Legal Implications of AI-Driven OSINT:

Insider Threats and Data Leaks in Egypt

and the European Union

Mohamed Kamal

1
 Legal Implications of AI-Driven OSINT:
Insider Threats and Data Leaks in Egypt and the European Union

Abstract:

The tremendous development in artificial intelligence technology, as we can see, has led to a
revolution in many areas around us, and among these uses is the use of artificial intelligence in
information gathering and open-source intelligence (OSINT). Indeed, this led to a paradigm shift
that benefited the national security agencies in Egypt and the European Union. Despite all these
benefits, there are also challenges such as Insider threats and data leaks. This research addresses
the national security concerns of AI-driven OSINT in both regions and examining risks posed by
insider threats and data leaks.

Keywords: Insider Threats, Data Leaks, National Security, AI-driven OSINT, Egypt, European
Union.

2
Chapter1: Legal Aspects of Insider Threats and Data Leaks
Introduction
Understanding the Legal Landscape of AI-Driven OSINT In Egypt and European Union
- The Significance of AI-Driven OSINT
- National Security Concerns in Egypt and the European Union
- Defining Insider Threats and Data Leaks
Legal Frameworks and Regulatory Challenges
- Legal Frameworks and Regulatory Challenges
- Analysis of Egyptian Legal Frameworks
- European Union Regulations
- Comparative Assessment of Legal Approaches
Insider Threats, Data Leaks, and National Security
- Examples of Insider Threats in Government and Private Sectors
- Impact of Insider Threats on National Security
- Data Leak Incidents and their Frequency
- Common Causes of Data Leaks
- Consequences of Data Leaks on National Security
Chapter 2: Mitigating Insider Threats and Data Leaks; Legally and Technically
Perspectives
Technological Interventions and AI Solutions
- AI-Driven Tools for Detecting Insider Threats and Preventing Data Leaks
- Successful Deployment of AI in Real-Life Scenarios: international Cases
- Limitations and Challenges of AI Applications: International standards
Strengthening Legal Measures and Collaborative Approaches
- Addressing Legal Gaps: Proposed Amendments and New Regulations
- Enhancing International Collaboration between Egypt and the EU
- Public-Private Cooperation for Strengthening Cybersecurity: International standards
Legal and Ethical International Guidelines
- Developing Skilled Workforce: Training and Educational Initiatives
- Promoting Responsible AI Use through Legal and Ethical Guidelines
- Encouraging Knowledge Sharing and Best Practices: International standards
Conclusion
References

3
Chapter 1: Legal Aspects of Insider Threats and Data Leaks

Introduction
AI-driven OSINT is a double-edged sword. No doubt it is a powerful tool for national security,
but also can pose risks from insider threats and data leaks, This risk could come from an insider
who has access to sensitive data and then leaks and makes that data public, this public data
becomes OSINT, Hence, this data can be misused to pose a threat to national security.

This research explores the Egyptian legal framework that governs national security concerns
coming from insider threat and data leaks to AI-driven OSINT and in Egypt compared European
Union laws and regulations It also identifies vulnerabilities within AI-driven OSINT systems and
investigates the repercussions of insider threats and data leaks on national security, economic
stability, and the privacy of citizens.

The main goal here, in this research is to contribute to a comprehensive understanding of

different challenges posed by AI-driven OSINT in the context of national security and assist
governments, organizations, and security agencies in Egypt and the European Union in
developing effective strategies to mitigate risks, safeguard sensitive information, and ensure the
continued advancement of AI-driven OSINT in a secure and responsible manner.

Literature Review:
AI possesses a transformative quality when integrated into systems and Apps, fueling remarkable
advancements through its fusion of rapidity, precision, and adept execution. For example, the
relationship between AI and OSINT, one discovers a profound revolution in information
acquisition. This transformation undoubtedly exerts a favorable influence on the security
apparatuses of both Egypt and the European Union. However, with these benefits emerge New
challenges, such as Insider threats and data leaks.

- In "Open-source intelligence and AI: a systematic review of the GELSI literature"

by Maria rosaria Taddeo from the University of Oxford, this research deals with the
relationship between both OSINT and AI, focusing on Advantages and disadvantages of
them, and how AI-driven OSINT can enhance national security capabilities.

4
 - In "Data Theft: Implications for Economic and National Security" by Munish
Sharma from the Institute for Defence Studies and Analyses, this research focuses on
how insider threats and data leaks can have severe implications for both economic
stability and national security.

- In "Applying Digital Forensics Methodology to Open Source Investigations in

Counterterrorism," by Mohamed El Guindy, this research focuses on digital forensics
techniques used to conduct OSINT investigations in counterterrorism efforts. and How
AI-driven OSINT can address security threats and also highlights how we need to
mitigate potential risks.

- Lastly, In "OSINT as an Integral Part of the National Security Apparatus" by

Babak Akhgar, this research emphasizes the importance of OSINT in bolstering the
national security measures and integrating AI-driven OSINT in the national security
apparatus to improve intelligence gathering and also enhance decision-making processes.

In conclusion, these researches show the impact of the relationship between artificial intelligence
and open source intelligence (AI-driven OSINT) on national security, despite the many benefits
of this relationship. The research also addresses the challenges facing this integration as well,
and deals with the importance of addressing and mitigating internal threats and data leaks to
protect sensitive information of countries and its citizens.

Aims and Objectives:

Aim:
The main objective is to study the legal frame governing Ai Driven ONSINT and identify risks
and challenges not included in the current Egyptian law by referring to the European Union laws
and regulations.

Objectives:

1. To conduct a comprehensive analysis of the legal systems governing the use of AI-driven
OSINT in Egypt and the European Union, identifying similarities, differences, and opportunities
for legal improvement in the Egyptian context.

2. To provide a critical assessment of the laws related to AI-Driven OSINT in the EU, extract
valuable knowledge, best practices and innovative approaches, and guide towards proposed legal
improvements and amendments to Egyptian law.

5
3. To identify deficiencies and opacities in Egyptian regulations related to AI-Driven OSINT,
with a particular focus on issues of data protection, consent and cross-border data flow, and
provide a customized legal solution to address these deficiencies.

4. To evaluate the vulnerabilities within AI-driven OSINT systems that may lead to data leaks,
unauthorized access, and information disclosure, understanding the potential implications of such
breaches on national security and diplomatic relations.

5. To explore the consequences of insider threats and data leaks on economic stability, citizens'
privacy, and overall societal security, identifying the potential cascading effects that may arise
from compromised sensitive information.

6. To foster a deeper understanding of the intersection of AI-driven OSINT, insider threats, and
data leaks in the context of national security, providing valuable insights for security agencies,
governmental organizations, and businesses in Egypt and the European Union.

By accomplishing these objectives, this research aims to inform policymakers, practitioners, and
stakeholders about the critical issues surrounding insider threats and data leaks in the context of
AI-driven OSINT. Through its comprehensive analysis and proposed measures, it seeks to
contribute to a more secure and robust environment for utilizing AI technologies in national
security, safeguarding sensitive information, and protecting the interests of both Egypt and the
European Union.

Questions and Hypotheses

Main Question:

What essential legal reforms for mitigating national security vulnerabilities arising from
AI-driven Open Source Intelligence (OSINT) activities in Egypt, in light of addressing
insider threats, risks, and data leaks, within both the jurisdictions of Egypt?.

Sub-Questions:

1. How does the utilization of AI-driven OSINT contribute to the emergence of insider
threats and data leaks within the national security landscapes of Egypt and the European
Union?
2. What are the existing legal and regulatory frameworks in Egypt and the European Union
that pertain to AI-driven OSINT, and how effective are they in mitigating national
security risks?

6
 3. To what extent do insider threats and data leaks facilitated by AI-driven OSINT challenge
traditional notions of national security in both Egypt and the European Union?
4. What potential strategies and mechanisms can be recommended to enhance the legal
responses and regulatory measures aimed at preventing and addressing national security
risks posed by AI-driven OSINT-based insider threats and data leaks?

Hypotheses:

1. The increased utilization of AI-driven OSINT in Egypt and the European Union will lead
to an elevated risk of insider threats and data leaks that can compromise national security.
2. The current legal and regulatory frameworks in both Egypt and the European Union are
insufficient to effectively address and mitigate the emerging national security risks
associated with AI-driven OSINT-based insider threats and data leaks.
3. The evolving landscape of national security threats, including those facilitated by
AI-driven OSINT, necessitates a reevaluation and adaptation of conventional approaches
to safeguarding national security interests.
4. Implementing comprehensive and adaptable legal measures that address the unique
challenges posed by AI-driven OSINT will be crucial in minimizing national security
risks related to insider threats and data leaks in both Egypt and the European Union.

Research Methodology:

This study adopts a descriptive-analytical research design, employing both applied and
fundamental approaches with a comparative perspective. The goal is to comprehensively
examine national security concerns stemming from insider threats and data leaks related to
AI-driven OSINT in Egypt. The descriptive aspect provides a comprehensive description of
insider threats and data leaks in both regions. The analytical approach identifies patterns and
relationships to understand the contributing factors to these security risks.

This also involves analyzing relevant laws and regulations that govern AI-driven OSINT,
particularly in national security, privacy, and data protection. This examination aims to uncover
the existing legal measures in both Egypt and the European Union, highlighting strengths and
gaps. This legal analysis complements the descriptive and analytical research components,
providing a comprehensive understanding of the interplay between technology, security
concerns, and legal frameworks.

Understanding the Legal Landscape of AI-Driven OSINT In Egypt and European Union
The Significance of AI-Driven OSINT
“80% of what I needed to know I got from open sources rather than classified reporting. And
within the remaining 20%, if I knew what to look for, I found another 16%. At the end of it all,
classified intelligence provided me, at best, with 4% of my command knowledge.” This is said

7
by Anthony Zinni: former Commander in Chief of CENCOM, and that's how all intelligence
activities carried out by Law Enforcement Agencies (LEAs) and intelligence services in the
West, OSINT always involves gathering information from publicly available sources.``1

In the AI Age and As data volumes continued to soar exponentially, AI and machine learning
models evolved Significantly, and became integral to OSINT practices. This AI's integration
revolutionized information analysis, and made the vast open data universe advantageous rather
than an insurmountable obstacle, and these days we can say that entire OSINT disciplines
heavily rely on AI assistance, and that change how information is analyzed in numerous ways.
make this more intelligent and advanced.2

Advantages of AI-Driven OSINT in Gathering Intelligence

The use of OSINT techniques in cybercrime investigation, digital forensics and cybersecurity is
very broad and needs much research and This domain is expanding daily with more publicly
available data online, and therefore increasing the need to use more advanced techniques to
mine, collect and analyze this data.3

Law enforcement and other security Agencies continue to grapple with how to manage and fully
exploit the current OSINT techniques known as second-generation OSINT, this AI-driven
OSINT offers several significant advantages in gathering intelligence compared to traditional
methods.4, Here are some key advantages:

1. Automation and Efficiency: Quickly and efficiently, AI algorithms can process and analyze
large amounts of OSINT. and this Surely allows to gather information from multiple sources to
save time and resources.

