Jusletter IT 15 February 2024

e-mail version

IRIS 2024: Language models – legal parrots or more? / AI & Law / E-Government / Crypto assets / M365


Dear readers


IRIS 2024

The 27th International Legal Informatics Symposium is currently taking place at the University of Salzburg and its general theme is "Language models: legal parrots or more?", one of the current key questions in the field of AI & law.

As in previous years, the scope of the conference is very broad, with contributions on virtually all areas of legal informatics.

This issue of Jusletter IT contains the articles on the general topic of legal language models as well as those on AI and law in general and the articles on e-government. As usual, the other IRIS contributions will be published in future issues. 

You can already order the printed conference proceedings with all contributions, edited by Erich Schweighofer, Stefan Eder, Federico Costantini, Felix Schmautzer and Jonas Pfister.


Also in this issue

The Basel Committee on Banking Supervision has presented a new standard on capital adequacy for crypto assets. Hans Kuhn and Rolf H. Weber analyse the requirements and procedures for adopting the standard into Swiss law. 

In the December issue of Jusletter IT, Markus Schefer and Philip Glass published an expert opinion on the use of M365 by public bodies. David Rosenthal has now written a response – while there is agreement on certain points, he comes to the opposite conclusion when it comes to access to data by US authorities.

In their TechLawNews Daniel Ronzani and Simon Schlauri deal with the deletion of data, the release of open source software by the federal government, guarantee and collective marks as well as the current legal situation surrounding Google Analytics.

We wish you an exciting read!

Philip Hanke
Verlagsleiter

Blockchain

Zur Umsetzung des Basler Krypto-Standards in der Schweiz
Hans Kuhn
Hans Kuhn
Rolf H. Weber
Rolf H. Weber
The Basel Committee on Banking Supervision has adopted a new standard for capital requirements for crypto assets, which provides for capital of up to 200% of the book value and an absolute exposure limit of 2% of core capital. There is no convincing justification for such drastic requirements. This article examines the new Basle standard and the process procedures for its adoption by Switzerland. It concludes that adoption would not be compatible with the principle of technology-neutral regulation and that there are serious constitutional concerns.

Data Protection

Eine Replik auf das «Cloud»-Gutachten
David Rosenthal
David Rosenthal
Markus Schefer and Philip Glass recently published an expert opinion according to which the use of M365 by public bodies results in a serious infringement of fundamental rights because US authorities allegedly can freely access all data in the cloud. In a reply, David Rosenthal shows why these assumptions are wrong and why their conclusions are, therefore, untenable. However, all three agree on the validity of the risk-based approach, which, according to Rosenthal, allows the use of the cloud even without the much cited, but often impracticable «end-to-end» encryption, for example because the gain in data security justifies any interventions.

Preface

Vorwort IRIS 2024
Erich Schweighofer
Erich Schweighofer
Stefan Eder
Stefan Eder
Federico Costantini
Federico Costantini
Felix Schmautzer
Felix Schmautzer
Jonas Pfister
Jonas Pfister

Language Models: Legal Parrots or more?

Juristische Sprachmodelle zwischen Transparenz und Datensicherheit
Rolf H. Weber
Rolf H. Weber
Juristische Sprachmodelle kommen vermehrt und in umfangreicherem Ausmass bei der Erbringung von Rechtsdienstleistungen zum Einsatz. Oft erfahren die Transparenz und die Datensicherheit aber nur eine ungenügende Beachtung. Diese beiden Ziele sind zudem nicht deckungsgleich. Der Beitrag analysiert die eintretenden Spannungsfelder und schlägt Vorkehren zur Risikominimierung beim Einsatz von rechtlichen Sprachmodellen vor, etwa zur Gewährleistung der Datenqualität oder zum Schutz vor Angriffen (z.B. Datenschutzverletzungen).

