On the Quest for Effectiveness in Human Oversight: Interdisciplinary Perspectives

Human oversight is currently discussed as a potential safeguard to counter some of the negative aspects of high-risk AI applications. This prompts a critical examination of the role and conditions necessary for what is prominently termed effective or meaningful human oversight of these systems. This paper investigates effective human oversight by synthesizing insights from psychological, legal, philosophical, and technical domains. Based on the claim that the main objective of human oversight is risk mitigation, we propose a viable understanding of effectiveness in human oversight: for human oversight to be effective, the oversight person has to have (a) sufficient causal power with regard to the system and its effects, (b) suitable epistemic access to relevant aspects of the situation, (c) self-control, and (d) fitting intentions for their role. Furthermore, we argue that this is equivalent to saying that an oversight person is effective if and only if they are morally responsible and have fitting intentions. Against this backdrop, we suggest facilitators and inhibitors of effectiveness in human oversight when striving for practical applicability. We discuss factors in three domains, namely, the technical design of the system, individual factors of oversight persons, and the environmental circumstances in which they operate. Finally, this paper scrutinizes the upcoming AI Act of the European Union – in particular Article 14 on Human Oversight – as an exemplary regulatory framework in which we study the practicality of our understanding of effective human oversight. By analyzing the provisions and implications of the European AI Act proposal, we pinpoint how far that proposal aligns with our analyses regarding effective human oversight as well as how it might get enriched by our conceptual understanding of effectiveness in human oversight.

persons, and the environmental circumstances in which they operate.Finally, this paper scrutinizes the upcoming AI Act of the European Union -in particular Article 14 on Human Oversight -as an exemplary regulatory framework in which we study the practicality of our understanding of effective human oversight.By analyzing the provisions and implications of the European AI Act proposal, we pinpoint how far that proposal aligns with our analyses regarding effective human oversight as well as how it might get enriched by our conceptual understanding of effectiveness in human oversight.

