Saturday, March 28, 2020


It can’t hurt.
FPF Offers New Resources on Privacy and Pandemics
The  resources are accessible on the FPF website at fpf.org/privacy-and-pandemics.




Arguments are fun! (And entertaining)
A debate between AI experts shows a battle over the technology’s future
Since the 1950s, artificial intelligence has repeatedly overpromised and underdelivered. While recent years have seen incredible leaps thanks to deep learning, AI today is still narrow: it’s fragile in the face of attacks, can’t generalize to adapt to changing environments, and is riddled with bias. All these challenges make the technology difficult to trust and limit its potential to benefit society.
On March 26 at MIT Technology Review’s annual EmTech Digital event, two prominent figures in AI took to the virtual stage to debate how the field might overcome these issues.




Something to read when the library reopens.
Human Compatible: A timely warning on the future of AI
It’s very easy to dismiss warnings of the robot apocalypse. After all, virtually all of the field’s who’s who agree that we’re at least half-a-century away from achieving artificial general intelligence, the key milestone to developing an AI that can dominate humans. As for the AI that we have today, it can best be described as “idiot savant.” Our algorithms can perform remarkably well at narrow tasks but fail miserably when faced with situations that require general problem–solving skills.
But we should reflect on these warnings, if not take them at face value, computer scientist Stuart Russell argues in his latest book Human Compatible: Artificial Intelligence and the Problem of Control.
For the most part, current research in the field is focused on using more compute power and data to advance the field instead of seeking fundamentally new ways to create algorithms that can manifest intelligence.
Focusing on raw computing power misses the point entirely. Speed alone won’t give us AI,” Russell writes. Running flawed algorithms faster computer does have a bright side however: You get the wrong answer more quickly.



Friday, March 27, 2020


Interesting reading as background for my Security students. I would imagine North Korea is much harder to categorize.
https://www.zdnet.com/article/booz-allen-analyzed-200-russian-hacking-operations-to-better-understand-their-tactics/
Booz Allen analyzed 200+ Russian hacking operations to better understand their tactics
Russia uses its GRU military hackers following predictable patterns based on a public military doctrine.
Booz Allen Hamilton, the largest private contractor for the US intelligence community, has published a comprehensive report this week detailing 15 years (2004 to 2019) of cyber operations carried out by Russia's military hackers.
The report is a rarity in the cyber-security community because it focuses on the bigger picture of how Russia's military uses its hacking units to support its foreign policy all over the globe.
In a chunky 80-page report, Booz Allen analysts classified and arranged all the 200+ past GRU cyber-attacks into one of these 23 categories, showing how each cyber-attack was Russia's natural defensive mechanism of responding to the changing political environment around it.
The end conclusion of this report is that GRU offensive cyber operations can be predicted.






Perspective.
https://atlasvpn.com/blog/your-ssn-costs-less-than-a-starbucks-coffee-on-the-dark-web/
Your SSN costs less than a Starbucks coffee on the dark web
Flashpoint intelligence findings show that the services sold on the dark web can be divided into four main categories: stolen PII (personally identifiable information), stolen financial information, forged documents, and hacker services.
PII packages cost as little as $4. These packages usually include the victim’s full name, Social Security number, driver’s license number, passport number, and email address.






Now might be a good time to start planing.
https://www.cpomagazine.com/data-protection/study-shows-that-one-third-of-financial-services-companies-lack-clear-plans-to-address-privacy-risks/
Study Shows That One-Third of Financial Services Companies Lack Clear Plans to Address Privacy Risks
The report released from a survey carried out by Accenture shows a third of financial services companies lack clear plans or resources to address customer data privacy risks within the next 12 months.
The study “Privacy in Financial Services: Stature and Sustainability in the Information Age” involved 100 privacy risk executives in the banking, insurance, and capital markets in North America and Europe. The study focused on how financial services firms should store, protect, and use personal data in the face of the European Union’s General Data Protection Regulations (GDPR) and the California Consumer Privacy Act (CCPA).






