Robots rewrite the rules
From chatbots to smart contracts, technology is transforming the way the travel industry works. By its very nature the travel industry is a rich source of data, so the myriad of ways that technology offers to maximise business efficiency, while improving customer experience, is too good an opportunity to miss.
For example, Hilton Hotels, in collaboration with IBM, is piloting a robot concierge called Connie. Aimed at personalising the guest experience, assisting with queries and providing guests with information to help plan trips, Connie learns from its interactions with guests. Amadeus uses Artificial Intelligence (AI) to offer specifically tailored travel offers based on a customer’s preferences and needs; while KLM is using Facebook’s Messenger app to allow passengers to request their boarding pass. Finally, Axa is trialling Fizzy, a smart contract based flight delay insurance which automatically pays out if a flight is delayed by more than 2 hours.
So far so good for business, but what are the legal implications that this technology brings?
All these technologies rely on data, or big data to be specific. Big data refers to huge amounts of real-time information obtained from a variety of sources. However, its varying nature makes it difficult to analyse using conventional methods, which is where AI comes in. AI analyses big data to create models from which inferences and predictions can be made, but it also learns from the data and adapts accordingly.
The collection of such vast amounts of data has serious data protection implications, particularly with the implementation of the General Data Protection Regulations (GDPR) only a few months away. Some of the key points to consider are:
Is the processing fair and transparent? Fairness includes the effect of processing and individuals’ expectations on the use of their data. Depending on its use, profiling in particular can have an intrusive effect on individuals.
On what basis is the data being processed? If relying on consent, it must be freely given, specific and informed. Under the GDPR, consent must also be unambiguous and obtained through affirmative action, such as ticking a box on a website or choosing particular technical settings on an app.
Where automated decisions are being made, is there a mechanism in place for human intervention? The GDPR also includes a right for people not to be subject to automated processing where it significantly affects them.
The use of these technologies raises a number of issues over intellectual property rights. These include:
who owns the data collected;
who owns the data and results generated by the system;
are any rights to the data acquired by the technology supplier; and
is use of the results restricted to the parties involved or can it be used to benefit others?
It also raises the question of whether copyright in machine creations arises, and if so, who owns it? Therefore, it is important to ensure that contracts with technology suppliers address these points.
If something goes wrong with the technology being used, who is responsible? Historically, the party who caused the loss would be held responsible. However, when using technology such as AI, the cause of defects may be inexplicable or not due to human error. Again, it is important to ensure that contracts clearly set out:
what the intended objective of using such technology is;
what constitutes product failure;
what happens if the desired objectives are not achieved; and
who is responsible for any loss or damage caused.
Until the law ‘catches up’ with the technological developments taking place, if you are using these types of technology, then you should be aware of the legal implications, assess the benefits of using the technology against the legal risks, and take steps to mitigate those risks wherever possible.
Published: 18 Jan 2018