INTRODUCTION
Effective or meaningful 1 human oversight is a notorious centerpiece of ethical guidelines [41] and global legislation [22,31] intended to govern the deployment of AI-based systems, particularly in highrisk contexts.The regulatory significance of human involvement in automated decision-making is unmistakable, as evidenced by a range of legislation [19,31], including the overarching principles embedded in the General Data Protection Regulation of the EU [24] and more targeted legislation, such as the European AI Act [22], which mandates human oversight for high-risk AI applications.Research has made strides in defining and assigning responsibility for human oversight [19], or placing it within a broader risk management framework [31].Human oversight has also been subject to criticism, with concerns being raised about the efficacy of oversight in practice and its potential role as a mere vehicle to legitimize imperfect AI systems [31,89].
Effective oversight has been discussed by many [19,31,49,55]; however, a question that is crucial for this discussion has not been sufficiently addressed: When is human oversight effective?The pressing need for conceptual clarity in this regard is evident, particularly given that the European Union's AI Act is due to be adopted in 2024.Nevertheless, the definition and conditions for achieving effective human involvement remain underexplored, highlighting a critical gap in the current state of the art of AI governance.
The following core contributions are made by this paper, and as such provide a structural frame for it: • We suggest a viable understanding of effectiveness in the context of human oversight based on the idea that the central objective of oversight is risk mitigation.Namely, we propose that an oversight person is effective if and only if they have (a) sufficient causal power with regards to the system and its effects, (b) suitable epistemic access to relevant aspects of the situation, (c) self-control over their own actions, and (d) fitting intentions for their role.We point out that (a)-(c) are jointly sufficient for moral responsibility.So, phrased boldly, we could say that Effectiveness = Moral Responsibility + Fitting Intentions.
• We exemplify facilitators and inhibitors of effectiveness in human oversight in three categories: the technical design of the system, the individual factors of the human who is in charge of oversight, and the environmental circumstances in which they operate.• As a litmus test, we look at the details of the European AI Act relative to our proposed conceptualization.We identify possible benefits and shortcomings of the AI Act.In particular, we argue that our conceptualization provides both a more general and a more practically useful conceptualization of effective human oversight compared to the respective stipulations in the AI Act.
Researchers have spelled out who will be in charge of (ensuring) human oversight and have analyzed how human oversight fits into a more global risk management concept (as, e.g., in the AI Act [22]) together with other approaches on accurate and robust systems, data-privacy adhering systems, and transparent systems [19,49].
The concept of human oversight, however, also faces substantial criticism, as empirical evidence suggests that humans may be ineffective in supervising AI-based systems [31].This has prompted a call for a more institutional oversight approach, emphasizing the need for empirical evidence regarding humans' capability to oversee AI systems prior to enforcing the oversight [31].This section will explore the literature on effective oversight from different disciplines in more detail.
Effective human oversight in legislation and guidelines.Oversight is an essential aspect of various ethical guidelines and legislation on the use of AI-based systems in high-risk contexts.After the analysis of 41 policy documents around the globe, Green [31] observes a call for limiting solely automated decisions (e.g., Article 22 of the European General Data Protection Regulation [24]), and an emphasis on the need for human discretion in AI-based decision-making (e.g., Canadian Directive on Automated Decision-Making [30]).The requirement for effective oversight is particularly highlighted in the European AI Act.At the time of writing, the AI Act has not yet been formally adopted.However, a final version was approved by the EU Parliament in March 2024 [23] and amended as part of the so-called corrigendum procedure [22].We will therefore use this amended version but will refer to earlier versions when relevant.
Human-centric AI.The focus on human oversight seems to stem from the background of ensuring human-centric development and deployment of AI-based systems.One of the most prominent concerns regarding the wide-range deployment of AI-based systems seems to be "that technological development and rationalized efficiency will take place at the cost of human agency and safety or rights" [19].An obvious way to counter such a techno-centric deployment of AI would be a human-centric development and deployment of AI-based systems.As Enqvist [19] notes: "Human centricity, as it has come to be (broadly) understood, does not only reflect that human needs are to be met by new technologies, but also incorporates the aim to safeguard individual rights and increase human well-being." Indeed, in computer science, a popular area of research is concerned with human-centered AI (HCAI) where efficient collaboration between humans and AI systems is investigated [3,11,17,46,71,81].
Objectives of effective human oversight.One of the foundational assumptions for the effectiveness of oversight measures is that human oversight should not be an end in itself [49], but that the involvement of humans in contexts where AI-based systems affect high-risk decision-making can make things better in some regard.For example, one hope is that humans may be better than AI-based systems at incorporating ethical considerations and social norms into decision-making contexts [19].Another hope is that humans might be better at judging single or unusual cases, for instance, in decisions that would affect individual human beings [7,51].Additionally, associating the term "effective" with human oversight shows the hope that a human can effectively contribute to a joint decision situation together with an AI-based system, thus enabling decisions better than those of either the human or the system alone [4,11,71].Other hopes include increased safety [45], improved accuracy [42], or better trustworthiness and more actual trust [55].The most important objective of human oversight recently seems to be the mitigation of risks to fundamental rights, both directly (as one reading of the AI Act [22] suggests), or indirectly via, e.g., the goal to improve safety or the avoidance of ethically and socially undesirable outcomes [19].
Criticism of human oversight.However, these foundational assumptions have received substantial criticism, calling into question the usefulness of human oversight [31,89].Critics (in particular [31]) point to a lack of empirical evidence showing that we, as of now, can reliably integrate human and system abilities in a way that leads to better decisions compared to decisions that every single entity would produce in isolation [4,5,65].For instance, there seem to be substantial challenges with respect to achieving adequate trust in AI-based systems [3,37,50,90].Humans may overly rely on the outputs produced by automated systems, leading to situations where they do not detect erroneous or unfair outputs [62].In other situations, humans may have too little trust in AIbased systems or too high confidence in their own abilities, which leads to people overriding actually accurate or fair system outputs [32].Especially in high-reliability contexts, automation bias (cf.Section 4.2) is a likely-to-observe phenomenon where people tend to use the outcome of an automated decision entity "as a heuristic replacement for vigilant information seeking and processing" ( [56] p. 205).This makes it particularly challenging for people to detect and adequately address system failures or erroneous outputs.Whereas research has identified several avenues to improve human abilities to oversee systems (e.g., training of oversight persons [2] or augmenting system outputs with confidence scores [2,3]), the positive effects associated with these avenues seem to be inconsistent [31].The criticism regarding human oversight could be expressed in an even more foundational way: The driving momentum behind many AI-based systems is the intention of producing decisions and actions that are, in some regard, better than what human experts could achieve [31,89].Ironically, the very human beings whose imperfections are meant to be overcome by such an AI-based system end up in the role of overseers of the system [89].This is, for instance, a typical situation in certain areas of AI-based medical diagnostics [34,58].
Positive effects of human oversight.However, it is also possible to draw more positive conclusions from the literature.There are relevant examples where human operators successfully identified errors made by automated systems [14,54].In addition, research has enhanced our understanding of factors that affect human abilities to detect errors made by automated systems [14,46,54,71].Furthermore, ongoing research contributes to successfully unveiling design options to improve human-system collaboration [46,85].For example, recent work proposes to combine the strengths of machine and human decision-making by using so-called conformal predictions for multi-label classifiers.There, the machine proposes a set of outputs (instead of a single output), which is guaranteed to contain the correct output with a probability of at least some pre-defined value [79].If this set contains only a single output, confidence is considered high enough to let the decision happen fully autonomously.If, instead, it contains more than one output, the choice is delegated to a human.It was shown that for certain tasks, the human-system decision accuracy indeed is higher when the human choice is restricted to the outputs that are in the proposed set [78].
Overall, research reports mixed results regarding human oversight.However, the fact that effective human oversight is a popular requirement in legislation emphasizes the necessity of obtaining clarity on the very concept of effective human oversight.This clarity is crucial to better devise powerful laws and guidelines and for ensuring the successful and safe implementation of AI in high-risk contexts.Thus, in this paper, we aim to derive high-level conditions for effectiveness in human oversight.
Moral Responsibility.While the approach to effectiveness in human oversight that we suggest in this paper is the original result of collective insights of an interdisciplinary team of researchers from psychology, law, philosophy, and computer science, we also draw inspiration from several high-level conceptions of moral responsibility, as, e.g., in [26,59,82].Most conceptions of moral responsibility have a focus on three aspects in common: a causal connection between the agent and the event for which the agent might be responsible, the agent having sufficient knowledge of their decision situation, and a certain autonomy of the agent [26,59,82].This high-level conception is used as a rough guardrail in this paper.

