EU Digital Constitutionalism, Digital Sovereignty and the Artificial Intelligence Act – A network perspective

23 December 2021/ By

Introduction – The Need for a Network Perspective

The European Union’s efforts to regulate various aspects of the digital age have significantly advanced recently, as the Union’s institutions reached notable milestones throughout the month of December.  On the 15th of the month, the European Parliament has held its plenary vote on the Digital Markets Act (‘DMA’), finalising the position it is going to take in the trialogues due to start in the beginning of 2022. The day before, on the 14th of December, a compromise text of the Digital Services Act (‘DSA’) had been adopted by the Parliament’s Internal Market Committee, paving the way for a plenary vote which is widely expected to take place in January 2022.

These developments came after the Parliament had started the month with a breakthrough on its work on the Artificial Intelligence Act (‘AIA’/’the proposal’), the Conference of the Committee Presidents deciding to name the Internal Market and the Civil Liberties committees as co-leaders on the file, just a few days after the Slovenian Presidency of the Council published its progress report on the file.

The fact that these files are going through the legislative process in the same time frame is proof of the EU’s understanding of the interplay between different elements of the digital age. Indeed, one of the defining characteristics of the digital era is increased connectivity. In addition to bringing people closer together, connectivity also refers to the overlaps and interactions between different technologies, from algorithms shaping the functioning of social media platforms to machine learning systems being used to process the large amounts of data internet users produce every day. Consequently, to properly understand the functioning of a specific technology, one also has to understand its interactions with other technologies and consider it as part of a network rather than in isolation.

Similarly, the general challenges that emerge as the digital revolution unfolds also require a holistic perspective and an understanding of all the elements at play and the connections between them – in other words – an understanding of the network they are part of. The purpose of this piece is to take such a holistic (‘network’) approach to the AIA proposal. The post will particularly consider this proposal in light of two central doctrines: EU digital sovereignty and EU digital constitutionalism. Having analysed the role of each and the relation between these two doctrines, the post will argue that the AIA proposal can be interpreted as an expression of both doctrines.

Between digital sovereignty and digital constitutionalism

Digital sovereignty’ has been set by the President of the European Commission (‘the Commission’), in her 2020 State of the Union Speech, as an overarching goal of the EU’s Digital Decade. A year later, in her 2021 State of the Union Speech, von der Leyen reflected again on the importance of sovereignty in the digital age, this time, however, referring to it as ‘tech sovereignty’. This goes to show a certain flexibility with which the Commission seems to use the term ‘digital sovereignty’ – a term, which not only lacks a clear definition but is also sometimes used interchangeably with other terms such as ‘tech sovereignty’ or ‘digital autonomy’. Other institutions of the Union refer to this concept using varying terms too, the President of the European Council, for example, seeing digital sovereignty as being central to ‘strategic autonomy’. Scholarship, among others Floridi, Pohle and Kaloudis, have recognised the lack of a clear definition of digital sovereignty, both in abstract and in the EU context, attempting too, to a certain extent, to fill this gap – for example, in his article, Kaloudis proposes a definition for this term, which he suggests can be used to achieve a common understanding of what digital sovereignty is and draw up an action plan to achieve it.

Before a definition is found, or formally adopted by the EU institutions, this article suggests that the best way to consider and utilise the concept of ‘EU digital sovereignty’ is to look at the purpose the institutions themselves attach to it. In this sense, the most straightforward description has been provided by the Commission which understands digital sovereignty as ‘the ability to set one’s standards rather than follow those of others’. Two of the three key characteristics of this concept become apparent from this definition: (1) autonomy – understood in this context as the ability to set one’s own standards and (2) influence – the capacity to influence the standards set by others. The third key characteristic, although not being included in the Commission’s definition, has been used both as a justification for the pursuit of digital sovereignty and as one of its objectives within the EU context – (3) the protection of fundamental rights and European values. These three key characteristics, can be translated into three different ‘levels’ of the concept of digital sovereignty – 1) EU and state actors; 2) EU and non-state actors; and 3) EU citizens and the digital world, or individual digital self-determination.

