The legal and ethical implications of sharing the Internet with bots
Bots have evolved rapidly over the years, and with the new age of artificial intelligence (AI), they continue to evolve. A report shows that by 2022, 47.4% of all internet traffic came from bots. This is an increase of 5.1% compared to the previous year. Meanwhile, human traffic, reported at 52.6%, was the lowest in eight years.
Internet bots are commonly associated with malicious or suspicious activities, such as distributed denial-of-service (DDoS) attacks or spreading misinformation on social media. However, bots are also widely used for task automation and efficiency. Therefore, it is imperative that companies learn to distinguish between the two.
Now that AI has made several tasks, including coding, easier to scale, there is no doubt that cybercriminals will continue to deploy bad bots to attack companies and disrupt business operations. However, good bots must also continue to evolve, driven by the same factor: AI advancements, and deliver undeniable benefits by optimizing tedious manual business processes.
The good bots: intention, behavior, impact
One of the best practices that help determine whether a bot is good or bad is to look at three key factors: intent, behavior, and impact. A good bot has a legitimate purpose. For example, automating time-consuming work or performing tasks that are simply impossible to perform manually, such as collecting large-scale public web data and setting up real-time automated data flows.
Good bots follow a certain code of conduct. In general, they have a positive impact on websites and their users by performing tasks such as indexing pages for search engines, helping people find information or compare prices, and identifying malicious activity on the Internet.
Below are some examples of the most common good bots:
Bots for data automation
Web intelligence software collects publicly available data such as product prices and descriptions for market research, travel fares for price comparison, or brand mentions for brand protection and counterfeiting purposes. Data automation bots are used by e-commerce price comparison websites and travel aggregators.
Search engine crawlers
Also called web crawlers or spiders, these bots review and index the content on web pages. Once the content is indexed, it will appear on search engine results pages. These bots are essential for search engine optimization. Most sites want their pages crawled and indexed as soon as possible after publication.
Site monitoring bots
This software checks sites for backlinks or system glitches. It can alert users in the event of a major change or downtime, allowing teams to respond quickly and restore their services without significant losses.
Chatbots
Chatbots are programmed to answer certain questions. Many companies integrate these bots into their websites to ease the workload of customer support teams. The chatbot market is growing rapidly as more companies deploy generative AI chatbots, and it is predicted to reach $1.25 billion by 2025.
The bad bots
We can identify bad bots by considering the same three key identifiers: purpose, behavior, and impact. The intent of bad bots is to exploit or harm websites and their users. Their behavior is unethical and in most cases illegal, as this software accesses unauthorized pages and performs unauthorized actions such as theft of personal data, DDoS attacks and malware distribution.
Malicious bots usually do not respect server capacity, overload it with requests and slow down the performance of the target site.
One of the most popular “use cases” for bad bots is ad fraud, which focuses on generating fake traffic and ad metrics, such as CTR, by deploying bots that generate clicks, views, or impressions. Below are more examples of the most common bad bots:
Account takeover bots
Most are familiar with stuffing and cracking IDs. These are automated threats that can result in identity theft or granting illegal access to user accounts. Account takeover bots can perform mass login attempts, which can lead to broken infrastructure or even business loss.
Spamming bots
These bots spread fake news and propaganda and post fake reviews about competitors’ products and services. Spamming bots can also hide malicious content, such as malware, in the click-bait links. In more extensive cases this can lead to fraud.
Scalper bots
Although scalping bots have been around for a while, they have become especially active during the pandemic. This software automates a bulk purchase of goods or services, resulting in a quickly sold-out store. Later, these items or services are resold at a much higher price. This is often seen with event tickets or limited edition goods.
Legal and ethical implications
Specific tactics, ranging from behavioral analysis to user-agent strings and traffic patterns, allow website owners to identify bad bots more easily. Unfortunately, in the age of AI and the rise of commercial bot farms, it’s an ongoing battle. The ethical issues and implications of using bad bots are more than clear. However, legal regulations are still lacking, with bot activity often falling into the gray area.
In 2019, California passed the Bolstering Online Transparency Act (the BOT Act), which mandates clear disclosure and transparency for the use of bots, meaning bots are not allowed to hide their identities. The BOT Act focuses primarily on automated software that aims to influence purchasing and voting behavior. However, in theory it could also tackle the bot-related challenge of disinformation, fake news and artificially inflated social media statistics.
In the EU, areas such as AI-enabled deepfakes and disinformation will hopefully be addressed by the EU AI Act. However, it is not currently in force.
Although the legal regulations are still unclear, there are explicit legal and financial risks that companies should consider before using bots, even if they think their bots are ‘good’. For example, a chatbot can give bad advice, resulting in reputational damage and legal liability.
Even more extreme situations can arise if there is data mismanagement. In 2020, UK-based Ticketmaster was fined £1.25 million due to a data breach that occurred as a result of a security breach via their chatbot.
Resume
Knowing good bots from bad ones is essential for any business. But the world is rarely just back or white. Some bots may not be inherently good or bad. What pushes them to one side or the other is their intentions, behavior and impact. If you make sure the bot you’re using has a reasonable and honest intent, respects the website rules, and won’t cause harm, you’re probably on the right side.
Nevertheless, examples show that even the most innocent bots can sometimes cause problems ranging from reputational damage to legal and financial liability due to data misuse. That’s why it’s critical to know the risks before deploying business bots, whether they’re simple chatbots or complex web intelligence gathering tools.
We have the best AI tools.
This article was produced as part of Ny BreakingPro’s Expert Insights channel, where we profile the best and brightest minds in today’s technology industry. The views expressed here are those of the author and are not necessarily those of Ny BreakingPro or Future plc. If you are interested in contributing, you can read more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro