Lessons from Cambridge Analytica: one way to protect your data

Curated on Posted on by Stefaan Verhulst

Julia Apostle in the Financial Times: “The unsettling revelations about how data firm Cambridge Analytica surreptitiously exploited the personal information of Facebook users is yet another demoralising reminder of how much data has been amassed about us, and of how little control we have over it.

Unfortunately, the General Data Protection Regulation privacy laws that are coming into force across Europe — with more demanding consent, transparency and accountability requirements, backed by huge fines — may improve practices, but they will not change the governing paradigm: the law labels those who gather our data as “controllers”. We are merely “subjects”.

But if the past 20 years have taught us anything, it is that when business and legislators have been too slow to adapt to public demand — for goods and services that we did not even know we needed, such as Amazon, Uber and bitcoin — computer scientists have stepped in to fill the void. And so it appears that the realms of data privacy and security are deserving of some disruption. This might come in the form of “self-sovereign identity” systems.

The theory behind self-sovereign identity is that individuals should control the data elements that form the basis of their digital identities, and not centralised authorities such as governments and private companies. In the current online environment, we all have multiple log-ins, usernames, customer IDs and personal data spread across countless platforms and stored in myriad repositories.

Instead of this scattered approach, we should each possess the digital equivalent of a wallet that contains verified pieces of our identities. We can then choose which identification to share, with whom, and when. Self-sovereign identity systems are currently being developed.

They involve the creation of a unique and persistent identifier attributed to an individual (called a decentralised identity), which cannot be taken away. The systems use public/private key cryptography, which enables a user with a private key (a string of numbers) to share information with unlimited recipients who can access the encrypted data if they possess a corresponding public key.

The systems also rely on decentralised ledger applications like blockchain. While key cryptography has been around for a long time, it is the development of decentralised ledger technology, which also supports the trading of cryptocurrencies without the involvement of intermediaries, that will allow self-sovereign identity systems to take off. The potential uses for decentralised identity are legion and small-scale implementation is already happening. The Swiss municipality of Zug started using a decentralised identity system called uPort last year, to allow residents access to certain government services. The municipality announced it will also use the system for voting this spring….

Decentralised identity is more difficult to access and therefore there is less financial incentive for hackers to try. Self-sovereign identity systems could eliminate many of our data privacy concerns while empowering individuals in the online world and turning the established data order on its head. But the success of the technology depends on its widespread adoption….(More)

Cambridge Analytica scandal: legitimate researchers using Facebook data could be collateral damage

Curated on Posted on by Stefaan Verhulst

 at The Conversation: “The scandal that has erupted around Cambridge Analytica’s alleged harvesting of 50m Facebook profiles assembled from data provided by a UK-based academic and his company is a worrying development for legitimate researchers.

Political data analytics company Cambridge Analytica – which is affiliated with Strategic Communication Laboratories (SCL) – reportedly used Facebook data, after it was handed over by Aleksandr Kogan, a lecturer at the University of Cambridge’s department of psychology.

Kogan, through his company Global Science Research (GSR) – separate from his university work – gleaned the data from a personality test app named “thisisyourdigitallife”. Roughly 270,000 US-based Facebook users voluntarily responded to the test in 2014. But the app also collected data on those participants’ Facebook friends without their consent.

This was possible due to Facebook rules at the time that allowed third-party apps to collect data about a Facebook user’s friends. The Mark Zuckerberg-run company has since changed its policy to prevent such access to developers….

Social media data is a rich source of information for many areas of research in psychology, technology, business and humanities. Some recent examples include using Facebook to predict riots, comparing the use of Facebook with body image concern in adolescent girls and investigating whether Facebook can lower levels of stress responses, with research suggesting that it may enhance and undermine psycho-social constructs related to well-being.

It is right to believe that researchers and their employers value research integrity. But instances where trust has been betrayed by an academic – even if it’s the case that data used for university research purposes wasn’t caught in the crossfire – will have a negative impact on whether participants will continue to trust researchers. It also has implications for research governance and for companies to share data with researchers in the first place.

Universities, research organisations and funders govern the integrity of research with clear and strict ethics proceduresdesigned to protect participants in studies, such as where social media data is used. The harvesting of data without permission from users is considered an unethical activity under commonly understood research standards.

