data in public spaces, are prohibited in general; high risks, such as profiling, predictive analysis, and so on, are subject to risk management via assessments and transparency obligations, such as the right to be informed on the use of AI or the right to human oversight. However, there are also large exceptions for law enforcement and the security sector is fully exempted. In addition, there are safety and liability rules as well as a right to effective remedies. Fewer obligations apply to limited-risk and lower or minimal-risk AI systems.

The AIA became applicable according to a phased approach in which the prohibition of AI of unacceptable risk started to apply six months after the entry into force of the AIA (i.e., February 2025), and the obligations of general purpose AI model providers or the appointment of authorities in competent member states started to apply after twelve months. Certain obligations related to high-risk systems listed in Annex III, such as AI systems in biometrics, will become enforceable only after twenty-four months and others only after thirty-six months. A clarification of the rules for the implementation will be provided by delegated acts and guidance from the Commission, as well as codes of practice by the EU AI Office, established in May 2024.Footnote 94 For example, only by early 2026 will the EU Commission guidelines on the classification of high-risk AI systems have to be issued. Consequently, owing to the complexities of the Act, its obligations will be phased in over several years, which raises the question of whether this might not come too late given the ongoing race for ever more powerful AI systems. However, in view of this fact, the European Commission has set up the AI Pact as a framework to assist companies to prepare for the AIA on a voluntary basis.Footnote 95

2.2.4 Possible Complementarity between the Two Regulatory Approaches

While the CoE Convention on Artificial Intelligence, Human Rights, Democracy and the Rule of Law is fully focused on human rights and democracy standards, fundamental rights in the EU AIA only play a limited role, such as safeguarding against the undermining of existing standards as contained in the EU Charter on Fundamental Rights. While references to fundamental rights are included throughout the entire text of the AIA, they are limited to the rights contained in the Charter. This confirms the relevance of the EU Charter on Fundamental Rights for addressing AI. The EU, being represented in the drafting process of the AI convention of the CoE also contributed to its provisions from the EU background. In this way, possible differences were avoided. For example, the Convention provides that EU parties to the Convention shall in their mutual relations apply EU rules.Footnote 96

Accordingly, while there is an alignment to be observed, the CoE Convention in terms of human and fundamental rights covers a much broader ground. For example, it also directly covers democracy, while the AIA is only of indirect relevance, although this has also been one of the important concerns in the EU process. In this regard, the two texts can also be seen as complementary. If, as can be expected, the EU becomes a party to the Convention, this complementarity will be particularly relevant. However, the EU might want to wait until a significant number of its member states have ratified the Convention. However, as the European Court of Justice has clarified in its opinion of 2021, issued on the request of the European Parliament on the accession of the EU to the Istanbul Convention, there is no need for a ‘common accord’ of all EU Member States before the Council decides to join the Convention.Footnote 97

One major issue highlighted by civil society is the use of invasive applications of AI, such as biometrics for mass surveillance or in the migration context.Footnote 98 The AIA sees the remote use of biometrics in publicly accessible places for law enforcement as a red line, but has exceptions for asylum and migration.Footnote 99

One key problem is how to operationalise the right to digital self-determination in view of self-learning algorithms, which are black boxes even to their programmers. Accordingly, full transparency is technically not possible. Benefits and risks cannot always be fully determined in advance. To ensure that the persons affected remain in control has already shown to be difficult in the case of data protection rules. Therefore, the transparency obligation in Article 50 of the AIA contains the right to be informed if one is interacting with AI systems or if content is artificially created. The principle not to predetermine people’s choices as in the draft EU Declaration on Digital Rights and Principles can hardly be applied in practice where decisions in penal systems or the migration context are often guided by algorithms proposing decisions based on a large number of cases. However, rules on consent, as in data protection, are missing in this context. This makes the principle that safeguards or remedies should be provided all the more important, but the EU principles lack precision in terms of whom those safeguards should be provided for, let alone how they should look. The CoE, in its preliminary reflections and drafts based on Article 13 of the ECHR on the right to effective remedy or safeguards was more precise,Footnote 100 while the EU Declaration does not even refer to Article 47 of its Charter on Fundamental Rights on the same right. However, the AIA contains certain mechanisms, such as a right to an appeal to be provided at the national level, but still needs progress on the issue of enforcement.

