Data Privacy, Security and Ethics - Chapter 1 PDF

Summary

This document discusses data privacy, security, and ethical considerations, particularly focusing on the principles of law, morality, and ethics. It explores different aspects of ethics, including its technical, practical, and philosophical underpinnings, with examples and explanations. It also touches on professional ethics and its regulation.

Full Transcript

Data Privacy, Security and Ethics

Chapter 1

Law, Moral and Ethics

Relating to the standards of good or bad behavior, fairness, honesty,
etc. that each person believes in;

Behaving in ways considered by most people to be correct and honest;

Standards for good or bad character and behavior.

It help us understand what we should do according to our personal ideas
and principles -- INDIVIDUAL LEVEL

Different people might have the same or different morals!

A person standing in front of a car Description automatically generated

Ethics

Technically

Branch of Philosophy that studies the basis of Moral; Le Petit
Larousse, 2000

Systematic reflection on moral norms, seeking to understand, justify
or

question these norms;

Philosophical study of morality.

Practically

A system of accepted rules and morals about behavior, based on what

is considered right and wrong (e.g. business/professional ethics);

Rules of conduct in a particular culture or group recognized by an
external

source or social system. For example, a medical code of ethics that
medical

professionals must follow.

![A diagram of ethics Description automatically
generated](media/image2.png)

"Shame is stealing and getting caught!"

It seems to be more important to avoid the consequences of an act than
to not do the act itself;

Morally, the principles lie in the reputation of being caught rather
than in the immorality of the act;

Ethically, social consequences are privileged over genuine
consideration of the justice and morality of behavior.

Nonnormative and Normative Ethics

Non-normative ethics

Studies what effectively is the case not what ethically ought to be
the case or what is ethically valuable;

Does not directly engage with prescribing or evaluating actions as
right or wrong, but instead focuses on understanding and analyzing the
nature of moral concepts.

Types:

Descriptive ethics, also known as comparative ethics - studies of
people\'s beliefs about morality. Studies and reports how people reason
and act;

Meta-ethics- studies the meaning of moral propositions such as right,
obligation, virtue or responsibility and how their truth values (if any)
may be determined. Instead of asking what actions are right or wrong,
meta-ethics asks what it means to say something is right or (e.g. Is
morality more a matter of taste than truth? Are moral standards
culturally relative? Are there moral facts? If there are moral facts,
what are their origin and nature?).

Normative ethics

Studies the practical means of determining a moral course of action;

Determines what actions are right or wrong, what people ought to do,
and what kinds of people they ought to be. It is focused on establishing
ethical standards and principles that guide behavior and help people
make moral decisions;

It includes the formulation of moral rules that have direct
implications for what human actions, institutions, and ways of life
should be like;

It is typically contrasted with theoretical ethics, or metaethics,
which is concerned with the nature rather than the content of ethical
theories and moral judgments.

Types:

Applied ethics- studies how moral outcomes can be achieved in specific

situations. The interpretation of general norms to address particular
problems.

(includes professional ethics such as Research ethics)

Professional Ethics

Most professions have standards of conduct that are generally
acknowledged by those who are serious about their professional
responsibilities;

Members of professions often informally adhere to widely accepted
ethical guidelines (non discrimination, honesty and truthfulness);

There are also specific professional ethical rules (informed consent
and medical confidentiality);

Main causes of professional ethics problems:

conflicts over appropriate professional standards;

conflicts between professional commitments and commitments outside the
profession

As professional ethics rules are usually very broad, some professions
adopt more detailed codes of standards aimed at reducing vagueness--
Codes of Ethical Conduct;

Codes sometimes include rules of etiquette in addition to rules of
ethics (do not criticize other medical doctors who have previously seen
the patient for example);

Codes of Ethical Conduct foster and reinforce member identification
with the core values of the profession.

Public Regulation of Professional Ethics

Public policy (any set of enforceable guidelines set by an official
public body -- National Commissions, Advisory Committees, Councils)
sometimes provides additional Professional Ethics guidelines.

Public policy enforces ethical standards within various professions by
governmental or quasi-governmental bodies. These regulations are
designed to ensure that professionals follow to certain ethical
principles and meet the standards of their respective fields.

General Medical Council (GMC): "We set the standards for doctors. We set
the

values, knowledge, skills and behaviors expected of all doctors working
in the UK"

ABET: "At ABET, our approach, the standards we set and the quality we
guarantee,

inspires confidence in those who aim to build a better world. We
accredit college and

university programs"

Law

Law aims to regulate the essential relationships within a given
society;

The juridical rule does not require individual conscience to be
applied (it is assumed that everyone knows the law);

Legal violations can lead to loss of liberties.

Everyone can form a moral/ethical opinion. The legal opinion is usually
given by a judge; Suspicion is sometimes enough to affect someone's
ethical reputation. To the eyes of the law people are innocent until
proven guilty - Presumption of innocence.

No matter how hard and rigid the law may be, it must always be followed.

Ethical Dilemmas

Ethical Dilemmas are circumstances in which ethical obligations demand
or appear to demand that a person adopt each of two (or more)
alternative but incompatible actions, such that the person cannot
perform all the required actions.

Ver exemplos nos slides

No magic bullets exist in resolving ethical dilemmas. Acknowledging them
helps deflate unrealistic expectations that ethical principles, rules
and theories provide universal solutions. Reasoning and reflection is
necessary but it does not guarantee that a perfect solution will be
found.

Basic Ethics Principles

Aim to express general norms of common ethics (widely shared, stable
social agreements) that act as a starting point in resolving ethical
dilemmas

Respect for autonomy (respect and support autonomous decisions);

Nonmaleficence (avoiding the causation of harm);

Beneficence (relieving or preventing harm, balancing benefits against
risks and costs);

Justice (fairly distributing benefits, risks and costs).

Weighting and Balancing

Principles, rules, professional obligations, and rights often need to
be weighted and balanced. Balancing is the process of finding reasons to
support beliefs about which ethical norms should prevail.

Balancing is more than norm specification. It is concerned with
relative weights and strengths of different norms and not just their
scope/range. It allows appropriate application of norms to particular
circumstances. Ethical norms alone cannot accurately quantify factors
such as risk and burden. Weigh and Balance considers these factors in a
given circumstance.