Verständliche Rechtstexte mit Hilfe grosser Sprachmodelle?
Bettina Mielke
Bettina Mielke
Christian Wolff
Christian Wolff
In diesem Beitrag wird die Fähigkeit großer Sprachmodelle, juristische Fachtexte in einfache Sprache zu übersetzen, untersucht. Dazu erfolgt die Analyse verschiedener Textsorten – Gesetzestext, Gerichtsurteil, Fachaufsatz – hinsichtlich der vorgenommenen Änderungen nach der Bearbeitung durch Sprachmodelle und ihrer jeweiligen Verständlichkeit. Dabei kommen einfache quantitative Metriken sowie qualitative Methoden zum Einsatz. Es zeigt sich Potenzial für die Erstellung von Texten in einfacher Sprache, auch als Beitrag zur Barrierefreiheit im juristischen Bereich, wobei das Vereinfachungspotential je nach Textsorte unterschiedlich ist. Zudem ist intensive redaktionelle Nacharbeit nötig, um die Qualität der Texte zu sichern.

Some difficulties in reading the law in the age of artificial intelligence
Ahti Saarenpää
Ahti Saarenpää
Legal information is primarily full of linguistic information. Even a brief review of established legal sources tells us this convincingly. Even though we have, and we increasingly need, signs and images of law in the digital environment, the dominance of the languages of law in communication about law does not appear to be receding. Successful linguistic communication requires sufficiently common languages and expressions. On the one hand, one of the external characteristics of current EU legislation is the definition of concepts in regulations. In the structure of the legislation, the concepts follow the goals expressed at the beginning of the act. This makes reading the regulation easier, It facilitates the activities of both laypersons and experts. The language game becomes more precise. But legal text and its concepts give, as the Finnish legal theorist, Professor Kaarle Makkonen insightfully wrote, only information about the rules. The deepest part of our legal expertise is the construction of a well-founded understanding resulting from the collection and processing of a variety of significant information. It is certainly not just a more or less formal treatment of legal concepts. We realised that after – if not somewhat before – the golden age of the jurisprudence of concepts – Begriffsjurisprudenz. Legal concepts are always related to some legal informational environment. We are talking about systems and systems thinking. Crossing system boundaries easily leads to an incorrect legal view. Legal principles in force and their limits are not recognised. It is necessary to keep these starting points in mind when we look at those modern artificial intelligence applications where the basic material is obtained using various statistical models of legal language. While the traditional search for text information is based on the search for characters it is now supplemented to an increasing extent by different expressions in different contexts, national and international. However, the limits on the application of the rules are much the same as before. This should not be forgotten amid our romantic enthusiasm for artificial intelligence. The use of language models involves a certain degree of return to the era of text-based use of information systems. Artificial intelligence also provides opportunities for text-based operating systems to an increasing extent. Symbols are accompanied by texts. This is undoubtedly will have a bearing on information retrieval. We get often more, many more search results than before. An increase in the number of search results does not necessarily increase the number of correct results; not at all. The exact match content remains unchanged. What is different is that the parent material obtained with the help of artificial intelligence can be useful in many ways in terms of legal understanding of things and at the same time in terms of excluding unnecessary information. And it is precisely identifying the right exclusions that burden s the use of our legal expertise. Even in the age of artificial intelligence, applying the law still involves an expert skill; even more than before. Law is an exact science, especially now as we witness the coming of the constitutional digital society.

KI-Sprachmodelle: IT-Sicherheit und Einsatz in der Programmierung
Michael Sonntag
Michael Sonntag
KI bzw große Sprachmodelle (Large Language Models - LLMs; zB ChatGPT) können sehr gute Formulierungen von Texten gewünschten Inhalts – auch in Fremdsprachen – erzeugen, was das Ökosystem von Phishing-Angriffen verändern kann. Dieser Beitrag untersucht dies von technischer wie auch rechtlicher Seite. Eine weitere Anwendung dieser Sprachmodellen ist die Unterstützung bei der Programmierung: Vom verbesserten Auto-Vervollständigen hin zur automatischen Generierung ganze Methoden oder Test-Klassen. Auch hierbei stellen sich Rechtsfragen, insb ob es sich beim Einsatz solcher Techniken um Urheberrechtsverletzungen handelt, was spezifisch von deren Funktionsweise abhängt.