2. Real-Time Monitoring: Effectively AI-driven OSINT tools can continuously monitor or

analyze real-time data from news websites, social media platforms, forums, etc. and this surely
enables timely detection of emerging threats or trends.

1 Heroor B, '7 Tips to Combat Government Data Breach Risks' (2023) Security Magazine Rss, available Aug 5, 2023 from Website:
<[Link]

2 Links, S. Ai and OSINT: New breakthroughs meet next gen solutions, (2023) Blog. Available at:
[Link] (Accessed: 05 August 2023).
3 Ghioni R, Taddeo M, Floridi L, 'Open-source intelligence and AI: a systematic review of the GELSI literature' (2023) *AI & SOCIETY* 1-16,
10.1007/s00146-023-01628-x.
4 Ghioni R, Taddeo M, Floridi L, 'Open-source intelligence and AI: a systematic review of the GELSI literature' (2023) *AI & SOCIETY* 1-16,
10.1007/s00146-023-01628-x.

8
3. Pattern Recognition: To uncover hidden connections or gain valuable insights from disparate
data sources, AI algorithms can effectively identify patterns and trends in data, and this is a
valuable feature.

4. Entity Recognition: here we can talk about AI-powered natural language processing (NLP)
which can identify and extract key entities, such as names of individuals, organizations, or
locations mentioned in the data, and This certainly helps to identify relevant actors and
affiliations.

5. Sentiment Analysis: Can you imagine that AI can perform sentiment analysis on social media
posts or news articles or any other online content? yes it can, and this helps to gauge public
opinion or sentiment on specific topics or events.

There are many other advantages here such as Multilingual Capabilities, Anomaly Detection,
Predictive Analytics, Scalability and Reduced Cognitive Bias, Overall, AI-driven OSINT
empowers intelligence analysts with powerful tools to process, analyze, and interpret
open-source data more efficiently, enabling them to gather timely and accurate intelligence
crucial for informed decision-making in various domains, including national security, law
enforcement, business intelligence, and more.5

Challenges and Risks of AI-driven OSINT

As said, despite the many advantages offered by AI-driven OSINT (Open Source Intelligence),
there are several challenges, including mainly legal, followed by ethical and technical ones.
Some of these challenges are as follows:

1. Data Quality and Reliability: Because AI algorithms depend heavily on the quality and
reliability of the data that they analyze, this poses a huge challenge ahead of us, which is what if
the input data is inaccurate, outdated, or biased? it will lead us to erroneous conclusions and
unreliable intelligence.

2. The Ethical Concerns and Data Privacy: AI-driven OSINT may involve the collection and
analysis of personal or sensitive data from public sources, such as Social Media Platforms,
raising concerns about privacy and ethical implications.6

3. Misinterpretation and Bias: AI algorithms might misinterpret data or introduce biases,

especially in language processing or sentiment analysis. We can say that Human biases present in

5 Theben A, Gunderson L, Lopez-Fores L, Misuraca G, Lupianez-Villanueva F, 'Challenges and limits of an Open-Source Approach to Artificial Intelligence'

(2021) PE 662.908 - May 2021.

6 Rescana, Challenges in open-source intelligence: Managing uncertainty and Information Quality, Rescana. (2022) Available at:
[Link] (Accessed: 05 August 2023).

9
the training data can also be perpetuated by AI models, and this for sure can lead us to skewed
analysis.7

4. Lack of Contextual Understanding: One of the challenges is that AI algorithms may

struggle to understand the context and nuances of certain data, which leads to misinterpretation
or incomplete analysis.

5. Over Reliance on Automation: Relying too heavily on AI-driven automation may reduce
human oversight and critical thinking, potentially leading to missed insights or false confidence
in machine-generated results.

6. Regulatory Compliance: 6. Regulatory Compliance: AI-driven OSINT must be regulated by

the legal and regulatory frameworks, especially if it deals with sensitive data or crossing
international boundaries. Compliance with data protection and privacy laws is essential.

To address these challenges requires a balanced approach that combines AI-driven automation
with human expertise, these Continuous monitoring, refining and validation of AI models are
essential to ensure accurate and unbiased analysis8

National Security Concerns in Egypt and the European Union

Focusing on The legal dimensions, this research explores AI-driven OSINT within the national
security field, particularly in Egypt. By employing AI Techs to interpret open-source data, Egypt
addresses security challenges. However, this advancement also raises vulnerability concerns. By
analyzing Egypt's legal framework, including regulations and privacy laws, this research unveils
the intricate interplay between technology, security priorities, and legal parameters. The study
also aims to illuminate how Egypt effectively and ethically navigates this dynamic intersection to
safeguard its national security interests.

More data can be acquired and processed in near real-time as a result of the evolution of
AI-driven OSINT, AI can also assist in the analysis phase of the OSINT cycle, generating
valuable intelligence based on pre-trained models9, as well Most of the online data is open
source, meaning interested parties can freely access them with relatively low technical
requirements. In the right setting, such data can become open source intelligence (OSINT) 10 and
7
Managing the risks of Generative AI, Harvard Business Review. (2023) Available at:
[Link] (Accessed: 05 August 2023).

8
Managing the risks of Generative AI, Harvard Business Review. (2023) Available at:
[Link] (Accessed: 05 August 2023).
9 Akhgar B, 'OSINT as an Integral Part of the National Security Apparatus' (2016) 10.1007/978-3-319-47671-1_1.
10
The National Security Concept (informative section). (2023), Available at:
[Link] (Accessed: 05 August 2023).

10
publicly available information exploited for intelligence purposes, over the years, OSINT has
become an integral part of intelligence practice, with technological progress delivering new
collection methods and creating new intelligence sources, such as satellite images, social media,
public records, and digital currencies.

Maintaining law and order, protecting citizens and preventing, detecting and investigating crime
are considered the roles of law enforcement agencies. and here we can say that OSINT can
provide critical capability for LEAs and security services to complement and enhance their
intelligence capability.

Rapidly gathering and accurately processing and analyzing OSINT can help during
investigations and be used for national level strategic planning to combat crime. Thus, we can
consider that purposeful and legal monitoring, analyzing and visualizing data from open sources
as mandatory requirements of any national security strategy.11

In Egypt, which is considered as country with a varying security challenges, and The nation's
national security apparatus benefits from AI technologies such as AI-driven OSINT which used
in deciphering vast amounts of open source data to discern potential threats, Nevertheless, using
AI-Driven OSINT also raises apprehensions about the vulnerabilities it may expose.

The legal landscape in Egypt concerning AI-driven OSINT in official investigations is shaped by
key laws and regulations. The Egypt Personal Data Protection Law No. 151 of 2020 establishes
comprehensive principles for data protection, including guidelines for processing and consent.
The Anti-Cyber and Information Technology Crimes Law No. 175 of 2018 addresses
cybercrimes and equips authorities to combat online threats identified through AI-driven OSINT.
The Anti-terrorism Law No. 94 of 2015 contributes to national security efforts, and its
application in AI-driven OSINT should consider privacy and rights.

Although specific laws exclusively addressing OSINT may not exist, these regulations provide a
foundation for ethical and legal open-source data collection and analysis for security purposes.
The Egypt Personal Data Protection Law is particularly important in ensuring compliance. As
technology evolves, continuous dialogue and adaptations of these laws are vital to navigate the
dynamic interplay between technology, security, and individual rights.

Insider threats - The Individuals with access to sensitive Data - poses a challenge to Egypt's
national security framework, as well the potential for data leaks which could cause harm to
Egyptian national security.

11 Sitek B, Ukleja A, 'National security - definition, character and determinants' (2012) in Sitek B, Ukleja A (eds), *Studies on the quality of security* (Alcide De
Gasperi University of Euroregional Economy in Józefów 2012) ISBN 978-83-62753-20-8.

11
In the European Union, AI-driven OSINT offers opportunities for efficient cross-border threat
detection and intelligence sharing, However, the EU faces at the same time distinctive security
dynamics that necessitate careful consideration of AI's implications.

And because of the difference of national regulations and privacy laws among member states,
harmonizing AI-driven OSINT practices can be intricate. Additionally, the EU must address
potential national security risks arising from insider threats and data leaks, which could
undermine cooperative security efforts and bilateral agreements.

Both Egypt and the European Union face the challenge of balancing the advantages of AI-driven
OSINT against potential vulnerabilities, and this raises legal and ethical dilemmas, and we can
say that demanding proactive measures is important for safeguarding national security interests.

Legal Defining Insider Threats and Data Leaks

Legal Definition of Insider Threats according to the international standards
Edward Snowden's case, it is a clear example of the risks posed by insiders in cybersecurity. In
2013 Snowden, a contractor for the National Security Agency (NSA) exposed information
regarding extensive government surveillance programs to the [Link] this sparked serious
concerns about the harm that trusted individuals with authorized access to data can cause. Insider
threats occur when employees, contractors or authorized personnel misuse their privileges to
compromise security, steal data or inflict harm on their organization. What Snowden did
underscored the importance of establishing security measures, closely monitoring access to
information and fostering a culture of vigilance in order to prevent and identify insider threats.12

Insider threat refers to a cybersecurity risk that emerges from, within an organization. It usually
happens when someone who currently or previously worked for the organization, such as an
employee, contractor, vendor or partner misuses their authorized access to harm the
organization's networks, systems and data, and this occur either intentionally or unintentionally,
and we also can say that most of Insider threats are responsible for data breaches.

Edward Snowden, the NSA, and the US Surveillance state 68.1481 Greenwald Glenn — no place to hide: Edward Snowden, the NSA, and the US
12

Surveillance State (metropolitan books/Henry Holt, 2015). <I>intelligence and national security</i>32(6), Oct. 2017: 868–871.