How much is too much? More importantly, how much is too little?
https://www.cpomagazine.com/data-privacy/patient-privacy-vs-public-health-concerns-a-covid-19-case-study/
Patient Privacy vs Public Health Concerns: A COVID-19 Case Study
In response to the growing outbreak, the South Korean Ministry of Health and Welfare began making personal information about coronavirus patients public as early as Feb 18 in a move which sparked concerned around patient privacy.
While they refrained from publishing the names of the patients and other personally implicatable information (such as addresses and contact details) directly, South Korean public health officials did however provide explicit location details about the patients’ movements.
According to a report by the BBC, published on 5 March, one such mobile notification read:
A 43-year-old man, resident of Nowon district, tested positive for coronavirus. He was at his work in Mapo district attending a sexual harassment class. He contracted the virus from the instructor of the class.”






Worth considering… (Architecture)
https://www.cpomagazine.com/data-privacy/data-privacy-and-scalable-solutions-for-consent/
Data Privacy and Scalable Solutions for Consent
Companies must strive for transparency with their customers and establish trust through a consent system framework.
Best practices for creating a positive consent experience
Businesses can use compliance as an opportunity to make data privacy and consent a positive experience for consumers. A few things to consider:
    1. Talk to your legal department about how your business should request consent.
    2. Know your data workflow: Do you know what kind of data you are collecting? Is it all necessary? Who are your partners? Be selective in what data you capture.
    3. Research consent management tools. Tools such as Intelligent Consent Manager TM help capture and manage consent even downstream regardless of platform (web or connected device), maintaining a user’s consent preferences as they move around, rather than pestering them with interruptive notices. With the regulatory climate subject to change, it’s the job of measurement providers such as Kochava to stay abreast of regulatory changes.
    4. Work with only trusted partners; and ensure they are compliant and have no questionable practices.
    5. Establish trust through your consent process. Make your policies clear and use compliance as an opportunity to educate your consumers and build trust.






Difficult to control (and detect?)
https://www.bespacific.com/the-law-and-economics-of-online-republication/
The Law and Economics of Online Republication
Perry, Ronen, The Law and Economics of Online Republication (March 10, 2020). Iowa Law Review, Forthcoming. Available at SSRN: https://ssrn.com/abstract=3552301
Jerry publishes unlawful content about Newman on Facebook, Elaine shares Jerry’s post, the share automatically turns into a tweet because her Facebook and Twitter accounts are linked, and George immediately retweets it. Should Elaine and George be liable for these republications? The question is neither theoretical nor idiosyncratic. On occasion, it reaches the headlines, as when Jennifer Lawrence’s representatives announced she would sue every person involved in the dissemination, through various online platforms, of her illegally obtained nude pictures. Yet this is only the tip of the iceberg. Numerous potentially offensive items are reposted daily, their exposure expands in widening circles, and they sometimes “go viral.”
This Article is the first to provide a law and economics analysis of the question of liability for online republication. Its main thesis is that liability for republication generates a specter of multiple defendants which might dilute the originator’s liability and undermine its deterrent effect. The Article concludes that, subject to several exceptions and methodological caveats, only the originator should be liable. This seems to be the American rule, as enunciated in Batzel v. Smith and Barrett v. Rosenthal. It stands in stark contrast to the prevalent rules in other Western jurisdictions and has been challenged by scholars on various grounds since its very inception..”