AI & Law

AI and Emotional data between the Scylla and Charybdis of European Regulation
Robert van den Hoven van Genderen
Robert van den Hoven van Genderen
Rosa Ballardini
Rosa Ballardini
Not just linguistic models as Chat GPT but also other applications in all other veins of human activities. Education, health and social services, traffic and science, military and surveillance, neither of those is escaping AI influence. These applications will influence our functioning, and emotional behaviour. Although we never doubt that regulating new technologies that have a strong effect on so many societal processes is necessary, we have to be careful not to chill further development of the use of AI to avoid possible unknown risks. Research on the effects of AI certainly has to be centred on the influence on human life and fundamental requirements and rights, but also investments and legal protection of AI-related innovations are indispensable. This is certainly the case when AI uses emotional data derived from or influencing natural persons and life experiences. Investments and legal protection of inventions in this field by patenting might be challenged by several legal provisions in the EU such as the GDPR, and the draft AI Act. Also, the new European Data strategy, including the Data Act and Data Governance Act, could endanger the further investment and creativity for new AI applications because of the data sharing requirements. This article analyses the opportunities and risks of regulating AI for emotional data processing.

Ethical Implications of AI-Powered Chatbots
Dawn Branley-Bell
Dawn Branley-Bell
Johannes Feiner
Johannes Feiner
Sabine Prossnegg
Sabine Prossnegg
The use of Artificial Intelligence (AI), including the use of chatbots, is common and prevalence is expected to continue to rise. This paper delves into the creation and deployment of a chatbot named Tessa. Tessa was intended to aid users’ self-assessment of symptoms indicative of eating disorders and guide them towards relevant support services. The chatbot was designed to help ease strain on overburdened healthcare staff and offer support for individuals who may face significant delays in being able to access an in-person medical consultation. Unfortunately, despite a promising start, a recent incident with Tessa demonstrated how chatbots can go wrong. This paper analyses the incident from technical, psychological, and legal viewpoints, with a specific focus on key considerations around responsibility and safeguarding of chatbots within the health domain and the AI Act. This paper contributes to the ongoing discourse on the implications of AI-driven healthcare interventions, fostering a critical dialogue for future developments in this evolving landscape. We support the idea of regular assessments of AI interventions, improved regulation, and more stringent consideration of ethical and safeguarding issues.

AI-Enhanced fresh starts
Nina Toivonen
Nina Toivonen
Marika Salo-Lahti
Marika Salo-Lahti
Mikko Ranta
Mikko Ranta
Helena Haapio
Helena Haapio
This paper explores how AI can be used to help individuals in financial distress to overcome debt. Using the behavioral COM-B model as a framework for designing effective interventions, we discuss how AI can help improve individuals‘ capabilities, opportunities and motivation to sustain better financial health, and what solutions already exist for these purposes. To demonstrate the unleashed potential of AI in debt rehabilitation we conduct an experiment with OpenAI’s GPT-4, an AI model, to assess its proficiency as a personalized financial coach. While the potential of AI to support debt rehabilitation becomes evident, we also argue for the need for trustworthy technology and trust-building regulation that promotes the responsible design, implementation and use of AI in the financial sector.

Auslegung des KI-VO-E zur Evaluation von Symbolischen Deduktionsverfahren der Künstlichen Intelligenz für juristische Anwendungen
Axel Adrian
Axel Adrian
Michael Keuchen
Michael Keuchen
Max Rapp
Max Rapp
Alexander Steen
Alexander Steen
Der Entwurf der Verordnung für Künstliche Intelligenz der EU (KI-VO-E) sieht vor, bestimmte Qualitätssicherungsanforderungen für KI-Systeme vorzuschreiben, sofern deren Einsatz risikobehaftet ist. Dabei werden im KI-VO-E explizit symbolische KI-Verfahren als ein Beispiel der vielfältigen Landschaft der KI-Verfahren eingeschlossen. In diesem Aufsatz werden grundlegende, im KI-VO-E formulierte Tatbestandsmerkmale, im Kontext von logik-basierten symbolischen KI-Systemen ausgelegt und deren Evaluationsmöglichkeiten beschrieben.

