Reading Notes
CSE 390HA
Notes on the selected reading for the quarter, Tools and Weapons: The Peril and Promise of the Digital Age by Brad Smith.
Table of contents
- Introduction - “The Cloud: The World’s Filing Cabinet”
- Chapter 1 - “Cybersecurity: A Moment of Reckoning”
- Chapter 2 - “Surveillance: A Three-Hour Fuse”
- Chapter 3 - “Technology and Public Safety: ‘I’d Rather Be a Loser Than a Liar’”
- Chapter 4 - “Privacy: A Fundamental Human Right”
- Chapter 7 - “Social Media: The Freedom That Drives Us Apart”
- Chapter 8 - “Digital Diplomacy: The Geopolitics of Technology”
- Chapter 9 - “Consumer Concerns: ‘The Guns Will Turn’”
- Chapter 12 - “AI and Ethics: Don’t Ask What Computers Can Do, Ask What They Should Do”
- Chapter 13 - “AI and Facial Recognition: Do Our Faces Deserve the Same Protection as OUr Phones?”
- Chapter 2, The Ethical Algorithm
Introduction - “The Cloud: The World’s Filing Cabinet”
- The world runs on data; the development of civilization accelerated with writing, retrieval, documentation, storage.
- Data is more than the oil of the twenty-first century.
- The cloud is a fortress; data is pulled form a mammoth data center.
- Columbia Data Center, owned by Microsoft - home to hundreds of thousands of server computers and millions of hard disks.
- Your files reside in this data center.
- Files are backed up to another set of buildings to ensure smooth connection and no loss of data, even in the case of natural disasters and other large phenomena.
- A data center is never done.
- Striking balance between public safety, individual convenience, personal privacy.
- Can we control the world we are creating?
- Any tool can be used for good or ill.
- Reaching a critical inflection point for technology and society; the tech sector will need to change.
Chapter 1 - “Cybersecurity: A Moment of Reckoning”
- The SVR, FSB, and the GRU emerged out of the splinters of the Communist Bloc and the KGB.
- In Microsoft, obscure names from the periodic table are used to classify nation-state actors engaged in cyber activity.
- The SVR is a cyberthreat for many customers and Microsoft itself.
- Often penetrate privately owned computer networks.
- Dozens of organizations and countries were impacted.
- Demonstrating technology’s inherent strengths and weaknesses.
- Microsoft Threat Intelligence Center (MSTIC) - hunts new intrusions and cyberattacks.
- An attack is both a successful espionage coup and an opportunity for the defender to prevent future attacks.
- SolarWinds, FireEye, and Microsoft teams began working together.
- Digital nature of software and the global reach of the internet swing in both directions.
- The malware code was distributed globally; its fingerprint can be tracked.
- 21st century coutnerparts to Sherlock Holmes.
- Two cyberattack questions:
- How did the attacker gain entry?
- What network credentials did the attacker obtain?
- Identified kill switch and preventted attackers from entering additional networks.
- Relationship between companies and affected consumers - hoax.
- Cyberthreats around the world have greatly intensified.
- There is a danger a hammer will see everything as a nail. Multifactor authentication and toher cybersecurity best practices will likely eliminate any substantial loss of sensitive data.
- Governments and tech companies must work together to secure the world’s digital infrastructure.
- Why did everyone in 2020 miss the prolonged attack?
- 9/11 Commission - the attack was a “shock but not a surprise”.
- There existed no centralized capability to aggregate threat intelligence.
- Much of the relevant threat intelligence is spread across companies and individual companies.
- Nonuniform policy across the tech sector.
- Disclosure of information with the public.
- Accuracy and solidity of information.
- Protection of technology supply chains and implications for economics an dpolitics.
- The internet makes everyone each other’s neighbor.
Chapter 2 - “Surveillance: A Three-Hour Fuse”
- Dominic Carr - public affairs and communications team.
- PRISM - company’s annual gathering of sales leaders.
- Guardian - preparing for publication of article rgarding PRISM, which was reported to be a voluntary, secret program of cooperation between several large US technology companies and the NSA.
- Message requested a complex 9-point list of comment and imposed an unfeasible deadline.
- Microsoft accused of sharing data with the NSA for an electronic surveillance program.
- The source - 29-year-old employee of defense contractor Booz Allen Hamilton, Edward Snowden.
- Snowden’s documents struck a nerve with the public; privacy protection concerns.
- John Wilkes’ lawsuits marked the birth of modern privacy rights.
- Civil liberties and arbitrary power.
- The Declaration of Independence woudl later inscribe Otis’ principle.
- Someone is lying - it’s either Microsoft or Edward Snowden.
- September 11 - share data with the government or not?
- Operation Enduring Freedom in Afghanistan; invasion of Iraq; antiterrorism efforts.
- How can Microsoft fulfill their responsibility to customers while answering the call to protect the country?
- Laws should govern the issue.
- Trade-offs between individual freedoms and national security.
- Tech has gone global - tech companies become bank-like institutions. Global banks.
