-
Cybersecurity Information Sharing Governance Structures: An Ecosystem of Diversity, Trust, and Tradeoffs
Authors:
Elaine M. Sedenberg,
James X. Dempsey
Abstract:
In recent years the cybersecurity policy debate in Washington has been dominated by calls for greater information sharing within the private sector, and between the private sector and the federal government. The passage of the Cybersecurity Information Sharing Act (CISA) (signed into law under the Cybersecurity Act of 2015) underscored federal efforts to collect information from the private sector…
▽ More
In recent years the cybersecurity policy debate in Washington has been dominated by calls for greater information sharing within the private sector, and between the private sector and the federal government. The passage of the Cybersecurity Information Sharing Act (CISA) (signed into law under the Cybersecurity Act of 2015) underscored federal efforts to collect information from the private sector, and assuaged some concerns regarding private sector liability in sharing activities. However, the law lacked specificity on how continued federal efforts would work with existing information sharing networks, and failed to address other challenges associated with sharing including trust building, privacy and propriety interests, reciprocation, and quality control. This paper aims to bring granularity to implementations of information sharing initiatives by creating a taxonomy of the governance and policy models within each of these organizations. The research shows how this diverse ecosystem of sharing models work together and separately, and the impact governance and policy have on key components critical to sharing infrastructure.
△ Less
Submitted 30 May, 2018;
originally announced May 2018.
-
Smile for the Camera: Privacy and Policy Implications of Emotion AI
Authors:
Elaine Sedenberg,
John Chuang
Abstract:
The introduction of artificial intelligence (AI) on visual images for emotional analysis obliterates the natural subjectivity and contextual dependence of our facial displays. Emotion AI places itself as an algorithmic lens on our digital artifacts and real-time interactions, creating the illusion of a new, objective class of data: our emotional and mental states. Building upon a rich network of e…
▽ More
The introduction of artificial intelligence (AI) on visual images for emotional analysis obliterates the natural subjectivity and contextual dependence of our facial displays. Emotion AI places itself as an algorithmic lens on our digital artifacts and real-time interactions, creating the illusion of a new, objective class of data: our emotional and mental states. Building upon a rich network of existing public photographs--as well as fresh feeds from surveillance footage or smart phone cameras--these emotion algorithms require no additional infrastructure or improvements on image quality. In order to examine the potential policy and legal remedies for emotion AI as an emerging technology, we first establish a framework of actors, collection motivations, time scales, and space considerations that differentiates emotion AI from other algorithmic lenses. Each of these elements influences available policy remedies, and should shape continuing discussions on the antecedent conditions that make emotional AI acceptable or not in particular contexts. Based on our framework of unique elements, we examine potential available policy remedies to prevent or remediate harm. Specifically, our paper looks toward the regulatory role of the Federal Trade Commission in the US, gaps in the EU's General Data Protection Regulation (GDPR) allowing for emotion data collection, and precedent set by polygraph technologies in evidentiary and use restrictions set by law. We also examine the way social norms and adaptations could grow to also modulate broader use. Given the challenges in controlling the flow of these data, we call for further research and attention as emotion AI technology remains poised for adoption.
△ Less
Submitted 1 September, 2017;
originally announced September 2017.