12
Insider threats occur when some individuals have legitimate and authorized access to the
organization's resources. This access may be granted to employees, vendors, and contractors or
partners. This is exactly what happened with Edward Snowden, who had authorized access to a
large and dangerous amount of sensitive Data.13

These Insider threats may be motivated by different factors such as financial gain, revenge,
ideology, or personal reasons. It is possible that an internal employee who wants to take revenge
on the company he works at can cause great damage to it through internal data leaks. 14The real
danger of Insiders is identifying vulnerabilities and exploiting them effectively, they have the
knowledge of the organization's systems and data, Knowing the weaknesses of the system in
which the insider person makes damage a sure thing.

Insiders can blend into the organization's normal operations and employees, making it harder to
detect their malicious activities. and for sure this leads to persistent Threat. and it can involve
collaboration between multiple individuals within or outside the organization, and this
complicates detection and attribution. Identifying insider threats requires comprehensively
monitoring and analyzing the user behavior, which can be complex and resource-intensive.

To address insider threats necessitates a proactive approach, including implementing access

controls, regular security training, monitoring user behavior, and fostering a culture of
cybersecurity awareness and responsibility within the organization.

13 Edward Snowden, did ‘Profound Damage’ to U.S. Security (2022) ABC News. Available at:
[Link] (Accessed: 05 August 2023).
14 Grimmick, R. What is an insider threat? definition and examples, Varonis. (2023), Available at: [Link] (Accessed: 05
August 2023).

13
Overview of Data Leaks related to national security
In the digital age, Data breach is considered as the deliberate or accidental disclosure of
confidential information to unauthorized individuals. With data being a vital asset for businesses,
such breaches pose grave risks, including reputational harm and financial repercussions. As data
volumes continue to surge and breaches occur more frequently, safeguarding against data loss
has become a paramount security priority for enterprises.15

Data leak is a serious threat to enterprise operations, such as corporations and government
agencies. The loss of sensitive information can lead to significant reputational damage and
financial losses, and can even be detrimental to the long-term stability of an organization.

Common types of leaked information range from employee/customer data, intellectual property,
to medical records. According to IBM’s 2016 Cost of Data Breach Study, the average
consolidated cost of a data breach has reached $4 million. Juniper Research’s forecast 2 suggests
that the global annual cost of data breaches will be over $2.1 trillion globally by 2019, due to the
rapid digitization of consumers’ lives and enterprise records.16

Over the past few years there have been many notable data loss incidents that cost companies
millions of dollars. Cybercriminals breached the Target Corporation’s network in 2013, stealing
40 million payment cards information and 70 million custo- mers’ personally identifiable
information, which has incurred $248 million losses to date reported by Target. 3 In 2016, Yahoo
reported that at least 500 million accounts in 2014 had been stolen in an apparent ‘state
sponsored’ data breach.4 Since data volume is growing exponentially in the digital era and data
leaks happen more frequently than ever before, preventing sensitive information from being
leaked to unauthorized parties becomes one of the most pressing security concerns for
enterprises.

15 Cheng L, Liu F, Yao D, 'Enterprise data breach: causes, challenges, prevention, and future directions: Enterprise data breach' (2017) Wiley Interdisciplinary
Reviews: Data Mining and Knowledge Discovery 7, e1211, 10.1002/widm.1211.
16 Cheng L, Liu F, Yao D, 'Enterprise data breach: causes, challenges, prevention, and future directions: Enterprise data breach' (2017) Wiley Interdisciplinary
Reviews: Data Mining and Knowledge Discovery 7, e1211, 10.1002/widm.1211.

14
Legal Frameworks and Regulatory Challenges
- Legal Frameworks and Regulatory Challenges in Egypt
The effect of AI-driven OSINT on national security practices brings to the forefront a set of legal
frameworks and regulatory challenges that both Egypt and the European Union should face,
These challenges deal with the importance of regulating the relationship between using AI and
the safeguarding individual rights, privacy, and national security imperatives.

Navigating the Evolving Legal Landscape of Cybersecurity and AI-Driven OSINT in

Egypt:
Egypt's legal framework is considered as a range of statutes related to cybersecurity, data
protection, and national security. and The National Cybersecurity Strategy, for example outlined
the principles for securing cyberspace and mitigating cyber threats.17

However, the dynamic nature of AI-driven OSINT shows more complexities that may not be
fully addressed by the egyptian existing laws, there is a challenge in Striking a balance between
the utilization of AI tools for national security and protecting individual rights. Violation of
citizens' privacy while collecting and analyzing OSINT data is a risk and challenge should be
faced and resolved in the legal structure and framework that accommodates technological
advancements.

European Union Regulations:

In the European Union There are the General Data Protection Regulation (GDPR)18 and the
Network and Information Security (NIS) Directive.19 These regulations offer substantial
protection of individual data and cybersecurity, but unfortunately they may not encompass all
nuances of AI-driven OSINT.

The GDPR's principles of data minimization, purpose limitation, and informed consent often
collide with all of the vast data collection and processing inherent to AI technologies, and
Harmonizing these regulations across member states is a challenge, especially as AI-driven
OSINT transcends national borders and necessitates cooperative efforts.

Cross-Jurisdictional Complexities:
One of the main challenges that Egypt faces pertains to cross-jurisdictional issues arising from
data flows and international collaborations, The transnational nature of AI-driven OSINT

17 Arab Republic of Egypt Cabinet of Ministers Egyptian Supreme Cybersecurity Council, 'National Cybersecurity Strategy, 2017-2021' (2017-2021) Available
at: <[Link]
18 Official Legal Text, General Data Protection Regulation (GDPR), (2022) Available at: [Link] (Accessed: 10 August 2023).
19 NIS Directive, Supporting the implementation of Union policy and law regarding cybersecurity. (Known as NIS2 2022), available at website:
[Link]

15
mandates some considerations of differing legal systems or data protection standards, and
security requirements.

For Example, the extraterritorial GDPR principles application poses some questions about data
transfers from EU member states to third countries like Egypt, to Bridge these jurisdictional
disparities is essential to ensure effective cooperation in addressing common security threats.20

To effectively bridge these jurisdictional disparities, cooperation mechanisms must be

established. Harmonizing data protection practices becomes essential to ensure security while
safeguarding privacy rights. Addressing these challenges is crucial for building trust and
facilitating cooperation between Egypt and the EU, allowing them to effectively utilize AI-driven
OSINT while upholding data privacy and security standards.

Emerging Legal Gaps in egypt:

While AI technologies continue to develop, new legal gaps and ambiguities emerge, The
fast-paced nature of AI and tech often outpaces the development of corresponding regulations.

These gaps may leave some vulnerabilities in national security efforts, potentially allowing
insider threats and data leaks to exploit legal loopholes. This challenge for both Egypt and the
EU lies in continuously updating and adapting legal frameworks to address these evolving
challenges.21

- Analysis of Egyptian Legal Frameworks

To understand AI-driven OSINT and its implications for national security, it is important to
examine Egypt's legal frameworks related to cybersecurity, data protection, and national defense,
here we focus on how existing laws address the challenges posed by insider threats or data leaks,
and the utilization of AI and advanced techs in the national security landscape.

National Cybersecurity Strategy:

Egypt's National Cybersecurity Strategy is considered as a foundational document outlining the
country's approach to secure cyberspace, which emphasizes the importance of enhancing the
nation's cybersecurity posture for countering the emerging threats.

However, this Strategy may not comprehensively address the intricacies of AI-driven OSINT,
which involves intricate data collection, analysis, and interpretation. The legal framework should
20
Naik, N. et illegal and ethical consideration in artificial intelligence in Healthcare: Who takes responsibility?
Frontiers in surgery. (2022) Available at: [Link] (Accessed: 10
August 2023).
21 Marchant G, Allenby B, Herkert J, 'The Growing Gap Between Emerging Technologies and Legal-Ethical Oversight: The Pacing Problem' (2011) 10.1007/978-94-007-1356-7.

16
evolve to address these nuances, to ensure that the Strategy remains effective to face the evolving
threats.22

Data Protection Laws:

In Egypt's data protection law No. 151 of 2020, it establishes guidelines for how can we handle
the personal data and aim to safeguard the privacy of individuals, These Egyptian laws provide a
framework for obtaining a consent, processing data, and ensuring data subjects' rights in the
context of AI-driven OSINT, while collecting and analyzing of a vast amount of open-source
data.23

And the challenges here emerge in ensuring compliance with data protection principles. Striking
a balance between national security imperatives and individuals' privacy rights is a significant
legal challenge that requires careful consideration.

- European Union Regulations related to data leaks and national security

In AI-driven OSINT and its implications for national security, I think it is important to examine
the European Union's regulatory framework, which for sure governs and cares about data
protection, privacy, and security. and here delves into how existing regulations address the
challenges posed by insider threats, data leaks, and the relationship between AI tech into national
security.

General Data Protection Regulation (GDPR):

The GDPR emphasizes the individual privacy rights and establishes the principles for data
processing and consent, but While the GDPR is designed for safeguarding personal data,
AI-driven OSINT introduces complexities in terms of data collection, analysis, and cross-border
sharing.24, we can also face insider threats and data leaks.

Network and Information Security (NIS) Directive:

We all see that The NIS Directive aims to enhance the cybersecurity preparedness of EU member
states and critical infrastructure operators. which obligates them to take measures to prevent and
manage cybersecurity incidents.25

However, the NIS Directive may not explicitly encompass the full scope of AI-driven OSINT
and its challenges. The Directive's focus on technical and organizational measures must be
extended to address the insider threats and data leaks in the context of AI technologies.

Data Sharing and Cross-Border Challenges in egypt:

22 Arab Republic of Egypt Cabinet of Ministers Egyptian Supreme Cybersecurity Council, 'National Cybersecurity Strategy, 2017-2021' (2017-2021) Available
at: <[Link]
23
Promulgating the Personal Data Protection Law, )2020), KNOWLEDGE MANAGEMENT
Available at: [Link] (Accessed: 10 August 2023).
24 Official Legal Text, General Data Protection Regulation (GDPR), (2022) Available at: [Link] (Accessed: 10 August 2023).
25 The NCSC, 'Cyber Assessment Framework V3.1' (2022) NCSC, Available at: <[Link]

17
The EU's collaborative security efforts rely on effective data sharing and intelligence exchange
among its member states. and AI-driven OSINT facilitates efficient cross-border information
sharing. However, the different nature of legal frameworks among EU countries, as well as
concerns regarding data sovereignty and privacy, pose challenges.26

Ethical and Legal Alignment:

The EU's regulatory landscape emphasizes ethical considerations in AI technologies, so
AI-driven OSINT use for national security may face ethical dilemmas, especially in cases
involving surveillance and data analysis, and ensuring that the integration of AI Tech aligns with
established ethical norms and legal requirements is Important. 27

Challenges in Innovation and Adaptation in egypt:

While the EU's regulatory framework provides a powerful foundation for data protection and
privacy, the rapid evolution of AI presents new challenges. The legislation may not foresee the
nuanced risks associated with insider threats, data leaks, and the advanced analytics capabilities
of AI-driven OSINT. and to Bridge this gap requires a dynamic approach that allows for
regulatory adaptation without compromising fundamental rights.