The fallout from the Cambridge Analytica controversy is potentially huge for researchers who rely on social networks for their studies, where data is routinely shared with them for research purposes. Tech companies could become more reluctant to share data with researchers. Facebook is already extremely protective of its data – the worry is that it could become doubly difficult for researchers to legitimately access this information in light of what has happened with Cambridge Analytica….(More)”.

How Refugees Are Helping Create Blockchain’s Brand New World

Curated on Posted on by Stefaan Verhulst

Jessi Hempel at Wired: “Though best known for underpinning volatile cryptocurrencies, like Bitcoin and Ethereum, blockchain technology has a number of qualities which make it appealing for record-keeping. A distributed ledger doesn’t depend on a central authority to verify its existence, or to facilitate transactions within it, which makes it less vulnerable to tampering. By using applications that are built on the ‘chain, individuals may be able to build up records over time, use those records across borders as a form of identity—essentially creating the trust they need to interact with the world, without depending on a centralized authority, like a government or a bank, to vouch for them.

For now, these efforts are small experiments. In Finland, the Finnish Immigration Service offers refugees a prepaid Mastercard developed by the Helsinki-based startup MONI that also links to a digital identity, composed of the record of one’s financial transactions, which is stored on the blockchain. In Moldova, the government is working with digital identification expertsfrom the United Nations Office for Project Services (UNOPS) to brainstorm ways to use blockchain to provide children living in rural areas with a digital identity, so it’s more difficult for traffickers to smuggle them across borders.

Among the more robust programs is a pilot the United Nations World Food Program (WFP) launched in Jordan last May. Syrian refugees stationed at the Azraq Refugee Camp receive vouchers to shop at the local grocery store. The WFP integrated blockchain into its biometric authentication technology, so Syrian refugees can cash in their vouchers at the supermarket by staring into a retina scanner. These transactions are recorded on a private Ethereum-basedblockchain, called Building Blocks. Because the blockchain eliminates the need for WFP to pay banks to facilitate transactions, Building Blocks could save the WFP as much as $150,000 each month in bank fees in Jordan alone. The program has been so successful that by the end of the year, the WFP plans to expand the technology throughout Jordan. Blockchain enthusiasts imagine a future in which refugees can access more than just food vouchers, accumulating a transaction history that could stand in as a credit history when they attempt to resettle….

But in the rush to apply blockchain technology to every problem, many point out that relying on the ledger may have unintended consequences. As the Blockchain for Social Impact chief technology officer at ConsenSys, Robert Greenfeld IV writes, blockchain-based identity “isn’t a silver bullet, and if we don’t think about it/build it carefully, malicious actors could still capitalize on it as an element of control.” If companies rely on private blockchains, he warns, there’s a danger that the individual permissions will prevent these identity records from being used in multiple places. (Many of these projects, like the UNWFP project, are built on private blockchains so that organizations can exert more control over their development.) “If we don’t start to collaborate together with populations, we risk ending up with a bunch of siloed solutions,” says Greenfeld.

For his part, Greenfeld suggests governments could easily use state-sponsored machine learning algorithms to monitor public blockchain activity. But as bitcoin enthusiasts branch out of their get-rich-quick schemes to wrestle with how to make the web more equitable for everyone, they have the power to craft a world of their own devising. The early web should be a lesson to the bitcoin enthusiasts as they promote the blockchain’s potential. Right now we have the power to determine its direction; the dangers exist, but the potential is enormous….(More)”

Artificial Intelligence and the Need for Data Fairness in the Global South

Curated on Posted on by Stefaan Verhulst

Medium blog by Yasodara Cordova: “…The data collected by industry represents AI opportunities for governments, to improve their services through innovation. Data-based intelligence promises to increase the efficiency of resource management by improving transparency, logistics, social welfare distribution — and virtually every government service. E-government enthusiasm took of with the realization of the possible applications, such as using AI to fight corruption by automating the fraud-tracking capabilities of cost-control tools. Controversially, the AI enthusiasm has spread to the distribution of social benefits, optimization of tax oversight and control, credit scoring systems, crime prediction systems, and other applications based in personal and sensitive data collection, especially in countries that do not have comprehensive privacy protections.

There are so many potential applications, society may operate very differently in ten years when the “datafixation” has advanced beyond citizen data and into other applications such as energy and natural resource management. However, many countries in the Global South are not being given necessary access to their countries’ own data.

