Integrity and security discourses in three European countries' AI policies : A study in privacy, political theory and rapidly developing technology

Abstract: The relatively recent developments in AI have caused a lot of discussions surrounding security and privacy, and a consistent theme throughout these discussions have been how privacy as a political and legal term have developed in response. While this isn't necessarily a new phenomenon – privacy concerns have been around since the 19th century when Warren and Brandeis published their seminal paper – the development of AI has marked a new period where privacy has become a socio-political issue. The development of AI also have happened concurrently with changes in governmental paradigms, which makes this relevant albeit possibly difficult to interpret. That makes communicative events – the AI strategies, privacy regulations and news articles – important empirical material for the study. The study's main purpose will be to study how three selected countries - and the practices within them – have shaped their respective artifical intelligence strategies through privacy regulations. This is an important question to ask when changes in organizational ideology have occurred and resulted in New Public Management – an ideology more friendly towards corporations than its 1950s-70s predecessor, when AI was in its infancy. For the purpose of this paper the term artificial intelligence will refer to computer programs and systems on the software level; they are interently dealing with data as a part of their function. And the computer does not check the security and privacy-related implications for the data use unless the programmer specifically makes the artificial intelligence do so; and there are many cases where that would be difficult. The countries chosen for the paper – the United Kingdom, Sweden and Estonia – were selected partly because they are democratic countries, but also partly due to their different stances on artificial intelligence, history and governance methods. These three do share some unifying aspects, such as all being European countries and signatories of the EU's GDPR treaty. The resulting comparision illustrates that differences between the three countries' existing practices do affect how AI strategies and regulations are formed – an important consideration in an environment where privacy has become an intense topic of debate.