Diversity and Disagreement

Conscientious and reasonable moral agents understandably disagree over

priorities and choice over conflicting norms;

Disagreement does not necessarily indicate ethical ignorance or flaw.
There is not a single solution to many ethical questions and ethical
dilemmas.

Reasons for Ethical disagreement and diversity of points of view:

o Factual disagreements (e.g.: the suffering or damage an action will
cause);

o Insufficient information or evidence;

o Disagreement over which norms apply to the circumstances;

o Disagreements about the relative weights of applicable norms;

o Disagreement on whether a genuine ethical problem exists.

Disagreements may persist even among ethically committed persons.

When ethical disagreements arise, ethical agents can defend their

decision without reproaching others who defend different solutions.

Recognition of legitimate diversity is fundamental.

Chapter 2

Data Ethics

Data ethics encompasses the moral obligations of gathering,
protecting, and using personally identifiable information and how it
affects individuals.

Data ethics are of the utmost concern to analysts, data scientists,
and information technology professionals. Anyone who handles data,
however, must be well-versed in its basic principles.

Is a set principles behind how organizations gather, protect, and use
data, ensuring the

respect human rights, promotion of justice, and avoidance of any harm.

Data sources- Loyalty programs, apps, sensors, credit cards, online
shop, social media

Why Data Ethics is important?

Cambridge Analytica obtained data from millions of Facebook users
without their

consent. The firm used this data to create detailed voter profiles and
target individuals

with personalized political ads during the 2016 U.S. presidential
election.

Ethical concerns: The scandal raised serious ethical concerns about
privacy, consent, and the manipulation of voter behavior. The
unauthorized use of personal data undermined trust in social media
platforms and started global discussions on data privacy and the ethical
responsibilities of tech companies.

In 2012, Target used predictive analytics to identify customers who
might be

pregnant based on their purchasing patterns. The company inadvertently

revealed one teenager's pregnancy to her father before she had told him.

Ethical concerns: The case revealed a lack of privacy considerations.
Although

was for marketing purposes, it stills affects the customer life.

Note: you give consent to the collection of data when making loyalty
cards

Ashley Madison is a Canadian dating website, which was founded in 2002
and aimed at people looking for an affair. In July 2015, the website
suffered a massive data breach when a group of hackers stole the
personal information of approximately 32 million users. The hackers
released this data publicly, exposing the names, passwords, emails, and
personal preferences.

Ethical concerns:

The company had inadequate data security measures

Although users could pay to delete their profiles, the company did not
delete them

The company fails in protect their users

During the COVID-19 pandemic, many countries developed contact tracing
apps to

track the spread of the virus. While these apps helped manage the public
health crisis, they

also raised concerns about privacy, data security. Transparent data
practices, informed consent, and clear limitations on data use were
essential to maintain public trust and ensuring ethical use of the
technology.

Key Principles of Data Ethics

Ownership: An individual has ownership over their personal information.
This involves understanding who owns the data and who has the right to
control its use.

Transparency: Individuals have a right to know how organizations plan to
collect, store, and use it (Terms and Conditions).

Privacy: Organizations should ensure individuals privacy and respect
individuals privacy.

Outcomes/Avoidance of Harm: Ensuring that data practices do not cause
harm to individuals or communities. This includes considering the
potential negative consequences of data use.

Fairness: Ensuring that data procedures do not lead to discrimination or
bias. This principle aims to prevent harm that might arise from data
misuse, or unequal access to data-driven technologies.

Accountability: Organizations and individuals responsible for collecting
and using data are answerable for the consequences of their actions. It
involves taking ownership of any ethical violations.

Informed Consent: Ensuring that individuals are fully informed about
what data is being collected, how it will be used, and the implications
of its use.

Data Security: Protecting data from unauthorized access, breaches, and
other forms of misuse. This involves implementing robust security
measures to safeguard data.

Data Protection Law

GDPR: General Data Protection Regulation for European Union

CCPA: California Consumer Privacy Act for USA -- California

PIPEDA: Personal Information Protection and Electronic Documents Act for
Canada

GDPR

\- The main principle is that personal data need to be processed
'lawfully, fairly and in a transparent manner in relation to the data
subject'.

\- Requirement of informed consent from individuals whose data are
processed, unless the law states otherwise (i.e. specific permission
provided by law).

\- Principles of data minimization and storage limitation are
particularly important

\- Data subjects have a number of rights as against the controller(s)
and processor(s) of their data. A number of these rights may be subject
to limitations in certain cases.

GDPR Key Points

Transparency and accountability

Special provisions for scientific research

Enhanced rights for data subjects

Mandatory procedures for managing data breaches

Special provisions for protecting data of minors

Mandatory Data Protection Impact Assessments

Mandatory appointment of a Data Protection Officer (subject to
exceptions)

Pan-European validation of European Codes of Conduct

Certification mechanisms specifically for data protection

Remedies, sanctions and fines

GDPR Articles

Right to information (art. 13 ff.);

Right of access (art. 15);

Right to rectification (art. 16);

Right to erasure (\'right to be forgotten\') (art.17);

Right to restriction of processing (art. 18);

Right to receive communication of any rectification or erasure of
personal data or restriction of processing (art. 19);

Right to data portability (art. 20);

Right to objection of treatment and automated individual decision
making, including profiling (arts. 21 and 22).

In a nutshell, data subjects have the right to:

request the restriction of the processing of personal data in specific
cases;

receive personal data in a machine-readable format and send it to
another controller ('data portability');

request that decisions based on automated processing concerning them
and based on their personal data are made by natural persons, not only
by computers.

obtain access to the personal data held about them;

ask for incorrect, inaccurate or incomplete personal data to be
corrected;

request that personal data be erased when it's no longer needed or if
processing it is unlawful;

object to the processing of their personal data for marketing purposes
or on grounds relating to their particular situation.

These rights apply across the EU, regardless of where the data is
processed and

where the company is established. These rights also apply when goods and
services

are bought from non-EU companies operating in the EU.