Useful data are everywhere, but only some can take advantage. Beyond smartphones, data can be collected from IoT components in common spaces. Not restricted to urban spaces, data collection includes rural technology like sensors installed in tractors. However, even when the information is related to issues of public importance in developing countries —like data taken from road mesh or vital resources like water and land — it stays hidden under contract rules and public citizens cannot access, and therefore take benefit, from it. This arrangement keeps the public uninformed about their country’s operations. The data collection and distribution frameworks are not built towards healthy partnerships between industry and government preventing countries from realizing the potential outlined in the previous paragraph.

The data necessary to the development of better cities, public policies, and common interest cannot be leveraged if kept in closed silos, yet access often costs more than is justifiable. Data are a primordial resource to all stages of new technology, especially tech adoption and integration, so the necessary long term investment in innovation needs a common ground to start with. The mismatch between the pace of the data collection among big established companies and small, new, and local businesses will likely increase with time, assuming no regulation is introduced for equal access to collected data….

Currently, data independence remains restricted to discussions on the technological infrastructure that supports data extraction. Privacy discussions focus on personal data rather than the digital accumulation of strategic data in closed silos — a necessary discussion not yet addressed. The national interest of data is not being addressed in a framework of economic and social fairness. Access to data, from a policy-making standpoint, needs to find a balance between the extremes of public, open access and limited, commercial use.

A final, but important note: the vast majority of social media act like silos. APIs play an important role in corporate business models, where industry controls the data it collects without reward, let alone user transparency. Negotiation of the specification of APIs to make data a common resource should be considered, for such an effort may align with the citizens’ interest….(More)”.

International Development Doesn’t Care About Patient Privacy

Curated on Posted on by Stefaan Verhulst

Yogesh Rajkotia at the Stanford Social Innovation Review: “In 2013, in southern Mozambique, foreign NGO workers searched for a man whom the local health facility reported as diagnosed with HIV. The workers aimed to verify that the health facility did indeed diagnose and treat him. When they could not find him, they asked the village chief for help. Together with an ever-growing crowd of onlookers, the chief led them to the man’s home. After hesitating and denying, he eventually admitted, in front of the crowd, that he had tested positive and received treatment. With his status made public, he now risked facing stigma, discrimination, and social marginalization. The incident undermined both his health and his ability to live a dignified life.

Similar privacy violations were documented in Burkina Faso in 2016, where community workers asked partners, in the presence of each other, to disclose what individual health services they had obtained.

Why was there such a disregard for the privacy and dignity of these citizens?

As it turns out, unbeknownst to these Mozambican and Burkinabé patients, their local health centers were participating in performance-based financing (PBF) programs financed by foreign assistance agencies. Implemented in more than 35 countries, PBF programs offer health workers financial bonuses for delivering priority health interventions. To ensure that providers do not cheat the system, PBF programs often send verifiers to visit patients’ homes to confirm that they have received specific health services. These verifiers are frequently community members (the World Bank callously notes in its “Performance-Based Financing Toolkit” that even “a local soccer club” can play this role), and this practice, known as “patient tracing,” is common among PBF programs. In World Bank-funded PBF programs alone, 19 out of the 25 PBF programs implement patient tracing. Yet the World Bank’s toolkit never mentions patient privacy or confidentiality. In patient tracing, patients’ rights and dignity are secondary to donor objectives.

Patient tracing within PBF programs is just one example of a bigger problem: Privacy violations are pervasive in global health. Some researchers and policymakers have raised privacy concerns about tuberculosis (TB), human immunodeficiency virus (HIV), family planningpost-abortion care, and disease surveillance programsA study conducted by the Asia-Pacific Network of People Living with HIV/AIDS found that 34 percent of people living with HIV in India, Indonesia, Philippines, and Thailand reported that health workers breached confidentiality. In many programs, sensitive information about people’s sexual and reproductive health, disease status, and other intimate health details are often collected to improve health system effectiveness and efficiency. Usually, households have no way to opt out, nor any control over how heath care programs use, store, and disseminate this data. At the same time, most programs do not have systems to enforce health workers’ non-disclosure of private information.

