• Home

  • Documents

  • From Big Data, to Machine Learning, to AI: A Privacy and ... + Privacy...– What data is being...
12
USABLE PRIVACY POLICY AND PERSONALIZED PRIVACY ASSISTANT PROJECTS 1 Usable Privacy Policy Project FROM BIG DATA, TO MACHINE LEARNING, TO AI Copyright,© 2017 Norman Sadeh From Big Data, to Machine Learning, to AI: A Privacy and Security Perspective Norman Sadeh Carnegie Mellon University www.normsadeh.org usableprivacy.org privacyassistant.org explore.usableprivacy.org

From Big Data, to Machine Learning, to AI: A Privacy and ... + Privacy...– What data is being collected, how it is used, what is being inferred – Lack of explanability, possible

  • Upload
    others

  • View
    4

  • Download
    0

Embed Size (px)

Citation preview

Page 1: From Big Data, to Machine Learning, to AI: A Privacy and ... + Privacy...– What data is being collected, how it is used, what is being inferred – Lack of explanability, possible

USABLE PRIVACY POLICY AND PERSONALIZED PRIVACY ASSISTANT PROJECTS 1Usable Privacy Policy Project

FROM BIG DATA, TO MACHINE LEARNING, TO AI

Copyright,© 2017 Norman Sadeh

From Big Data, to Machine Learning, to AI:

A Privacy and Security Perspective

Norman Sadeh

Carnegie Mellon University

www.normsadeh.org

usableprivacy.org privacyassistant.org

explore.usableprivacy.org

Page 2: From Big Data, to Machine Learning, to AI: A Privacy and ... + Privacy...– What data is being collected, how it is used, what is being inferred – Lack of explanability, possible

USABLE PRIVACY POLICY AND PERSONALIZED PRIVACY ASSISTANT PROJECTS 2

Understanding the Technologies

• Artificial Intelligence (AI) is a branch of Computer Science– Also a fancy (and still controversial) term to refer to a vast

collection of technologies aimed at emulating, supplementing, and eventually outperforming human intelligence

• From knowledge representation and reasoning, to perception, planning, natural language processing, etc.

• From ”symbolic” (and logic-based) frameworks to neural networks

• Machine Learning is a big part of AI

Page 3: From Big Data, to Machine Learning, to AI: A Privacy and ... + Privacy...– What data is being collected, how it is used, what is being inferred – Lack of explanability, possible

USABLE PRIVACY POLICY AND PERSONALIZED PRIVACY ASSISTANT PROJECTS 3

AI Bragging Rights (Short Selection)

Source: https://www.britannica.com/topic/Deep-Blue Source: Carnegie Mellon University. - Tartan Racing Team

Source: TED BlogSource: http://www.idownloadblog.com/2016/05/27/10-features-i-want-siri-for-mac-to-have/

Page 4: From Big Data, to Machine Learning, to AI: A Privacy and ... + Privacy...– What data is being collected, how it is used, what is being inferred – Lack of explanability, possible

USABLE PRIVACY POLICY AND PERSONALIZED PRIVACY ASSISTANT PROJECTS 4

AI is Everywhere• Navigation• Translation• Scene recognition• Facial expression recognition – incl. recognizing emotions• Autonomous driving, autonomous flying of drones, etc• Speech recognition• Automated trading• Discovering new uses for existing drugs• Analyzing DNA to detect genomic conditions• Detecting crop diseases and predicting crop yield• Product recommendations and personalized search results

Page 5: From Big Data, to Machine Learning, to AI: A Privacy and ... + Privacy...– What data is being collected, how it is used, what is being inferred – Lack of explanability, possible

USABLE PRIVACY POLICY AND PERSONALIZED PRIVACY ASSISTANT PROJECTS 5

Many Security & Privacy Challenges (I)• Software-related challenges

– Lack of software guarantees, perpetual beta, software everywhere, system of systems

• Note: AI and ML can help

• Unique security & safety issues related to AI and ML– Adversarial machine learning, new attack

surfaces, intelligent botnets, etc.– Increased levels of delegation

• Time scales, lack of human-understandable models• Note: AI and ML can help

Page 6: From Big Data, to Machine Learning, to AI: A Privacy and ... + Privacy...– What data is being collected, how it is used, what is being inferred – Lack of explanability, possible

USABLE PRIVACY POLICY AND PERSONALIZED PRIVACY ASSISTANT PROJECTS 6

Many Security & Privacy Challenges (II)• Unique privacy issues related to AI and ML

– What data is being collected, how it is used, what is being inferred

– Lack of explanability, possible bias, etc– Note: AI and ML can help

• Man machine communication challenges– Risk of over-delegating, risk of miscommunication, lack of

accountability…– Note: AI and M can help

• Socio-economic disruptions

• And a variety of doomsday scenarios…

Page 7: From Big Data, to Machine Learning, to AI: A Privacy and ... + Privacy...– What data is being collected, how it is used, what is being inferred – Lack of explanability, possible

USABLE PRIVACY POLICY AND PERSONALIZED PRIVACY ASSISTANT PROJECTS 7

AI Can Also Help Solve Security and Privacy Challenges• Understanding Privacy Policies

