Digital Vulnerability of the AI-Assisted Consumers

by: in Law
artificial intelligence

The widespread use of AI-assisted technologies in the digital sphere has given rise to the concept of digital vulnerability, as a contextual vulnerability experienced by internet users. This phenomenon sparks debate about whether the current legislative framework is sufficient to ensure effective protection.

The rise of digital vulnerability

Legal scholarship has recently witnessed the rise of the concept of digital vulnerability, as a vulnerability that is not based on inherent consumer characteristics such as age or disability, but a universal state of powerlessness present within the digital environment. Digital vulnerability is a result of recent technological developments that have revolutionised the decision-making process of consumers. This concept was one of the themes discussed during an event organised by MaRBLe, IGIR and G-Law Net, the seminar on the ‘AI-Assisted Consumer’.

Which circumstances create digital vulnerability?

The key trait of digital vulnerability is its contextual nature. One such circumstance is dataveillance, as explained during the presentation by Dr Joanna Strycharz. Dataveillance is the automated, continuous, and unspecific collection, retention, and analysis of digital traces by different actors. This gives extensive powers to digital platforms that can use personalised, tailor-made means of persuasion to achieve their end goal of making consumers buy a certain item or use a service. Especially interesting is the reaction of consumers to such a state of continuous monitoring. One of the results, as enumerated by Dr Strycharz, is the state of perceived surveillance by consumers, who are aware of the extent of supervision. This goes as far as to cause ‘chilling effects’ which retain individuals from conducting specific internet activities due to their fear of information being used against them. The fact that consumers become more and more aware of how vulnerable they are in the digital space is also reflected in the empirical research of Dr Monika Leszczyńska. Dr Leszczyńska argues an interesting point - consumers when faced with a choice of a free programme or an updated version of the programme, they are less trustful towards the free offer. This research supports the argument that the decision-making process of consumers has been revolutionised in recent times.

How sufficient is the current legislative framework in light of digital vulnerability?

The discussion of digital vulnerability demonstrates that as it stands, the regulatory framework within the EU does not account for the challenges present in digital environments. The complexities of trying to classify dark patterns as unfair commercial practices under the Unfair Commercial Practices Directive were presented by Constanta Rosca. One of the presented dark patterns examples concerned the use of scarcity bias by a website for reserving accommodation that wrongfully suggests that the hotel rooms consumers are interested in are almost booked. This type of practice could be qualified as misleading.

However, as Constanta. Rosca underlined, the sheer amount of dark patterns that are consistently in use, renders individual enforcement of such practices difficult. A similar point has been raised by Dr Vigjilenca Abazi, who offered the GDPR perspective on how the regulatory approach can be characterised as wrong, due to the shifting of the burden of responsibilities onto individuals, who can consent with one click to all types of problematic practices. This shows how vulnerable consumers are in the digital space, as the law does not challenge the business model of such platforms that remain accountable to their shareholders rather than the public. Hence, one of the solutions could be to elevate the level of protection offered to consumers.

Throughout the seminar, there were solutions proposed to remedy the digital vulnerability. Dr Abazi suggested the ‘bottom-up guardians’ solution, where NGOs could help to enforce collective claims of internet users under Art.80 GDPR, in line with the recent Meta Platforms Ireland jurisprudence that established the mandate of the NGOs for collective actions. Constanta Rosca discussed how AI can be used to the advantage of consumers, for example by conducting massive checks as to whether digital platforms are using dark patterns. This seminar cultivated the notion that more solutions have to be offered to consumers who can be subject to numerous unfair practices in AI-assisted environments.


AI-assisted environments remain black boxes, where the vulnerabilities of consumers can be exploited. This observation points towards the strength of the concept of digital vulnerability, according to which an elevated standard of protection should be offered to individuals in the digital space. The most promising solution to this issue involves working directly with consumers, to raise awareness of the manipulation tactics and for NGOs to bring collective actions where applicable.


By Aleksandra Dymacz, 3rd year bachelor student European Law and Marble student of the project “The AI-assisted consumer”