Ambient assisted living technologies – regulatory framework and safety and security concerns
Michal Koscik
Michal Koscik
The paper provides an overview of the prevailing regulatory framework and highlights challenges concerning the safety, security, and protection of rights related to Ambient Assisted Living platforms. These platforms are intricate ecosystems comprising information technology, consumer products, medical devices, and quasi-medical devices. The paper argues that the current regulatory framework is insufficient to regulate larger environments composed of mixed hardware and software elements. It tends to focus on the functioning of individual pieces of technology, leaving AAL platforms vulnerable from an information safety and security perspective. The expansion of language models and the growth of AI technologies bring new capabilities, but also risks of potential exploitation or misleading of the end user.

The challenges of a Global Governance on Artificial Intelligence
Patricia Eliane da Rosa Sardeto
Patricia Eliane da Rosa Sardeto
Poliana Dequêch
Poliana Dequêch
Since Artificial Intelligence has the potential to impact human life in its entirety and globality, debates about global governance models of Artificial Intelligence are urgent. We already have some guidelines and general principles from(in) some countries and international entities, but so far, they cannot be considered a global governance proposal, in terms that UN proposed in 2023. In this way, our research aims to analyse how a global governance on AI can offer guaranties to be inclusive and collaborative, contributing so that everyone has a good experience with AI now and in the future. The problem addressed in this research is the interference in the process of education due to the use of new technologies, especially ChatGPT from the company Open AI. For this purpose, the systemic approach method proposed by Maturana and Varela is used, and the bibliographic method combined with comparative method is used as a procedural method. In way to achieve a global governance some initiatives are analysed and their challenges and contributions pointed out. The global governance on AI needs to come from different countries, entities, areas (tech/social/legal) as soon as possible because governance needs to learn to be fast, in order to follow the advancement of technology.

E-Government

Once Only in der Single Digital Gateway Verordnung
Björn Lellmann
Björn Lellmann
Carl-Markus Piswanger
Carl-Markus Piswanger
Felix Plank
Felix Plank
Peter Schüller
Peter Schüller
The European Single Digital Gateway Regulation (SDGR) mandates the development of a technical system for the cross-border exchange of evidences between European member states to be used in a number of administrative procedures. The system was due to be operational in December 2023. In this article we focus on specific developments and relevant new aspects for the European eGovernment, derived from the Austrian implementation of the SDG Once Only Technical System (OOTS). The article describes mainly technical approaches, which are either new in the internal technical system or in the user experience, including a pan-European method for finding equivalent evidences in other member states, novel aspects of the implemented IT-systems, methods of handling a potentially complex user experience with a significant number of handovers (also cross border), and considerations regarding data management, the use of artificial intelligence and data protection. The article also exhibits an overview over related topics and projects.

Statistische Betrachtungen zum E-Gov-Campus Bildungsangebot Human Factors im E-government Design – durch menschenzentrierte Gestaltung zu besseren Services
Dagmar Lück-Schneider
Dagmar Lück-Schneider
Das seit 2021 auf dem eGov-Campus angebotene Bildungsangebot „Human Factors im E-Government-Design – Durch menschenzentrierte Gestaltung zu besseren Services“ verzeichnete am 9.8.2023 über 570 Teilnehmende. Im Beitrag werden insbesondere die systemseitig zur Verfügung stehenden anonymen Nutzungsdaten als auch Umfragen zum Start und Ende des Angebotes ausgewertet. Hierüber lassen sich einige grundlegende Erkenntnisse zu den Nutzungszahlen und den Nutzenden selbst, zum Nutzungsverhalten und zu Nutzungsmotiven treffen. Beantwortet wird ferner, wie die Nutzenden auf das Lernangebot aufmerksam wurden und welche Inhalte für den Lernprozess als besonders hilfreich angesehen wurden.

