Saturday, October 30, 2021

We should be glad someone recognized this, at last.

https://www.healthcareitnews.com/news/machine-learning-can-revolutionize-healthcare-it-also-carries-legal-risks

Machine learning can revolutionize healthcare, but it also carries legal risks

Fisher, who is moderating a panel on the subject at the HIMSS Machine Learning & AI for Healthcare event this December, described two main areas of legal concern: cybersecurity and bias.



A handy summary.

https://www.insideprivacy.com/uncategorized/eu-privacy-data-and-consumer-legislative-updates-of-the-past-month/

EU Privacy, Data and Consumer Legislative Updates of the Past Month



Heading there. A summary of the attacks/obstacles they face.

https://www.makeuseof.com/is-big-tech-in-trouble/

The End of an Era: Is Big Tech in Trouble?

Many governments have grown tougher on big technology companies. Is this the end of an era for them?


Related. (Seems to be on a lot of minds)

https://www.foreignaffairs.com/articles/world/2021-10-28/fall-and-rise-techno-globalism

The Fall and Rise of Techno-Globalism

Democracies Should Not Let the Dream of the Open Internet Die



Resources

https://www.makeuseof.com/best-online-courses-advanced-excel/

The 5 Best Online Courses to Master Advanced Excel


Friday, October 29, 2021

Willie Sutton robbed banks “Because that’s where the money is.” Are law firms attractive targets because of their data?

https://www.databreaches.net/another-law-firm-gets-hit-and-yes-medical-info-was-in-its-files/

Another law firm gets hit….. and yes, medical info was in its files

Today’s reminder that law firms have a wealth of personal, sensitive, and medically related info that is often not covered by HIPAA.

Coughlin & Cerhart (C&G) law firm in New York experienced a security breach in early April. It is not clear from their press release whether this was a ransomware attack or not, and DataBreaches.net has reached out to them to ask for clarification on the nature of the attack, but for now, and of note:

What Information Was Involved? C&G determined that the information impacted by this event varied by individual but may include certain individuals’ names, addresses, Social Security numbers, driver’s license numbers, passport numbers, financial account information, medical information, and health insurance information

Their full press release can be found here.



What duty to act as ‘sole custodian?’

https://www.databreaches.net/uk-tesco-worker-compensated-after-supermarket-lost-15-years-of-her-medical-records/

UK: Tesco worker compensated after supermarket lost 15 years of her medical records

Tristan Cork reports:

A woman from Bristol has been awarded £3,000 in compensation after discovering Tesco had lost 15 years of her employment records, including sensitive medical information.
Jacqueline Ogborne worked for the supermarket chain for 30 years but said the data breach left her ‘feeling violated’.
The 55-year-old only discovered Tesco had lost her employment records, which included counselling notes and personal medical information about her post-natal depression, when she requested it all as part of a employment tribunal claim.

Read more on Bristol Live.



Were you expecting a massive fraud?

https://www.nytimes.com/2021/10/28/technology/clearview-ai-test.html

Clearview AI finally takes part in a federal accuracy test.

Clearview AI scraped more than 10 billion photos from the public internet to build a facial-recognition tool that it marketed to law enforcement agencies for identifying unknown people. Critics have said the company’s product is illegal, unethical and untested. Now, more than two years after law enforcement officers first started using the company’s app, Clearview’s algorithm — what allows it to match faces to photos — has been put to a third-party test for the first time. It performed surprisingly well.

In a field of over 300 algorithms from over 200 facial recognition vendors, Clearview ranked among the top 10 in terms of accuracy, alongside NTechLab of Russia, Sensetime of China and other more established outfits. But the test that Clearview took reveals how accurate its algorithm is at correctly matching two different photos of the same person, not how accurate it is at finding a match for an unknown face in a database of 10 billion of them.

NIST has been testing the accuracy of face recognition vendors since 2000, but participation is voluntary and testing isn’t required for government agencies to buy the technology. Though its accuracy had never been audited by NIST, Clearview AI claims thousands of local and state police departments as customers; a recent report from the Government Accountability Office also cited use by a number of federal agencies, including the F.B.I., the Secret Service and the Interior Department.