Regarding the regulation of AI by the CoE Framework Convention and the AIA, both regulation projects, having been finalised in parallel, did influence each other. For example, the definition of AI chosen for the AIA also appears in Article 2 of the Framework Convention. There was clearly an intention to ensure that where the two processes overlapped the negotiations should achieve complementary results. However, in cases of conflict for EU Member States, the AIA prevails, as the Framework Conventions allows them to give preference to their obligations under the AIA. The open letter calling for a moratorium has contributed to an acceleration of the legal regulations urgently needed to provide legal security and establish oversight institutions.

2.3 General Conclusions

The need for the protection of human rights in the regulation of the internet today is beyond doubt. The online dimension of human rights is receiving increasing attention, as are the emergence of digital human rights that may go beyond existing human and fundamental rights. Such rights may be claimed and recognised at different levels; for example, at the national, European, or universal level. Accordingly, their human rights nature does not depend on recognition at the universal level, although this might be the claim and ambition, in particular when new threats show a global nature. As the example of the right to access to the internet shows, it is widely but not as yet generally recognised as a new human right. In the case of the right to be forgotten, this new right has mainly been established in the EU. The human rights related to the use of AI are presently in the process of concretisation, starting from ethical principles and aiming at concrete obligations at least in some respects in the form of the Framework Convention adopted by the CoE or the AIA of the EU. The focus is on the progressive development and concretisation of general principles and rights, and not on the creation of new digital human rights, which, however, may also be the case in response to new challenges. For example, the AIA now contains the right to know whether one is interacting with an AI system. One could also identify a right to be protected against detrimental uses of AI leading to manipulation or biometric categorisation of natural persons by prohibitions or risk-management systems. In the process of identifying or designing digital human rights in line with a multi-stakeholder approach, civil and public actors may be involved. In the case of most new and emerging threats there is no need for new digital human rights, but existing rights can be extended by interpretation to cover the new challenges. Altogether, the emergence of (new) digital human rights is a highly dynamic part of the progressive development of international law in all its emanations, from soft law to hard law. The regulation of the development and application of AI has accelerated the process of meeting new threats on the basis of extended and new human and fundamental rights in order to close gaps identified in human rights protection in the digital environment.

Footnotes

1 See the outcome documents at ITU, World summit on the information society, Geneva 2003, www.itu.int/net/wsis/documents/doc_multi.asp?lang=en&id=1161|1160|2266|2267; see also W. Benedek, ‘International organizations and digital human rights’, in B. Wagner, M. C. Kettemann, and K. Veith (eds.), Research Handbook on Human Rights and Digital Technology. Global Politics, Law and International Relations, 2nd ed. (Cheltenham: Edward Elgar, 2024), pp. 311–26.

2 W. Benedek, ‘Internet governance and human rights’, in W. Benedek, V. Bauer, and M. C. Kettemann (eds.), Internet Governance and the Information Society (The Hague: Eleven, 2008), pp. 31–50, at 36 et seq.

3 See the Charter on the webpage of the Internet Rights and Principles Coalition, https://internetrightsandprinciples.org.

4 See A. Pettrachin, ‘Towards a universal declaration on internet rights and freedoms?’ (2018) 80 International Communication Gazette 4, 337–53, who analysed fifty-eight documents proclaiming internet-related human rights.

5 UNHRC, UN Special Rapporteur on the Promotion and Protection of the Right of Freedom of Opinion and Expression, Frank LaRue, 16 May 2011, UN Doc. A/HRC/17/27.

6 UNHRC, ‘Resolution on the promotion, protection and enjoyment of human rights on the internet’, 16 July 2012, UN Doc. A/HRC/RES/20/8, para. 1. Since the resolution was renewed about every second year, see latest UNHRC Resolution 47/16 of 13 July 2021 with the same title, which repeats the principle in its para. 1.

7 See UN Office of the Secretary-General’s Envoy on Technology, www.un.org/techenvoy/global-digital-compact.

8 Benedek, ‘International organizations and digital human rights’, 370 et seq.; see also W. Benedek and M. C. Kettemann, ‘The Council of Europe and the information society’, in R. Kicker (ed.), The Council of Europe, Pioneer and Guarantor for Human Rights and Democracy (Strasbourg: Council of Europe Publishing, 2010), p. 109 et seq.

9 See the guide, Council of Europe, ‘Guide to human rights for internet users’, www.coe.int/en/web/freedom-expression/guide-to-human-rights-for-internet-users.