Einschätzungen aus der argentinischen Abgeordnetenkammer zum Einsatz von künstlicher Intelligenz in Parlamenten
Jörn von Lucke
Jörn von Lucke
Fotios Fitsilis
Fotios Fitsilis
Parlamente analysieren derzeit, ob sich Technologien aus dem Bereich der künstlichen Intelligenz (KI) zur Erledigung bestimmter parlamentarischer Aufgaben eignen. Mit Blick auf Werkzeuge, Anwendungsbereiche, Nutzungsszenarien und Bedürfnisse werden KI-getriebene Veränderungen in Parlamenten erwartet. Der Einsatz von KI im parlamentarischen Raum ist bisher jedoch noch wenig erforscht. Der Beitrag präsentiert empirische Belege für die künftige Nutzung von KI-basierten Werkzeugen und Diensten in einem nationalen Parlament. Die Daten wurden während eines Brainstormings im Jahr 2020 und eines virtuellen Workshops im argentinischen Parlament 2022 gesammelt. Die Analyse gibt Aufschluss über die praxisnahe Priorisierung von KI-basierten Technologien im parlamentarischen Umfeld. Im Rahmen der Studie wurden die Relevanz und die Priorität von 210 Anwendungen sowie Themen rund um KI-Technologien mit Blick auf den argentinischen Nationalkongress und seine Kammern untersucht.

Review and application of a scoring model for public administration process prioritization in Germany
Tim Pidun
Tim Pidun
Dirk Müller
Dirk Müller
We apply the Information Systems Success Model to the domain of public administration in Germany to formulate a substantiated alternative approach as well as a matching scoring model to overcome the prevailing political prioritization of public service processes. The proposed score is evaluated in four different case settings, three administrative levels with the help of three different methods. The scoring models can be used consistently throughout the body of investigation. We discuss the results of the evaluation in the context of usability and usefulness and describe commonalities and variances. Guidelines, potential adaptions and future research suggestions frame the paper.

From legal texts to digitized services for public administrations
Felicitas Löffler
Felicitas Löffler
Frank Löffler
Frank Löffler
Maximilian Raupach
Maximilian Raupach
Sirko Schindler
Sirko Schindler
Jörg Schröder
Jörg Schröder
Birgitta König-Ries
Birgitta König-Ries
Marianne Mauch
Marianne Mauch
Sarah T. Bachinger
Sarah T. Bachinger
Philipp Bornheimer
Philipp Bornheimer
Stephan Breidenbach
Stephan Breidenbach
Daniela Ehrhardt
Daniela Ehrhardt
Leila Feddoul
Leila Feddoul
Hannes Legner
Hannes Legner
For the end-to-end digitization of the German public administration, there is a lack of detailed, interoperable descriptions of legal regulations, existing standards, and specific requirements. Yet, they are needed by small companies, decision-makers, administrative staff, and future citizen developers to create fully digitized public services with No-Code/Low-Code platforms and to keep them semi-automatically up to date with changing legal texts. We describe how formal descriptions of processes, data fields, decisions are derived from analyzing legal texts for the service to be digitized and are supplemented by semantic annotations and links to standards, creating innovative services.

Mehr Vielfalt durch eParticipation oder nur viel mehr vom Gleichen?
Harald Niederhuber
Harald Niederhuber
In der Arbeit untersuche ich anhand von Texten und Metadaten den Grad der Erreichung der Ziele. der Öffnung des Verfahrens durch elektronische Partizipation durch das Österreichische Parlament. Analysiert wird dabei die Pluralität der beteiligten Akteur:innen und deren gesetzten Aktionen. Dabei werden auch Möglichkeiten zur Verdichtung der vorliegenden Informationen zur Priorisierung und Verbesserung der Sichtbarkeit des Beitrags individueller Texte zur Vielfalt der Lösungen aufgezeigt. Gezeigt wird dabei, dass die durch den Ausbau gesteigerte Beteiligung zu mehr Partizipation in größerer Vielfalt führt und nicht zu mehr Wiederholung von Aktivitäten der immer wieder gleichen Akteur:innen.