Right to be forgotten

The right to be forgotten appears in Recitals 65 and 66 and in Article
17 of the GDPR. It states, "The data subject shall have the right to
obtain from the controller the erasure of personal data concerning him
or her without undue delay and the controller shall have the obligation
to erase personal data without undue delay" if one of a number of
conditions applies. "Undue delay" is considered to be about a month.

When does the right to be forgotten apply?

An individual has the right to have their personal data erased if:

The personal data is no longer necessary for the purpose an
organization originally collected or processed it.

An organization is relying on an individual's consent as the lawful
basis for processing the data and that individual withdraws their
consent.

An organization is relying on legitimate interests as its
justification for processing an individual's data, the individual
objects to this processing, and there is no overriding

legitimate interest for the organization to continue with the
processing.

An organization is processing personal data for direct marketing
purposes and the individual objects to this processing.

An organization processed an individual's personal data unlawfully.

An organization must erase personal data in order to comply with a
legal ruling or obligation.

An organization has processed a child's personal data to offer their
information society services.

However, an organization's right to process someone's data might
override their right to be forgotten. Here are the reasons cited in the
GDPR that trump the right to erasure:

The data is being used to exercise the right of freedom of expression
and information.

The data is being used to comply with a legal ruling or obligation.

The data is being used to perform a task that is being carried out in
the public interest or when exercising an organization's official
authority.

The data being processed is necessary for public health purposes and
serves in the public interest.

The data being processed is necessary to perform preventative or
occupational medicine. This only applies when the data is being
processed by a health professional who is subject to a legal obligation
of professional secrecy.

The data represents important information that serves the public
interest, scientific research, historical research, or statistical
purposes and where erasure of the data would likely to impair or halt
progress towards the achievement that was the goal of the processing.

The data is being used for the establishment of a legal defense or in
the exercise of other legal claims.

Data Protection Law -- ver slides

GDPR Penalties

Under the GDPR, fines are administered by the data protection regulator
in each EU country. That authority will determine whether an
infringement has occurred and the severity of the penalty. They will use
the following 10 criteria to determine whether a fine will be assessed
and in what amount:

Gravity and nature

Intention

Mitigation

Precautionary measures

History

Cooperation

Data category

Notification

Certification

Aggravating/mitigating factors

The less severe infringements could result in a fine of up to €10
million, or 2% of the firm's worldwide annual revenue from the preceding
financial year, whichever amount is higher.

The more serious infringements go against the very principles of the
right to privacy and the right to be forgotten that are at the heart of
the GDPR. These types of infringements could result in a fine of up to
€20 million, or 4% of the firm's worldwide annual revenue from the
preceding financial year, whichever amount is higher.

GDPR Particularities

Your company/organization can only process personal data in the
following circumstances:

with the consent of the individuals concerned;

where there is a contractual obligation (a contract between your
company/organization and a client);

to meet a legal obligation under EU or national legislation;

where processing is necessary for the performance of a task carried
out in the public interest under EU or national legislation;

to protect the vital interests of an individual;

for your organization\'s legitimate interests, but only after having
checked that the fundamental rights and freedoms of the person whose
data you're processing aren't seriously impacted.

CCPA

The California Consumer Privacy Act (CCPA) gives consumers more control
over the personal information that businesses collect about them and the
CCPA regulations provide guidance on how to implement the law.

The right to know about the personal information a business collects
about them and how it is used and shared;

The right to delete personal information collected from them (with
some exceptions);

The right to opt-out of the sale or sharing of their personal
information;

The right to non-discrimination for exercising their CCPA rights;

The right to correct inaccurate personal information that a business
has about them;

The right to limit the use and disclosure of sensitive personal
information collected about them.

PIPEDA

The Personal Information Protection and Electronic Documents Act
(PIPEDA) sets the ground rules for how private-sector organizations
collect, use, and disclose personal information in the course of
for-profit, commercial activities across Canada. PIPEDA also applies to
the personal information of employees of federally-regulated businesses.

The 10 principles

Accountability

Identifying purposes

Consent

Limiting collection

Limiting use, disclosure, and retention

Accuracy

Safeguards

Openness

Individual access

Challenging compliance

Privacy Literacy

Allied with these laws, it is still very important for individuals to
have privacy literacy.

Debatin (2011) stated that privacy literacy "encompasses an informed
concern for \[...\]

privacy and effective strategies to protect it" (p. 51). Trepte et al.
(2015) further

elaborated that "Online privacy literacy may be defined as a combination
of factual

or declarative ('knowing that') and procedural ('knowing how') knowledge
about

online privacy. In terms of declarative knowledge, online privacy
literacy refers to the

users' knowledge about technical aspects of online data protection, and
about laws

and directives as well as institutional practices. In terms of
procedural knowledge,

online privacy literacy refers to the users\' ability to apply
strategies for individual

privacy regulation and data protection" (p. 339).

Chapter 3

Informed Consent

Informed consent is understood as the informed authorization given by
the user prior to submission to a certain medical act, any act
integrated in the provision of health care, participation in research or
clinical trial. This authorization presupposes an explanation and
respective understanding of what is intended to be done, how to act, why
and the expected result of the intervention consented to.

In principle, living individuals should not be the subject of a
research project without being informed.

The Milgram Experiment

Stanley Milgram, a psychologist at Yale University, carried out one of
the most famous studies of obedience in psychology. He conducted an
experiment focusing on the conflict between obedience to authority and
personal conscience.

Milgram (1963) examined justifications for acts of genocide offered by
those accused at the World War II, Nuremberg War Criminal trials. Their
defense often was based on obedience -- that they were just following
orders from their superiors.

Could it be that Eichmann and his million accomplices in the Holocaust
were just following orders? Could wecall them all accomplices?"
(Milgram,1974).

A close-up of a text Description automatically generated

The Milgram Experiment -- Ethical Issues

Baumrind (1964) criticized the ethics of Milgram's research as
participants were prevented from giving their informed consent to take
part in the study. Participants assumed the experiment was benign and
expected to be treated with dignity.

Participants were exposed to extremely stressful situations that may
have the potential to cause psychological harm. Many of the participants
were visibly distressed (Baumrind,1964).