In societies with strong stigma around certain health topics—especially sexual and reproductive health—the disclosure of confidential patient information can destroy lives. In contexts where HIV is highly stigmatized, people living with HIV are 2.4 times more likely to delay seeking care until they are seriously ill. In addition to stigma’s harmful effects on people’s health, it can limit individuals’ economic opportunities, cause them to be socially marginalized, and erode their psychological wellbeing….(More)”.

The Promise of Community Citizen Science

Curated on Posted on by Stefaan Verhulst

Report by Ramya ChariLuke J. MatthewsMarjory S. BlumenthalAmanda F. Edelman, and Therese Jones: “Citizen science is public participation in research and scientific endeavors. Citizens volunteer as data collectors in science projects; collaborate with scientific experts on research design; and actively lead and carry out research, exerting a high degree of control and ownership over scientific activities. The last type — what we refer to as community citizen science — tends to involve action-oriented research to support interventional activities or policy change. This type of citizen science can be of particular importance to those working at the nexus of science and decisionmaking.

The authors examine the transformative potential of community citizen science for communities, science, and decisionmaking. The Perspective is based on the authors’ experiences working in collaboration with community groups, extensive readings of the scientific literature, and numerous interviews with leading scholars and practitioners in the fields of citizen science and participatory research. It first discusses models of citizen science in general, including community citizen science, and presents a brief history of its rise. It then looks at possible factors motivating the development of community citizen science, drawing from an exploration of the relationships among citizens, science, and decisionmaking. The final section examines areas in which community citizen science may exhibit promise in terms of outcomes and impacts, discusses concerns that may hinder its overall potential, and assesses the roles different stakeholders may play to continue to develop community citizen science into a positive force for science and society.

Key Findings

At Its Core, Citizen Science Is Public Participation in Research and Scientific Endeavors

  • Citizens volunteer as data collectors in science projects, collaborate with scientific experts on research design, and actively lead and carry out research.
  • It is part of a long tradition of rebirth of inventors, scientists, do-it-yourselfers, and makers at all levels of expertise.
  • Instead of working alone, today’s community citizen scientists take advantage of new technologies for networking and coordination to work collaboratively; learn from each other; and share knowledge, insights, and findings.

The Democratization of Science and the Increasingly Distributed Nature of Expertise Are Not Without Concern

  • There is some tension and conflict between current standards of practice and the changes required for citizen science to achieve its promising future.
  • There is also some concern about the potential for bias, given that some efforts begin as a form of activism.

Yet the Efforts of Community Citizen Science Can Be Transformative

  • Success will require an engaged citizenry, promote more open and democratic decisionmaking processes, and generate new solutions for intractable problems.
  • If its promise holds true, the relationship between science and society will be profoundly transformed for the betterment of all…(More)”.

The Refugee Identity

Curated on Posted on by Stefaan Verhulst

Medium essay byPaul Currion: “From Article 6 of the UN Declaration of Human Rights (“Everyone has the right to recognition everywhere as a person before the law” ) to Sustainable Development Goal 16.9 (“By 2030, provide legal identity for all, including birth registration”) to the formation of the ID2020 Alliance (whose fourth goal is to “Enable more efficient and effective delivery of development and humanitarian aid), identity has been central to the modern project of development.

Discussion of identity within the aid sector is embedded in a much larger set of political, social, economic, legal and technical discussions at a national and global level. This review will not address that larger set of discussions, but will instead focus specifically on humanitarian aid, and more specifically refugees, and more specifically still on refugee camps as a location in which identity provision is both critical and contested. It is the first output of a DFID-funded research project examining data requirements for service delivery (by UN agencies and NGOs) within refugee camps.

Given how central the issue of identity is for refugees, there is surprisingly little literature about how identity provision is implemented in the context of refugee camps.1 This essay introduces some of the critical issues relating to identity (particularly in the context of the digitisation of aid) and explores how they relate to the research project. It is accompanied by a bibliography for those who are interested in exploring the issue further.,,,(More)”.

Is Distributed Ledger Technology Built for Personal Data?