10 See W. Benedek and M. C. Kettemann, Freedom of Expression and the Internet, 2nd ed. (Strasbourg: Council of Europe Publishing, 2020).

11 See ECtHR, ‘Factsheet – Access to internet and freedom to receive and impart information and ideas’ (June 2024), www.echr.coe.int/documents/d/echr/FS_Access_Internet_ENG; and ECtHR, ‘Factsheet – New technologies’ (October 2024) www.echr.coe.int/documents/d/echr/FS_New_technologies_ENG.

12 See the Vienna Manifesto on Digital Humanism, May 2019, https://caiml.org/dighum//dighum-manifesto/.

13 See the text at https://digitalcharta.eu/wp-content/uploads/DigitalCharter-English-2019-Final.pdf.

14 See YouMove Europe, ‘For new fundamental rights in Europe’, https://you.wemove.eu/campaigns/for-new-fundamental-rights-in-europe.

15 See Pettrachin, ‘Towards a universal declaration’, and J. Kulesza, ‘Multistakeholderism – meaning and implications’, in M. Susi (ed.), Human Rights, Digital Society and the Law: A Research Companion (London: Routledge, 2019), pp. 117–31; W. Benedek, ‘Multi-stakeholderism in the development of international law’, in U. Fastenrath et al. (eds.), From Bilateralism to Community Interest: Essays in Honour of Judge Bruno Simma (Oxford: Oxford University Press, 2011), pp. 201–10.

16 See D. Wong and L. Floridi, ‘Meta’s oversight board: a review and critical assessment’ (2023) 33 Minds and Machines 2, 261–84.

17 P. Alston, ‘Conjuring up new human rights: a proposal for quality control’ (1984) 78 American Journal of International Law 3, 607–21.

18 M. Susi, ‘Novelty in new human rights: the decrease in universality and abstractness thesis’, in A. von Arnauld, K. von der Decken, and M. Susi (eds.), The Cambridge Handbook on New Human Rights: Recognition, Novelty, Rhetoric (Cambridge: Cambridge University Press, 2020), pp. 21–33.

19 See for the text of the Charter https://portal.mineco.gob.es/RecursosArticulo/mineco/ministerio/participacion_publica/audiencia/ficheros/Charter%20of%20Digital%20Rights.pdf.

20 See on its composition and activities, https://edri.org.

21 See the EDRi Charter of Digital Rights, https://edri.org/wp-content/uploads/2014/06/EDRi_DigitalRightsCharter_web.pdf.

22 A. von Arnauld, K. von der Decken, and M. Susi (eds.), The Cambridge Handbook on New Human Rights: Recognition, Novelty, Rhetoric (Cambridge: Cambridge University Press, 2020).

23 Susi, ‘Novelty in new human rights’.

24 O. Puccinelli, ‘The right to be forgotten 2.0’, in von Arnauld, von der Decken, and Susi (eds.), The Cambridge Handbook on New Human Rights, pp. 300–10.

25 See CoE, ‘Privacy and data protection – explanatory memorandum’, www.coe.int/en/web/freedom-expression/privacy-and-data-protection-explanatory-memo.

26 M. Susi, The Non-Coherence Theory of Digital Human Rights (Cambridge: Cambridge University Press, 2024).

27 See B. Cali, ‘The right to meaningful access to the internet’, in von Arnauld, von der Decken, and Susi (eds.), The Cambridge Handbook on New Human Rights, pp. 276–84.

28 OHCHR, ‘Internet shutdowns: trends, causes, legal implications and impacts on a range of human rights’, 13 May 2022, UN Doc. A/HRC/50/55.

29 Footnote Ibid., para. 2.

30 M. Susi, ‘The right to be forgotten’, in von Arnauld, von der Decken, and Susi (eds.), The Cambridge Handbook on New Human Rights, pp. 287–99, esp. 297.

31 T. Pajuste, ‘The protection of personal data in the digital society: the role of the GDPR’, in Susi (ed.), Human Rights, Digital Society and the Law, pp. 303−15.

32 Susi, ‘The right to be forgotten’, p. 287 et seq.

33 Biancardi v. Italy, Application no. 77419/16, Judgment of 25 November 2021.

34 See UNGA, ‘The human right to water and sanitation’, 28 July 2010, UN Doc. A/HRC/64/292; UNGA, ‘The human right to a clean, healthy, and sustainable environment’, 1 August 2022, UN Doc. A/RES/76/300.