-
A Window into the Soul: Biosensing in Public
Authors:
Elaine Sedenberg,
Richmond Wong,
John Chuang
Abstract:
Biosensed information represents an emerging class of data with the potential for massive, systematic, and remote or casual collection of personal information about people. Biosensors capture physiological signals in addition to kinesthetic data to draw intimate inferences about individuals' mental states. The proliferation of sensors makes detection, interpretation, and inference of these previou…
▽ More
Biosensed information represents an emerging class of data with the potential for massive, systematic, and remote or casual collection of personal information about people. Biosensors capture physiological signals in addition to kinesthetic data to draw intimate inferences about individuals' mental states. The proliferation of sensors makes detection, interpretation, and inference of these previously subtle - or otherwise invisible - emotional and physiological signals possible from proximate and remote locations. These sensors pose unprecedented challenges to individual privacy in public through remote, precise, and passively collected data. This paper examines the unique nature and inferential potential of biosensed data by creating a taxonomy of signals that may be collected remotely, via casual contact, or from traces left behind, and considers how these data may be collected and used to create novel privacy concerns - particularly in public. Since biosignals may often be deduced from visual data, this paper uses historic and recent photography cases to explore how social norms evolved in response to remote collection in public. A contextual integrity privacy heuristic is then used to probe the need for new norms and remedies specifically for biosensing privacy threats. This analysis examines the extensibility of relevant legal frameworks in the European Union (EU) and United States (US) as a privacy remedy, and conclude with a brief outline of possible legal or social remedies that may address privacy needs in public with biosensing technologies.
△ Less
Submitted 10 May, 2018; v1 submitted 1 February, 2017;
originally announced February 2017.
-
Recovering the History of Informed Consent for Data Science and Internet Industry Research Ethics
Authors:
Elaine Sedenberg,
Anna Lauren Hoffmann
Abstract:
Respect for persons is a cornerstone value for any conception of research ethics--though how to best realize respect in practice is an ongoing question. In the late 19th and early 20th centuries, "informed consent" emerged as a particular way to operationalize respect in medical and behavioral research contexts. Today, informed consent has been challenged by increasingly advanced networked informa…
▽ More
Respect for persons is a cornerstone value for any conception of research ethics--though how to best realize respect in practice is an ongoing question. In the late 19th and early 20th centuries, "informed consent" emerged as a particular way to operationalize respect in medical and behavioral research contexts. Today, informed consent has been challenged by increasingly advanced networked information and communication technologies (ICTs) and the massive amounts of data they produce--challenges that have led many researchers and private companies to abandon informed consent as untenable or infeasible online.
Against any easy dismissal, we aim to recover insights from the history of informed consent as it developed from the late 19th century to today. With a particular focus on the United States policy context, we show how informed consent is not a fixed or monolithic concept that should be abandoned in view of new data-intensive and technological practices, but rather it is a mechanism that has always been fluid--it has constantly evolved alongside the specific contexts and practices it is intended to regulate. Building on this insight, we articulate some specific challenges and lessons from the history of informed consent that stand to benefit current discussions of informed consent and research ethics in the context of data science and Internet industry research.
△ Less
Submitted 12 September, 2016;
originally announced September 2016.
-
Designing Commercial Therapeutic Robots for Privacy Preserving Systems and Ethical Research Practices within the Home
Authors:
Elaine Sedenberg,
John Chuang,
Deirdre Mulligan
Abstract:
The migration of robots from the laboratory into sensitive home settings as commercially available therapeutic agents represents a significant transition for information privacy and ethical imperatives. We present new privacy paradigms and apply the Fair Information Practices (FIPs) to investigate concerns unique to the placement of therapeutic robots in private home contexts. We then explore the…
▽ More
The migration of robots from the laboratory into sensitive home settings as commercially available therapeutic agents represents a significant transition for information privacy and ethical imperatives. We present new privacy paradigms and apply the Fair Information Practices (FIPs) to investigate concerns unique to the placement of therapeutic robots in private home contexts. We then explore the importance and utility of research ethics as operationalized by existing human subjects research frameworks to guide the consideration of therapeutic robotic users -- a step vital to the continued research and development of these platforms. Together, privacy and research ethics frameworks provide two complementary approaches to protect users and ensure responsible yet robust information sharing for technology development. We make recommendations for the implementation of these principles -- paying particular attention to specific principles that apply to vulnerable individuals (i.e., children, disabled, or elderly persons)--to promote the adoption and continued improvement of long-term, responsible, and research-enabled robotics in private settings.
△ Less
Submitted 29 June, 2016; v1 submitted 13 June, 2016;
originally announced June 2016.