Signs of tension included trembling, sweating, stuttering, laughing
nervously, biting lips and

digging fingernails into palms of hands. Three participants had
uncontrollable seizures, and

many pleaded to be allowed to stop the experiment.

The experimenter gave four verbal prods which mostly discouraged
withdrawal from the

experiment

Worldcoin

Worldcoin is a digital identification platform designed to provide
everyone with a way to verify their identity as a real human, not a bot
or AI. It aims to create a global, decentralized

identity and financial network that preserves privacy. Here are some key
components of Worldcoin:

-World ID: A digital identity system that verifies you are a unique
human.

-World App: A wallet app that supports World ID and provides access to
decentralized finance.

-World Chain: An upcoming blockchain designed to support the Worldcoin
ecosystem

Worldcoin is a way to definitively distinguish between humans and AIs.
If all humans online

could prove that they were, in fact, humans, then scams and imposters
would dramatically

decrease, and the digital landscapes would become more accurate
representations of us

as a society. So in order to prove that humans are humans, Worldcoin
scans irises, which are

unique to their owners Worldcoin's platform verifies a user's identity
by scanning their iris to create personal, secure identification codes.
The codes are saved on a decentralized blockchain. Individuals are
"rewarded" with cryptocurrency-- WLD.

Worldcoin-- What media says? Are there any ethical issues? (ver slides
anteriores)

The Orb creates a unique iris code (which does not identify anyone by
name) and sends it to the blockchain. This code is created through a
one-way function, making it impossible to reconstruct the original
photograph. This means that the danger of 'identity theft' simply does
not exist."

Additionally, the Worldcoin team has been developing new features that
allow users to delete their iris code even after verification. It also
now enables personal custody of data---an essential concept in the Web3
world. In other words, all the information used to generate the iris
code is stored only on the user's phone, giving them total and absolute
control over their data.

Wherever possible, the informed consent process should be integrated
into a broader informed consent procedure that meets the standards set
out in the Commission's Guidance note on informed consent. However, for
projects involving particularly complex or sensitive data-processing
operations, or intrusive methods such as behavioural profiling,
audio/video recording or geo-location tracking, you should implement a
specific informed consent process covering the data- processing
component of your project.

For consent to data processing to be 'informed', the data subject must
be provided with detailed information about the envisaged data
processing in an intelligible and easily accessible form, using clear
and plain language. As a minimum, this should include:

the identity of the data controller and, where applicable, the contact
details of the

DPO;

the specific purpose(s) of the processing for which the personal data
will be used;

the subject's rights as guaranteed by the GDPR and the EU Charter of
Fundamental Rights, in particular the right to withdraw consent or
access their data, the procedures to follow should they wish to do so,
and the right to lodge a complaint with a supervisory authority;

information as to whether data will be shared with or transferred to
third parties and for what purposes; and

how long the data will be retained before they are destroyed.

Consent to Certain Areas of Scientific Research

It is often not possible to fully identify the purpose of personal
data processing for scientific research purposes at the time of data
collection. Therefore, data subjects should be allowed to give their
consent to certain areas of scientific research when in keeping with
recognised ethical standards for scientific research.

Data subjects should have the opportunity to give their consent only
to certain areas of research or parts of research projects to the extent
allowed by the intended purpose.

-If in the course of your research project you wish to make any
significant changes to your methodology or processing arrangements that
have a bearing on the data subjects' rights or the use of their data,
you must make them aware of the intended changes, and seek and obtain
their express consent; it is not enough to offer them the opportunity to
opt out. This must be done before you make the changes.

-If your project involves complex and large-scale data processing, if
you plan to use the data in multiple projects or for multiple purposes,
or if it is not possible fully to identify the

purpose of the data processing at the time of data collection, it may be
appropriate to use a

consent management application. Various service providers now offer
ethically robust, secure informed consent platforms that can help you to
manage, document and evidence your consent processes.

Consent Management Application

A Consent Management Platform (CMP) is a software solution that helps
you collect and manage personal information and consents in line with
data protection laws and

regulations.

It enables you to gain insight into the personal data lifecycle from
the moment of opt-in to the data removal, allowing you to track,
monitor, and respond to the data subject's request and consent
preferences.

The CMP also allows you to centrally manage notices and propagate them
to all consent collection channels.

Are there exceptions to the duty to inform?

The information should not be passed on to the user where it could
cause serious damage

to their health. That is, when the doctor or health professional
considers that the user\'s knowledge of the clinical situation may
represent a danger to their health, they should not

provide the information. Likewise, the user has the right to be unaware.
This right may be

restricted, either in the interest of the user himself/herself or for
the protection of others.

It is not necessary to impose the obligation to provide information
where the data subject

already possesses the information, where the recording or disclosure of
the personal data

is expressly laid down by law or where the provision of information to
the data subject

proves to be impossible or would involve a disproportionate effort. The
latter could in

particular be the case where processing is carried out for archiving
purposes in the public

interest, scientific or historical research purposes or statistical
purposes. In that regard, the

number of data subjects, the age of the data and any appropriate
safeguards adopted

should be taken into consideration.

Conditions for Consent

Consent should be given by a clear affirmative act establishing a
freely given, specific, informed and unambiguous indication of the data
subject's agreement to the processing of personal data relating to him
or her, such as by a written statement, including by electronic means,
or an oral statement.

Silence, pre-ticked boxes or inactivity should not therefore
constitute consent.

Consent should cover all processing activities carried out for the
same purpose or purposes. When the processing has multiple purposes,
consent should be given for all of them.

Consent must be regularly evaluated. It is never definite and can be
withdrawn at any time.

The case of Organ Donation

Portuguese legislation is based on the concept of presumed donation, so
that a person from the moment they are born acquires the status of
donor. Someone who wishes not to be a donor will have to register on
their own initiative, or through someone with the right to represent
them (parents, in the case of minors), on the National Registry of
Non-Donors

(RENNDA). This objection may be total or partial. Other countries with
Presumed consent: Austria,Spain, Belgium, UK, France, Columbia, Norway,
Italy,Czech Republic, Finland, Greece, Hungary,Luxembourg, Norway,
Slovenia, Sweden, etc.

Any ethical concerns about this topic?

Agree? Are you aware?