Analyzing Legal Approaches: Egypt vs. EU in the Context of AI-Driven OSINT and
National Security

When examining the legal frameworks of both Egypt and the European Union (EU) concerning
AI-driven OSINT and its implications for national security, new challenges come to the
forefront, highlighting the convergence and divergence in their respective legal strategies.

Shared National Security Goals:

Both Egypt and the EU have the same objective to safeguard national security through effective
intelligence gathering and threat assessment, and the integration of AI-driven OSINT aligns with
this [Link] convergence in national security priorities underscores the importance of
establishing a common ground to address the legal challenges posed by the adoption of AI and
advanced techs.

Divergent Legal Traditions and Cultural Norms in egypt:

Legal approaches in both Egypt and the EU are influenced by distinct cultural norms and legal
traditions. Egypt's legal framework, influenced by civil law, may emphasize state interests and
security considerations. In contrast, the EU's legal framework, with roots in common law and
human rights principles, may place a greater emphasis on individual rights and data protection. to

26
Gender mainstreaming in the EU budget: Time (10/2021) Available at:
[Link] (Accessed: 10 August 2023).
27
European Parliament. (2020) Available at: [Link]
(Accessed: 10 August 2023).

18
bridge these differences requires a nuanced understanding of each jurisdiction's legal
foundation.28

Privacy and Data Protection:

While both Egypt and the EU care about the protection of individual privacy, However, there is a
difference. The EU's GDPR focuses on consent, transparency, and the individuals' control over
their own data.

The EU's General Data Protection Regulation (GDPR) is a comprehensive and groundbreaking
piece of legislation designed to safeguard the privacy and personal data of individuals within the
EU. One of the key principles of GDPR is the emphasis on informed consent. Organizations are
required to obtain clear and explicit consent from individuals before collecting and processing
their personal data. This ensures that individuals are fully aware of how their data will be used
and gives them the power to make informed decisions about their data.

Transparency is another crucial aspect of GDPR. Organizations are obligated to provide clear
and easily understandable privacy policies that outline their data processing practices. This
enables individuals to have a clear understanding of what data is being collected, how it will be
used, and who will have access to it.

Additionally, GDPR grants individuals a high degree of control over their own data. Individuals
have the right to access the data that organizations hold about them and can request corrections
or deletions if the data is inaccurate or no longer necessary. This puts individuals in the driver's
seat when it comes to managing their personal information.

In contrast, while Egypt also recognizes the importance of individual privacy, its approach might
differ in some aspects. Egypt's legal framework for data protection may not be as comprehensive
or stringent as the EU's GDPR. There could be variations in terms of how consent is obtained,
the level of transparency required, and the degree of control individuals have over their data.

Cultural and societal factors might influence how privacy is perceived and protected in Egypt
compared to the EU. Different legal traditions, historical contexts, and priorities can shape the
approach taken by each region in addressing privacy concerns.

It's worth noting that global discussions about privacy and data protection are ongoing, and many
countries, including Egypt, might be working towards enhancing their privacy laws and
regulations to align more closely with international standards.

28 El Guindy M, 'Applying Digital Forensics Methodology to Open-Source Investigations in Counterterrorism' (2021) *Journal of Law and Emerging

Technologies* 1(1), 11-64.

19
In summary, the EU's GDPR sets a strong precedent for the protection of individual privacy
through its focus on consent, transparency, and individual control. While Egypt shares a concern
for privacy, there could be differences in how these principles are implemented and prioritized in
its legal and regulatory framework.

Although Egypt's data protection laws are similar to the EU's GDPR in intent, they may have
different interpretations and enforcement mechanisms. to Ensure a harmonious application of
data protection principles between the two jurisdictions is important, especially in the context of
cross-border intelligence sharing29

Challenges in Harmonization:
It's a complex task to harmonize legal frameworks across different jurisdictions, that's because of
diverse Legal Systems and Cultural and Historical and Ethical Variations, also Language and
Terminology is a reason and so on, for example in The EU's cooperative security mechanisms
which rely on cross-border data sharing, while Egypt's legal and security landscape necessitates
careful monitoring and control of information flows. and to address these challenges requires
finding common ground between the need for efficient intelligence sharing and the importance of
respecting individual rights and national sovereignty.

Adaptive Legal Responses:

Egypt faces some challenges, one of them is adapting existing legal frameworks to the rapidly
developing AI-driven OSINT landscape. As AI tech continues to advance, legal frameworks
should be agile enough to keep pace with these new challenges, including insider threats and data
leaks.30

Insider Threats, Data Leaks, and National Security

Examples of Insider Threats in Government and Private Sectors
Insider threats refer to cybersecurity risks that arise from within an organization. These threats
emerge when individuals who have or had authorized access to an organization's systems, data,
or resources misuse their privileges to compromise security, steal sensitive information, or cause
harm to the organization. Insider threats can be both intentional and unintentional, making them
a challenging and significant concern for cybersecurity professionals. 31

29 El Rahwan A, 'Artificial Intelligence and Interoperability for Solving Challenges of OSINT and Cross-Border Investigations' (2022) Available at:
<[Link]
30 El Guindy M, 'Applying Digital Forensics Methodology to Open-Source Investigations in Counterterrorism' (2021) *Journal of Law and Emerging
Technologies* 1(1), 11-64.
31 Defining insider threats: CISA Cybersecurity and Infrastructure Security Agency CISA. (No date), Available at:
[Link] (Accessed: 05 August 2023).

20
Insider threats pose significant risks to both government and private sectors, and there have been
several real-life examples that highlight the severity of these risks:

1. Government Sector:
- Edward Snowden: As previously mentioned, Edward Snowden, who is a former contractor for
the National Security Agency (NSA), leaked classified documents in 2013, exposing extensive
government surveillance programs. What he did raised serious concerns about insider threats
within intelligence agencies.32
- Chelsea Manning: she is known as Bradley Manning, who was an intelligence analyst for the
U.S. Army. In 2010, she leaked classified military documents to WikiLeaks, these documents
include sensitive information about the Iraq and Afghanistan wars. This breach raised questions
about the vulnerability of military information to insider threats.33

2. Private Sector:
- Tesla Insider Sabotage: In 2018, Martin Tripp, a former Tesla employee, was accused of
leaking sensitive company data because of revenge. and this sabotaged Tesla's manufacturing
operations, this action highlighted the risks of insider threats in competitive industries.34

- Insider Trading: it involves individuals using non-public information to make stock trades for
personal gain. There are some cases, such as the Martha Stewart and Raj Rajaratnam cases,
which have demonstrated the impact of insider trading on the financial markets and the integrity
of the private sector.35

- Cybersecurity Company Data Leak:In 2020, a former employee of a cybersecurity company

called "Sophos" stole customer data and sold it to cybercriminals. and This insider threat incident
highlighted how even cybersecurity companies can be vulnerable to be attacked.36

These examples show that insider threats can be in different forms, starting from whistleblowers
exposing government secrets to employees stealing sensitive data for personal gain or revenge.
And to prevent insider threats requires a combination of robust security measures, continuous
monitoring, and comprehensive employee training and awareness programs.

32 Davies D, 'Chelsea Manning Shared Secrets with WikiLeaks. Now She’s Telling Her Own Story' (2022) NPR. Available at:
<[Link]
33 Edward Snowden: The whistleblower behind the NSA surveillance revelations (2013) The Guardian. Available at:
[Link] (Accessed: 05 August 2023).
34 Khatilov, Tesla Insider Threat Case (2022) Red Goat. Available at: [Link]
35
[Link] Martha Stewart’Sinsidertrading. (2022) Available at:
[Link]
36
Cybersecurity as a service - Sophos security solutions (no date) SOPHOS. Available at:
[Link]
ophos (Accessed: 05 August 2023).

21
Impact of Insider Threats on Egyptian National Security
The impact of insider threats on national security can be significant, as they often involve trusted
individuals with access to sensitive information and critical systems. such threats can undermine
a country's security apparatus, compromise classified data, and damage the integrity of its
institutions.

Harold James Nicholson - CIA Spy:

The case of Harold James Nicholson is an example of the impact of an insider threat on national
security.37

Harold James Nicholson was a former CIA officer who worked as a case officer and had access
to classified information. But In the mid-1990s, Nicholson began to spy for Russia, providing
them with sensitive intelligence about the CIA's operations and assets. Nicholson used his insider
knowledge to identify and compromise valuable intelligence sources, putting their lives at risk.38

Nicholson's actions compromised ongoing intelligence operations and revealed CIA methods and
techniques, making it harder for the agency to gather critical information and protect national
interests. As a result of Nicholson's betrayal, several CIA assets and informants were exposed,
and The leak of this classified information to Russia severely damaged national security interests
and Loss of Trust within the intelligence community and among allied nations.

Data Leak Incidents and Their Frequency

Data leak incidents were becoming increasingly prevalent in real life, and these incidents
affected both government and private sectors. Here are some notable data leak incidents and their
frequency:

Facebook-Cambridge Analytica Data Scandal (2018):

In 2018, the Facebook-Cambridge Analytica data scandal exposed a major breach of privacy and
misuse of personal data, a scandal that received widespread attention and raised concerns about
data privacy, ethics and the role of social media in political processes. This incident centers
around the unauthorized collection and exploitation of data of millions of Facebook users for
political purposes by a company called Cambridge Analytica.39

37 Packler, M. Why insider threats pose unique risks to national security, Security Magazine RSS. (2022), Available at:
[Link] (Accessed: 05 August 2023).
38 Denson B, 'The spy’s son: The true story of the highest-ranking CIA officer ever convicted of espionage and the son he trained to spy for Russia' (2015) New
York: Grove Press.

39 Confessore, N. Cambridge Analytica and Facebook: The scandal and the fallout so far, The New York Times. (2018), Available at:
[Link] (Accessed: 05 August 2023).

22
The main Participating parties in this case are: Facebook, The social media giant with billions of
users around the world. Users share their personal information, interests, and interactions on this
platform, and Cambridge Analytica, A British political consulting firm that has stopped working,
claimed to specialize in analyzing data and targeting ads towards certain groups of voters in their
political campaigns, and Dr. Alexander Kogan, A researcher at the University of Cambridge who
developed a Facebook personality test app.