35 GPT stands for Generative Pretrained Transformer. First assessments of the new technology and its commercial successor GDP 4 show its strengths and weaknesses; see K. Rose, ‘The brilliance and weirdness of ChatGPT’, New York Times, 5 December 2022; C. Metz, ‘OpenAI plans to up the ante in tech’s A.I. race’, New York Times, 14 March 2023.

36 See Future of Life Institute, ‘Pause giant AI experiments: an open letter’, 22 March 2023, https://futureoflife.org/open-letter/pause-giant-ai-experiments/.

37 See HRC, ‘New and emerging digital technologies and human rights’, 12 July 2023, UN Doc. A/HRC/RES/53/29.

38 OHCHR, ‘Mapping report: new and emerging technologies’, 24 June 2024, UN Doc. A/HRC/56/45.

39 The Asilomar Principles are part of another open letter; see Future of Life Institute, ‘Asilomar AI Principles’, 11 August 2017, https://futureoflife.org/open-letter/ai-principles/.

40 See the Recommendation of the OECD Council on Artificial Intelligence of 22 May 2019, https://legalinstruments.oecd.org/en/instruments/OECD-LEGAL-0449.

41 See the UNESCO Recommendation, https://unesdoc.unesco.org/ark:/48223/pf0000381137.

42 See the Statement on Artificial General Intelligence, 24 February 2023, https://openai.com/blog/planning-for-agi-and-beyond.

43 See ‘“The Godfather of AI” leaves Google and warns of danger ahead’, New York Times, 1 May 2023, www.nytimes.com/2023/05/01/technology/ai-google-chatbot-engineer-quits-hinton.html?te=1&nl=from-the-times&emc=edit_ufn_20230501.

44 W. Benedek, ‘Digital human rights and artificial intelligence’ (2023) 14 Pravni Zapisi, 2, 227–37.

45 See White House, ‘Blueprint for an AI Bill of Rights – making automated systems work for the American people’, www.whitehouse.gov/ostp/ai-bill-of-rights/; White House, ‘Executive Order on the safe, secure and trustworthy development and use of artificial intelligence’, 30 October 2023, www.whitehouse.gov/briefing-room/presidential-actions/2023/10/30/executive-order-on-the-safe-secure-and-trustworthy-development-and-use-of-artificial-intelligence/.

46 See ‘Open AI’s Sam Altmann urges regulation at Senate hearing’, New York Times, 16 May 2023, www.nytimes.com/2023/05/16/technology/openai-altman-artificial-intelligence-regulation.html?te=1&nl=the-evening&emc=edit_ne_20230516.

47 See the Chinese ‘Interim measures’, www.pwccn.com/en/tmt/interim-measures-for-generative-ai-services-implemented-aug2023.pdf; M. Sheehan, ‘China’s AI regulations and how they get made’, Carnegie Foundation, 10 July 2023, https://carnegieendowment.org/research/2023/07/chinas-ai-regulations-and-how-they-get-made?lang=en.

48 See G. De Gregorio and R. Radu, ‘Digital constitutionalism in the new era of internet governance’ (2022) 30 International Journal of Law and Technology, 1, 68–87.

49 See the developments on the global digital compact at the website of the UN Envoy for technology, www.un.org/techenvoy/global-digital-compact.

50 See European Parliament, Recommendation 2102 (2017), ‘Technological convergence, artificial intelligence and human rights’, 28 April 2017, http://assembly.coe.int/nw/xml/XRef/Xref-XML2HTML-en.asp?fileid=23726.

51 See CoE Commissioner for Human Rights, ‘Unboxing artificial intelligence: 10 steps to protect human rights (2019), https://rm.coe.int/unboxing-artificial-intelligence-10-steps-to-protect-human-rights-reco/1680946e64.

52 See CoE, ‘Declaration by the Committee of Ministers on the manipulative capabilities of algorithmic processes’, 13 February 2019, https://search.coe.int/cm/pages/result_details.aspx?objectid=090000168092dd4b.

53 See CoE, Recommendation CM/Rec(2020)1 of the Committee of Ministers to member States on the human rights impacts of algorithmic systems’, 8 April 2020, https://search.coe.int/cm/pages/result_details.aspx?objectid=09000016809e1154.