-Autonomy and Informed Consent: One of the primary concerns is that
presumed consent

may violate the principle of respect for autonomy. This principle
underlies the concept of

informed consent, which requires that individuals make voluntary and
informed decisions

about their bodies.

-Public Awareness and Education: For presumed consent to be ethically
acceptable, it is

crucial that the public is well-informed about the policy and the
mechanisms for opting out.

-Equity and Accessibility: Ensuring that all individuals, regardless of
socioeconomic status,

have equal access to information and the ability to opt out is
essential.

Use of secondary data

If your research project uses data from social media networks and you
do not intend to seek the data subjects' explicit consent to the use of
their data, you must assess whether those persons actually intended to
make their information public (e.g. in the light of the privacy settings
or limited audience to which the data were made available).

It is not enough that the data be accessible; they must have been made
public to the extent that the data subjects do not have any reasonable
expectation of privacy. You must also ensure that your intended use of
the data complies with any terms and conditions published by the data
controller.

Data protection impact assessments

The risk-based approach to data processing upon which the GDPR is
predicated can help researchers with complex, sensitive or large-scale
data processing requirements to identify and address the ethics issues
that arise from their methods and objectives.

The DPIA is a process designed to assess the data-protection impacts
of a project, policy, programme, product or service and, in consultation
with relevant stakeholders, to ensure that remedial actions are taken as
necessary to correct, avoid or minimise the potential negative impacts
on the data subjects.

Under the GDPR, a DPIA is mandatory for processing operations that are
likely to result in a

high risk to the rights and freedoms of natural persons'(art.35). These
include in particular:

a 'systematic and extensive' analysis of personal data in the context
of automated

processing, including profiling, where this has a significant effect on
the data subject;

large-scale processing of 'special categories' of personal data, or of
personal data relating

to criminal convictions and offences; or

a systematic monitoring of a publicly accessible area on a large
scale.

More specifically:

If you're using new technologies

If you're tracking people's location or behavior

If you're processing personal data related to "racial or ethnic
origin, political opinions, religious or philosophical beliefs, or trade
union membership, and the processing of genetic data, biometric data for
the purpose of uniquely identifying a natural person, data concerning
health or data concerning a natural person's sex life or sexual
orientation"

If you're processing children's data

Ver slides

Confidentiality and anonymity

Confidentiality: the fact of private information being kept secret

Anonymity: The situation in which someone\'s name is not given or known

Anonymity: Process of removing personal identifiers, both direct and
indirect, that

may lead to an individual being identified

Confidentiality and anonymity in research

Anonymity means you don't know who the participants are, while
confidentiality means you know who they are but remove identifying
information from your research report. Both are important ethical
considerations.

You can only guarantee anonymity by not collecting any personally
identifying information---for example, names, phone numbers, email
addresses, IP addresses, physical

characteristics, photos, or videos.

You can keep data confidential by using aggregate information in your

research report, so that you only refer to groups of participants rather
than individuals.

Example: Employee engagement surveys

This topic is particularly relevant when collecting data via surveys.

The words anonymous and confidential are all too often used
synonymously

when describing employee engagement surveys. The fact is, they mean very

different things, and when it comes to your employees' privacy, it's
important to

make the distinction between the two.

![A table with black text Description automatically
generated](media/image4.png)

A white and black text on a white background Description automatically
generated

Ver slides

The GDPR only applies to personal data, not to anonymised/anonymous
(i.e.

non-personal) data. Is anonymisation always required?

No

Anonymisation will not always be required. Other means should also be

considered.

In the majority of the cases, data have to be de-identified to the

extent that objectives can be achieved.

Chapter 4

Personally identifiable information

Personally identifiable information is any information that can be
linked to a specific person. Examples of PII include:

Name

Address

Phone number

Email address

Social Security number

Driver's license number

Social media handles

Bank account number

Passport number

Direct and indirect identifiers

Exists two types of PII: direct identifiers and indirect identifiers.

Direct identifiers: unique to a person and include things like a
passport number or driver\'s license number. A single direct identifier
is typically enough to determine someone\'s identity.

Indirect identifiers: not unique. They include more general personal
details like race and place of birth. A single indirect identifier
can\'t identify a person, but a combination can.

Sensitive PII versus non-sensitive PII

Among PII, some pieces of information are more sensitive than others.
Sensitive PII is sensitive information that directly identifies an
individual and could cause significant harm if leaked or stolen.
Examples of sensitive PII include:

Unique identification numbers, such as driver\'s license numbers,
passport numbers and other government-issued ID numbers.

Biometric data, such as fingerprints and retinal scans.

Financial information, including bank account numbers and credit card
numbers.

Medical records.

Sensitive PII is typically not publicly available, and most existing
data privacy laws require organizations to safeguard it by encrypting
it, controlling who accesses it or taking other cybersecurity measures.

Non-sensitive PII is personal data that, in isolation, would not cause
significant harm to a person if leaked or stolen. It may or may not be
unique to a person. For example, a malicious actor couldn\'t commit
identity theft armed with only a social media account name. Other
examples of non-sensitive PII include:

A person\'s full name

Mother\'s maiden name

Telephone number

IP address

Place of birth

Date of birth

Geographical details

Employment information

Email address or mailing address

Race or ethnicity

Religion

Non-sensitive PII is often publicly available. For example, telephone
numbers may be listed in a phonebook, and addresses may be listed in a
local government\'s public property records. Some data privacy
regulations don\'t require the protection of non-sensitive PII, but many
companies put safeguards in place anyway. That\'s because criminals
could cause trouble by assembling multiple pieces of non-sensitive PII.

For example, a hacker could break into someone\'s bank account app
with their phone number, email address and mother\'s maiden name. The
email gives them a username. Spoofing the phone number allows the
hackers to receive a verification code. The mother\'s maiden name
provides an answer to the security question.

How should organizations protect PII?

1\. Identify all PII in the organization\'s systems.

2.Minimize the collection and use of PII, and regularly dispose of any
PII no

longer needed.

3.Categorize PII according to sensitivity level.

4\. Apply data security controls.