WHAT IS EFFECTIVE HUMAN OVERSIGHT?
We understand human oversight to be the supervision of a system by at least one natural person, typically with the authority to influence its operations or effects. 2 This influence operates at various levels throughout the system's lifecycle, including intervention during execution, reversal of faulty decisions, or adjustments of parameters to improve results [55].Although the oversight person may be assigned additional responsibilities, such as monitoring system performance or making engineering decisions, these tasks are not themselves part of human oversight.Even when having fixated a meaning for "human oversight", it is not clear what "effective" means in this regard.

An objective-first approach to the effectiveness of human oversight
We want oversight to be useful.Therefore, it makes sense to define the effectiveness of human oversight in terms of how well it achieves its objectives.As we have discussed above, risk mitigation can be taken to be one of the main objectives of human oversight.This is the objective we will be focusing on.Additionally, effective human oversight arguably may also yield other positive effects, such as improved incorporation of ethical considerations [19], or enhanced judgment in cases impacting individual well-being [7,51].
It is important to note that the understanding of effectiveness we are about to suggest is not the only viable one.While offering a structured framework, it is just one among potentially numerous conceptualizations.One way to change our conceptualization of effectiveness in human oversight would be to put objectives other than risk mitigation into focus, such as improved accuracy, trustworthiness, actual trust, human autonomy, accountability and responsibility, or liability.Discussing them is beyond the scope of this paper; however, prima facie, there appears to be no inherent conflict between our proposal and these objectives.Furthermore, we believe that our conceptualization will be helpful beyond risk mitigation since it will also be able to address other objectives of human oversight, including (moral) responsibility, as we will demonstrate in Section 3.2.2.
In line with the proposition that the main objective of effective human oversight is to mitigate risk, the main question is: When does human oversight facilitate the mitigation of risks?We propose this is the case if the oversight person meets the following four key conditions: causal power, epistemic access, self-control, and fitting intentions.We believe that this makes intuitive sense: Usually, risks can be reliably mitigated by a human only if there is an action available to them that averts the risk (causal power), they can actually perform that action (self-control), they know that the risk is imminent and which action could mitigate it (epistemic access), and they also want to mitigate it (fitting intentions).This intuition can be put more precisely, as is done in the remainder of this subsection.Additionally, Figure 1 displays the four conditions of effectiveness.

Causal power.
To be effective, the human must be able to make a relevant change.More precisely: Definition 3.1 (Causal power).The agent has the power to establish a sufficient causal connection to the relevant aspect of the world.
Applied to the context of human oversight, this means that the oversight person has the power to establish a causal connection to parts of the system or its effects, especially the risk.For instance, this may include the ability to influence the system, including its components, operation, or outputs.Which kind of causal power is appropriate and necessary depends on the context at hand.For example, a factory robot assisting a human in assembly might need a stop button or a manual control mechanism.For an AI tool that assesses university applications and makes recommendations for the admission committee it might be enough if the oversight person can overwrite or disregard the system's output and then forward possible issues to the system provider.
In any case, it is not enough if the oversight person is a mere observer of the system.Without proper means to interfere with it or at least with its effects, they could only watch the manifestation of a risk without being able to mitigate it.Also, it is not sufficient if the human only has 'pseudo-options', i.e., if they can only seemingly influence the system but not really make a relevant difference. 3nstances of such scenarios are malfunctioning stop buttons, or environments in which the human's actions are by default not considered.

Epistemic access.
To be effective, the oversight person must know what to do and when to do it.More precisely: Definition 3.2 (Epistemic access).The agent has sufficient knowledge of their decision situation (also cf.[72]).
Applied to the context of human oversight, this means that the oversight person has sufficient knowledge about the risk and how to mitigate it, especially knowing a risk mitigation action.An oversight person will, for instance, need to have a sufficient understanding of what the system is doing, in which state it is, which possible risks and benefits there are, which means of influencing the system exist, which effects will result from possible interventions, and which of these effects are most desirable.In some cases, this might include knowledge of normative, social, or cultural domains, without which it would be infeasible for the oversight person to assess certain risks correctly.They do not need to have perfect knowledge, though.They might be unsure or even ignorant about some aspects of their decision situation -as long as they know enough to achieve their relevant objectives, they have enough epistemic access [76].Notably, we assume that the oversight person has certain basic knowledge, such as what a stop button is or how to operate a computer on a consumer-level.One measure to improve the epistemic access of the oversight person could arguably be to employ suitable explainability and transparency measures [6,9,15,40,61,70,77].