• Automating compliance analysis

• Privacy Assistants

• Machine learning to detect intrusion detection

• Machine learning to help train users

• ..And many other techniques I’m not working on

Page 8: From Big Data, to Machine Learning, to AI: A Privacy and ... + Privacy...– What data is being collected, how it is used, what is being inferred – Lack of explanability, possible

USABLE PRIVACY POLICY AND PERSONALIZED PRIVACY ASSISTANT PROJECTS 8

Mobile App Privacy Assistant

Page 9: From Big Data, to Machine Learning, to AI: A Privacy and ... + Privacy...– What data is being collected, how it is used, what is being inferred – Lack of explanability, possible

USABLE PRIVACY POLICY AND PERSONALIZED PRIVACY ASSISTANT PROJECTS 9

Page 10: From Big Data, to Machine Learning, to AI: A Privacy and ... + Privacy...– What data is being collected, how it is used, what is being inferred – Lack of explanability, possible

USABLE PRIVACY POLICY AND PERSONALIZED PRIVACY ASSISTANT PROJECTS 10

Privacy Policies Mobile Apps

Compliance with Privacy Requirements

PolicyAnalysis(MachineLearning)

AppAnalysis(StaticCodeAnalysis)

Page 11: From Big Data, to Machine Learning, to AI: A Privacy and ... + Privacy...– What data is being collected, how it is used, what is being inferred – Lack of explanability, possible

USABLE PRIVACY POLICY AND PERSONALIZED PRIVACY ASSISTANT PROJECTS 11

Concluding Remarks• AI, ML: not intrinsically “good” or “bad” but a

number of challenges and ethical questions– Delegation of control should ideally come with

stronger guarantees (e.g., driving, health, trading, etc.)

– Requires a combination of training (developers and users), technologies, mechanism design, and regulation

• AI/ML can also be part of the solution• Some of these challenges extend to software

in general

Page 12: From Big Data, to Machine Learning, to AI: A Privacy and ... + Privacy...– What data is being collected, how it is used, what is being inferred – Lack of explanability, possible

USABLE PRIVACY POLICY AND PERSONALIZED PRIVACY ASSISTANT PROJECTS 12

The Usable Privacy Policy Project and the Personalized Privacy Assistant Project both involve

collaborations with a number of individuals.See usableprivacy.org and privacyassistant.org for additional details incl. lists of collaborators, publications

and sponsors.

usableprivacy.org

privacyassistant.org

explore.usableprivacy.org


Privacy is for losers

Privacy is for losers

Technology
Proving Differential Privacy with Shadow Executiondbz5017/pub/pldi19.pdf · 2019-05-31 · Differential privacy is increasingly being used in industry [23, 28, 38] and government

Proving Differential Privacy with Shadow Executiondbz5017/pub/pldi19.pdf · 2019-05-31 · Differential privacy is increasingly being used in industry [23, 28, 38] and government

Documents
What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy

What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy

Documents
Privacy is Personal Security, Digital Privacy is Digital Self Defense 11-18-2015

Privacy is Personal Security, Digital Privacy is Digital Self Defense 11-18-2015

Internet
Is privacy an issue

Is privacy an issue

Technology
Privacy and Security Briefing Protecting our Patient’s Privacy is Everyone’s Business: Be a Privacy Protector!

Privacy and Security Briefing Protecting our Patient’s Privacy is Everyone’s Business: Be a Privacy Protector!

Documents
PRIVACY AND RELATED ISSUES IN IT. Main points What is privacy? Privacy harms and benefits Privacy right Protecting privacy: Technology, markets,

PRIVACY AND RELATED ISSUES IN IT. Main points What is privacy? Privacy harms and benefits Privacy right Protecting privacy: Technology, markets,

Documents
Wireless Network Privacy - CLUSIBever is being transmitted over wireless links. In this thesis, the impact of this trend on the privacy of wireless network users is investigated. More

Wireless Network Privacy - CLUSIBever is being transmitted over wireless links. In this thesis, the impact of this trend on the privacy of wireless network users is investigated. More

Documents
Ethics in a Computing Culture Chapter 3 Privacy. Objectives What is privacy? How is personal privacy interpreted, and how is it protected by law? How

Ethics in a Computing Culture Chapter 3 Privacy. Objectives What is privacy? How is personal privacy interpreted, and how is it protected by law? How

Documents
PRIVACY IS THE ENEMY

PRIVACY IS THE ENEMY

Documents
Overview of the Security and Privacy Risk Assessment … · Web viewThe purpose of this stage is to understand the business need: why is the project being considered? What data is

Overview of the Security and Privacy Risk Assessment … · Web viewThe purpose of this stage is to understand the business need: why is the project being considered? What data is

Documents
Privacy & Security Training for Senior Staff. Agenda What is privacy? Privacy & security, what’s the difference? The Future of privacy & security in Ohio

Privacy & Security Training for Senior Staff. Agenda What is privacy? Privacy & security, what’s the difference? The Future of privacy & security in Ohio