Data security measures:

Apply de-identification techniques

Train employees on how to properly handle and dispose of PII

Use anonymized data when possible

Draft an incident response plan for PII leaks and breaches

Create cybersecurity tools

De-Identifying a Dataset

The Importance of De-Identifying a Dataset

When non-identifiable information is linked to PII in a dataset, an
individual's privacy is lost. It's of the utmost importance that consent
is given before any PII is collected or made public. To protect privacy,
one tactic is to de-identify data, or remove all PII from a dataset.

For example, if a company is tracking spending habits across various
demographics, it needs to remove customers' names, contact information,
address, and credit card details, leaving only their demographics (for
instance, age and gender) and purchase history. This ensures that the
company can still analyze variables of interest without putting
customers' privacy at risk.

The process of de-identification requires you to critically think about
connections

that can be made through data so it's truly de-identified.

De-Identification Techniques

Suppression: Removing data (e.g., from a cell or row in a table, or data
element(s) in a record) prior to dissemination to prevent the
identification of individuals in small groups or those with unique
characteristics.

![A close-up of a sign Description automatically
generated](media/image6.png)

Generalization: collecting or reporting values in a given range (e.g.,
using age or age-range instead of date of birth); including individual
data as a member of a set (e.g., creating categories that incorporate
unique cases); or reporting rounded values instead of exact amounts.

Perturbation: replacing sensitive info with realistic but inauthentic
data or modifying original data based on predetermined masking rules
(which may include randomization).


Pseudonymization: replacing a real name with a made up name or a real
value with a

made-up value.

Aggregation: combining individual subject data with a sufficient number
of other subjects to disguise the attributes of a single subject (e.g.,
reporting a group average instead of an individual value).

![A table with numbers and a green arrow Description automatically
generated](media/image10.png)

Pixelation: modifying or obscuring visual information (e.g., blurring
out faces in a photograph).

A collage of a person\'s face Description automatically generated

Scrambling/Encryption: data are algorithmically scrambled and only those
with access to the appropriate key can view the encrypted data.

![A screenshot of a computer Description automatically
generated](media/image12.png)

Differential Privacy: a privacy-preserving technique that conceals
individual data points in a dataset by adding controlled random noise,
aiming to provide sanitized responses to data requests while balancing
privacy protection and data utility.

Differential privacy is a state-of-the-art definition of privacy used
when analyzing large data sets. It guarantees that adversaries cannot
discover an individual within the protected data set by comparing the
data with other data sets.

A diagram of a different privacy system Description automatically
generated

Differential privacy adds noise (i.e., small random changes) to the data
or analysis results, so that even if an attacker gains access to the
data set or results, they cannot accurately identify whether or not a
specific person is included in the dataset.

Re-identification

Re-identification is the process of combining two or more datasets to
reveal identities, and it presents a significant threat to privacy.

"If somebody takes a dataset that's supposed to be anonymous and
re-identifies the people in it, all kinds of harm can happen."

Example:Netflix Competition

In 2006, Netflix launched a very famous competition, where they shared
data of approximately 100 million individual movie ratings and the date
of the individual ratings for roughly 500,000 users. All other data of
the user was anonymized and reduced to a unique numeric ID, used only to
know which ratings belonged to the same user. The competition was aimed
at letting the public experiment with new techniques and find a
recommendation algorithm that beat what Netflix had at the time by a 10%
accuracy gain. The prize was set at U\$D 1,000,000.

Netflix had been very careful not to add any data that could identify a
user, like zip- code, birthdate, and of course name, personal IDs, etc.
Nevertheless, only a couple of weeks after the release, a PhD student
announced that they had been able to connect many of the unique IDs in
the Netflix dataset to real people, by cross referencing another
publicly available dataset: the movie ratings in the IMDB site,

where many users post publicly with their own names. This ended up with
a big lawsuit and with the competition canceled.

Chapter 5

Cybercrime and Cybersecurity

Cybercrime

While there is no universally accepted definition of cybercrime, it is
essentially an act using information technology to perpetrate or
facilitate a crime. Specifically, in its glossary, the International
Organisation for Standardisation (ISO) defines cybercrime as \'the
commission of criminal acts in cyberspace\'. More informally, it is
understood as the use or exploitation of information and communication
technology (ICT) and/or the internet to commit crime. It may be argued
that cybercrime is not a new crime; it is merely a new way of
perpetrating crime in general.

Where once criminals stole from banks, post offices and individuals in
face-to- face encounters, criminals now use electronic means and have
often escaped before it is realised that a crime has been committed.

According to estimates from Statista's Market Insights, the global cost
of cybercrime is expected to surge in the next four years, rising from
\$9.22 trillion in 2024 to \$13.82

trillion by 2028.

Cybercrime Categories

Cyber-dependent crimes: any crime that can only be committed using
computers, computer networks or other forms of information communication
technology. Such crimes target ICT systems and are typified by hacking,
and malware including ransomware.

Cyber-enabled crimes: traditional crimes facilitated by the internet
and digital technologies. They have evolved in scale and form through
the increased use of the internet and communication technology and
include fraud through phishing, piracy and counterfeiting.

Cybercrime Forms

Phishing: This type of crime involves the perpetrators sending
malicious email attachments or links to an individual in order to gain
access to their accounts or computer. Users are tricked into reacting to
emails claiming to be from a bona-fide business or organization
informing them that they need to change their password or update their
billing information, giving criminals access to their accounts and their
funds

Phishing is popular among cybercriminals and highly effective. According
to IBM\'s Cost of a Data Breach report, phishing is the most common data
breach vector, accounting for 15% of all breaches. Breaches caused by
phishing cost organizations an average of USD 4.88 million.

Types of Phishing:

Bulk email phishing: scammers indiscriminately send spam emails to as
many people as possible, hoping that a fraction of the targets fall for
the attack. Scammers often create emails that appear to come from large,
legitimate businesses, such as banks, online retailers or the makers of
popular apps

SMS phishing/smishing: uses fake text messages to trick targets.
Scammers commonly pose as the victim\'s wireless provider, sending a
text that offers a \"free gift\" or asks the user to update their credit
card information.

Voice phishing/vishing: is phishing by phone call. Vishing incidents
have exploded in recent years, increasing by 260% between 2022 and 2023.
The rise of vishing is partly due to the availability of voice over IP
(VoIP) technology\*, which scammers can use to make millions of
automated vishing calls per day.

