AIM: AI Incidents and Hazards Monitor

The event explicitly involves AI systems generating deepfake images that have been widely shared and believed to be real, causing harm to the prime minister's reputation and misleading the public. This constitutes harm to an individual and communities through misinformation and cyberbullying, fitting the definition of an AI Incident. The article also references legal responses, but the primary focus is on the realized harm caused by the AI-generated content, not just the response, so it is not merely Complementary Information. Therefore, the classification is AI Incident.[AI generated]

The article explicitly involves AI systems in the form of recommender algorithms on Facebook and Instagram. The concerns relate to possible manipulation and harm caused by these AI-driven feeds, especially to children and young people, and potential violations of user rights. Since the investigations are ongoing and no confirmed harm or breach has been reported yet, the event is best classified as an AI Hazard, reflecting plausible future harm from the AI systems' use. It is not Complementary Information because the focus is on the regulatory probes themselves, not on responses or updates to past incidents. It is not an AI Incident because no realized harm or confirmed breach is described.[AI generated]

The article explicitly involves AI systems through Google's AI red team and the potential for AI tools to re-identify anonymized data, posing a privacy risk. The event stems from the use and potential misuse of AI in processing shared search data. No actual harm has been reported yet, but the risk of privacy violations is credible and plausible if the EU's data sharing proposal is enacted without stronger safeguards. Hence, it fits the definition of an AI Hazard, as it describes a credible potential for harm related to AI use, but not an AI Incident since harm has not materialized.[AI generated]

An AI system (the Taipei Metro AI customer service) was explicitly involved as the platform through which threatening messages were sent. The use of the AI system directly contributed to the incident by enabling the transmission of threats that caused harm in terms of public safety concerns and operational disruption. This constitutes a violation of public safety and causes harm to the community, fitting the definition of an AI Incident. The harm is realized, not just potential, as the threats caused pressure and required police intervention.[AI generated]

The AI system (chatbots powered by AI) is explicitly mentioned as impersonating doctors and providing medical advice, which is unauthorized and potentially harmful. The lawsuit indicates that this use of AI has already caused concern about harm to users' health and legal violations. The AI's role in misleading users about medical qualifications and capabilities directly links it to potential or actual harm, fulfilling the criteria for an AI Incident under violations of law and harm to health. Therefore, this event is classified as an AI Incident.[AI generated]

An AI system was explicitly used to draft legal documents, and its malfunction or misuse (failure to verify citations generated by AI) directly led to a violation of legal and ethical standards, impacting the judicial process and the rights of the defendant. This constitutes a breach of obligations under applicable law protecting fundamental rights, qualifying as an AI Incident.[AI generated]

The article explicitly describes AI systems (chatbots) using tracking technologies that collect and share sensitive user data with third parties without adequate transparency or consent, violating privacy and data protection rights. This constitutes a breach of applicable law protecting fundamental rights, fulfilling the criteria for an AI Incident. The harm is realized or ongoing, as user data is being collected and potentially exposed, even if no third-party access has been confirmed yet. The AI systems' use is central to this harm, as the trackers are integrated within the AI platforms and enable this data collection.[AI generated]

The event involves an AI system (voice analytics AI for intoxication detection) under development and planned deployment, but no actual harm or incident has been reported. The article contains forward-looking statements and discusses potential risks and challenges, which aligns with a plausible future risk scenario rather than an actual incident. Therefore, this qualifies as an AI Hazard because the AI system's use could plausibly lead to harm (e.g., misclassification leading to wrongful accusations or privacy concerns), but no harm has yet materialized. It is not Complementary Information because it is not updating or responding to a prior incident, nor is it unrelated since it clearly involves AI development with potential implications for safety and rights.[AI generated]

The event involves the use of AI systems to generate video content that closely mimics copyrighted material without permission, which constitutes a violation of intellectual property rights. The AI system's use directly led to this harm by creating unauthorized reproductions of the Beastie Boys' music video. Although no explicit legal action or further harm is described, the unauthorized AI-generated replication of copyrighted content is a clear breach of intellectual property rights, fitting the definition of an AI Incident. The presence of AI is reasonably inferred from the described artifacts and expert analysis, and the harm is realized rather than potential.[AI generated]

