Politics of Adversarial Machine Learning

Kendra Albert; Jonathon Penney; Bruce Schneier; Ram Shankar Siva Kumar; Jon Penney

Politics of Adversarial Machine Learning

Kendra Albert, Jonathon Penney, Bruce Schneier, Ram Shankar Siva Kumar, Jon Penney

Research output: Contribution to conference › Presentation

Abstract

In addition to their security properties, adversarial machine-learning attacks and defenses have political dimensions. They enable or foreclose certain options for both the subjects of the machine learning systems and for those who deploy them, creating risks for civil liberties and human rights. In this paper, we draw on insights from science and technology studies, anthropology, and human rights literature, to inform how defenses against adversarial attacks can be used to suppress dissent and limit attempts to investigate machine learning systems. To make this concrete, we use real-world examples of how attacks such as perturbation, model inversion, or membership inference can be used for socially desirable ends. Although the predictions of this analysis may seem dire, there is hope. Efforts to address human rights concerns in the commercial spyware industry provide guidance for similar measures to ensure ML systems serve democratic, not authoritarian ends.

Original language	Canadian English
Publication status	Published - Jan. 1 2020

Keywords

Artificial Intelligence
AI
Machine Learning
Ml
Security
Socio-Technical Systems
Adversarial Machine Learning
Privacy
Human Rights
Spyware
Politics of Technology
Politics of Machine Learning

Disciplines

Computer Law
Human Rights Law
Internet Law
Law
Law and Society
Privacy Law
Science and Technology Law

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

Politics of Adversarial Machine LearningFinal published version, 171 KBLicence: Unspecified

Cite this

@conference{1ca694d9bbc841438dce9141c8bf2b1d,

title = "Politics of Adversarial Machine Learning",

abstract = " In addition to their security properties, adversarial machine-learning attacks and defenses have political dimensions. They enable or foreclose certain options for both the subjects of the machine learning systems and for those who deploy them, creating risks for civil liberties and human rights. In this paper, we draw on insights from science and technology studies, anthropology, and human rights literature, to inform how defenses against adversarial attacks can be used to suppress dissent and limit attempts to investigate machine learning systems. To make this concrete, we use real-world examples of how attacks such as perturbation, model inversion, or membership inference can be used for socially desirable ends. Although the predictions of this analysis may seem dire, there is hope. Efforts to address human rights concerns in the commercial spyware industry provide guidance for similar measures to ensure ML systems serve democratic, not authoritarian ends.",

keywords = "Artificial Intelligence, AI, Machine Learning, Ml, Security, Socio-Technical Systems, Adversarial Machine Learning, Privacy, Human Rights, Spyware, Politics of Technology, Politics of Machine Learning",

author = "Kendra Albert and Jonathon Penney and Bruce Schneier and Kumar, {Ram Shankar Siva} and Jon Penney",

note = "Kendra Albert et al, {"}Politics of Adversarial Machine Learning{"} (Paper delivered at Towards Trustworthy ML: Rethinking Security and Privacy for ML Workshop, Eighth International Conference on Learning Representations (ICLR), Virtual Conference, 26 April 2020), archived online: ICLR 2020 < https://iclr.cc/virtual_2020/workshops_6.html > [perma.cc/6HDW-KCGV].",

year = "2020",

month = jan,

day = "1",

language = "Canadian English",

}

TY - CONF

T1 - Politics of Adversarial Machine Learning

AU - Albert, Kendra

AU - Penney, Jonathon

AU - Schneier, Bruce

AU - Kumar, Ram Shankar Siva

AU - Penney, Jon

N1 - Kendra Albert et al, "Politics of Adversarial Machine Learning" (Paper delivered at Towards Trustworthy ML: Rethinking Security and Privacy for ML Workshop, Eighth International Conference on Learning Representations (ICLR), Virtual Conference, 26 April 2020), archived online: ICLR 2020 < https://iclr.cc/virtual_2020/workshops_6.html > [perma.cc/6HDW-KCGV].

PY - 2020/1/1

Y1 - 2020/1/1

N2 - In addition to their security properties, adversarial machine-learning attacks and defenses have political dimensions. They enable or foreclose certain options for both the subjects of the machine learning systems and for those who deploy them, creating risks for civil liberties and human rights. In this paper, we draw on insights from science and technology studies, anthropology, and human rights literature, to inform how defenses against adversarial attacks can be used to suppress dissent and limit attempts to investigate machine learning systems. To make this concrete, we use real-world examples of how attacks such as perturbation, model inversion, or membership inference can be used for socially desirable ends. Although the predictions of this analysis may seem dire, there is hope. Efforts to address human rights concerns in the commercial spyware industry provide guidance for similar measures to ensure ML systems serve democratic, not authoritarian ends.

AB - In addition to their security properties, adversarial machine-learning attacks and defenses have political dimensions. They enable or foreclose certain options for both the subjects of the machine learning systems and for those who deploy them, creating risks for civil liberties and human rights. In this paper, we draw on insights from science and technology studies, anthropology, and human rights literature, to inform how defenses against adversarial attacks can be used to suppress dissent and limit attempts to investigate machine learning systems. To make this concrete, we use real-world examples of how attacks such as perturbation, model inversion, or membership inference can be used for socially desirable ends. Although the predictions of this analysis may seem dire, there is hope. Efforts to address human rights concerns in the commercial spyware industry provide guidance for similar measures to ensure ML systems serve democratic, not authoritarian ends.

KW - Artificial Intelligence

KW - AI

KW - Machine Learning

KW - Ml

KW - Security

KW - Socio-Technical Systems

KW - Adversarial Machine Learning

KW - Privacy

KW - Human Rights

KW - Spyware

KW - Politics of Technology

KW - Politics of Machine Learning

UR - https://digitalcommons.schulichlaw.dal.ca/scholarly_works/1808

M3 - Presentation

ER -

Politics of Adversarial Machine Learning

Abstract

Keywords

Disciplines

UN SDGs

Access to Document

Other files and links

Fingerprint

Cite this