Perspective. War and pandemics are economic events.
https://fivethirtyeight.com/features/what-should-the-government-spend-to-save-a-life/
What Should The Government Spend To Save A Life?
Economists might not be able to say how much an individual person’s existence is worth, but they have figured out a way to calculate how much how much the average person is willing to pay to reduce the risk of death — which allows them to put a price tag on the collective value of saving one life. That figure, which currently hovers somewhere around $9 or $10 million, is known as the “value of statistical life,” and it’s the basis for all kinds of high-stakes decisions that involve tradeoffs between public safety and economic cost — from food and automobile regulations to our responses to climate change.
As cold-blooded as it might seem, several economists told me that, at least in theory, a pandemic is exactly the kind of situation this metric is designed to help with. “Essentially, we’re trying to figure out what our society is willing to pay to reduce the risk of mortality,” said W. Kip Viscusi, an economist at Vanderbilt University and one of the leading experts on these calculations. “In that sense, a pandemic isn’t so different from a terrorist attack or a pollutant that’s threatening to kill large numbers of people — it’s just happening very quickly and on a very large scale.”






Worth reviewing, even if you don’t need it right now.
https://www.makeuseof.com/tag/remote-work-resources-to-work-from-home-productively/
5 Remote Work Resources to Work From Home Productively
The Coronavirus threat has led to a surge in the number of people working from their homes. It’s not a normal environment for many, but hey, remote working isn’t a new concept. People have been doing it for a long time, and you can draw upon their experience and advice.
In fact, even if you have been a non-office worker for some time, you can still gain a lot from the new tools and tips cropping up in the wake of this outbreak.




Thursday, March 26, 2020


Another country heard from.
Hunton Andrews Kurth writes:
The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, the “Dutch DPA”) recently published materials regarding the COVID-19 crisis, including recommendations and FAQs for employers and recommendations for employees. In the materials, the Dutch DPA emphasizes that, while fighting the virus and saving lives is the top priority, privacy must not be overlooked and the crisis should not become a prelude to a “Big Brother” society.
Read more on Privacy & Information Security Law Blog. For starters, employers cannot even ASK their employees about their health, much less test them. Take it from there….




It’s not surveillance, it’s medicine.
Joe Cadillic writes:
The biometrics industry has never been known to miss an opportunity to make a profit. Especially when it comes at the expense of everyone’s privacy.
Since the outbreak of COVID-19, facial recognition companies have been hard at work creating a new sales pitch that will allow them to maximize their profits.
Across the globe, facial recognition companies are hard at work trying to convince politicians, law enforcement and the public that thermal imaging cameras will help stop the spread of COVID-19.
Read more on MassPrivateI.




Interesting.
A Closer Look at Location Data: Privacy and Pandemics
In this series, Privacy and Pandemics, the Future of Privacy Forum explores the challenges posed by the COVID-19 crisis to existing ethical, privacy, and data protection frameworks, and will seek to provide information and guidance to companies and researchers interested in responsible data sharing to support public health response. Future posts will examine pandemic-tracking mobile apps, regulatory guidance across the world, and more.




First comparison by infographic I’ve seen.
Comparing the CCPA and the GDPR
[Another link to the infographic: https://termly.io/resources/infographics/gdpr-vs-ccpa/




Making sense of AI, without AI.
Google and the Oxford Internet Institute explain artificial intelligence basics with the ‘A-Z of AI’
Artificial intelligence (AI) is informing just about every facet of society, from detecting fraud and surveillance to helping countries battle the current COVID-19 pandemic. But AI is a thorny subject, fraught with complex terminology, contradictory information, and general confusion about what it is at its most fundamental level. This is why the Oxford Internet Institute (OII), the social and computer science department of the U.K.’s University of Oxford, has partnered with Google to launch a portal with a series of explainers outlining what AI actually is — including the fundamentals, ethics, its impact on society, and how it’s created.
At launch, the “A-Z of AI” covers 26 topics, including bias and how AI is used in climate science, ethics, machine learning, human-in-the-loop, and Generative adversarial networks (GANs).




Even the government? AI must be a “thing.”
Artificial Intelligence in Action
Federal agencies are laying the groundwork now for how artificial intelligence, machine learning and automation may change their operations in not-so-distant future.
In this ebook, Nextgov examines how AI and other technologies are advancing across the government, and what the technological horizon might look like.




