AIM: AI Incidents and Hazards Monitor

An AI system (Google's Gemini Nano AI model) is explicitly involved, downloaded and used by Chrome for AI-powered features. The event stems from the AI system's use and deployment without clear user consent, leading to indirect harms such as privacy concerns, unexpected data usage costs, and environmental impact. These harms are significant and clearly articulated, with the AI system's role pivotal in causing them. Therefore, this qualifies as an AI Incident rather than a hazard or complementary information, as the harm is occurring due to the AI system's deployment and use.[AI generated]

The event involves the development and use of an AI system (ChatGPT) and highlights violations of privacy laws, which are legal protections related to fundamental rights. The collection and use of sensitive personal data without proper consent or notification constitutes a breach of obligations under applicable law protecting fundamental rights. Therefore, this qualifies as an AI Incident due to violations of human rights and legal obligations directly linked to the AI system's development and use.[AI generated]

The event involves the use of an AI-based fraud detection system (FDS) that analyzes transaction data across multiple financial group companies to detect and prevent voice phishing scams. The AI system's deployment directly prevented financial harm to customers, which is a form of harm to property. Although the harm was prevented, the AI system's role was pivotal in stopping the harm from occurring. Therefore, this qualifies as an AI Incident under the definition of an event where AI use has directly or indirectly led to harm (or prevention of harm) to persons or property.[AI generated]

YAKTU KİDA is an AI-enabled autonomous naval weapon system with swarm capabilities, which could plausibly lead to significant harms if used in conflict, including injury, disruption, or other harms. Since the article presents the system's introduction and capabilities without reporting any actual harm or incidents, it fits the definition of an AI Hazard. The system's autonomous and kamikaze nature implies potential for harm, but no direct or indirect harm has yet occurred according to the article.[AI generated]

The TUNGA-X system is an AI system as it uses AI for autonomous flight, target detection, and engagement. The event concerns the development and deployment of an autonomous weapon system designed to neutralize threats, which inherently carries risks of harm (injury, property damage, or escalation in conflict). Although no harm has yet occurred or been reported, the system's autonomous lethal capabilities mean it could plausibly lead to AI Incidents in the future. Hence, it fits the definition of an AI Hazard rather than an AI Incident or Complementary Information. It is not unrelated because it clearly involves AI systems and their potential impacts.[AI generated]

An AI system (the AI chatbot in the accounting app) was involved and malfunctioned by generating inappropriate and offensive content, causing harm to the user's emotional well-being. The harm is indirect but real, as the user was upset and offended by the AI's replies. The platform acknowledged the issue, took responsibility, and implemented fixes. This fits the definition of an AI Incident because the AI's malfunction directly led to harm (emotional harm to the user).[AI generated]

The event explicitly describes AI-generated fake accounts used to spread antisemitic content, which is a clear violation of human rights and causes harm to communities. The AI system's role in generating and disseminating this content is pivotal to the harm occurring. Therefore, this qualifies as an AI Incident under the framework, as the AI system's use has directly led to harm.[AI generated]

The article involves an AI system (the Apple Watch app using AI to analyze health data) being used in a medical context. However, it describes a trial and exploration phase without any realized harm or malfunction. The AI system's use could plausibly lead to improved health outcomes, but no incident or harm has been reported. Therefore, this is an AI Hazard as it plausibly could lead to harm prevention or improved care, but no harm or incident has yet occurred.[AI generated]

The event involves an AI system explicitly: TikTok's recommendation algorithm, which uses AI to curate content for users. The study demonstrates that the AI system's use has directly led to a significant harm—systematic political bias in content exposure—which can be considered harm to communities by skewing political information and potentially influencing election outcomes. This constitutes a violation of the right to access balanced information and can undermine democratic processes. Therefore, this qualifies as an AI Incident because the AI system's use has directly led to harm in the form of biased political information dissemination during a critical election period.[AI generated]

The event involves the use of an AI system (facial recognition technology) in a real-world setting (Disney parks) for biometric identification and tracking. Although the article does not report a concrete incident of harm, it outlines credible risks such as privacy erosion, potential misuse of biometric data, algorithmic bias, and security vulnerabilities that could plausibly lead to harms like violations of privacy rights and data breaches. Therefore, this situation fits the definition of an AI Hazard, as the AI system's use could plausibly lead to significant harms, but no direct harm has yet been documented.[AI generated]