Unlike digital sovereignty, which, as discussed above, has been embraced by the EU institutions, the concept of digital constitutionalism is, at least for the moment, mostly popular in scholarship. As presented by Celeste and De Gregorio, digital constitutionalism is an ‘ideology that adapts the values of contemporary constitutionalism to the digital society’[1] and which aims, in essence, to ensure the existence of an appropriate framework for the protection of fundamental rights in the digital environment. As the boundaries between the digital and non-digital sphere are becoming increasingly blurry, the value of this concept increases.  A digital constitutional framework would be more than a mere addition to an effective fundamental rights protection framework but would rather become a prerequisite for the latter.

Floridi argues for an emergence of a sort of ‘hexagram of EU digital constitutionalism’. For him, each of the major proposals in the field, including the AIA, or the General Data Protection Regulation (‘GDPR’),represent one side of this hexagram. This is a useful way to visualise the relation between the different regulatory initiatives as well as to imagine the emergent shape of the EU’s digital constitution. The digital constitutionalism framing which Floridi uses is valuable for two further reasons. First, it highlights the need for coherence between the different slides of the hexagram. This framing goes deeper than seeing these legislative proposals as pursuing the same goals, recognising that, to be truly effective, they must work well as part of a framework rather than just individually. Second, by using the term ‘constitutionalism’, it also signals the need to reflect on the relation between this new digital framework and the existing EU law framework.

EU digital constitutionalism as a path to EU digital sovereignty

Looking at these two concepts together, there is a high degree of overlap between the third dimension of digital sovereignty and digital constitutionalism. Indeed, they can almost be seen as two faces of the same coin, each pursuing the same goal – the protection of fundamental rights in the digital age – from different perspectives. Digital constitutionalism complements digital sovereignty by adding an internal layer of protection for fundamental rights, which must be safeguarded not only against ‘outside forces’ but also against the EU Member States and the EU institutions themselves.

Moreover, as indicated above, digital constitutionalism framing is important because it considers all current legislative proposals related to the digital age as part of an emerging framework – a new layer of EU law to be fit in with the rest. The success of these proposals depends, therefore, on the success of the framework as a whole. While the popularity of a proposal can be measured by itself, the true realization of digital sovereignty is possible by ensuring that the various pieces of the digital constitutionalism puzzle fit well together and leave no gaps that can be exploited.

Digital constitutionalism emerges therefore as the materialisation of the objectives of the third level of EU digital sovereignty. The EU institutions argue that digital sovereignty is necessary to ensure the respect of European fundamental rights and values in the digital age, and protecting them from any negative interference coming from outside the boundaries of the EU. But without a framework to ensure that these rights and values are protected primarily withing the EU, there would not be much to defend against negative interference.

The AIA as an expression of digital sovereignty and digital constitutionalism

In the new emerging constitutional framework, the AIA will likely play an important role. That is not only because of the importance of AI systems in the digital age but also because of the significant ambitions underpinning the proposal.  By its very nature, the endeavour to regulate a technology which has such an enormous potential for value creation, but is at the same time inherently complex and elusive, is daring, to say the least. Daring is also the extraterritorial scope of the proposal, set out in its Article 2, inspired by the GDPR. The proposal stresses its goal is not only to shape the development of AI in Europe but to do so on a global scale. Finally, the purpose of the AIA will be to create ‘trustworthy AI’, which, according to the AI White Paper and the proposal itself, is AI that respects the EU fundamental rights and values.

All these elements are connected to both digital sovereignty and digital constitutionalism. The Commission recognises an important challenge for EU fundamental rights, posed by a potent technology which is being quickly developed and starts taking active steps to address it, for example by banning AI systems which would pose unacceptable risks to fundamental rights. In doing so, the Commission wants to protect EU citizens not only from AI systems developed and deployed in the EU but all the systems that can negatively impact them, regardless of the place where they are deployed. Significantly, the very idea of ‘trustworthy AI’, as understood by the Commission and the other EU institutions, is a clear expression of digital constitutionalism.

The proposal makes numerous references to the importance of fundamental rights (mentioned 81 times) and European values. The Explanatory Memorandum states that the proposal has been designed with them in mind and aims to protect them. This is for example apparent from Article 5 which prohibits practices deemed to pose unacceptable risks, because they would be ‘contravening Union values such as the violation of fundamental rights’. The risk-based approach as a whole is devised taking into account the protection of fundamental rights, as Chapter 1 of Title III ‘Classification of High-Risk Systems’ shows. While the whole approach and the limits between the different risk-levels is not beyond reproach, the intention to protect fundamental rights is certainly present. This focus on safeguarding fundamental rights in the age of AI is the very embodiment of the essence of the idea of ‘digital constitutionalism’ as expressed by Celeste and De Gregorio.