Dr. Cogan has developed a personality test app titled "This is Your Digital Life". Participants in
this test were given permission to access their Facebook data, as well as their friends' data. The
terms of use of the app allowed Dr. Kogan to collect data not only from test participants but also
from their Facebook friends. This collection included information from users' profiles, likes, and
other activities. While test participants agreed to have their data shared, their Facebook friends'
data was collected without their explicit consent. This practice exploited a vulnerability in
Facebook's API at the time.

Dr. Cogan collected data from nearly 270,000 test participants, and this resulted in data from tens
of millions of their Facebook friends. and Cambridge Analytica has used this data to build
detailed psychological profiles of users, including their personality traits, preferences and
behaviors. The goal of these cookies was to help political campaigns target specific groups of
voters with personalized content. There have been allegations that Cambridge Analytica used
cookies to target voters with political content during events such as the UK's Brexit referendum
and the 2016 US presidential election.

The scandal sparked public outrage, as users and policymakers expressed alarm over privacy
violations, data misuse, and manipulation of democratic processes. Regulatory authorities in
various countries, including the United Kingdom and the United States, have launched
investigations into Facebook's handling of user data and whether there have been violations of
laws. and Facebook has been widely criticized for failing to prevent unauthorized access to data
and for failing to notify affected users earlier. The company has incurred intense criticism and
legal penalties, which has prompted changes to its data policy and increased oversight of its
practices.

The scandal demonstrated the vulnerability of personal data on social media platforms and
sparked a debate about the need for stronger data protection legislation. Increased awareness of
the potential for political campaigning and ethical concerns associated with micro-targeted
advertising. and Contributed to the public's calls for increased transparency and accountability,
and the tightening of data protection legislation.

23
In conclusion, the Facebook-Cambridge Analytica data scandal exposed the misuse of personal
data for political ends, exposing complex ethical and regulatory challenges associated with the
digital age, data privacy, and the power of social media.

Common Causes of Data Leaks

Data leaks can happened because of different reasons, and identifying the reasons is important to
strengthen the data security measures, and Some of the most common causes of data leaks
include:

1. Insider Threats: Employees, contractors, or Internal trusted individuals who have authorized
access to sensitive data can intentionally or accidentally leak information.

2. Phishing Attacks: one of the common causes of Data Leaks Phishing Attacks and Social
Engineering, which is a common method used by cybercriminals to trick employees to gain
unauthorized access to the organization's data.

3. Weak Authentication: Using easily or guessable passwords or not enforcing regular

password changes, can lead to unauthorized access and data leaks.

4. Third-Party Vulnerabilities: Data leaks can occur through third-party partners that have
access to an organization's data, which if it has weak security measures, cybercriminals can
exploit it to gain this data.

5. Unpatched Software: Failing to update and patch software regularly can leave some known
vulnerabilities unaddressed, which cyber attackers can exploit.

6. Lost or Stolen Devices: if Devices such as laptops, smartphones, or USB drives get lost or
stolen, and if they contain sensitive data, maybe this leads to potential data leaks.

7. Malware and Ransomware: Malicious software such as Ransomware attacks can lead to data
leaks if the ransom demands are not met.

In general, Data should be encrypted both in transit and at rest to protect it from unauthorized
access, and to mitigate the risk of data leaks, organizations should have a comprehensive
cybersecurity strategy, maybe include strong authentication mechanisms, regular employee
training on data security best practices and continuous monitoring for suspicious activities and so
on..40

40 Sutcliffe, A. 8 most common causes of Data Breach, Sutcliffe Insurance. (2018), Available at:
[Link] (Accessed: 05 August 2023).

24
Consequences of Data Leaks on Egyptian National Security

Data leaks might have Serious consequences on national security, as they involve the
unauthorized disclosure of sensitive information that can compromise a country's interests,
operations, and citizens. and this includes:

Data leaks can expose classified intelligence sources, methods, and ongoing operations. This
compromises the ability of intelligence agencies to gather crucial information on threats and
potential adversaries. Information disclosed through data leaks can pose immediate and
long-term threats to national security. Adversaries can exploit the leaked data to assess
vulnerabilities, plan attacks, or counter defensive strategies.

Certainly, the leaked military capabilities or plans can weaken a country's defensive and
offensive strategies, and that makes it more vulnerable to potential adversaries. Data leaks can
affect economic stability and trade relations. Leaked intellectual property or the secrets of trade
can give the competitors an advantage.

A significant data leak can lead to negative media coverage and public perception, tarnishing the
reputation of government agencies and officials. Data leaks may result in legal actions and
regulatory investigations, and this is leading to potential penalties and sanctions against
organizations or individuals responsible for the breach.

Data leaks also may expose personal information and compromise citizens’ safety and privacy,
and this is leading to identity theft, cyberstalking, or other forms of harassment

There also other Consequences of Data Leaks on National Security such as Cybersecurity Risks,
National Emergency Preparedness, and Increased Surveillance and Monitoring, and to mitigate
the consequences of data leaks on national security, governments should puts cybersecurity
measures, improve information-sharing protocols, and enhance the protection of sensitive data,
strict access controls, encryption, and so on. Additionally, international cooperation is crucial to
address global challenges posed by data leaks and cyber Attacks.41

Chapter 2: Mitigating Insider Threats and Data Leaks

Technological Interventions and AI Solutions
- AI-Driven Tools for Detecting Insider Threats and Preventing Data Leaks
In national security, AI-driven tools have revolutionized the capabilities to identify and mitigate
insider threats and data leaks. These Advanced tools and algorithms, machine learning, and data

41 Sharma M, 'Data Theft: Implications for Economic and National Security' (2017) 61-80.

25
analysis are used to provide security agencies with proactive measures for safeguarding sensitive
information and bolster their defensive strategies.42

Behavioral Analytics:
By establishing baseline behaviors and behavioral analytics monitor and analyze user activities
by AI-driven tools which detect anomalies that could signify insider threats or the unusual
patterns and access to unauthorized data, all of that enable security personnel to intervene before
potential threats escalate.

Pattern Recognition and Anomaly Detection:

Advanced machine learning algorithms are capable of recognizing patterns that might elude
conventional security measures. By examining data traffic, user interactions, and data access
logs, these tools can identify unusual behavior or deviations from established patterns. This
enables the timely identification of insider threats or data leaks that might otherwise go
unnoticed.

Natural Language Processing (NLP) and Sentiment Analysis:

We can see that AI-powered NLP tools analyze textual and linguistic data to gauge sentiment and
identify potential risks. so these tools can monitor communication channels and analyze the
sentiment of messages, emails, or documents to detect signs of disgruntled employees, potential
data breaches, or unauthorized information sharing.43

User and Entity Behavior Analytics (UEBA):

UEBA tools employ AI to build profiles of normal user behavior which enable the identification
of deviations that might indicate insider threats. by monitoring access privileges, data usage, and
communication patterns, these tools create a comprehensive picture of user activities and detect
anomalies that warrant investigation.44

Predictive Analysis and Data Loss Prevention (DLP):

By analyzing the past incidents and identifying risk factors, AI-driven predictive analysis tools
help organizations proactively implement data loss prevention measures, minimizing the chances
of data breaches occurring.45

42 Amr El Rahwan, Research Paper on Artificial Intelligence and Interoperability for Solving Challenges of OSINT and Cross-Border Investigations, (2022) 30
November available at website:
[Link]
accessed 5 Aug 2023
43 Top AI Threat Detection Tools (2023) FACEKI Inc
44
[Link] e-print archive. Available at: [Link] (Accessed: 10 August 2023).

45 Salitin M, Zolait A, 'The Role of User Entity Behavior Analytics to Detect Network Attacks in Real Time' (2018) 1-5, 10.1109/3ICT.2018.8855782.

26
Integration of AI with Traditional Security Measures:
We do not replace the traditional security measures with AI-driven tools, instead, they enhance
them. They provide a proactive layer of defense that complements firewalls, encryption, and
access controls. The real-time monitoring and analysis of AI-driven tools helps to identify insider
threats and potential data leaks before they escalate.

Challenges and Ethical Considerations:

Although AI-driven tools offer tremendous potential, Ethical challenges exist such as False
positives, misinterpretation of data, and the risk of bias in algorithms. So decision-making here
requires careful consideration.46

- Successful Deployment of AI in Real-Life Scenarios

Real-life cases that illustrate the successful deployment of AI in identifying insider threats and
preventing data leaks:

- Mitre's Insider Threat Detection System: Miter, a nonprofit organization, has

developed an AI-based system to detect insider threats for the US Air Force. The system
uses machine learning algorithms to analyze user behavior, identifying anomalies that
may indicate unauthorized access or a data breach.47

- Darktrace's Cyber AI Platform: Many organizations use Darktrace's Cyber AI platform

to detect and respond to real-time insider threats that learns about the normal behavior
patterns of the network and its users enabling it to identify anomalies that may indicate an
insider threat or data leak.48

- Fortinet's AI-powered Security Fabric: Well-known cybersecurity company, Fortinet,

uses AI in its security fabric to protect against data leaks and insider threats. The
AI-driven system monitors network traffic, user behavior, and device activity, enabling it
to detect unusual patterns or suspicious activities.49

- NASA's Insider Threat Detection: NASA has relied on AI to protect its sensitive
information and prevent insider threats by analyzing employee behavior, including access

46 Guha, Abhijit & Samanta, Debabrata & Banerjee, Amit & Agarwal, Daksh. (2021). A Deep Learning Model for Information Loss Prevention from Multi-Page
Digital Documents. IEEE Access. PP. 1-1. 10.1109/ACCESS.2021.3084841.
47 Hvistendahl, M. How the LAPD and Palantir use data to justify racist policing, The Intercept, (2023), Available at:
[Link] (Accessed: 10 August 2023).
48 MITRE, Insider Threat Research & Solutions, (2023), available at website: [Link] accessed 5 Aug 2023
49 Blogs, What Is DarkTrace & How Can Its Cyber AI Platform Leave You Less Vulnerable? (2013), available at website:
[Link] accessed 5 Aug 2023

27
 patterns and data interaction, to identify unusual activities that may indicate data leaks or
security breaches.50

These cases demonstrate how AI-powered solutions have been effectively deployed to identify
insider threats, prevent data leaks, and enhance national security across various domains,
including law enforcement, military, cybersecurity, and space exploration.