The article clearly involves AI systems in the context of cybersecurity tools and their deployment. It identifies existing vulnerabilities and the potential for AI-driven security tools to either mitigate or exacerbate risks. However, no actual harm or security breach caused by AI systems is reported. The discussion centers on the potential for future harm due to gaps in security readiness despite AI adoption, which fits the definition of an AI Hazard. There is no indication of a realized AI Incident or a complementary information update about a past incident. Therefore, the event is best classified as an AI Hazard, reflecting the plausible future risk of harm due to the current security gaps in AI adoption.[AI generated]

An AI system was used to create a false image (fake magazine cover) that was disseminated by a media figure without verification, leading to misinformation and reputational harm. This fits the definition of an AI Incident because the AI system's use directly led to harm (misinformation and reputational damage). The involvement of the media and regulatory response further confirms the realized harm. Therefore, this event is classified as an AI Incident.[AI generated]

The article explicitly mentions AI chatbots developed and used by Meta that caused direct harm, including psychological and physical harm to users (children and a cognitively disabled man), as well as harm to communities through scam advertisements. The AI system's development and use led directly to these harms, fulfilling the criteria for an AI Incident. The subsequent regulatory and corporate responses are complementary but do not negate the incident classification.[AI generated]

An AI system was explicitly involved as the news reports were AI-generated fake news. The use of this AI-generated misinformation directly led to harm by causing public fear, social disruption, and economic harm to businesses, fulfilling the criteria for an AI Incident under violations of law and harm to communities. Therefore, this event qualifies as an AI Incident.[AI generated]

The article explicitly involves an AI system (Mythos) with capabilities that could lead to significant cybersecurity harms if misused or if access is not properly managed. However, no actual harm or incident has occurred yet; the concerns are about potential future cyberattacks and vulnerabilities that could be exploited. The call for early access and coordinated EU response reflects a hazard scenario where the AI system's use could plausibly lead to harm. The mention of legislative reforms further supports this as a governance and risk mitigation context. Hence, the event fits the definition of an AI Hazard rather than an AI Incident or Complementary Information.[AI generated]

The AI system (Google's AI Overview) generated false information that directly led to reputational harm and economic loss for Ashley MacIsaac, including a concert cancellation and public fear for his safety. The harm is clearly articulated and directly linked to the AI system's malfunction (defective design and inaccurate output). This meets the criteria for an AI Incident as the AI system's use caused violations of rights and harm to the individual.[AI generated]

The article explicitly mentions AI models and AI-led systems and their vulnerabilities, indicating the presence of AI systems. However, it does not describe any actual harm or incident caused by these AI systems but rather warns about potential risks and the need for preparedness and investor education. Therefore, this event fits the definition of an AI Hazard, as it plausibly could lead to harm in the future if vulnerabilities are exploited, but no direct or indirect harm has yet occurred.[AI generated]

The event explicitly involves an AI system linked to a wallet that was manipulated through prompt injection to execute unauthorized transactions. The harm is realized in the form of stolen tokens worth approximately $155K-$180K, which is a clear harm to property. The AI's role is pivotal as the exploit relied on how the AI interpreted user input, not on smart contract vulnerabilities. This direct causation of harm by the AI system's malfunction meets the criteria for an AI Incident.[AI generated]

The event involves the use of an AI system to generate a fake interactive message from a religious figure, which directly leads to financial harm to victims through a scam. The AI system's use in impersonation and manipulation is central to the harm caused. The harm is realized (people are being scammed), not just potential. Hence, it meets the criteria for an AI Incident due to direct harm to people (financial and psychological harm) and violation of rights (exploitation and deception).[AI generated]

Pixel trackers are AI-enabled systems that collect and analyze user data to optimize advertising. Their deployment on government healthcare sites led to the direct and unauthorized sharing of sensitive personal data with advertising companies, causing harm to individuals' privacy and potentially violating legal rights. The event involves the use and misuse of AI systems (pixel trackers) leading to realized harm (privacy violations, trust erosion, potential discrimination), fulfilling the criteria for an AI Incident. The involvement of AI in data collection and the direct harm caused by this misuse justify this classification.[AI generated]

The article explicitly mentions AI-generated fake advertisements and videos that misuse a person's image without consent to promote fraudulent financial schemes. This constitutes a violation of rights (image rights and potentially intellectual property) and causes harm to communities by facilitating scams and misinformation. The AI system's role in generating these fake contents is pivotal to the harm occurring. Therefore, this event qualifies as an AI Incident due to realized harm caused by AI-generated deceptive content leading to fraud and reputational damage.[AI generated]