Self-control.
To be effective, the oversight person must be in charge of their own doing.More precisely: Definition 3.3 (Self-control).The agent can decide for any path of action in their decision situation and, if they do so, follow through with it. 4pplied to the context of human oversight, this means that if there is a risk-mitigating path of action, the human can decide for that path, and if they do so, they actually perform the corresponding action(s).For this, the oversight person needs to be in their right state of mind and free in their actions in a relevant sense.They also have to be in a position to retain attention and purposefully target their actions during the oversight.If, for example, the job of overseeing a fleet of autonomous vehicles is so uneventful and dull that a normal person cannot help but let their mind wander off from their task, the oversight would ultimately become ineffective.Only if oversight persons have self-control, they can purposefully address risks.Other reasons why an oversight person could lack self-control would be when they are severely sleep-deprived, under the influence of substances, or suffering from an active seizure.
An oversight person who lacks self-control might also simultaneously lack sufficient causal power or epistemic access (e.g., in case of a seizure).Nevertheless, self-control is distinct from the other two conditions, as an oversight person can have self-control without having causal power or epistemic access.In fact, self-control may, in many situations, be an antecedent of causal power and epistemic access -but not vice versa.
Sometimes, oversight persons will decide in split-seconds or will instinctively perform a certain move, and we typically regard this as self-controlled.For example, an oversight person of a factory robot who realizes that it is just milliseconds away from severely injuring a human worker might reflexively slam the stop button.We consider this to be a real decision, even if made in a split-second; and since the oversight person followed suit with their decision, they are to be considered self-controlled.Therefore, even oversight persons deciding instinctively can be effective according to the upcoming Definition 3.5. 5.1.4Fitting intentions.To be effective, the human must also want to do their job properly.More precisely: Definition 3.4 (Fitting intentions).The agent has intentions that are fitting for their role (or some other relevant standard).
Applied to the context of human oversight, this means that the oversight person pro tanto intends to mitigate risks, i.e., they intend to mitigate any risks while taking other relevant factors, such as the interests of the system's users and other stakeholders, into consideration in a suitable way.If the oversight person were unwilling to make the efforts necessary to mitigate a risk, they would not be effective in their oversight -even if they had causal power, epistemic access, and self-control.This may, for example, be the case if the oversight person lacks the motivation to do their job properly or has other conflicting interests.Even worse, if an oversight person had ill intent, they could use their position to foster risks instead of mitigating them.For example, a racist overseeing a university admission system could deliberately overwrite outputs where people of color are ranked highly.In this case, their oversight should be considered ineffective in the relevant respects.Conceptualized this way, there still is considerable vagueness and generality to "effective human oversight", for example, due to the term "sufficient" in Definitions 3.1 and 3.2, or the "fitting" in Definition 3.4.This intentional vagueness is not a drawback but rather an essential feature.Not every oversight context requires the same level of epistemic access or causal power and, hence, the same exercise of oversight might count as effective in one context but not in another.Accordingly, our conceptualization of effectiveness allows for adaptability and versatility, acknowledging the complexity and diversity of situations where human oversight is applied.
Moreover, "effectiveness" is not a binary concept but a matter of degrees: one exercise of oversight might be more effective than another.Therefore, considering effectiveness in human oversight as a multifaceted continuum suitably encapsulates its nuanced nature.In line with the literature [31] and legislation [20], we nevertheless allow the use of "effective" as a binary concept.Saying that an oversight person is effective is to mean that they are effective enough for the concrete context they are operating in.In essence, this is also what Definition 3.5 says.While it is an open and important question of how much effectiveness is enough for a given context, we will not discuss this issue as it would go far beyond the scope of this paper.

Further considerations
3.2.1 Competence.Another aspect of an oversight person that could potentially come to mind is their competence.Intuitively, a competent oversight person will be better at being effective.While this is true, there is good reason why competence is not part of our definition of effectiveness: roughly speaking, someone is competent in performing a task if they know what to do to accomplish the task and are actually able to do it in a relevant sense.So, competence is tightly related to the conditions of effectiveness, even though competence is not itself part of the definition of effectiveness.A competent oversight person will be more likely to establish and retain sufficient epistemic access, self-control, and to use their causal powers in the right way.Without the necessary competence, an oversight person will arguably be unlikely to be effective, if they even can be effective at all.3.2.2Responsibility.Our conceptualization of effectiveness in human oversight already accounts for responsibility while also going beyond that.Taking inspiration from a definition of moral responsibility in computing in [59] and being consistent with the general idea of other sources [26,82] we can define responsibility as follows: An agent is (morally) responsible for some aspect of the world if and only if (1) the agent has the power to establish a sufficient causal connection to this aspect of the world, (2) the agent has sufficient knowledge of their decision situation, and (3) the agent can decide for any path of action in their decision situation and, if they do so, follow through with it.In other words: an oversight person is morally responsible for risk mitigation (or any other part of their job) if and only if they have (1) causal power, (2) epistemic access, and (3) self-control in that respect.This can be easily translated to cover past events: an oversight person was responsible for, say, mitigating risk if and only if they had sufficient causal power, epistemic access, and self-control in that respect.These insights lead to the more concise formula that An oversight person is effective if and only if they are morally responsible and have fitting intentions. 6his account also allows for shared responsibility between multiple agents, which is desirable in the context of high-risk AI systems.If, for example, both an oversight person and the deployer had causal power, epistemic access, and self-control with regard to a certain risk, they would both be responsible.For reasons of simplicity, the definition does not allow for group responsibility but can be adapted to do so. 7

FACILITATORS AND INHIBITORS OF EFFECTIVE HUMAN OVERSIGHT
Beyond providing a general conceptualization, our proposed definition of effectiveness in human oversight has a practically useful dimension.Specifically, its conditions can stimulate ideas about possible facilitators and inhibitors of effectiveness.Facilitators are expected to promote effective oversight, while inhibitors are expected to hinder it.We organize them into three categories: technical design features, individual factors of oversight persons, and environmental circumstances (see, e.g., [63] for a similar scheme).The purpose of the discussion in this section is to provide readers with a more concrete understanding of possible factors regarding effective human oversight in accordance with our suggestions.The layout of Table 1 could serve as a template for thinking through possible facilitators and inhibitors, which can be useful to designers and deployers of AI-based systems.The following overview of facilitators and inhibitors is not meant to be exhaustive, and some of them may partially overlap each other.Also, they generally do not refer to a specific use case and some may not be applicable to every situation.