- Limitations and Challenges of AI Applications: international standards

Although AI-based tools offer solutions to detect insider threats and prevent data leaks, they are
not without limitations and challenges as well. To address these limitations is essential to ensure
the responsible and effective deployment of AI in national security.51

Bias and Fairness Concerns, from training data AI models can inherit biases, resulting in
discriminatory outcomes. so If these biases are not addressed, certain groups might be
disproportionately targeted or overlooked, this is one of the potential ethical and legal
repercussions.52, also to monitor the employees behavior for insider threats raises privacy
concerns, so we have to demand a delicate balance between security imperatives and individual
rights.

It is not only artificial intelligence that is developing, Insider threats and data leak tactics also
continually evolve, and that make it challenging for AI algorithms to keep up with novel
methods of circumvention, also Organizations should allocate significant financial and human
resources to ensure the effectiveness and efficiency of these AI-driven tools which can be
resource-intensive, for development, monitoring, and fine-tuning.

Also there are many ethical and legal considerations that must be taken into account when
dealing with AI when monitoring employee behavior and activities related to their privacy,
consent, and individual rights. Clear guidelines and legal frameworks are essential here.53

Strengthening Legal Measures and Collaborative Approaches

- Addressing Legal Gaps: Proposed Amendments and New Regulations

The deployment of AI-driven technologies in national security shows the legal gaps that should
be addressed to ensure a powerful protection against insider threats and data leaks, and asking for

50 Fortinet, Automated Security Operations, (2023), available at website: [Link]

accessed 5 Aug 2023
51
NASA. Available at: [Link] (Accessed: 10 August 2023).
52 Harkut D, Kasat K, 'Introductory Chapter: Artificial Intelligence - Challenges and Applications' (2019) 10.5772/intechopen.84624.
53 Ferrara, E. Fairness and bias in Artificial Intelligence: A brief survey of sources, impacts, and mitigation strategies, (2023). Available at:
[Link] (Accessed: 10 August 2023).

28
amendments to existing regulations and formulating new legal frameworks are critical steps to
adapt to the evolving landscape and mitigate potential vulnerabilities.

Enhanced Definitions and Scope:

Improving and developing the existing legal definitions to encompass AI-driven OSINT
practices is crucial. Precise definitions of terms such as "data leaks," "insider threats," and "AI
applications'' for example, will facilitate the alignment of regulations with technological
advancements.

Expanding the scope of Cyberspace laws such as cybersecurity and data protection to explicitly
include AI techs ensures that potential legal gaps are minimized.

Data Collection and Storage Standards:

The proposed amendments may help establish clear standards for data collection, storage, and
sharing within OSINT's AI [Link] should include The data minimization, anonymity,
and encrypted storage to ensure that sensitive information is protected, Also guidelines for
cross-border data transfers should be defined to facilitate international collaboration while
safeguarding data privacy.54

Consent and Transparency Requirements:

The required Amendments also should address the consent and transparency aspects of AI-driven
OSINT, To ensure that privacy rights are upheld a clear and informed consent from individuals
whose data is being analyzed should be required.

Ethical Guidelines for AI Deployment:

New regulations can contain ethical guidelines for the responsible deployment of AI-driven
Techs. It can include provisions to prevent biased decision-making, ensure fairness and so on. By
mandating adherence to these ethical principles, regulations can minimize the risk of unintended
consequences and promote responsible AI use.55

Proactive Threat Detection Requirements:

Proactive measures for threat detection using AI-driven tools should be required in the Proposed
regulations which could involve periodic risk assessments, mandatory training for employees,
and continuous monitoring of data access patterns, these are necessary steps to prevent insider
threats and data leaks.56

54
Cybersecurity - Securities Industry and Financial Markets Association. Available at:
[Link] (Accessed: 10 August 2023).
55
Standards for education data collection and reporting. Available at: [Link] (Accessed: 10 August
2023).

56 By CTDO Next, 7 Principles to Guide the Ethics of Artificial Intelligence, (2023) Friday, April 21, available at website:
[Link] accessed 5 Aug 2023

29
Cross-Border Collaboration Mechanisms:
New regulations can establish mechanisms for cross-border collaboration on AI-driven OSINT
practices, this collaboration should enhance national security efforts and respecting global data
protection norms at the same time57

Regular Review and Adaptation:

The fast-evolving nature of AI Techs necessitates a legal environment that remains responsive to
emerging challenges and risks, so Proposed amendments can include provisions for regular
review and adaptation of legal frameworks to keep pace with AI and technological
advancements.

- Enhancing International Collaboration between Egypt and the EU

Strengthening international cooperation between Egypt and the European Union (EU) is
necessary to face the evolving national security challenges posed by AI-driven open source
intelligence. Such cooperation may benefit in confronting insider threats and data leaks, while
harmonizing legal approaches and protecting individual rights.58

Egypt-EU Joint Task Forces: Advancing Cybersecurity and AI-Driven OSINT:

The establishment of joint task forces between Egypt and the European Union to cooperate in
cybersecurity and national security issues can greatly assist in sharing information in real time as
well as intelligence analysis, joint threat assessments, and pooling common expertise and
resources that can enhance the ability to detect potential threats.

Bilateral agreements can be established between Egypt and the EU to regulate cross-border data
sharing for AI-driven OSINT purposes. Such agreements should address privacy, data protection
and security concerns, and outlining protocols for secure data transfers while respecting the
legal frameworks of both jurisdictions. and this for sure fosters a collaborative environment
while adhering to international standards.59

knowledge exchange through shared best practices and training programs is important to enhance
the proficiency of security personnel in both Egypt and the European Union. These Workshops,
seminars, and capacity-building initiatives can provide insights into effective AI applications,

57
Next generation proactive cyber threat hunting - a complete framework. Available at:
[Link] (Accessed: 10
August 2023).
58 El Rahwan A, 'Artificial Intelligence and Interoperability for Solving Challenges of OSINT and Cross-Border Investigations' (2022) Available at:
<[Link]
59 Front Surg, Legal and Ethical Consideration in Artificial Intelligence in Healthcare: Who Takes Responsibility? Published online (2022) Mar 14, available at
website: [Link] accessed 5 Aug 2023

30
threat identification, and response strategies, also the cooperation between Egypt and the EU can
turn into legal coordination where they can align their legal frameworks related to AI-driven
OSINT, this can be done by identifying what is common and what is different, bridging legal
gaps and creating unified standards, this certainly reduces the legal ambiguity.

In the event of an insider threat or data leaks, joint incident response protocols can greatly assist
rapid and coordinated action, so Egypt and the European Union can develop a joint security
incident response framework and facilitate cross-border cooperation, also Nobody denies the
importance of Regular diplomatic dialogue and forums which provide platforms for high-level
discussions on cybersecurity and national security cooperation. it Significantly facilitates open
communication, enabling policymakers to exchange insights, concerns, and strategic priorities.

- Public-Private Cooperation for Strengthening Cybersecurity: international

standards
The importance of cooperation between the public and private sectors comes as a pivotal strategy
to enhance national security, especially in the AI-driven OSINT era as well as evolving
cybersecurity threats. This helps to effectively address insider threats, data leakage, and other
cyber risks.60

Information Sharing and Threat Intelligence:

Collaboration between the public and private sectors is essential especially in terms of sharing
threat information and cyber security insights. Government agencies can provide confidential
threat information while private sector entities contribute real-time data on emerging cyber
threats. This information exchange serves to enhance awareness. situation and enables proactive
response measures.61

Joint Incident Response:

In order to enable a coordinated approach to dealing with cyber security incidents comes the role
of collaborative frameworks for incident response. This is where private companies and
government agencies can collaborate to create common protocols to identify and mitigate cyber
attacks.62

Shared Best Practices and Expertise:

Sharing ideas and visions between the public and private sectors through workshops, seminars
and collaborative initiatives is essential and promotes a culture of continuous learning, where the

60 With advanced analytics - federal news network. (2023) Available at:

[Link] (Accessed: 10 August 2023).
61 Harkut D, Kasat K, 'Introductory Chapter: Artificial Intelligence - Challenges and Applications' (2019) 10.5772/intechopen.84624.
62 Mkuzangwe, Nenekazi & Khan, Zubeida. Cyber-Threat Information-Sharing Standards: A Review of Evaluation Literature. The African Journal of Information
and Communication. (1999), 25. 1-12. 10.23962/10539/29191.

31
public sector can benefit from the innovations of the private sector and at the same time the
private sector benefits from government expertise in analyzing threats.63

Threat Hunting and Analytics:

Private sector companies often develop AI-advanced tools that can be integrated with the
infrastructure of government agencies which improve the identification of insider threats and
vulnerabilities.64

Investment in Research and Development:

always, Money talks, and here comes the strong role of the private sector. Public-private
partnerships facilitate joint investment in research and development efforts by pooling resources.
This collaboration helps drive innovation in cybersecurity techs, including AI-Dreven OSINT
tools and Artificial intelligence to detect insider threats and prevent data Leaks.

Resilience Building:
Everything comes with collaboration. By working together, both the public and private sectors
can enhance overall cybersecurity resilience. As well as the joint development of risk
assessment, simulations, and contingency plans to prepare both sectors to effectively respond to
cyber threats and maintain critical infrastructure.

Legal and Ethical International Guidelines

- Developing Skilled Workforce: Training and Educational Initiatives

In the AI-driven OSINT landscape, to combate insider threats and data leaks it's necessary to
have a skilled and knowledgeable workforce. Educational initiatives and training play a critical
role to equippe individuals with the expertise needed to effectively navigate the challenges posed
by AI technologies and to bolster the national security efforts.

Developing comprehensive cybersecurity curricula by various educational institutions to cover

topics such as artificial intelligence technologies, threat detection, data protection, and ethical
considerations is essential to equip students with practical skills, theoretical knowledge, and a
deep understanding of the complex cybersecurity landscape.65

Specialized training programs focused on AI-driven OSINT and its implications for national
security can provide opportunities to improve skills and keep abreast of technological

63 INSIDER THREAT BEST PRACTICES GUIDE, 2ND EDITION, FEBRUARY 2018

64 Sitek B, 'Challenges in open-source intelligence: Managing uncertainty and Information Quality' (2012) Available at 5 Aug 2023, from Website:
<[Link]
65
With advanced analytics - federal news network. Available at:
[Link] (Accessed: 10 August 2023).

32
developments for professionals already in the field, covering topics such as behavioral analytics,
AI algorithms, and more.66

Public-private partnerships in education can greatly help develop industry-relevant curricula as

they help provide insights into the latest cybersecurity trends, AI applications, and practical
challenges.67

Practical experience helps participants apply theoretical knowledge to real scenarios, enhancing
their problem-solving skills and critical thinking abilities in the context of AI-driven OSINT.
Practical exercises, simulation labs and real-world case studies are essential components of
training initiatives.