Tools & Techniques.

https://www.fedscoop.com/machine-learning-and-ai-may-help-5g-cloud-providers-detect-sophisticated-attacks-nsa/

Machine learning and AI may help 5G cloud providers detect sophisticated attacks — NSA

Artificial intelligence and machine learning systems may help 5G cloud providers detect the presence of sophisticated attackers and other security incidents, according to new guidance from the National Security Agency.

In a report published on Thursday, the intelligence agency said that while technology providers would have to balance data confidentiality requirements with the ability to inspect network traffic, sophisticated real-time continuous monitoring may be crucial in detecting the malicious use of cloud resources.

Stakeholders at all layers of the 5G cloud stack should leverage an analytic platform to develop and deploy analytics that process relevant data (cloud logs and other telemetry) available at that layer. The analytics should be capable of detecting known and anticipated threat, but also be designed to identify anomalies in the data that could indicate unanticipated threat,” the agency said in the document.

https://media.defense.gov/2021/Oct/28/2002881720/-1/-1/0/SECURITY_GUIDANCE_FOR_5G_CLOUD_INFRASTRUCTURES_PART_I_20211028.PDF



Perspective.

https://www.theverge.com/22749919/mark-zuckerberg-facebook-meta-company-rebrand?scrolla=5eb6d68b7fedc32c19ef33b4

MARK ZUCKERBERG ON WHY FACEBOOK IS REBRANDING TO META

For the first time in 17 years, Mark Zuckerberg has a new job title.

On Thursday, he officially became the CEO and chairman of Meta, the new parent company name for Facebook. The rebrand is about solidifying the social media giant as being about the metaverse, which Zuckerberg sees as the future of the internet. Zuckerberg is staying in control of everything. He told me in an interview that, unlike the founders of Google who stepped aside in 2015 when it became part of a holding company called Alphabet, he has no plans to give up the top job.



Rather insightful…

https://sloanreview.mit.edu/article/rethinking-assumptions-about-how-employees-work/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+mitsmr+%28MIT+Sloan+Management+Review%29

Rethinking Assumptions About How Employees Work

A management meme of the last year asks, “Who led digital transformation in your company?” The answer is not the CEO or COO or CIO. It’s COVID-19.

While darkly funny, it highlights an important point. The pandemic unleashed unprecedented levels of change in the business environment. In April 2020, soon after much of the world entered lockdown, Microsoft CEO Satya Nadella said, “We’ve seen two years’ worth of digital transformation in two months.”

… In this first of three articles, I lay out a set of assumptions about how employees work that may need rethinking in your business. In my next two articles, I will examine assumptions around the customer experience and digital transformation.



Perspective.

https://www.bespacific.com/how-do-you-define-legal-tech/

How Do You Define ‘Legal Tech’?

Artificial Lawyer: “What is legal tech? How can we define the term? It sounds easy, but try and figure out where it begins and where it ends, and you soon find yourself in a logic puzzle. Artificial Lawyer asked a range of experts from across the market how they would define ‘legal tech’. Here is what they said…

[snipped] Legal technology is generally understood to include technology and software aimed at the legal services market, which means it is necessarily quite broad. ‘However, I think the line needs to be drawn on whether the technology was conceived or designed to (i) support a lawyer to deliver services to clients in a new or more efficient way (ii) enable a consumer to access legal advice in new or more efficient way or (iii) to entirely disrupt a legal process.’ And that third aspect stands out, i.e. that it could be tech that isn’t just to help lawyers, or help people with legal services, but completely changes a legal process…”



Tools & Techniques

https://www.bespacific.com/the-research-and-writing-template/

The Research and Writing Template

Kitenge, Erick and Trautman, Lawrence J., The Research and Writing Template (August 26, 2021). Available at SSRN: https://ssrn.com/abstract=3911637 or http://dx.doi.org/10.2139/ssrn.3911637