Perspective.
Facebook, Google Could Lose Over $44 Billion in Ad Revenue in 2020 Because of Coronavirus
Ad spending is falling off a cliff amid the COVID-19 pandemic — and Facebook and Google, the two heavyweights in digital advertising, are expected to bear the brunt of the downturn in terms of sheer dollars lost.
The two internet giants together could see more than $44 billion in worldwide ad revenue evaporate in 2020, Cowen & Co. analysts estimate. That said, both Google and Facebook will continue to be massively profitable even with double-digit revenue drops.


(Related)
Pandemic Economics: ‘Much Worse, Very Quickly’




The most popular tool?
How to Use Zoom for Online Meetings



Wednesday, March 25, 2020


Darwin was a techie? Who knew?
Researchers propose paradigm that trains AI agents through evolution
A paper published by researchers at Carnegie Mellon University, San Francisco research firm OpenAI, Facebook AI Research, the University of California at Berkeley, and Shanghai Jiao Tong University describes a paradigm that scales up multi-agent reinforcement learning, where AI models learn by having agents interact within an environment such that the agent population increases in size over time. By maintaining sets of agents in each training stage and performing mix-and-match and fine-tuning steps over these sets, the coauthors say the paradigm — Evolutionary Population Curriculum — is able to promote agents with the best adaptability to the next stage.




Pretend you are healthier than you are?
Who Should Be Saved First? Experts Offer Ethical Guidance
Facing this dilemma recently — who gets a ventilator or a hospital bed — Italian doctors sought ethical counsel and were told to consider an approach that draws on utilitarian principles.
In layman’s terms, a utilitarianism approach would maximize overall health by directing care toward those most likely to benefit the most from it. If you had only one ventilator, it would go to someone more likely to survive instead of someone deemed unlikely to do so. It would not go to whichever patient was first admitted, and it would not be assigned via a lottery system. (If there are ties within classes of people, then a lottery — choosing at random — is what ethicists recommend.)




Does/will this rise to bio-terrorism? (And some tools we didn’t know existed)
AI snitches on naughty Brits who won’t stay home during coronavirus pandemic
The results suggest that stricter measures to tackle the coronavirus are needed
The results show that the government’s laissez-faire response to the outbreak wasn’t working. The findings will be welcomed by people calling for stricter measures to tackle the pandemic, which critics fear are leading us to a 9/11-style erosion of civil liberties.


(Related)
Smartphone data reveal which Americans are social distancing (and not)
Washington Post – “If you have a smartphone, you’re probably contributing to a massive coronavirus  surveillance system. And it’s revealing where Americans have — and haven’t — been practicing social distancing. On Tuesday, a company called Unacast that collects and analyzes phone GPS location data launched a “Social Distancing Scoreboard that grades, county by county, which residents are changing behavior at the urging of health officials. It uses the reduction in the total distance we travel as a rough index for whether we’re staying put at home.
Comparing the nation’s mass movements from March 20 to an average Friday, Washington, D.C., gets an A, while Wyoming as a whole earns an F. How do they know that? Efforts to track public health during the coronavirus pandemic are a reminder of the many ways phones reveal our personal lives, both as individuals and in the aggregate. Unacast’s location data comes from games, shopping and utility apps that tens of millions of Americans have installed on their phones — information the company normally analyzes for retailers, real estate firms and marketers…”


(Related)
Coronavirus: S'pore Government to make its contact-tracing app freely available to developers worldwide
Launched last Friday, the TraceTogether app can identify people who have been within 2m of coronavirus patients for at least 30 minutes, using wireless Bluetooth technology. Its developers say the app is useful when those infected cannot recall whom they had been in close proximity with for an extended duration.
For the app to start tracing, the Bluetooth setting on mobile phones has to be turned on.
If a user gets infected, the authorities will be able to quickly find out the other users he has been in close contact with, allowing for easier identification of potential cases and helping curb the spread of the virus.




