-
A new framework for global data regulation
Authors:
Ellie Graeden,
David Rosado,
Tess Stevens,
Mallory Knodel,
Rachele Hendricks-Sturrup,
Andrew Reiskind,
Ashley Bennett,
John Leitner,
Paul Lekas,
Michelle DeMooy
Abstract:
Under the current regulatory framework for data protections, the protection of human rights writ large and the corresponding outcomes are regulated largely independently from the data and tools that both threaten those rights and are needed to protect them. This separation between tools and the outcomes they generate risks overregulation of the data and tools themselves when not linked to sensitiv…
▽ More
Under the current regulatory framework for data protections, the protection of human rights writ large and the corresponding outcomes are regulated largely independently from the data and tools that both threaten those rights and are needed to protect them. This separation between tools and the outcomes they generate risks overregulation of the data and tools themselves when not linked to sensitive use cases. In parallel, separation risks under-regulation if the data can be collected and processed under a less-restrictive framework, but used to drive an outcome that requires additional sensitivity and restrictions. A new approach is needed to support differential protections based on the genuinely high-risk use cases within each sector. Here, we propose a regulatory framework designed to apply not to specific data or tools themselves, but to the outcomes and rights that are linked to the use of these data and tools in context. This framework is designed to recognize, address, and protect a broad range of human rights, including privacy, and suggests a more flexible approach to policy making that is aligned with current engineering tools and practices. We test this framework in the context of open banking and describe how current privacy-enhancing technologies and other engineering strategies can be applied in this context and that of contract tracing applications. This approach for data protection regulations more effectively builds on existing engineering tools and protects the wide range of human rights defined by legislation and constitutions around the globe.
△ Less
Submitted 24 August, 2023;
originally announced August 2023.
-
Slicing the Network: Maintaining Neutrality, Protecting Privacy, and Promoting Competition
Authors:
Nick Doty,
Mallory Knodel
Abstract:
The principles of net neutrality have been essential for maintaining the diversity of services built on top of the internet and for maintaining some competition between small and large providers of those online services. That diversity and competition, in turn, provide users with a broader array of choices for seeking online content and disseminating their own speech. Furthermore, in order for the…
▽ More
The principles of net neutrality have been essential for maintaining the diversity of services built on top of the internet and for maintaining some competition between small and large providers of those online services. That diversity and competition, in turn, provide users with a broader array of choices for seeking online content and disseminating their own speech. Furthermore, in order for the internet to be used to its full potential and to protect the human rights of internet users, we need privacy from surveillance and unwarranted data collection by governments, network providers, and edge providers.
The transition to 5G mobile networks enables network operators to engage in a technique called network slicing. The portion of a network that is sliced can be used to provide a suite of different service offerings, each tailored to specific purposes, instead of a single, general-purpose subscription for mobile voice and data. This requires a careful approach. Our report describes the technologies used for network slicing and outlines recommendations -- for both operators and regulators -- to enable network slicing while maintaining network neutrality, protecting privacy, and promoting competition.
△ Less
Submitted 10 August, 2023;
originally announced August 2023.
-
Outside Looking In: Approaches to Content Moderation in End-to-End Encrypted Systems
Authors:
Seny Kamara,
Mallory Knodel,
Emma Llansó,
Greg Nojeim,
Lucy Qin,
Dhanaraj Thakur,
Caitlin Vogus
Abstract:
In this paper, we assess existing technical proposals for content moderation in End-to-End Encryption (E2EE) services. First, we explain the various tools in the content moderation toolbox, how they are used, and the different phases of the moderation cycle, including detection of unwanted content. We then lay out a definition of encryption and E2EE, which includes privacy and security guarantees…
▽ More
In this paper, we assess existing technical proposals for content moderation in End-to-End Encryption (E2EE) services. First, we explain the various tools in the content moderation toolbox, how they are used, and the different phases of the moderation cycle, including detection of unwanted content. We then lay out a definition of encryption and E2EE, which includes privacy and security guarantees for end-users, before assessing current technical proposals for the detection of unwanted content in E2EE services against those guarantees.
We find that technical approaches for user-reporting and meta-data analysis are the most likely to preserve privacy and security guarantees for end-users. Both provide effective tools that can detect significant amounts of different types of problematic content on E2EE services, including abusive and harassing messages, spam, mis- and disinformation, and CSAM, although more research is required to improve these tools and better measure their effectiveness. Conversely, we find that other techniques that purport to facilitate content detection in E2EE systems have the effect of undermining key security guarantees of E2EE systems.
△ Less
Submitted 9 February, 2022;
originally announced February 2022.