While every business school discipline (accounting, business law, communication, economics, entrepreneurship, finance, management, marketing, organizational behavior, and strategy) each possess scholarly trends and momentary fashion, scholarly research and writing has developed over the years in a manner that lends itself to some useful generalizations. Particularly for young scholars who are new to the challenges of research methods, a clear picture of at least one acceptable approach to the articulation of a research problem seems useful. We have drafted this introductory reading with a view toward providing just that, some initial thoughts to prod the thinking about the research and writing process. We seek to provide a quick read of thirty minutes or less to set the stage for all the hard work, dismissed ideas, and blind alleys that inevitably confront the PhD student about to embark on a journey that will hopefully lead, just a few years later, to a relatively quick (maybe a year or two less than the norm) completion of a thoughtful, cogent, and important dissertation having “real world” scholarly impact.”


Thursday, October 28, 2021

Copied from other areas… Is this the best we can do?

https://www.raps.org/news-and-articles/news-articles/2021/10/regulators-release-10-principles-for-good-machine

Regulators release 10 principles for good machine learning practice

Regulators from the US, Canada, and the United Kingdom unveiled 10 principles to guide the development of good machine learning practice for medical devices.

The principles are meant to be used to drive the adoption of good practices that have been proven in other sectors, to help tailor those practices so that they are applicable to medical technology, and to create new practices specific to the health care sector.



Does this help?

https://thenextweb.com/news/a-beginners-guide-ai-ethics

A beginner’s guide to AI: Ethics

Welcome to Neural’s beginner’s guide to AI. This multi-part feature should provide you with a very basic understanding of what AI is, what it can do, and how it works. The guide contains articles on (in order published) neural networks, computer vision, natural language processing, algorithms, artificial general intelligence, the difference between video game AI and real AI, and the difference between human and machine intelligence.



Apparently they do not record these lectures…

https://www.dailyprincetonian.com/article/2021/10/kate-crawford-princeton-artificial-intelligence

Scholar Kate Crawford speaks on the social implications of AI technology

In conversation with political theorist Wendy Brown GS ’83, prominent artificial intelligence (AI) scholar Kate Crawford spoke about the environmental, moral, and social dimensions of AI as a technology of data and physical extraction, including her thoughts on the technology’s future.

The conversation drew on Crawford’s latest book, “The Atlas of AI: Power, Politics and the Planetary Costs of Artificial Intelligence,” and covered the role of AI in a capitalist framework, its inherent biases, and efforts to democratize the technology.

… Crawford addressed three of her book’s eight chapters: “Earth,” “Labor,” and “Data.” Speaking to the forms of human labor needed to make current AI and the increasing tendency to treat humans like robots through AI, Crawford critiqued the application of artificial intelligence to social institutions like education and healthcare.



Another route to information.

https://www.bespacific.com/giant-free-index-to-worlds-research-papers-released-online/

Giant, free index to world’s research papers released online

Nature – Catalogue of billions of phrases from 107 million papers could ease computerized searching of the literature. In a project that could unlock the world’s research papers for easier computerized analysis, an American technologist has released online a gigantic index of the words and short phrases contained in more than 100 million journal articles — including many paywalled papers. The catalogue, which was released on 7 October and is free to use, holds tables of more than 355 billion words and sentence fragments listed next to the articles in which they appear. It is an effort to help scientists use software to glean insights from published work even if they have no legal access to the underlying papers, says its creator, Carl Malamud. He released the files under the auspices of Public Resource, a non-profit corporation in Sebastopol, California that he founded. Malamud says that because his index doesn’t contain the full text of articles, but only sentence snippets up to five words long, releasing it does not breach publishers’ copyright restrictions on the re-use of paywalled articles. However, one legal expert says that publishers might question the legality of how Malamud created the index in the first place…”


Wednesday, October 27, 2021

This would have been trivial except for the “government system” in every gas station. Increases risk exponentially.

https://www.databreaches.net/cyber-attack-closes-irans-petrol-stations/

Cyber attack closes Iran’s petrol stations

Jon Gambrell reports:

A cyber attack has targeted petrol stations across Iran, shutting down a government system managing fuel subsidies and leaving angry motorists stranded in long lines at shuttered stations.
No group immediately claimed responsibility for the attack on Tuesday, though it bore similarities to another months earlier that seemed to directly challenge Iran’s Supreme Leader Ayatollah Ali Khamenei as the country’s economy buckles under American sanctions.