Scammers often use caller ID spoofing to make their calls appear to come
from legitimate organizations or local phone numbers. Vishing calls
typically scare recipients with warnings of credit card processing
problems, overdue payments or trouble with the law. Recipients end up
providing sensitive data or money to the cybercriminals to \"resolve\"
their issues.

Spear phishing: is a targeted phishing attack on a specific individual.
The target is usually someone with privileged access to sensitive data
or special authority that the scammer can exploit, such as a finance
manager who can move money from company accounts.

A spear phisher studies their target to gather the information they need
to pose as someone the target trusts, such as a friend, boss, coworker,
vendor or financial institution. Social media and professional
networking sites---where people publicly congratulate coworkers, endorse
vendors and tend to overshare---are rich sources of information for
spear phishing research. Spear phishers use their research to craft
messages that contain specific personal

details, making them seem highly credible to the target. For example, a
spear phisher might pose as the target\'s boss and send an email that
reads: \"I know you\'re leaving tonight for vacation, but can you please
pay this invoice before the close of business today?\"

Business email compromise (BEC): is a class of spear phishing attacks
that attempt to steal money or valuable information---for example, trade
secrets, customer data or financial information---from a business or
other organization. BEC attacks can take several forms. Two of the most
common include:

-CEO fraud: The scammer impersonates a C-level executive, often by
hijacking the executive\'s email account. The scammer sends a message to
a lower-level employee instructing them to transfer funds to a
fraudulent account, make a purchase from a fraudulent vendor or send
files to an unauthorized party.

-Email account compromise (EAC): The scammer compromises a lower-level
employee\'s email account, such as the account of a manager in finance,
sales or research and development. The scammer uses the account to send
fraudulent invoices to vendors, instruct other employees to make
fraudulent payments or request access to confidential data.

Cybercrime Forms

Malware: malicious software that \'infects' systems and individual
devices which either damage or gain access to computers or networks with
criminal intent. Malware is usually spread through emails and
untrustworthy websites, or hidden in other files such as documents or
images. It will spread when opened, which allows the malware to install
itself. The intent behind the distribution of malware is to gain control
over a system or device and to steal information or data.

Ransomware: Ransomware is the crime that regularly hits the headlines.
It is a form of malware employed by criminals, which usually takes
control of a system or network, preventing users from accessing their
records. The criminal will then either continue to lock the files until
the payment of a ransom is made, or threaten to release the data, often
confidential, unless payment is made.

Worm: are designed to cause damage and disruption by infecting systems,
corrupting files, and spreading rapidly. But unlike viruses, which
require a host file or program to activate and self-replicate, worms are
self-sufficient. In other words, worms self-replicate without needing
external input like a host file or program, making them a particularly
sophisticated and dangerous cyberthreat.

Stuxnet is a computer worm that was designed and deployed to attack
nuclear facilities. Arguably the world's first cyberweapon that impacted
physical infrastructure, Stuxnet targeted Iranian nuclear centrifuges,
damaging and destroying critical military capabilities, and causing
major disruption to Iran's nuclear program. Stuxnet malware spread
rapidly, making use of previously unknown zero-day vulnerabilities\* in
the Windows operating system to jump from computer to computer. But the
computers infected in the 2010 Stuxnet zero-day attack were not the
final target of the worm--- they were simply the vehicles for getting at
the hardware they controlled.

\*Zero-day vulnerabilities are security flaws in software that are
unknown to the manufacturer and therefore do not have a patch or
security update available. These vulnerabilities are called 'zero-day'
because developers have zero days to fix the flaw before it can be
exploited by attackers

Social Engineering

The act of deceiving or manipulating individuals into providing
confidential or personal information that is subsequently used to carry
out a fraudulent activity. The criminal will

employ tactics that gain the trust of the victim and exploit common
actions of human behaviour. Phishing is a form of social engineering.

Cybersecurity

Cybersecurity refers to any technologies, practices and policies for
preventing cyberattacks or mitigating their impact. Cybersecurity aims
to protect computer systems, applications, devices, data, financial
assets and people against ransomware and other malware, phishing scams,
data theft and other cyberthreats.

Implementing effective cybersecurity measures is particularly
challenging today because there are more devices than people, and
attackers are becoming more innovative.

Why is cybersecurity important?

In today's connected world, everyone benefits from advanced
cyberdefense programs. At an individual level, a cybersecurity attack
can result in everything from identity theft, to extortion attempts, to
the loss of important data like family photos. Everyone relies on
critical infrastructure like power plants, hospitals, and financial
service companies. Securing these and other organizations is essential
to keeping our society functioning.

Everyone also benefits from the work of cyberthreat researchers, like
the team of 250 threat researchers at Talos, who investigate new and
emerging threats and cyber attack strategies. They reveal new
vulnerabilities, educate the public on the importance of cybersecurity,
and strengthen open source tools. Their work makes the Internet safer
for everyone.

![A screenshot of a computer Description automatically
generated](media/image14.png)

Cybersecurity challenges

The pervasive adoption of cloud computing can increase network
management complexity and raise the risk of cloud misconfigurations,
improperly secured APIs and other avenues hackers can exploit.

More remote work, hybrid work and bring-your-own-device (BYOD)
policies mean more connections, devices, applications and data for
security teams to protect.

Proliferating Internet of Things (IoT) and connected devices, many of
which are unsecured or improperly secured by default, can be easily
hijacked by bad actors.

The rise of artificial intelligence (AI), and of generative AI in
particular, presents an entirely new threat landscape that hackers are
already exploiting through prompt injection and other techniques.
According to recent research from the IBM® Institute for Business Value,
only 24% of generative AI initiatives are secured.

Security operations center (SOC)

An in-house or outsourced team of IT security professionals dedicated
to monitoring an organization's entire IT infrastructure 24x7. Its
mission is to detect, analyze and respond to security incidents in
real-time. This orchestration of cybersecurity functions allows the SOC
team to maintain vigilance over the organization's networks, systems and
applications and ensures a proactive defense posture against cyber
threats.