Anwendung der OKR-Methode zur Wirkungsmessung von Smart-City-Prozessen in den Städten Freiburg und Köln
David Gelantia
David Gelantia
Amiran Gelantia
Amiran Gelantia
Giorgi Gelantia
Giorgi Gelantia
In diesem Forschungsvorhaben wird die Anwendung der Objectives and Key Results (OKR)-Methode zur Wirkungsmessung der Prozesse von Smart-City-Initiativen in den Städten Freiburg und Köln untersucht. Dabei werden bei der OKR-Methode Key Performance Indicators (KPIs) als Leistungskennzahlen mitaufgenommen, die den Erfolg einer Zielvorgabe erfassen. Es sollen spezifische OKRs und KPIs identifiziert werden, um Fortschritte und Erfolge in den verschiedenen Smart-City-Projekten zu messen, wie z. B. Ressourcenauslastung, Mitarbeiterzufriedenheit und Kooperationsgrad. Um diese KPIs effektiv zu nutzen, wird die Analytische Hierarchieprozess (AHP)-Methode angewendet, um sowohl eine Gewichtung als auch eine Priorisierung der identifizierten KPIs vorzunehmen. Dies ermöglicht eine gezieltere Bewertung und Priorisierung von KPIs, um die Effektivität von Smart-City-Prozessen zu maximieren. Die Ergebnisse dieser Forschung bieten Einblicke in die Herausforderungen von Smart-City-Projekten in Freiburg und Köln. Letztlich gilt es dabei eine Orientierungshilfe für andere Smart-City-Initiativen zu bieten, damit Best-Practice-Beispiele festgemacht werden können.

TechLawNews by Ronzani Schlauri Attorneys

Can I Delete These (e-)Documents?
Daniel Ronzani
Daniel Ronzani
Maybe you are cleaning out your office archive or you are reorganizing your digital filing system. Can you delete your dusty tax returns, old agreements and daily business correspondence? This article sheds some light on retention periods for (e-)documents.

Die Freigabe von Open-Source-Software durch den Bund
Rika Koch
Rika Koch
Simon Schlauri
Simon Schlauri
Am 1. Januar 2024 trat das neue «Bundesgesetz über den Einsatz elektronischer Mittel zur Erfüllung von Behördenaufgaben» (EMBAG) in Kraft. Dessen Artikel 9 statuiert eine Pflicht für Bundesbehörden, durch den Bund entwickelte Software als Open-Source-Software (OSS-Pflicht) zu lizenzieren. Der vorliegende Beitrag beleuchtet diese neue Rechtsnorm.

What are Guarantee and Collective Trademarks?
Daniel Ronzani
Daniel Ronzani
Guarantee and collective trademarks do not seem widely used (or maybe even known), possibly because the administrative burden is higher and the same goal of allowing others to use a trademark can be achieved by granting a license to an individual trademark. This article give a brief overview of the guarantee and collective trademark, and advocates why using them might add value.

Google Analytics: Rechtslage, Alternativen und Risikominimierung
Simon Schlauri
Simon Schlauri
In a decision dated December 22, 2021, the Austrian data protection authority dsb declared the use of the analysis and tracking tool Google Analytics by an Austrian company to be unlawful. This followed the Schrems II ruling of the European Court of Justice (ECJ). This decision, and a similar decision issued shortly afterwards by the French data protection authority CNIL, have been causing uncertainty ever since. This text looks at the reasons for the decisions of the two authorities and sets out the risks associated with the use of Google Analytics. Finally, it outlines alternatives to Google Analytics and formulates some rules that can be used to reduce the risks of using Google Analytics.