Read more on The Maitland Mercury


(Related) Large corporations are still less than an entire industry. (Even with no computers, them thar cows gotta be milked!)

https://www.databreaches.net/schreiber-foods-hit-with-cyberattack-milk-processing-plants-closed/

Schreiber Foods hit with cyberattack; milk processing plants closed

Jan Shepel reports:

Milk distribution was in disarray in Wisconsin this week as one of the state’s larger milk processors, Schreiber Foods, was victimized by hackers demanding a rumored $2.5 million ransom to unlock their computer systems.

The cyberattack on the dairy processor came just as the New York Times published a front-page article headlined “Russia restarts cyber operations, despite rebuke” – referring to Russian-linked hackers. The article, which appeared Monday, Oct. 25, 2021, outlines how “Russia’s premiere intelligence agency has launched another campaign” to pierce computer networks of the U.S. government, corporations and think tanks.

Read more on Wisconsin State Farmer.



Does this indicate the identification of a coordinated Chinese intelligence gathering effort?

https://krebsonsecurity.com/2021/10/fbi-raids-chinese-point-of-sale-giant-pax-technology/

FBI Raids Chinese Point-of-Sale Giant PAX Technology

U.S. federal investigators today raided the Florida offices of PAX Technology, a Chinese provider of point-of-sale devices used by millions of businesses and retailers globally. KrebsOnSecurity has learned the raid is tied to reports that PAX’s systems may have been involved in cyberattacks on U.S. and E.U. organizations.

Headquartered in Shenzhen, China, PAX Technology Inc. has more than 60 million point-of-sale terminals in use throughout 120 countries. Earlier today, Jacksonville, Fla. Based WOKV.com reported that agents with the FBI and Department of Homeland Security (DHS) had raided a local PAX Technology warehouse.

In an official statement, investigators told WOKV only that they were executing a court-authorized search at the warehouse as a part of a federal investigation, and that the inquiry included the Department of Customs and Border Protection and the Naval Criminal Investigative Services (NCIS). The FBI has not responded to requests for comment.


(Related)

https://arstechnica.com/tech-policy/2021/10/fcc-kicks-china-telecom-americas-out-of-us-cites-chinese-government-control/

FCC kicks China Telecom Americas out of US, cites Chinese government control

The Federal Communications Commission today voted to block China Telecom Americas from the US market, saying that the "US subsidiary of a Chinese state-owned enterprise" is "subject to exploitation, influence, and control by the Chinese government." The telco "is highly likely to be forced to comply with Chinese government requests without sufficient legal procedures subject to independent judicial oversight," the FCC said.

The vote was 4-0 with both Democrats and both Republicans approving the order to revoke and terminate China Telecom's Section 214 authority to operate in the US. The FCC said its order "directs China Telecom Americas to discontinue any domestic or international services that it provides pursuant to its Section 214 authority within sixty days following the release of the order."



Read the article, hope they correct the link…

https://thehackernews.com/2021/10/ebook-guide-to-centralized-log.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Cyber+Security+Blog%29

[eBook] The Guide to Centralized Log Management for Lean IT Security Teams

One of the side effects of today’s cyber security landscape is the overwhelming volume of data security teams must aggregate and parse. Lean security teams don’t have it any easier, and the problem is compounded if they must do it manually. Data and log management are essential for organizations to gain real-time transparency and visibility into security events.

XDR provider Cynet has offered up a new guide (read it here ) that helps lean organizations understand the importance of centralized log management (CLM). The truth is that even the most well-stocked and staffed teams would have trouble manually handling their log management needs, which is why organizations are increasingly going the automated route.