Documents
Privacy Impact Assessment€¦ · When a project, program, process is being designed, a PIA should be used to identify areas where there may be a privacy impact or risk. For the sake

Privacy Impact Assessment€¦ · When a project, program, process is being designed, a PIA should be used to identify areas where there may be a privacy impact or risk. For the sake

Documents
WHAT PRIVACY IS FOR

WHAT PRIVACY IS FOR

Documents
Being Proactive: Identifying Weaknesses and Opportunities in Your Privacy Program IAPP Canadian Privacy Summit May 2008

Being Proactive: Identifying Weaknesses and Opportunities in Your Privacy Program IAPP Canadian Privacy Summit May 2008

Documents
Federal: Privacy and Security - SCPMCS Privacy & Security 031914… · security so that patient privacy is protected. Following good privacy and security practices is also good sense

Federal: Privacy and Security - SCPMCS Privacy & Security 031914… · security so that patient privacy is protected. Following good privacy and security practices is also good sense

Documents
PRIVACY Towards A Useable Conception.. Privacy - An Essential Component Of Being Human Universally recognized as being essential for Freedom, Human Interactions,

PRIVACY Towards A Useable Conception.. Privacy - An Essential Component Of Being Human Universally recognized as being essential for Freedom, Human Interactions,

Documents
National Entitlement Card Scheme Privacy Impact … Privacy Impact... · National Entitlement Card Scheme Privacy Impact ... can reduce the risk of an entitlement being ... National

National Entitlement Card Scheme Privacy Impact … Privacy Impact... · National Entitlement Card Scheme Privacy Impact ... can reduce the risk of an entitlement being ... National

Documents
Privacy In cyberspace. Table 5-1: Three Theories of Privacy Accessibility Privacy Privacy is defined in terms of one's physically "being let alone," or

Privacy In cyberspace. Table 5-1: Three Theories of Privacy Accessibility Privacy Privacy is defined in terms of one's physically "being let alone," or

Documents
Privacy is dood! leve de privacy!

Privacy is dood! leve de privacy!

Documents
PRIVACY IMPACT ASSESSMENT: CCTV · If a crime is being committed and recorded on CCTV it is the crime itself that is being recorded and not the perpetrator or victim. The assessment

PRIVACY IMPACT ASSESSMENT: CCTV · If a crime is being committed and recorded on CCTV it is the crime itself that is being recorded and not the perpetrator or victim. The assessment

Documents
OASIS Workshop: Identity, Privacy, and Data Protection in the Cloud – What is Being Done? Is it Enough?

OASIS Workshop: Identity, Privacy, and Data Protection in the Cloud – What is Being Done? Is it Enough?

Technology
Privacy 101: A Guide to Privacy Legislation for ... · Purpose Statement: The stated purpose for which personal information is being col- Association of Fundraising Professionals

Privacy 101: A Guide to Privacy Legislation for ... · Purpose Statement: The stated purpose for which personal information is being col- Association of Fundraising Professionals

Documents
Corporate Online Privacy statement.€¦ · Your privacy is important to us, and so is being transparent about how we collect, use, and share your personal data. “Personal data”

Corporate Online Privacy statement.€¦ · Your privacy is important to us, and so is being transparent about how we collect, use, and share your personal data. “Personal data”

Documents
Location Privacy Protection based on Differential Privacy ...people.cs.pitt.edu/~mosse/courses/cs3720/DiffPrivacy-for-IOT.pdfDifferential privacy model is a strong privacy concept

Location Privacy Protection based on Differential Privacy ...people.cs.pitt.edu/~mosse/courses/cs3720/DiffPrivacy-for-IOT.pdfDifferential privacy model is a strong privacy concept

Documents
Consumer Guide to Protecting Privacy Online Documents...state and federal laws that set out your online privacy rights. It also offers tips for being a privacy-savvy user of Internet

Consumer Guide to Protecting Privacy Online Documents...state and federal laws that set out your online privacy rights. It also offers tips for being a privacy-savvy user of Internet

Documents
AvePoint Privacy Impact Assessment User Guide · AvePoint Privacy Impact Assessment User Guide ... AvePoint Privacy Impact Assessment is ... AvePoint Privacy Impact Assessment uses

AvePoint Privacy Impact Assessment User Guide · AvePoint Privacy Impact Assessment User Guide ... AvePoint Privacy Impact Assessment is ... AvePoint Privacy Impact Assessment uses

Documents
Privacy is for safekeeping

Privacy is for safekeeping

Technology
You are Being Watched: Privacy in the United States Martin Donohoe martindonohoe@phsj.org

You are Being Watched: Privacy in the United States Martin Donohoe [email protected]

Documents
BioMarketing Insight Newsletterfiles.ctctcdn.com/caf5d850101/0e0c5d81-53e8-44f1-865a-52658b61… · Is there any privacy today? Data is being collected on us as consumers all the

BioMarketing Insight Newsletterfiles.ctctcdn.com/caf5d850101/0e0c5d81-53e8-44f1-865a-52658b61… · Is there any privacy today? Data is being collected on us as consumers all the

Documents