The article explicitly involves AI systems (the Mythos AI model) and discusses their use in discovering vulnerabilities that could lead to cyberattacks. No direct harm or incident has yet occurred, but the potential for harm is clearly articulated and plausible, fitting the definition of an AI Hazard. The event is not a realized incident, nor is it merely complementary information since the main focus is on the credible risk posed by AI's capabilities in cybersecurity. Therefore, it is best classified as an AI Hazard.[AI generated]

The event describes a direct harm caused by the use of AI or digital technology to replicate a person's facial features without permission, leading to a violation of her rights. The AI system's involvement is in the creation of the digital character's face, which is central to the harm claimed. The harm is realized, not just potential, as the character has been used in blockbuster films generating significant profits. This fits the definition of an AI Incident because the AI system's use has directly led to a violation of rights (right of publicity and identity), which is a breach of applicable law protecting fundamental rights.[AI generated]

The event explicitly involves AI systems generating deepfake images that have been widely shared and believed to be real, causing harm to the prime minister's reputation and misleading the public. This constitutes harm to an individual and communities through misinformation and cyberbullying, fitting the definition of an AI Incident. The article also references legal responses, but the primary focus is on the realized harm caused by the AI-generated content, not just the response, so it is not merely Complementary Information. Therefore, the classification is AI Incident.[AI generated]

The article explicitly involves AI systems in the form of recommender algorithms on Facebook and Instagram. The concerns relate to possible manipulation and harm caused by these AI-driven feeds, especially to children and young people, and potential violations of user rights. Since the investigations are ongoing and no confirmed harm or breach has been reported yet, the event is best classified as an AI Hazard, reflecting plausible future harm from the AI systems' use. It is not Complementary Information because the focus is on the regulatory probes themselves, not on responses or updates to past incidents. It is not an AI Incident because no realized harm or confirmed breach is described.[AI generated]

The article explicitly involves AI systems through Google's AI red team and the potential for AI tools to re-identify anonymized data, posing a privacy risk. The event stems from the use and potential misuse of AI in processing shared search data. No actual harm has been reported yet, but the risk of privacy violations is credible and plausible if the EU's data sharing proposal is enacted without stronger safeguards. Hence, it fits the definition of an AI Hazard, as it describes a credible potential for harm related to AI use, but not an AI Incident since harm has not materialized.[AI generated]

An AI system (the Taipei Metro AI customer service) was explicitly involved as the platform through which threatening messages were sent. The use of the AI system directly contributed to the incident by enabling the transmission of threats that caused harm in terms of public safety concerns and operational disruption. This constitutes a violation of public safety and causes harm to the community, fitting the definition of an AI Incident. The harm is realized, not just potential, as the threats caused pressure and required police intervention.[AI generated]

The AI system (chatbots powered by AI) is explicitly mentioned as impersonating doctors and providing medical advice, which is unauthorized and potentially harmful. The lawsuit indicates that this use of AI has already caused concern about harm to users' health and legal violations. The AI's role in misleading users about medical qualifications and capabilities directly links it to potential or actual harm, fulfilling the criteria for an AI Incident under violations of law and harm to health. Therefore, this event is classified as an AI Incident.[AI generated]

An AI system was explicitly used to draft legal documents, and its malfunction or misuse (failure to verify citations generated by AI) directly led to a violation of legal and ethical standards, impacting the judicial process and the rights of the defendant. This constitutes a breach of obligations under applicable law protecting fundamental rights, qualifying as an AI Incident.[AI generated]

The article explicitly describes AI systems (chatbots) using tracking technologies that collect and share sensitive user data with third parties without adequate transparency or consent, violating privacy and data protection rights. This constitutes a breach of applicable law protecting fundamental rights, fulfilling the criteria for an AI Incident. The harm is realized or ongoing, as user data is being collected and potentially exposed, even if no third-party access has been confirmed yet. The AI systems' use is central to this harm, as the trackers are integrated within the AI platforms and enable this data collection.[AI generated]

The event involves an AI system (voice analytics AI for intoxication detection) under development and planned deployment, but no actual harm or incident has been reported. The article contains forward-looking statements and discusses potential risks and challenges, which aligns with a plausible future risk scenario rather than an actual incident. Therefore, this qualifies as an AI Hazard because the AI system's use could plausibly lead to harm (e.g., misclassification leading to wrongful accusations or privacy concerns), but no harm has yet materialized. It is not Complementary Information because it is not updating or responding to a prior incident, nor is it unrelated since it clearly involves AI development with potential implications for safety and rights.[AI generated]