Becoming ethical...

https://www.bespacific.com/new-deloitte-report-explains-how-facebook-and-all-tech-companies-have-to-change-to-be-more-ethical/

New Deloitte report explains how Facebook and all tech companies have to change to be more ethical

Tech Republic: “A new report from Deloitte highlights the choice many tech companies are facing when it comes to business ethics. Is it possible to hold onto business as usual or is it time to make ethics at least as important as profits. The report released on Wednesday, “Beyond good intentions” spells out the contradictory forces at work. In a survey of tech professionals, 82% strongly agreed that their company was ethical. In the same survey, only 24% strongly agreed that the tech industry takes an ethical approach to the products and services that it creates. Another Deloitte survey of Millennials and Gen Z found that 70% of both groups think corporations focus more on their own agenda than the impact on society. ..”

https://www2.deloitte.com/us/en/insights/industry/technology/ethical-dilemmas-in-technology.html



What must change for AI? Everything.

https://venturebeat.com/2021/10/26/infrastructure-and-data-issues-hamper-companies-adopting-ai-study-finds/

Infrastructure and data issues hamper companies adopting AI, study finds

More than three-quarters of companies say that they have AI models that never come into use. For 20% of companies, the numbers look even worse, with only 10% of their models making it into production.

That’s according to a new survey commissioned by Run:AI, which found that infrastructure challenges are causing resources to sit idle at companies investing in AI. “[I]f most AI models never make it into production, the promise of AI is not being realized,” Run:AI CEO Omri Geller said in a statement. “Our survey revealed that … data scientists are requesting manual access to GPUs, and the journey to the cloud is ongoing.”

The full survey can be downloaded here



Perspective.

https://www.ft.com/content/5aa09af9-cd6c-46b6-a1be-e37ad1e33758

The Age of AI and Our Human Future — a technological triple threat

Three respected authors — Henry Kissinger, Eric Schmidt and Daniel Huttenlocher — argue artificial intelligence is our biggest foe yet

According to the authors of The Age of AI, humanity stands on the brink of an equally consequential moment, yet one that is more diverse, diffuse and unpredictable and less widely acknowledged. The increasing power of artificial intelligence, a general purpose technology that can be put to an astonishing array of civil and military uses — from reading X-rays and predicting weather patterns to empowering killer robots and spreading disinformation — is already scrambling centuries-old conceptions of national security and state sovereignty. Equally unnerving, the authors contend, is that AI will also test the outer limits of human reason and understanding and challenge the very nature of human identity and agency.

https://www.amazon.com/Age-I-Our-Human-Future/dp/0316273805/ref=pd_lpo_1?pd_rd_i=0316273805&psc=1



Tools & Techniques. (How to remove a smoking gun?)

https://www.bespacific.com/need-to-remove-an-object-from-an-image/

Need to remove an object from an image?

KnowTechie – “If you’ve ever had to quickly edit something (or someone) out of a picture, you know it is a frustrating task best left to the professionals. Well, now it is something you can tackle whenever you have a spare minute, with a new tool that lets you remove objects from a picture with ease. It’s called Cleanup.Pictures, and it’s some kind of technological wizardry. You can paint out people, objects, and more in seconds and without knowing how to do anything other than scribble with an on-screen paintbrush. The app is not up to professional standards, but then again, that’s why professionals get paid the big bucks to do image editing…”


Tuesday, October 26, 2021

This is significant. Remember, a lot of these ransomware gangs are state sponsored. If the UK attacks, will their sponsor retaliate? Don’t get me wrong, I think it’s long overdue.

https://gizmodo.com/britain-wants-to-use-its-new-cyber-command-to-hunt-rans-1847930905

Britain Wants to Use Its New Cyber Command to 'Hunt' Ransomware Gangs

The United Kingdom wants to use a recently formed cyber command to “hunt” and hack ransomware gangs, a high-level government official recently revealed.

Jeremy Fleming, the director of Britain’s signals intelligence agency, GCHQ, divulged the plans at this year’s US Cipher Brief threat conference on Monday. Fleming said that Britain had seen a significant uptick in ransomware attacks and that the government was looking to use offensive operations to deter future attacks.