Technical design features
Under "technical design features", we subsume facilitators and inhibitors whose influence on effective human oversight results from the design of the system.This list could also include aspects such as interface and interaction design [60], runtime monitoring systems [8], fault tolerance [44], or automated anomaly detection systems [57].
Intervention options.For an oversight person to have causal power over the system, there must be options that allow the oversight person to intervene with, control, overwrite, or undo system decisions and actions.For example, an intervention option might be a stop button that allows oversight persons to stop system operation at any time.Other examples include options to take over manual control or to initiate emergency protocols that result in fail-safe modes.
System adaptability.It can be beneficial to oversight if oversight persons can adapt the system's processes or its interface [25,69].For example, the oversight person could reduce the speed at which the system produces its outputs or adapt the system's interface to display additional information.This increases the oversight person's epistemic access if the adaptations help him to acquire and process the information better.
System understandability.Under "system understandability" we subsume design aspects associated with the area of explainable AI [48].For example, this includes the use of inherently transparent algorithms, the use of approaches to explain system outputs, the use of what-if analyses, or the provisioning of log files to enhance traceability of system processes [1,75].All options for enhancing system understandability aim at improving epistemic access [38,48].
Interpretability of inputs and outputs.By "interpretability", we mean a representation of inputs or outputs that is appropriate for human understanding [67].This could include, for example, the provision of information about what input features mean, or visualizing input and output features in a way that makes them easier to grasp.Interpretability thus aims at improving epistemic access.
Preselection of outputs to review.There may be cases where oversight tasks require a mechanism for selecting system outputs that are to be reviewed by the oversight person.By defining boundary conditions or by using oversight support tools, oversight persons could gain better epistemic access when only having to review a subset of outputs.For example, in a hiring context, such a tool could be used to identify applicants for whom the AI-based evaluation was obviously fair and free of bias, leaving considerably fewer cases to the oversight person [9].

Individual factors of oversight persons
Under "individual factors of oversight persons" we subsume traits and states of oversight persons as well as interventions on oversight persons that could facilitate or inhibit effective oversight.This discussion may cover aspects like vigilance [87], cognitive abilities [74,88], humans' propensity to trust in automation [37], and additional cognitive biases [66] and heuristics [83].
Overseer Training.Training to prepare for or enhance the role of the oversight person will be crucial.For instance, training in which people are confronted with system errors or erroneous automated decisions can help them to become better at identifying these errors when later acting on the real system [2].Overseer training could, in principle, target all of the conditions of effective human oversight.Such training could aim to enable oversight persons to maintain epistemic access, to recognize earlier when they are losing self-control (e.g., become inattentive [64]), to perform certain maneuvers that increase their causal power, or to know what the job requires them to do and thereby improve the fit of their intentions.Domain expertise.Overseers may require a certain degree of expertise in the task performed by the system they are supposed to oversee.For instance, physicians with substantial expertise in diagnosing a disease may have better epistemic access (e.g., they will know better when a system is making incorrect diagnoses) than physicians with little expertise [29].Domain expertise might sometimes also enable more causal power.
Conscientiousness.Conscientiousness is a character trait of people who are self-disciplined, orderly, goal-directed, who make and follow plans, and who adhere to social norms [12].Highly conscientious oversight persons will arguably be more likely to maintain self-control, sufficient epistemic access, and fitting intentions.
Exhaustion.Exhaustion is one of many psychological strain symptoms [73].It is a state where an oversight person feels tired and worn out [53] and thus may not be good at maintaining self-control and sufficient epistemic access.
Motivation.Motivation refers to internal and external factors that drive and direct an individual's behavior towards a goal [68].
Motivation leads people to initiate, intensify, and persist with goaldirected behavior.Motivation is often influenced by individual factors, environmental factors, and the perceived significance of the desired outcomes.In the context of human oversight, motivation is crucial to initiate and maintain fitting intentions and self-control for the goal of trying to mitigate risk.It is also important for persisting in maintaining sufficient epistemic access.
Automation bias.Automation bias is usually considered a cognitive bias where people use the outcome of an automated decision aid "as a heuristic replacement for vigilant information seeking and processing" ( [56], p. 205).Automation bias becomes especially likely when facing a system that works reliably and with high performance because, in such cases, it is rational for people to divert their attention to other tasks [62].This, however, will contribute to insufficient epistemic access.If there are indeed no negative consequences for some time, this may lead to what Parasuraman and Manzey [62] called "learned carelessness".This phenomenon could be interpreted as a problem of self-control or as an issue that leads to intentions that no longer fit the duties of an oversight person.