The proposal also adds an internal layer of protecting fundamental rights, covering not only private actors based inside or outside of Europe but also all EU institutions, agencies and bodies (Article 59), as well as the Member States. Here, the ban on social scoring deployed by public authorities (Article 5(c)) and the (incomplete and highly questionable) prohibition on real-time remote biometric identification (Article 5(2)) are concrete examples of the impact that the AIA might have on the public authorities of Member States. This internal layer, in line with the point made above, is an expression of digital constitutionalism which is needed to complement digital sovereignty and ensure a robust protection of fundamental rights.

Finally, the AIA Proposal is also a relevant case study because of its shortcomings. Despite the fact that the proposal refers to fundamental rights repeatedly, the substance of the Proposal falls short of providing appropriate safeguards. Most notably and worryingly, EU citizens are not being given any right to bring claims against the misuse of prohibited or high-risk AI systems. Here, the idea of digital sovereignty wins over that of digital constitutionalism, leaving an important gap to be filled. The Commission seems more concerned about the idea of ‘sovereignty’, understood as control and autonomy over third parties, rather than the safeguarding of individual rights and offering meaningful and appropriate remedies for breaches of fundamental rights. Consequently, this power is given to a complex system of market surveillance authorities instead of EU citizens.

However, the Commission will have a chance to fill this gap with its forthcoming proposal for liability of AI systems, making it easier for consumers to bring actions against faulty AI systems, through, among others, reversing the burden of proof, placing it on the provider or user of the AI system rather than on the person who was affected by its use. There is also a chance that European Parliament and the Council of the European Union will decide to take it upon themselves to fill this gap in the AIA by amending the proposal to give more power to the citizens, for example by giving them a right to challenge and complain about the AI systems in use where they have harmful impacts, as suggested by several stakeholders, including the European Consumer Organisation (BEUC) and the Ada Lovelace Institute.

Conclusion – The Network’s Missing Pieces

Having highlighted the dynamics between digital constitutionalism and digital sovereignty and the way in which they complement each other, this blog post aimed to show that the EU’s Artificial Intelligence Act Proposal can be considered an expression of both these concepts. Since digital sovereignty is an important goal for the EU’s Digital Decade, it is important to place it into the right context and reflect on the way in which it can be achieved. Without a digital constitutionalism perspective, the strength of the emerging EU digital framework is questionable, for two key reasons. First, digital constitutionalism is needed to add the internal layer of protection, which will also have the effect of ensuring the coherence between what the EU preaches externally and what it does internally. Second, the constitutional perspective is necessary to ensure that the new legislative initiatives, which seek to contribute to EU’s digital sovereignty, are not in tension with each other, but work together to achieve their common goal.

Going back again to the image of the hexagram, this should be imagined, for the moment, as being poorly drawn, with unequal, zig-zagging sides. How the tensions and gaps present in the EU’s emerging digital constitution will be resolved will determine not only the level of protection that fundamental rights and EU values will enjoy in the digital age but also the success of the Digital Decade project.

Looking ahead, the Court of Justice of the European Union could play a key role in resolving any tensions between the sides of the hexagram and ensuring its coherence. While there are advantages to this solution, such as the vast experience of the Court in solving tensions within the EU legal framework, the politically sensitive nature of EU’s goals for the digital age and the challenges it will face suggest that this might not be the right approach. To bring everything together, and create a constitutional blueprint for the digital age, the EU could perhaps consider a Charter of Rights and Principles for the Digital Age, taking inspiration from, but going beyond, Spain’s Digital Rights Charter, published earlier this year with the objective of ‘updating existing rights to adapt them to the new circumstances of the digital age’ and providing for rights such as the right to identity in the digital environment and he right to equality and non-discrimination in the digital environment.

[1] Celeste E, Digital constitutionalism: a new systematic theorisation, International Review of Law, Computers & Technology, 33:1, 76-99, DOI: 10.1080/13600869.2019.1562604 (2019)