مقالات وأبحاث قانونية

Humanity is witnessing an unmanned technological revolution driven by artificial intelligence, which is no longer merely a tool but a key player in shaping individuals' lives by building a "digital twin" for each person from their data and interactions. This twin is used for classification, prediction, and making critical decisions (such as employment and credit), posing a fundamental challenge to the law: how to protect individuals from the power of an opaque and unaccountable algorithm. This research paper addresses this issue in light of Yemeni legislation, which—like most Arab legislation—lacks a specific legal framework regulating cybercrimes in particular. The relevant provisions are scattered between the Right to Information Law and the Penal Code, and they do not encompass modern concepts such as algorithmic discrimination, the right to be forgotten, and liability for automated decisions. This paper is based on a case study reflecting a recurring reality: an individual's rejection from a job due to an algorithmic evaluation based on an old post that no longer reflects their current status. This highlights the violations resulting from a lack of regulation (privacy violations, rights discrimination, economic exploitation of interactions without compensation, and lack of accountability). The study aims to present a future legislative vision based on a "new digital social contract," which redistributes rights and obligations between individuals and digital platforms, establishing the sovereignty of cryptographic privacy, the right to be forgotten, and economic ownership of interactions. The paper concludes by drafting proposed articles for a Yemeni law on personal data protection, drawing on comparative experiences (the European GDPR, and the laws of Jordan, the UAE, and Saudi Arabia), and offering practical recommendations for developing legislation, the judiciary, and academia. Keywords: Digital twin, personal data protection, algorithmic discrimination, right to be forgotten, digital social contract, Yemeni law. Introduction: In the midst of the unmanned technological revolution, artificial intelligence algorithms are no longer mere tools but have become key players in shaping the course of individuals' lives. By collecting and profiling massive amounts of data, a digital twin is created for each person, used for classification, prediction, and making critical decisions. This phenomenon presents the law with an unprecedented challenge: how do we protect individuals from an unseen and unaccountable power? In Yemen, as in most Arab countries, legislation has not kept pace with these transformations, and cybercrimes have not been addressed in a specific law. Instead, they have become commonplace within existing laws. Current laws, particularly the Right to Information Law and the Penal Code, still view cybercrimes from a traditional perspective, without addressing fundamental concepts such as algorithmic discrimination, the right to be forgotten, or liability for automated decisions. Specialized academic studies confirm that Yemen lacks a specific legal framework regulating cybercrimes (3b). To illustrate this issue, a case study reflecting a recurring reality can be cited: A qualified individual applied for a psychiatric position, only to be rejected based on an algorithmic evaluation that relied on an old Facebook post from 2000 expressing his sadness at not being able to find a job at that time. Despite the passage of 26 years and a complete change in his psychological and professional circumstances, the old post remained attached to him as a permanent stigma. This case highlights a central legal problem: the absence of legal regulation of the digital identity of a natural person (the digital twin) in Yemeni legislation, resulting in numerous violations.