54 See CAHAI, Feasibility study, 17 December 2020, https://rm.coe.int/cahai-2020-23-final-eng-feasibility-study-/1680a0c6da.

55 See Footnote ibid., paras. 83–90 and paras. 95 et seq.

56 See CoE, ‘Artificial Intelligence, Council of Europe’s work in progress’, November 2024, www.coe.int/en/web/artificial-intelligence/work-in-progress.

57 See CAHAI, ‘Possible elements of a legal framework on artificial intelligence, based on the CoE’s standards on human rights, democracy and the rule of law’, 3 December 2021, https://rm.coe.int/cahai-2021-09rev-elements/1680a6d90d.

58 See for UNESCO its Recommendation on the Ethics of Artificial Intelligence, 23 November 2021, https://unesdoc.unesco.org/ark:/48223/pf0000381137.

59 See CAHAI, ‘Possible elements of a legal framework on artificial intelligence’, paras. 45 et seq.

60 A. Mantelero, Beyond Data: Human Rights, Ethical and Social Impact Assessment in AI (New York: Springer, 2022), p. 165.

61 See for the work of CAI and CoE, ‘Artificial Intelligence. Committee on Artificial Intelligence’, www.coe.int/en/web/artificial-intelligence/cai.

62 See on CAI, and the text of the Framework Convention, CoE, ‘Artificial Intelligence. Committee on Artificial Intelligence’, www.coe.int/en/web/artificial-intelligence/cai.

63 CoE Framework Convention on Artificial Intelligence and Human Rights, Democracy and the Rule of Law, CoE Treaty Series No. 225, Vilnius, 5 September 2024, Article 7.

64 Footnote Ibid., Articles 8, 9, and 17.

65 Footnote Ibid., Article 15, para. 2.

66 Footnote Ibid., Article 16.

67 Footnote Ibid., Article 14.

68 Footnote Ibid., Article 5.

69 See on the work of CAHAI, CoE, ‘Artificial Intelligence. CAHAI – Ad hoc Committee on Artificial Intelligence’, www.coe.int/en/web/artificial-intelligence/cahai.

70 See, e.g., Article 13 AIA on transparency and provision of information to deployers and in particular Article 14 on human oversight for high-risk AI systems and Article 50 – natural persons to be informed that they interact with certain AI systems or that content has been artificially created or manipulated (deep fakes).

71 See Article 3 of the CoE Framework Convention.

72 See the open letter by Algorithm Watch and numerous other NGOs of 5 March 2024 at: https://algorithmwatch.org/de/wp-content/uploads/2024/03/Open_letter_Council_of_Europe_AI_Convention.pdf.

73 Convention for the Protection of Individuals with regard to the Automatic Processing of Personal Data, Strasbourg, 28 January 1981, ETS 108, and its protocol of 2001, Additional Protocol to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data regarding supervisory authorities and transborder data flows, Strasbourg, 8 November 2001, ETS 181.

74 See the UNESCO Recommendation on the Ethics of Artificial Intelligence, 23 November 2021, https://unesdoc.unesco.org/ark:/48223/pf0000381137.

75 See on ethics guidelines for trustworthy AI by the Independent High-Level Group of Experts of EU at European Commission, ‘Shaping Europe’s digital future. Ethics guidelines for trustworthy AI’, 8 April 2019, https://digital-strategy.ec.europa.eu/en/library/ethics-guidelines-trustworthy-ai.

76 See European Commission, ‘Shaping Europe’s digital future. European Declaration on Digital Rights and Principles’, 15 December 2022, https://digital-strategy.ec.europa.eu/en/library/european-declaration-digital-rights-and-principles.

77 Communication by the Commission, COM (2022) 27 final of 26 January 2022.

78 Proposal for a Regulation of the European Parliament and of the Council laying down harmonised rules on artificial intelligence (Artificial Intelligence Act) of 21 April 2021, COM (2021) 206 final, https://eur-lex.europa.eu/resource.html?uri=cellar:e0649735-a372-11eb-9585-01aa75ed71a1.0001.02/DOC_1&format=PDF; see also the Communication of the European Commission, ‘Fostering a European approach to Artificial Intelligence’, 21 April 2021, COM(2021) 205 final, https://eur-lex.europa.eu/resource.html?uri=cellar:01ff45fa-a375-11eb-9585-01aa75ed71a1.0001.02/DOC_1&format=PDF.