Shouldn’t everyone own their data?
New Research from Newark Reveals Strong Adoption of Artificial Intelligence within the Internet of Things Ecosystem
Newark published new research on the Internet of Things (IoT) which confirms strong adoption of Artificial Intelligence (AI) within IoT devices. The company’s research showed that 49% of respondents already use AI in their IoT applications, with Machine Learning (ML) the most used technology (28%), followed by cloud-based AI (19%).
Other statistics that came from the survey are listed:
  • 70% of respondents prefer to own the data collected by an edge device as opposed to it being owned by the IoT solution provider.
  • 46% of engineers prefer to design a complete edge-to-cloud and security solution themselves
  • 54% of respondents are adopting off-the-shelf hardware




Worth exploring?
ABA digital resources available for students and teachers
As students and teachers rely more on remote learning amid the COVID-19 health emergency, the American Bar Association Division for Public Education is offering free digital resources on legal topics. The resources provide a way to explore current and historical information about the law to help boost learning though school doors are closed. As teachers and students are faced with taking on new educational digital opportunities and responsibilities, the Division for Public Education is committed to its mission to advance the public understanding of law and its role in society. Resources include a toolkit on the 19th Amendment, a digital magazine for teachers called Insights on Law & Society, lesson plans for Law Day, and a classroom resource on current Supreme Court cases.”




Grab it now?
Announcing a National Emergency Library to Provide Digitized Books to Students and the Public
To address our unprecedented global and immediate need for access to reading and research materials, as of today, March 24, 2020, the Internet Archive will suspend waitlists for the 1.4 million (and growing) books in our lending library by creating a National Emergency Library to serve the nation’s displaced learners. This suspension will run through June 30, 2020, or the end of the US national emergency, whichever is later.
This library brings together all the books from Phillips Academy Andover and Marygrove College, and much of Trent University’s collections, along with over a million other books donated from other libraries to readers worldwide that are locked out of their libraries.



Tuesday, March 24, 2020


Amazon to the rescue? Will they find a high volumr source for test kits?
Amazon will deliver at-home COVID-19 test kits in Seattle trial
Amazon is playing a direct role in COVID-19 relief beyond shipping essentials to people sheltering at home. Amazon Care, the division providing healthcare to company staff, is partnering with the Gates Foundation-backed Seattle Coronavirus Assessment Network to deliver and pick up at-home COVID-19 testing kits as part of a trial. The number of kits will be limited, but should help widen testing for the virus without relying on conventional mail and courier deliveries.


(Related) Reducing the economic impact?
Big Tech Could Emerge From Coronavirus Crisis Stronger Than Ever
The New York Times – Amazon is hiring aggressively to meet customer demand. Traffic has soared on Facebook and YouTube. And cloud computing has become essential to home workers: “…While the rest of the economy is tanking from the crippling impact of the coronavirus, business at the biggest technology companies is holding steady — even thriving. Amazon said it was hiring 100,000 warehouse workers to meet surging demand. Mark Zuckerberg, Facebook’s chief executive, said traffic for video calling and messaging had exploded. Microsoft said the numbers using its software for online collaboration had climbed nearly 40 percent in a week. With people told to work from home and stay away from others, the pandemic has deepened reliance on services from the technology industry’s biggest companies while accelerating trends that were already benefiting them. Amazon has muscled in on brick-and-mortar retailers for years, but shoppers now reluctant to go to the store are turning to the e-commerce giant for a wider variety of goods, like groceries and over-the-counter drugs. Streaming services like Netflix have dampened box office sales for movies in recent years. Now, as movie theaters close under government orders, Netflix and YouTube are gaining a new audience…”


(Related) How hard would it be to ask phone companies to push government messages to their users?
Government ignored advice to set up UK emergency alert system
The government does not have the ability to send advice on coronavirus directly to Britons’ mobile phones, after repeatedly ignoring its own findings that an emergency messaging system could help the country in times of crisis.




Another perspective.
Machine learning and artificial intelligence research for patient benefit: 20 critical questions on transparency, replicability, ethics, and effectiveness