Environmental circumstances
Under "environmental circumstances", we subsume factors that lie outside the technical system or the oversight person, yet they can influence the effectiveness of oversight.This discussion could also include aspects such as stakes of the situation [47], single vs. multitasking environments [52], or whether oversight is organized as a team task [28,84].
Adequate job design.The job of an oversight person needs to be well designed [63], which means that the job is, e.g., motivating, satisfying, and not overly demanding.For example, the job characteristics model from work psychology [33] highlights that certain job characteristics promote motivation and satisfaction with the job, namely skill variety, task identity, perceived task significance, autonomy, and feedback from the job. 8The design of the job is important for promoting self-control, epistemic access, and fitting intentions, for example via motivation (cf.Section 4.2).Also, illdesigned jobs can lead to counterproductive work behavior, i.e., behavior at work that is inconsistent with or even intentionally disrespecting job duties (e.g., not even trying to maintain sufficient epistemic access, or intentionally overwriting outputs to feel "needed" [80]).
Role conflicts.Role conflicts could arise if the oversight person is at the same time a decision-maker who uses the AI-based system to support their decisions [43].Consider, for example, a hiring scenario where an individual juggles both the role of an oversight person tasked with mitigating unfairness and the role of an HR manager who is responsible for inviting only the best candidates to a job interview.A conflict arises when the only method to address unfairness involves inviting additional, apparently less suitable candidates, conflicting with the HR manager's goal of selecting the best candidates only.This misalignment of duties may give rise to intentions that are unfitting for an oversight person.
Independent thinking.Processing a situation under the impression of a system's output can affect an oversight person's judgment of such an output [27].For example, seeing a recidivism risk score for a defendant in court, in addition to the information about the defendant's case, may affect how people judge this case.Seeing a "high anchor" (i.e., the system's prediction of a high risk for recidivism) will make it more likely that the judge will decide that the defendant has a high risk for recidivism.Such anchors make oversight persons selectively aware of anchor-consistent information [18] which undermines epistemic access.
In the area of AI-supported decision-making, there are several ideas of how to possibly prevent such effects.For example, although this leads to less acceptance of the system, it seems to partly counter such anchoring effects if people are forced to think about a given case themselves for some time before making a final decision [11].Alternatively, oversight persons may only receive the AI-based output after they have made up their own mind about a specific case because then they would not initially be affected by the AIbased output and may be in a better position to judge whether the AI-based output is appropriate [31,89].
Accountability.Here we refer to accountability as "an obligation to explain and to justify [one's] conduct" [10, p.447].If oversight persons feel accountable for their actions this may influence their attentiveness or may lead to them feeling more stressed [35].Thus, a feeling of accountability could promote efforts of oversight persons to get themselves in a sufficient epistemic position.It can also be hypothesized that a felt obligation to explain oneself will motivate to maintain high self-control in order to keep up with the expectations of the job and that it will incentivize one to uphold intentions that fit one's duties.However, it could also lead to unintended consequences such as leading to unfit intentions: if oversight persons believe that they would have no good explanation for overriding a system output, they may not do so in cases where they know that they have to file a report after overwriting system outputs.
Time pressure.Significant time pressure may undermine various conditions for effectiveness [65].For example, if an oversight person only has a few seconds to react to warnings by the system, this could hinder sufficient epistemic access.In extreme cases, time pressure could also undermine an oversight persons' causal power.For instance, if the option to overwrite an output is only available for split seconds, the oversight person may not be able to press the button.

APPLICATION TO THE AI ACT PROPOSAL
Finally, our analysis turns to effective human oversight as outlined in the AI Act [22] 9 .According to Article 14(1) of the proposal, what the AI Act defines as high-risk AI systems shall be designed and developed in such a way that they can be effectively overseen during their use.As stated in Article 14 (2), this oversight shall aim to prevent or minimize risks to health, safety, or fundamental rights.Risk mitigation is therefore defined as a key objective of human oversight measures that should contribute to the overall trustworthiness of high-risk systems [19].Consequently, the effectiveness of human oversight, as outlined in Article 14 (1), serves as a foundational principle that requires oversight measures to be capable of achieving their risk mitigation objective.This principle can be understood as a condition for a minimum level of effectiveness of the oversight measures implemented, comparable to a threshold that must be reached.