Operations of this kind would likely involve the government using its own exploits to target and disable servers operated by criminal gangs, the Financial Times reports. The UK’s National Cyber Force—a new unified command, created last year—would be the vector for such activities.

In his comments, Fleming insinuated that governments simply had not done enough to impose costs on underworld operators.


(Related) As long as it’s the criminals and not the state this will be manageable.

https://threatpost.com/groove-ransomware-revil-revenge-us-cyberattacks/175726/

Groove Calls for Cyberattacks on US as REvil Payback

Following the recent international law enforcement effort that dismantled the infrastructure for the REvil ransomware group, fellow cybercrime group Groove called for revenge — encouraging the wider cyber extortionist community to band together to target U.S. interests.

At a time when the U.S. is leading the international law enforcement effort to make splashy busts and shows of force against cybercriminals, this seems like a bold bet by Groove. But they have a plan.

BleepingComputer published a translation of the Russian blog post from Groove, filled with chest-thumping threats against the “US public sector, show this old man who is the boss here who is the boss and who will be on the Internet.”



Think your organization is any better?

https://www.cpomagazine.com/cyber-security/report-shows-appalling-state-of-employee-awareness-of-common-cyber-security-risks/

Report Shows Appalling State of Employee Awareness of Common Cyber Security Risks

The cybersecurity awareness training firm KnowBe4 released its 2021 State of Privacy and Security Awareness Report detailing the appalling state of employee awareness and practices.

The report includes responses from 1,000 employees in small and midsize businesses (SMBs) and large corporations in the United States.

It attempted to determine how much cybersecurity training the workers received and the impact it had on employee awareness of common cybersecurity risks.

The report found that employees could not identify social engineering attacks, security expectations for standard and privileged users, and how cybersecurity risks could adversely affect their employers.



...and in local news.

https://www.databreaches.net/nearly-30k-former-and-current-cu-boulder-students-personal-information-hacked/

Nearly 30K former and current CU Boulder students’ personal information hacked

Alex Rose reports:

The University of Colorado Boulder is sending emails to roughly 30,000 former and current students that have been impacted by a data breach, according to a release from the university.
Most of the people impacted are no longer CU students or employees, according to the release.
The university said the third-party software, provided by Atlassian, had a vulnerability that impacted a program used by the Office of Information Security. The office did an analysis that showed some data was accessed by a hacker.

Read more on KDVR.

It speaks volumes about what kind of year 2021 has been that the university had to add this statement in its notification:

This security incident is unrelated to the cyberattack on CU’s Accellion service earlier this year.



A checklist for my Ethical Hacking students. (One of many)

https://www.csoonline.com/article/3637732/10-essential-skills-and-traits-of-ethical-hackers.html?upd=1635252504158

10 essential skills and traits of ethical hackers



A tool for evidence gathering?

https://www.bespacific.com/heres-the-fbis-internal-guide-for-getting-data-from-att-t-mobile-verizon/

Here’s the FBI’s Internal Guide for Getting Data from AT&T, T-Mobile, Verizon

Vice: “The newly obtained document shows in granular detail the sort of data that the country’s carriers keep, and for how long. Much of the information reiterates what we already knew about law enforcement access to telecommunications data—how officials can request location data from a telecom with a warrant or use court orders to obtain other information on a phone user, for example. But the document does provide insights on what exactly each carrier collects, a more recent run-down of how long each telecom retains certain types of data for, and images of the tool the FBI makes available to law enforcement agencies across the country to analyze cell phone tower data. Ryan Shapiro, executive director of nonprofit organization Property of the People, shared the document with Motherboard after obtaining it through a public record act request. Property of the People focuses on obtaining and publishing government records.