- Sueing the United States government: arguing for the right to share data and information more transparently.
- Joined with Google.
- Journalism and the tech industry.
- Reform Government Surveillance
- Careful dialogue; surveillance reform.
- A new scope of government surveillance; encryption; legal action.
Chapter 3 - “Technology and Public Safety: ‘I’d Rather Be a Loser Than a Liar’”
- You can’t catch criminals or terrorists if you can’t find them. Information allows for tracking.
- Balancing people’s privacy and public safety.
- Daniel Pearl abduction in Karachi, Pakistan.
- Used Hotmail to communicate ransom demands.
- Microsoft monitored IP address to monitor where the senders were.
- The kidnappers killed Pearl.
- The cyberspace is no longer some peripheral dimension.
- Ronald Reagan and the 1986 Electronic Communications Privacy Act (ECPA).
- The government could issue gag orders.
- Warrants typically come trhough email; requested evidence can be pulled from a data center.
- January 7, 2015 - murder of 12 people in Charlie Hedbo Paris headqaurters by Al-Qaeda members.
- Commitment to transparency.
- Official principles.
Chapter 4 - “Privacy: A Fundamental Human Right”
- Where is data stored? What are the factors that go with it? Tax incentives, political stability, weather.
- Countries reaching across borders - what borders?
- Confidence in judicial systems
- Bipartisanship, tied to government
- Can government be a vessel for change?
Chapter 7 - “Social Media: The Freedom That Drives Us Apart”
- The Internet helped push Estonia out of communism. The “e-democracy”.
- Estonia suffered the first cyber-based nation-state attack on another country.
- People find tribes and cybertribes - like-minded people that can replicate human communities.
- Groups are more connected but less open.
- Idealism collides with human nature.
- Being alone, together - the world is smaller, but there is a deafening silence between people sitting next to each other.
- Disinformation campaigns.
- Russia’s Internet Research Agency - computational propaganda to misinform and polarize US voters.
- Mix of action by the government and the tech sector itself
- Not necessarily proving the veracity of the content itself, but provide information on user identity.
- Provide/NGO efforts
- Foreign influence - insistence on borders
- Lack of real answers
Chapter 8 - “Digital Diplomacy: The Geopolitics of Technology”
- Tech companies affect nations as much as other countries do.
- Companies have become a new tpe of nation.
- Strengthening technical defenses, operational security.
- Vigilante tech justice
- All defense, no offense - what does offense and defense mean? Are they necessarily exclusive concepts?
- Digital Geneva Convention
- Privacy as a matter of business
- Arms control
- Culture and legislation
- “The only winning move is not to play.”
- Cold War and Hot Peace
- Multilateral approach
- New, digital diplomacy.
Chapter 9 - “Consumer Concerns: ‘The Guns Will Turn’”
- Demands the tech sector was making of the government would be made on the tech sector itelf - the “guns will turn”.
- Information safe harbor and transfer of data - water seeks its own level.
- “Overreaches”, collaboration.
- The role of government in addressing internal company bureaucracy - things have truly turned.
- Engineering - a creative processes.
- Maintaining public trust
- “Privacy is dead”
- Apologize, apologize, apologize.
- Europe - a hope for improved privacy.
Chapter 12 - “AI and Ethics: Don’t Ask What Computers Can Do, Ask What They Should Do”
- AI is all the buzz; AI is something new, and tech companies have large marketing budgets.
- Universal vagueness about what AI is.
- Rushing forward with innovation without helping people understand how it works.
- New technology is not necessarily beneficial.
- Theology, religion
- There is no universally agreed-upon definition of AI.
- Three important advances: computing power, cloud computing, digital data.
- Transparency, reliability, safety, privacy, security, accountability.
- Microsoft continued to provide technolgoy to the US government.
- What is humanity? Is it worth protecting? Is technology a stain or a taint?
Chapter 13 - “AI and Facial Recognition: Do Our Faces Deserve the Same Protection as OUr Phones?”
- Minority Report - the use and abuse of technology
- Facial recognition can be used for good and to repress freedom
- Our faces are more or less unique.
- More Americans trust their employer than the government.
- Companies and universities
- Microsoft decided that boycotting a government agency was the wrong approach; rather, technology should be governed by new laws and regulation.
- Democracy and government surveillance
Chapter 2, The Ethical Algorithm
- Analogy problems may reflect socioeconomic bias.
- Analogy problems in embedding spaces reflect gender bias from the documents with which they are taken.
- Science can only take us so far - human judgements and norms will choose where on the Pareto curve society should be.
- Personalized ML can cause prediction mistakes to harm specific individuals.
- Inefficacy of forbidden inputs. You can’t restrict inputs to a decision making process.
- Statistical parity: identify which individuals we wish to protect. Fraction of individuals with protected identity that obtain a certain outcome should be the same as the fraction of individuals without the protected identity.
- Apparently, there is no escaping the Pareto frontier (really?)
- Human judgement, policy, and ethics are king.
- Individual fairness metrics may be incompatible with one another.