Conditions for effectiveness in our proposal and the AI Act
Article 14(3) obliges the provider to enable its deployer to perform effective oversight by identifying "appropriate measures". 10Article 14(4) contains certain aspects of what the proposed AI Act envisages as indicators of the effectiveness of these measures.These require enabling the individuals to whom human oversight is assigned to do the following, as appropriate and proportionate to the circumstances: (a) to properly understand the relevant capacities and limitations of the high-risk AI system and be able to duly monitor its operation, including in view of detecting and addressing anomalies, dysfunctions and unexpected performance; (b) to remain aware of the possible tendency of automatically relying or over-relying on the output produced by a highrisk AI system (automation bias), in particular for high-risk AI systems used to provide information or recommendations for decisions to be taken by natural persons; (c) to correctly interpret the high-risk AI system's output, taking into account, for example, the interpretation tools and methods available; (d) to decide, in any particular situation, not to use the highrisk AI system or to otherwise disregard, override or reverse the output of the high-risk AI system; (e) to intervene in the operation of the high-risk AI system or interrupt the system through a 'stop' button or a similar procedure that allows the system to come to a halt in a safe state.
(quoted from Article 14(4) of the amendment to the version approved by the European Parliament [22]) These measures reflect our conditions of effectiveness.Requirements (d) and (e) underscore the EU's recognition of the importance of oversight persons being able to influence the AI system, either by modifying the system's output or by stopping its operation.These requirements manifest the need for both causal power and self-control, ensuring that individuals can influence the decisions of the AI system, or decide not to use the system's output or to modify it.Conditions (a) and (c) relate to the understanding of the system, as they require the provider to enable the oversight person to understand the limitations of the system (though not necessarily all details of the system), to monitor it effectively, and to interpret its results correctly.This is consistent with the condition of epistemic access, which enables the oversight person to make informed decisions.Awareness of automation bias, as described in (b), is intertwined with epistemic access and self-control, as described above in Section 4.2.Furthermore, Article 26(2) [22] emphasizes the need for the necessary competence, training, authority, and support in oversight functions, hence requiring epistemic access and causal power. 11The criterion of fitting intentions of the agents involved has little direct equivalent in the legal text, which is not focused on subjective intentions but on actions.The parties' underlying intentions and motivations are not directly relevant.However, one might consider that the automation bias targeted in Article 14(4) (b) may interfere with the fittingness of the oversight person's intentions (cf.Section 4.2).Furthermore, the significant penalties according to Article 99 [22] strongly incentivize norm-compliant behavior.

Further analysis of the EU legislation's approach
Strongly varying levels of abstraction.It is striking that the measures appearing in Article 14(4) are of varying degrees of abstraction: While some measures contain specific requirements for the design of the AI system, other measures are less specific.For example, the requirement of a "stop" button in (e) is highly concrete.In contrast, the requirement in (a) to create an understanding of the limitations of the system is vague and leaves a lot of room for interpretation.Overall, the requirements for the various partiesproviders of the AI system, deployers, and the person entrusted with oversight -could have been made clearer in the structure of the AI Act.Thus, Article 14(4) appears to be a loose collection of items that were deemed useful in the legislative process without much structural consistency.The lack of regulatory clarity could hinder the practical applicability of Article 14 and, thus, the introduction of truly effective human oversight.
Significance of Psychological Biases.Measures in accordance with (b), which are intended to maintain an awareness of the automation bias, seem out of place: it introduces a concrete psychological aspect that sticks out from the more technical and operational aspects outlined in the other provisions, especially considering that automation bias is just one of many relevant biases (e.g., hindsight bias, confidence bias [36,66]), heuristics (e.g., availability heuristic [83]), and other psychological phenomena (e.g., exhaustion, motivation [68,73]) that would need to be accounted for.
Legal uncertainties.Not every measure in Article 14(4) will have to be fully implemented in every high-risk system.This already follows from the restriction that the measures should be implemented "as appropriate and proportionate to the circumstances".As a result, the specific measures taken must be assessed on a case-by-case basis.Not only how these requirements apply, but also which requirements are applicable depends heavily on the individual case and the design of the system.Although AI Act's approach provides flexibility that accommodates the sometimes beneficial vagueness of the effectiveness of human oversight also mentioned in Section 3.1.5,it may also be associated with greater legal uncertainty.The legislation will eventually be complemented by technical standards developed by European standardization organizations to at least partially remove this legal uncertainty and to facilitate the implementation of requirements for high-risk systems, including human oversight [86].However, this standardization process is still in its early stages and is limited to a few general guidelines [49].Moreover, the question arises as to what requirements these standards must meet to satisfy the effectiveness requirement of Article 14 (1).While Article 14(4) offers some guidance, its vagueness and varying levels of abstraction are insufficient for determining true effectiveness in specific cases.Thereby, the standardization organisations risk developing technical standards that may not withstand legal scrutiny.So, the EU's reliance on the AI Act's effective implementation through practical technical standards poses a potential threat to the Regulation's requirement for human oversight.
The practical need for a definition.Also, the technical standards created in this process only have a presumptive effect for providers and deployers of AI systems that are subject to the AI Act.In the event of a legal dispute, the courts will therefore have to examine whether the specific design of the human oversight measures meets the overarching requirement of effectiveness in Article 14(1).As mentioned above, this will depend on the circumstances of the individual case.To ensure uniform application of the AI Act by lower courts, a comprehensible definition of effective human oversight is essential.In this respect, the definition of effectiveness will be one of the key tasks of the deciding courts in the coming years, leaving these courts also in need of further clarification on the conditions of effectiveness.