Ethical and legal dimensions of AI-driven OSINT is an essential thing to consider, as it should be
built into training programs by educating participants through modules on the importance of
privacy, data protection regulations and responsible deployment of AI, data protection
regulations and responsible deployment of AI, law, ethics and Tech are all on us look at them
together.

Also Certificates are important in this field, as they prove the experience of participants in
AI-Driven OSINT and cyber security. These certificates provide tangible evidence of the skills
and experience of individuals, which helps in their rapid employment and credibility in this field.

In this field, continuing education and professional development is essential. AI and Technology
in general is developing rapidly. To achieve this, regular workshops, webinars, and seminars help
and develop the participants and professionals.

In addition to the outlined educational and training initiatives, addressing legal aspects within the
AI-driven OSINT landscape is of paramount importance to ensure responsible and ethical
practices that uphold national security. Incorporating legal considerations into training programs
can guide individuals in understanding the boundaries and regulations surrounding AI
technologies and their applications in the context of national security.

Legal education modules should cover topics such as data privacy regulations, intellectual
property rights, data ownership, surveillance laws, and international treaties related to
cybersecurity and data sharing. These modules would empower participants to navigate the legal
landscape effectively and make informed decisions while leveraging AI-driven OSINT tools.

66 for elementary education, (2019), available at website: [Link] accessed 5 Aug 2023
67 Herrera J, Gaona-García P, Sánchez-Alonso S, 'Open-Source Intelligence Educational Resources: A Visual Perspective Analysis' (2020) *Applied Sciences *
10, 7617, 10.3390/app10217617.

33
Furthermore, legal experts and practitioners should be actively involved in designing and
delivering training programs. Their insights can shed light on the legal complexities associated
with AI technologies and their potential implications for national security. Participants should be
encouraged to critically analyze case studies involving legal challenges and dilemmas, fostering
a deeper understanding of the legal dimensions within the AI-driven OSINT domain.

By integrating legal knowledge and considerations into educational initiatives and training
programs, individuals can be equipped with a holistic skill set that encompasses technical
expertise, ethical awareness, and a solid understanding of the legal framework. This approach
ensures that professionals operating in the AI-driven OSINT landscape are not only adept at
utilizing cutting-edge technologies but also committed to operating within the boundaries of the
law, thereby safeguarding national security while upholding individual rights and societal values.

- Promoting Responsible AI Use through Legal and Ethical Guidelines

In AI-driven OSINT and its implications for national security, It's paramount to promote
responsible AI use to ensure the ethical and accountable deployment of AI Techs, to establish
clear ethical guidelines is a foundation to address insider threats, data leaks, and the other
security challenges while upholding fundamental values and principle, to establish clear ethical
guidelines. 68

Transparency and accountability is important during the design and operation of AI systems as
well as decision-making processes. Therefore, ethical guidelines must emphasize this.
Organizations must be accountable for the outcomes of AI-Driven OSINT practices. It is also
important that stakeholders understand how the technologies are used. Artificial intelligence for
national security purposes. 69

Training AI algorithms on diverse and representative datasets to reduce the risk of discriminatory
outcomes is crucial, as the ethical use of AI requires preventing bias and discrimination in
decision-making. This helps promote equal treatment of individuals as well as supports ethical
standards such as fairness and non-discrimination, also one of the criteria for the responsible use
of artificial intelligence is respecting the privacy rights of individuals as well as adhering to data
protection regulations. These ethical guidelines should prioritize obtaining the informed consent
of the data subject. As well as anonymizing data, protecting sensitive information. Balancing
national security interests with individual privacy.

68
Author links open overlay panelBuomsoo Kim a et al. (2020) Transparency and accountability in AI decision support: Explaining and visualizing Convolutional Neural
Networks for text information, Decision Support Systems. Available at: [Link] (Accessed: 27 August 2023).
69 Saxena, N. et al. Impact and key challenges of insider threats on organizations and critical businesses, MDPI. (2020), Available at:
[Link] (Accessed: 26 August 2023).

34
It is necessary for human oversight to remain an integral part of the decision-making process.
This ensures the ethical deployment of artificial intelligence, as artificial intelligence techniques
should not replace human judgment but complement it. Human intervention here becomes
necessary to evaluate some complex situations as well as validate the outputs of artificial
intelligence, and support ethical considerations. And Through ethical guidelines, we must
emphasize that continuous monitoring and adaptation of AI systems is necessary and important.
In order to meet emerging challenges and improve algorithms for optimal performance, we must
pay attention to regular assessments of the impact of AI technologies, their accuracy, and
potential biases.

There is no doubt that innovation must comply with societal values and ethical standards, as we
must work to spread the idea of the ethical use of artificial intelligence, we must all anticipate the
potential risks of using artificial intelligence and give priority to national security without
prejudice in any way to ethical principles, also Educational initiatives are very important
especially if they are in place in order to educate practitioners, policy makers and stakeholders
about the ethical considerations of AI-Driven OSINT, so training programs can provide
individuals with the knowledge and tools to make informed decisions in that direction to ensure
Use artificial intelligence technologies responsibly.
Also we have to develop ethical guidelines through collaboration between government agencies,
academia, industry experts, and civil society, to ensure engagement across sectors. A holistic
approach that reflects diverse perspectives helps foster a shared commitment to deploying
responsible AI.

- Advancing Knowledge Sharing and Best Practices: International Standards in

AI-Driven OSINT and National Security

Fostering a culture of knowledge exchange and promoting best practices is necessary to know
the most important evolving challenges in AI-Driven OSINT and its impact on national security.
This comes by facilitating the exchange of ideas, experiences and effective strategies, and this
can be achieved through cooperation between governments, organizations and professionals in
order to enhance their capabilities in addressing insider threats, data leaks and other security
concerns.70

Here comes the importance of creating online platforms, forums and communities dedicated to
AI-driven OSINT with professionals from different sectors to share their knowledge and
experiences. These collaborative platforms and forums promote open discussions, exchange of
ideas and dissemination of best practices. also one of the most successful approaches to address

70 Ghioni R, Taddeo M, Floridi L, 'Open-source intelligence and AI: a systematic review of the GELSI literature' (2023) *AI & SOCIETY* 1-16,
10.1007/s00146-023-01628-x.

35
national security challenges using AI-driven Techs is to share real-world case studies and use
cases, where analysis of past events and demonstration of effective strategies provide valuable
insights for others to learn from and apply in their own contexts.

Post-incident analysis as well as sharing of lessons learned are important to help different
organizations and agencies understand the vulnerabilities that can lead to insider threats and data
leaks. Spreading these insights is necessary, but while preserving sensitive or critical
information, this helps prevent similar incidents from occurring. In the future. In order to
facilitate knowledge transfer we have developed guidelines and standard operation manuals for
AI-Driven OSINT contacts, these resources outline best practices and response strategies for
different scenarios, as well as outline recommended steps, helping professionals to overcome
challenges effectively.

No one can deny the importance of collaboration between the public and private sectors in
sharing knowledge. It is necessary and beneficial. Private organizations often have
industry-specific insights and innovative and effective solutions, while partnering with
government agencies to share knowledge and best practices ensures a comprehensive approach
to address national security concerns.

Working to encourage the exchange of knowledge across borders between countries greatly helps
in exchanging diverse viewpoints and approaches, and in order to provide opportunities for
professionals to learn from each other’s experiences and adapt successful strategies, the role of
joint international workshops, seminars and conferences comes into play.

Research and academic publications provided by some academic institutions in the AI-Driven
OSINT field play an important role in the development of this field, as well as contribute to an
enlightened society and the dissemination of best practices. and one of the Most Important Best
Practices we have to care about is Recognizing and celebrating exemplary practices and
innovative solutions in AI-driven OSINT which help in inspiring others to adopt similar
strategies. These Award programs and commendations highlight successful efforts and motivate
professionals to strive for excellence in national security practices.

Conclusion
In conclusion, this Research analyzes the complex intersection between AI, OSINT, and national
security. It emphasized the importance of comprehensive strategies that strike a balance between
OSINT's intelligence capabilities, which rely on smart technology, and the rights of individuals,
data privacy, and information security.

Insider threats and data leaks highlight the urgency of such strategies, requiring a solution that is
adaptive, combining the advances of intelligent technology and human oversight. An analysis of

36
the legal Framework in Egypt and the European Union stresses the importance of cooperation
and transparency, and indicates the need for amendments that contribute to facilitating the
responsible integration of AI.

AI tools offer capabilities in detecting threats, but challenges such as mitigating bias and privacy
concerns must be addressed to ensure ethical implementation of these tools. International
cooperation, public and private partnerships, and the development of a skilled workforce emerge
as important strategies.

Ethical principles remain essential to the responsible application of AI, with an emphasis on
transparency, privacy, and continuous evaluation. By fostering the sharing of knowledge and best
practices, collaboration between professionals, governments, and private actors can enhance
national security in the age of AI-Driven OSINT.

In conclusion, a balanced approach that combines technology, legal adaptation, ethics and
cooperation emerges as the key to ensuring a secure future for both Egypt and the EU, by
effectively dealing with the challenges and capitalizing on the opportunities in this
transformative context.