Do you have access to similar documents? We’d love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, or email joseph.cox@vice.com

The document, a 139 page slide presentation dated 2019, is written by the FBI’s Cellular Analysis Survey Team (CAST)…”



My AI refuses to read articles like this.

https://www.bespacific.com/the-law-of-ai/

The Law of AI

Jotwell Review by Margot Kaminski: Michael Veale and Frederik Zuiderveen Borgesius, Demystifying the Draft EU Artificial Intelligence Act 22(4). Computer L. Rev. Int’l 97-112 (2021). [h/t Mary Whisner]

The question of whether new technology requires new law is central to the field of law and technology. From Frank Easterbrook’s “law of the horse to Ryan Calo’s law of robotics, scholars have debated the what, why, and how of technological, social, and legal co-development and construction. Given how rarely lawmakers create new legal regimes around a particular technology, the EU’s proposed “AI Act (Regulation of the European Parliament and of the Council Laying Down Harmonised Rules on Artificial Intelligence and Amending Certain Union Legislative Acts) should put tech-law scholars on high alert. Leaked early this spring and officially released in April 2021, the AI Act aims to establish a comprehensive European approach to AI risk-management and compliance, including bans on some AI systems. In Demystifying the Draft EU Artificial Intelligence Act, Michael Veale and Frederik Zuiderveen Borgesius provide a helpful and evenhanded entrée into this “world-first attempt at horizontal regulation of AI systems.” One the one hand, they admire the Act’s “sensible” aspects, including its risk-based approach, prohibitions of certain systems, and attempts at establishing public transparency. On the other, they note its “severe weaknesses” including its reliance on “1980s product safety regulation” and “standardisation bodies with no fundamental rights experience.” For U.S. (and EU!) readers looking for a thoughtful overview and contextualization of a complex and somewhat inscrutable new legal system, this Article brings much to the table at a relatively concise length. Continue reading “The Law of AI”



Perhaps it will be possible for a mere human to audit an AI.

https://singularityhub.com/2021/10/25/not-so-mysterious-after-all-researchers-show-how-to-crack-ais-black-box/

Not So Mysterious After All: Researchers Show How to Crack AI’s Black Box

The deep learning neural networks at the heart of modern artificial intelligence are often described as “black boxes” whose inner workings are inscrutable. But new research calls that idea into question, with significant implications for privacy.

Unlike traditional software whose functions are predetermined by a developer, neural networks learn how to process or analyze data by training on examples. They do this by continually adjusting the strength of the links between their many neurons.

By the end of this process, the way they make decisions is tied up in a tangled network of connections that can be impossible to follow. As a result, it’s often assumed that even if you have access to the model itself, it’s more or less impossible to work out the data that the system was trained on.

But a pair of recent papers have brought this assumption into question, according to MIT Technology Review, by showing that two very different techniques can be used to identify the data a model was trained on. This could have serious implications for AI systems trained on sensitive information like health records or financial data.



The alternative would be a comparable UK company. Can you think of one?

https://www.theguardian.com/uk-news/2021/oct/26/amazon-web-services-aws-contract-data-mi5-mi6-gchq

Amazon given contract to store data for MI5, MI6 and GCHQ

The UK’s spy agencies have given a contract to Amazon Web Services (AWS) to host classified material in a deal aimed at boosting the use of data analytics and artificial intelligence for espionage.

GCHQ had supported the procurement of a high-security cloud system, which would be used by its sister services, MI5 and MI6. Other government departments, such as the Ministry of Defence, would also use the system during joint operations.

The agreement, estimated by industry experts to be worth £500m to £1bn over the next decade, was signed this year with Amazon.com’s cloud service unit AWS, the Financial Times first reported, citing people familiar with the discussions.



Perspective. A podcast.

https://knowledge.wharton.upenn.edu/article/is-the-great-resignation-giving-rise-to-the-entrepreneur/

Is the Great Resignation Giving Rise to the Entrepreneur?

Wharton management professor Jacqueline “Jax” Kirtley isn’t making any predictions about when or how the Great Resignation will end.

Nearly 4.3 million Americans quit their jobs in August, the highest number on record since the government began collecting data 20 years ago. The quit rate coincides with a dramatic surge in applications for new businesses since the COVID-19 pandemic began, mostly for sole-proprietor ventures.

The pandemic is to blame for these concussive shocks to the labor market, but Kirtley is careful about drawing any conclusions.