79 Draft AIA, Footnote ibid., 3.5.

80 Footnote Ibid., 5.2.4.

81 See the Communication of the Commission on Artificial Intelligence for Europe, 25 April 2018, Com. (2018) 237, https://digital-strategy.ec.europa.eu/en/library/communication-artificial-intelligence-europe.

82 See European Parliament resolution on AI in a Digital Age, 3 May 2022, www.europarl.europa.eu/doceo/document/TA-9-2022-0140_EN.html.

83 Footnote Ibid., para. 141.

84 European Union Agency for Fundamental Rights, Getting the Future Right – Artificial Intelligence and Fundamental Rights (Luxembourg: Publications Office of the EU, 2020) and its study on facial recognition technology, FRA, ‘Facial recognition technology: fundamental rights considerations in the context of law enforcement’ (2020), https://fra.europa.eu/sites/default/files/fra_uploads/fra-2019-facial-recognition-technology-focus-paper-1_en.pdf.

85 See, e.g., D. Onitsiu, ‘How a human rights perspective could complement the EU’s AI Act’, LSE blog, 31 January 2022, https://blogs.lse.ac.uk/europpblog/2022/01/31/how-a-human-rights-perspective-could-complement-the-eus-ai-act/.

86 See Civil Society statement, ‘EU Artificial Intelligence Act for fundamental rights’, 30 November 2021, https://algorithmwatch.org/en/eu-artificial-intelligence-act-for-fundamental-rights/.

87 See AlgorithmWatch, ‘Publications’, https://algorithmwatch.org/en/publications/.

88 European Parliament, ‘AI Act: a step closer to the first rules on Artificial Intelligence’, 11 May 2023, www.europarl.europa.eu/news/en/press-room/20230505IPR84904/ai-act-a-step-closer-to-the-first-rules-on-artificial-intelligence.

89 For the legislative train schedule, see European Parliament, ‘Legislative train schedule. Artificial Intelligence Act’, www.europarl.europa.eu/legislative-train/theme-a-europe-fit-for-the-digital-age/file-regulation-on-artificial-intelligence#:~:text=The%20AI%20act%20was%20adopted,20%20days%20after%20its%20publication.

90 See Regulation 2024/1689, 13 June 2024, OJ L of 12 July 2024.

91 See Footnote ibid., Article 6, para. 3.

92 See L. Bertuzzi, ‘AI Act: MEPs close in on rules for general purpose AI, foundation models’, Euroactiv, 24 April 2023, www.euractiv.com/section/artificial-intelligence/news/ai-act-meps-close-in-on-rules-for-general-purpose-ai-foundation-models/.

93 See the report by A. Engler, ‘The EU AI Act will have global impact, but a limited Brussels Effect’, Brookings, 8 June 2022, www.brookings.edu/research/the-eu-ai-act-will-have-global-impact-but-a-limited-brussels-effect/.

94 See preambular para. 179 of the AIA.

95 See European Commission, ‘Shaping Europe’s digital future. AI Pact’, https://digital-strategy.ec.europa.eu/en/policies/ai-pact.

96 See Article 27, para. 2 of the CoE Convention.

97 European Court of Justice, Opinion 1/19 of the Court (Grand Chamber) of 6 October 2021.

98 See Access Now, ‘The EU AIA: how to (truly) protect people on the move’, 13 May 2022, https://edri.org/our-work/the-eu-ai-act-how-to-truly-protect-people-on-the-move/.

99 EU Commission, Proposal for AIA, 5.5.2.

100 See CAHAI, Feasibility study, paras. 91 and 113, and CAHAI, ‘Possible elements of as legal framework on artificial intelligence’, paras. 34 and 39 et seq.

Accessibility standard: Unknown

Why this information is here

This section outlines the accessibility features of this content - including support for screen readers, full keyboard navigation and high-contrast display options. This may not be relevant for you.

Accessibility Information

Accessibility compliance for the HTML of this book is currently unknown and may be updated in the future.

Save book to Kindle

To save this book to your Kindle, first ensure no-reply@cambridge.org is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about saving to your Kindle.

Note you can select to save to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be saved to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.

Find out more about the Kindle Personal Document Service.

Available formats
×

Save book to Dropbox

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Dropbox.

Available formats
×

Save book to Google Drive

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Google Drive.

Available formats
×