37
 References
books
1. Heroor B, '7 Tips to Combat Government Data Breach Risks' (2023) Security Magazine
Rss, available Aug 5, 2023 from Website:
<[Link]
each-risks>.
2. Cheng L, Liu F, Yao D, 'Enterprise data breach: causes, challenges, prevention, and future
directions: Enterprise data breach' (2017) Wiley Interdisciplinary Reviews: Data Mining
and Knowledge Discovery 7, e1211, 10.1002/widm.1211.
3. Akhgar B, 'OSINT as an Integral Part of the National Security Apparatus' (2016)
10.1007/978-3-319-47671-1_1.
4. Theben A, Gunderson L, Lopez-Fores L, Misuraca G, Lupianez-Villanueva F,
'Challenges and limits of an Open-Source Approach to Artificial Intelligence' (2021) PE
662.908 - May 2021.
5. Sitek B, 'Challenges in open-source intelligence: Managing uncertainty and Information
Quality' (2012) Available at 5 Aug 2023, from Website:
<[Link]
inty-and-information-quality>.
6. Sitek B, Ukleja A, 'National security - definition, character and determinants' (2012) in
Sitek B, Ukleja A (eds), *Studies on the quality of security* (Alcide De Gasperi
University of Euroregional Economy in Józefów 2012) ISBN 978-83-62753-20-8.
7. Arab Republic of Egypt Cabinet of Ministers Egyptian Supreme Cybersecurity Council,
'National Cybersecurity Strategy, 2017-2021' (2017-2021) Available at:
<[Link]
security_Strategy_2017_2021.pdf>.
8. Marchant G, Allenby B, Herkert J, 'The Growing Gap Between Emerging Technologies
and Legal-Ethical Oversight: The Pacing Problem' (2011) 10.1007/978-94-007-1356-7.
9. The NCSC, 'Cyber Assessment Framework V3.1' (2022) NCSC, Available at:
<[Link]
10. Eva’s T, 'European framework on ethical aspects of artificial intelligence, robotics and
related technologies' (2020) Available at:
<[Link]
654179_EN.pdf>.
11. El Guindy M, 'Applying Digital Forensics Methodology to Open-Source Investigations in
Counterterrorism' (2021) *Journal of Law and Emerging Technologies* 1(1), 11-64.
12. Witman P, Mackelprang S, 'The 2020 Twitter Hack – So Many Lessons to Be Learned'
(2022) *Journal of Cybersecurity Education, Research and Practice* Vol. 2021, Article 2.
Available at: <[Link]

38
 13. El Rahwan A, 'Artificial Intelligence and Interoperability for Solving Challenges of
OSINT and Cross-Border Investigations' (2022) Available at:
<[Link]
14. Davies D, 'Chelsea Manning Shared Secrets with WikiLeaks. Now She’s Telling Her
Own Story' (2022) NPR. Available at:
<[Link]
me>.
15. Center for Ethical Organizational Cultures Auburn University, 'Martha Stewart’s Insider
Trading Scandal' (2003) Available at:
<[Link]
cases/[Link]>.
16. Denson B, 'The spy’s son: The true story of the highest-ranking CIA officer ever
convicted of espionage and the son he trained to spy for Russia' (2015) New York: Grove
Press.
17. Sharma M, 'Data Theft: Implications for Economic and National Security' (2017) 61-80.
18. Salitin M, Zolait A, 'The Role of User Entity Behavior Analytics to Detect Network
Attacks in Real Time' (2018) 1-5, 10.1109/3ICT.2018.8855782.
19. Iliadis A, Acker A, 'The Seer and The Seen: Surveying Palantir’s Surveillance Platform'
(2022) *The Information Society* 38, 1-30, 10.1080/01972243.2022.2100851.
20. Harkut D, Kasat K, 'Introductory Chapter: Artificial Intelligence - Challenges and
Applications' (2019) 10.5772/intechopen.84624.
21. Mkuzangwe N, Khan Z, 'Cyber-threat information-sharing standards: A review of
evaluation literature' (2020) *The African Journal of Information and Communication*.
22. Herrera J, Gaona-García P, Sánchez-Alonso S, 'Open-Source Intelligence Educational
Resources: A Visual Perspective Analysis' (2020) *Applied Sciences * 10, 7617,
10.3390/app10217617.
23. Ghioni R, Taddeo M, Floridi L, 'Open-source intelligence and AI: a systematic review of
the GELSI literature' (2023) *AI & SOCIETY* 1-16, 10.1007/s00146-023-01628-x.
24. Guha, Abhijit & Samanta, Debabrata & Banerjee, Amit & Agarwal, Daksh. (2021). A
Deep Learning Model for Information Loss Prevention from Multi-Page Digital
Documents. IEEE Access. PP. 1-1. 10.1109/ACCESS.2021.3084841.
25. Mkuzangwe, Nenekazi & Khan, Zubeida. Cyber-Threat Information-Sharing Standards:
A Review of Evaluation Literature. The African Journal of Information and
Communication. (1999), 25. 1-12. 10.23962/10539/29191.
26. [Link] Martha Stewart’Sinsidertrading. (2022) Available at:
[Link]
ases/[Link]

Articles

39
1. Front Surg, Legal and Ethical Consideration in Artificial Intelligence in Healthcare: Who
Takes Responsibility? Published online (2022) Mar 14, available at website:
[Link] accessed 5 Aug 2023
2. Amr El Rahwan, Research Paper on Artificial Intelligence and Interoperability for
Solving Challenges of OSINT and Cross-Border Investigations, (2022) 30 November
available at website:
[Link]
ntelligence-and-interoperability-solving-challenges-osint-and-cross accessed 5 Aug 2023
3. Pricilla Bilavendran, The Ethical Considerations in AI-Driven Test Automation, (2023)
August 7, available at website:
[Link]
accessed 8 Aug 2023
4. Mara Hvistendahl, How the LAPD and Palantir Use Data to Justify Racist Policing,
(2021) January 30, available at website:
[Link] accessed 5 Aug
2023
5. By CTDO Next, 7 Principles to Guide the Ethics of Artificial Intelligence, (2023) Friday,
April 21, available at website:
[Link]
accessed 5 Aug 2023
6. Filippos Giannakas, Andreas Papasalouros, Georgios Kambourakis &
7. Stefanos Gritzalis, A comprehensive cybersecurity learning platform
8. for elementary education, (2019), available at website:
[Link] accessed 5 Aug 2023
9. Rescana, Challenges in open-source intelligence: Managing uncertainty and Information
Quality, Rescana. (2022) Available at:
[Link]
nty-and-information-quality (Accessed: 05 August 2023).
10. Managing the risks of Generative AI, Harvard Business Review. (2023) Available at:
[Link] (Accessed: 05 August 2023).
11. Edward Snowden, the NSA, and the US Surveillance state 68.1481 Greenwald Glenn —
no place to hide: Edward Snowden, the NSA, and the US Surveillance State
(metropolitan books/Henry Holt, 2015). <I>intelligence and national security</i>32(6),
Oct. 2017: 868–871.
12. Edward Snowden, Did ‘Profound Damage’ to U.S. Security (2022) ABC News.
Available at:
[Link]
y/story?id=22285388 (Accessed: 05 August 2023).
13. Grimmick, R. What is an insider threat? definition and examples, Varonis. (2023),
Available at: [Link] (Accessed: 05 August 2023).

40
 14. Official Legal Text, General Data Protection Regulation (GDPR), (2022) Available at:
[Link] (Accessed: 10 August 2023).
15. Edward Snowden: The whistleblower behind the NSA surveillance revelations (2013)
The Guardian. Available at:
[Link]
veillance (Accessed: 05 August 2023).
16. Packler, M. Why insider threats pose unique risks to national security, Security Magazine
RSS. (2022), Available at:
[Link]
to-national-security (Accessed: 05 August 2023).
17. Confessore, N. Cambridge Analytica and Facebook: The scandal and the fallout so far,
The New York Times. (2018), Available at:
[Link]
ml (Accessed: 05 August 2023).
18. Sutcliffe, A. 8 most common causes of Data Breach, Sutcliffe Insurance. (2018),
Available at:
[Link]
(Accessed: 05 August 2023).
19. Hvistendahl, M. How the LAPD and Palantir use data to justify racist policing, The
Intercept, (2023), Available at:
[Link] (Accessed: 10
August 2023).
20. Ferrara, E. Fairness and bias in Artificial Intelligence: A brief survey of sources, impacts,
and mitigation strategies, (2023). Available at: [Link]
(Accessed: 10 August 2023).
21. Saxena, N. et al. Impact and key challenges of insider threats on organizations and critical
businesses, MDPI. (2020), Available at: [Link]
(Accessed: 26 August 2023).
22. With advanced analytics - federal news network. (2023) Available at:
[Link]
[Link] (Accessed: 10 August 2023).

Reports
1. Promulgating the Personal Data Protection Law, )2020), KNOWLEDGE
MANAGEMENT
2. Top AI Threat Detection Tools (2023) FACEKI Inc
3. Natural Language Processing, Sentiment Analysis and Clinical Analytics, (2022) Adil
Rajput , Assistant Professor, Information System Department, Effat University An
Nazlah Al Qamariyyah, Jeddah 22332, Jeddah, Saudi Arabia.

41
 4. FAIRNESS AND BIAS IN ARTIFICIAL INTELLIGENCE: A BRIEF SURVEY OF
SOURCES, IMPACTS, AND MITIGATION STRATEGIES, (2023) , Ferrara, E.
5. INSIDER THREAT BEST PRACTICES GUIDE, 2ND EDITION, FEBRUARY 2018
6. United Nations Office on Drugs and Crime, (2020)
7. Combining the use of threat intelligence, analytics, and automated tools with human
smarts. (2019) CYBERSECURITY
8. Gender mainstreaming in the EU budget: Time (10/2021) Available at:
[Link]
[Link] (Accessed: 10 August 2023).
9. Cybersecurity - Securities Industry and Financial Markets Association. Available at:
[Link]
f (Accessed: 10 August 2023).
10. Ai-Driven Security Operations (SOC) (no date) Fortinet. Available at:
[Link]
(Accessed: 10 August 2023).
11. Cybersecurity - Securities Industry and Financial Markets Association. Available at:
[Link]
f (Accessed: 10 August 2023).

website and blogs:

1. intersoft consulting, General Data Protection Regulation, (2016), available at website:
[Link] accessed 5 Aug 2023
2. NIS Directive, Supporting the implementation of Union policy and law regarding
cybersecurity. (Known as NIS2 2022), available at website:
[Link]
3. intersoft consulting, General Data Protection Regulation, (2016), available at website:
[Link] accessed 5 Aug 2023
4. MITRE, Insider Threat Research & Solutions, (2023), available at website:
[Link] accessed 5 Aug 2023
5. Blogs, What Is DarkTrace & How Can Its Cyber AI Platform Leave You Less
Vulnerable? (2013), available at website:
[Link]
m-leave-you-less-vulnerable/ accessed 5 Aug 2023
6. Fortinet, Automated Security Operations, (2023), available at website:
[Link]
accessed 5 Aug 2023

42
7. Clio, AI and Law: What are the Ethical Considerations? (2023) available at website:
[Link] accessed 5 Aug 2023.
8. Links, S. Ai and OSINT: New breakthroughs meet next gen solutions, (2023) Blog.
Available at:
[Link]
(Accessed: 05 August 2023).
9. Defining insider threats: CISA Cybersecurity and Infrastructure Security Agency CISA.
(no date), Available at:
[Link]
reats (Accessed: 05 August 2023).
10. Khatilov, Tesla Insider Threat Case (2022) Red Goat. Available at:
[Link]
11. NIS directive (2023) ENISA. Available at:
[Link] (Accessed: 10
August 2023).

43