Utilizing our definition of effectiveness
Our objective-first approach to effectiveness can be used to integrate the piecemeal list of different requirements listed in the AI Act into a coherent system.This is advantageous for a legally sound application of the AI Act, as it helps to structure the requirements for and responsibilities of the different parties involved.One of the benefits of the breadth and structure of our conceptualization is that it simplifies the assessment process for regulators, making it easier to evaluate different AI systems against a structured set of principles that are framed by the four conditions.The three domains of facilitators and inhibitors can aid in giving further structure for certain use cases.This streamlining may also decrease the legal uncertainty in Article 14, fostering a more consistent and predictable environment for AI providers and deployers alike, while providing a practical definition of effectiveness for deciding courts.This could also help uncover further shortcomings in Article 14(4): For instance, while understanding the system's output (c) can enhance epistemic access, understanding of the system's input can be equally crucial.Our conditions for effectiveness, when applied with expertise, make this need evident; whereas this need can be challenging to identify when relying solely on Article 14(4), which does not mention the system's input at all.
Consequently, the points listed in Table 1 can be understood as examples of how an assessment of the effectiveness of measures could be carried out.Defining effectiveness using our four conditions provides a practical framework that highlights the key aspects of effective oversight.Our approach is, therefore, well suited to assist standard-setting organizations and to clarify the rather broad requirements of Article 14(4).In addition, our proposed framework provides guidance to practitioners who do not wish to rely solely on technical standards.Finally, our approach can assist courts in the future by providing a framework for defining and assessing the effectiveness of human oversight.

LIMITATIONS AND FUTURE WORK
As discussed above, we see advantages brought about by our conceptualization of effective human oversight.Nevertheless, we also want to point out three limitations as well as future points to address.First, our conceptualization is designed for broad applicability across various AI-based systems, and thus shares a common criticism with the AI Act, namely that of residing on a high level of abstraction and that of vagueness, as discussed in Section 3.1.5.Dealing with these issues, especially in complex scenarios, requires (a) involving individuals with extensive expertise in the task at hand and (b) fostering collaboration in multidisciplinary teams to assess the impact on human oversight practice.Second, when we came up with the facilitators and inhibitors spelled out in Section 4, we realized that our conceptualization is helpful for thinking through conditions that could promote or hinder effective oversight.However, for some of the facilitators (or inhibitors), the question of which of the four conditions they contribute to (or hinder) depends on the concrete context.Moreover, for certain cases, the mapping from facilitators and inhibitors to conditions needs considerable empirical research, outside the scope of this conceptual paper.Third, we did not discuss the concept of human oversight itself in much detail, but focused only effectiveness of human oversight.So, while our paper is helpful in determining whether an instance of human oversight is effective, it is less helpful in assessing whether something is human oversight.However, our definition of effectiveness is broad enough to be applied to many roles along the AI pipeline, not only to oversight persons.Some more conceptual discussion of human oversight itself is, for instance, provided by [49].Future efforts will aim to enhance the practical applicability of our framework.We plan to develop a comprehensive practical framework, help to establish best practices, and create tools for implementing and auditing effective human oversight.These developments can benefit both policymakers and practitioners.This endeavor will require ongoing interdisciplinary collaboration, such as conducting empirical studies to validate and refine oversight mechanisms and designing holistic requirements for high-risk systems, oversight personnel, and their environments.Additionally, efforts should include creating educational programs and training for oversight persons, as well as engaging with regulatory bodies to ensure the ethical deployment of AI systems.

CONCLUSION
This paper has proposed an approach to effective human oversight -encompassing causal power, epistemic access, self-control, and fitting intentions -to remedy the lack of clarity surrounding the concept of effectiveness.This is a joint contribution of researchers in psychology, law, philosophy, and computer science.We argued that, in essence, a morally responsible oversight person with fitting intentions is generally suitable for mitigating risks associated with high-risk AI systems.We have identified facilitators and inhibitors of effectiveness in three categories, namely the technical design of the system, individual characteristics of oversight persons, and the environmental circumstances in which oversight occurs.Thereby, we have provided inspiration for steps towards a successful implementation of effective human oversight.We also discussed the extent to which our understanding of effective human oversight aligns with the European Union's upcoming AI Act, in particular Article 14 on human oversight.Our analysis suggests that the AI Act could benefit from incorporating more nuanced and structured conditions, such as those proposed in this paper.
In closing, we want to advocate for a balanced approach to effective human oversight.Without a concrete idea of what effectiveness is in the context of human oversight, no productive discussion of it is possible.On the one hand, we urge to not throw out the baby with the bathwater by per se dismissing human oversight as a safeguard without the necessary conceptual clarity.On the other hand, caution is warranted as well when emphatically including a notion of effective human oversight in regulations and guidelines without this conceptual clarity.Our interdisciplinary approach is intended to aid both advocates and critics of human oversight.For many relevant oversight contexts, the four conditions of effectiveness seem to provide a better picture of when and how human oversight is useful.We, therefore, believe that these conditions could form a pivot for future research on human oversight.

Figure 1 :
Figure 1: The four conditions of effectiveness in human oversight and their relation to moral responsibility.The person in the diagram depicts the human in charge of oversight and the graph a schematic depiction of their current decision situation: the node on the left is their current position, the edges are the actions that they could perform, and the nodes on the right are the consequences of their actions.

3. 1 . 5
Effectiveness.The above yields the following conceptualization of effectiveness in human oversight: Definition 3.5 (Effectiveness).An oversight person is effective in their human oversight if and only if they have causal power, epistemic access, self-control, and fitting intentions in the above senses.

Table 1 :
Overview of how exemplary facilitators (•) and inhibitors (•) usually contribute to the effectiveness of human oversight.