Curated on Posted on by Stefaan Verhulst

Paper by Henry Chang: “Some of the appealing characteristics of distributed ledger technology (DLT), which blockchain is a type of, include guaranteed integrity, disintermediation and distributed resilience. These characteristics give rise to the possible consequences of immutability, unclear ownership, universal accessibility and trans-border storage. These consequences have the potential to contravene data protection principles of Purpose Specification, Use Limitation, Data Quality, Individual Participation and Trans-Border Data Flow. This paper endeavors to clarify the various types of DLTs, how they work, why they exhibit the depicted characteristics and the consequences. Using the universal privacy principles developed by the Organisation of Economic Cooperation and Development (OECD), this paper then describes how each of the consequence causes concerns for privacy protection and how attempts are being made to address them in the design and implementation of various applications of blockchain and DLT, and indicates where further research and best-practice developments lie….(More)”.

Technology Landscape for Digital Identification

Curated on Posted on by Stefaan Verhulst

World Bank Report: “Robust, inclusive, and responsible identification systems can increase access to finance, healthcare, education, and other critical services and benefits. Identification systems are also key to improving efficiency and enabling innovation for public- and private-sector services, such as greater efficiency in the delivery of social safety nets and facilitating the development of digital economies. However, the World Bank estimates that more than 1.1 billion individuals do not have official proof of their identity.10 New technologies provide countries with the opportunity to leapfrog paper-based systems and rapidly establish a robust identification infrastructure. As a result, the countries are increasingly adopting nationwide digital identification (ID) programs and leveraging them in other sectors.

Whether a country is enhancing existing ID systems or implementing new systems from the ground up, technology choices are critical to the success of digital identification systems. A number of new technologies are emerging to enable various aspects of ID lifecycle. For some of these technologies, no large-scale studies have been done; for others, current speculation makes objective evaluations difficult.

This report is a first attempt to develop a comprehensive overview of the current technology landscape for digital identification. It is intended to serve as a framework for understanding the myriad options and considerations of technology in this rapidly advancing agenda and in no way is intended to provide advice on specific technologies, particularly given there are a number of other considerations and country contexts which need to be considered. This report also does not advocate the use of a certain technology from a particular vendor for any particular application.

While some technologies are relatively easy to use and affordable, others are costly or so complex that using them on a large scale presents daunting challenges. This report provides practitioners with an overview of various technologies and advancements that are especially relevant for digital identification systems. It highlights key benefits and challenges associated with each technology. It also provides a framework for assessing each technology on multiple criteria, including length of time it has been in use, its ease of integration with legacy and future systems, and its interoperability with other technologies. The practitioners and stakeholders who read this are reminded to bear in mind that the technologies associated with ID systems are rapidly evolving, and that this report, prepared in early 2018, is a snapshot in time. Therefore, technology limitations and challenges highlighted in this report today may not be applicable in the years to come….(More)”

How to Make A.I. That’s Good for People

Curated on Posted on by Stefaan Verhulst

Fei-Fei Li in the New York Times: “For a field that was not well known outside of academia a decade ago, artificial intelligence has grown dizzyingly fast. Tech companies from Silicon Valley to Beijing are betting everything on it, venture capitalists are pouring billions into research and development, and start-ups are being created on what seems like a daily basis. If our era is the next Industrial Revolution, as many claim, A.I. is surely one of its driving forces.

It is an especially exciting time for a researcher like me. When I was a graduate student in computer science in the early 2000s, computers were barely able to detect sharp edges in photographs, let alone recognize something as loosely defined as a human face. But thanks to the growth of big data, advances in algorithms like neural networks and an abundance of powerful computer hardware, something momentous has occurred: A.I. has gone from an academic niche to the leading differentiator in a wide range of industries, including manufacturing, health care, transportation and retail.

I worry, however, that enthusiasm for A.I. is preventing us from reckoning with its looming effects on society. Despite its name, there is nothing “artificial” about this technology — it is made by humans, intended to behave like humans and affects humans. So if we want it to play a positive role in tomorrow’s world, it must be guided by human concerns.

I call this approach “human-centered A.I.” It consists of three goals that can help responsibly guide the development of intelligent machines.

First, A.I. needs to reflect more of the depth that characterizes our own intelligence….

No technology is more reflective of its creators than A.I. It has been said that there are no “machine” values at all, in fact; machine values arehuman values. A human-centered approach to A.I. means these machines don’t have to be our competitors, but partners in securing our well-being. However autonomous our technology becomes, its impact on the world — for better or worse — will always be our responsibility….(More).