The SOC also selects, operates and maintains the organization\'s
cybersecurity technologies and continually analyzes threat data to find
ways to improve the organization\'s security posture.

SOC activities and responsibilities fall into three general categories.

Preparation, planning and prevention: activities comprise an
exhaustive inventory of what needs to be protected and the existing
tools for protection, creation of incident response plan, maintenance of
protection software and regular tests

Monitoring, detection and response: activities comprise monitoring of
the entire IT structure, collection and analysis of log data in every
event, threat detection, incidente response (shutting dowm, delete
files, run antivírus,isolate, investigate)

Recovery, refinement and compliance: activities comprise impact
assessment, knowledge collection, assure compliance with law
(GDPR,CCPA,etc)

Penetration Testing

A penetration test, or \"pen test,\" is a security test that launches a
mock cyberattack to find vulnerabilities in a computer system. Before a
pen test begins, the testing team and the company set a scope for the
test. The scope outlines which systems will be tested, when the testing
will happen, and the methods pen testers can use. The scope also
determines how much information the pen testers will have ahead of time:

In a black-box test, pen testers have no information about the target
system. They must rely on their own research to develop an attack plan,
as a real-world hacker would.

In a white-box test, pen testers have total transparency into the
target system. The company shares details like network diagrams, source
codes, credentials, and more.

In a gray-box test, pen testers get some information but not much. For
example, the company might share IP ranges for network devices, but the
pen testers have to probe those IP ranges for vulnerabilities on their
own.

At the end of the simulated attack, pen testers clean up any traces
they\'ve left behind, like back door trojans they planted or
configurations they changed. That way, real-world hackers can\'t use the
pen testers\' exploits to breach the network.

Then, the pen testers prepare a report on the attack. The report
typically outlines vulnerabilities that they found, exploits they used,
details on how they avoided security features, and descriptions of what
they did while inside the system. The report may also include specific
recommendations on vulnerability remediation. The in-house security team
can use this information to strengthen defenses against real-world
attacks.

Red Team vs Blue Team

Red team is "a group of people authorized and organized to emulate a
potential adversary's attack or exploitation capabilities against an
enterprise's security posture."

The red team plays the part of the attacker or competitor with the
intention of identifying vulnerabilities in a system.

Blue team is "the group responsible for defending an enterprise's use of
information systems by maintaining its security posture against a group
of mock attackers.

" If the red team is playing offense, the blue team is playing defense
to protect an

organization's critical assets.

Purple teams are not actually teams at all, but rather a cooperative
mindset that exists between red teamers and blue teamers. While both red
team and blue team members work to improve their organization's
security, they don't always share their insights with one another. The
role of the purple team is to encourage efficient communication and
collaboration between the two teams to allow for the continuous

improvement of both teams and the organization's cybersecurity.

A close-up of a document Description automatically generated

CIRT vs SOC

CSIRTs are typically activated in response to an incident rather than
monitoring threats around the clock.

Proactivity vs. Reactivity: SOCs are proactive, continuously
monitoring and preventing threats, while CSIRTs are reactive, focusing
on responding to incidents after they occur.

Scope of Work: SOCs have a broader scope, encompassing overall

cybersecurity, whereas CSIRTs have a narrower focus on incident
response.

Operational Model: SOCs operate continuously, while CSIRTs are
typically

activated in response to specific incidents

Chapter 6

Bias and discrimination, transparency and explainability in AI

Dilemmas in AI

Nowadays, AI has a huge impact in how society and organizations
operate. It has been used in almost every industry ranging from health
care, banking, retail, to manufacturing. Although it represents a
improvement in many areas, improving efficiency, bringing down costs,
and accelerating research and development it may also raise some
concerns.

These concerns may be related to:

-Biased and discriminatory results

-Explainability and transparency

Bias and discrimination in AI

In your favourite search engine and on the images tab:

Type "greatest leaders of all time" → count the number of woman vs man

Type "CEO" → count the number of woman vs man

Type "school boy" → children

Type "school girl" → sexualized content

A search engine can become an echo chamber that upholds biases of the
real world and

further entrenches these prejudices and stereotypes online

Examples of AI bias in the real world show us that when discriminatory
data and

algorithms are baked into AI models, the models deploy biases at scale
and amplify the resulting negative effects.

What is bias in artificial intelligence?

AI bias, also referred to as machine learning bias or algorithm bias,
refers to AI systems that produce biased results that reflect and
perpetuate human biases within a society, including historical and
current social inequality. Bias can be found in the initial training
data, the algorithm, or the predictions the algorithm produces.

When bias goes unaddressed, it hinders people's ability to participate
in the economy and society. It also reduces AI's potential. Businesses
cannot benefit from systems that produce distorted results and foster
mistrust among people of color, women, people with disabilities, the
LGBTQ community, or other marginalized groups of people.

Real examples of bias in AI

In healthcare, underrepresenting data of women or minority groups can
skew predictive AI algorithms. For example, computer-aided diagnosis
(CAD) systems have been found to return lower accuracy results for
African-American patients than white patients.

While AI tools can streamline the automation of resume scanning during a
search to help identify ideal candidates, the information requested and
answers screened out can result in disproportionate outcomes across
groups. For example, if a job ad uses the word "ninja," it might attract
more men than women, even though that is in no way a job requirement.

As a test of image generation, Bloomberg requested more than 5,000 AI
images be created and found that, "The world according to Stable
Diffusion is run by white male CEOs. Women are rarely doctors, lawyers
or judges. Men with dark skin commit crimes, while women with dark skin
flip burgers.

Ver slides

Bias and discrimination in AI

Stages where bias can occur

Bias can occur in various stages of the AI pipeline:

Data Collection: Bias often originates here. The AI algorithm might
produce biased outputs if the data is not diverse or representative
(e.g., gender or racial imbalance).

Model Training: A critical phase; if the training data is not balanced
or the model architecture is not designed to handle diverse inputs, the
model may produce biased outputs (e.g. certain groups are favored due to
the way the algorithm is optimized)

Deployment: This can also introduce bias if the system is not tested
with diverse inputs or monitored for bias after deployment (e.g. when
the AI is applied in the real world, where environmental or contextual
factors can differ from the training setting).

Types of discrimination in AI:

Direct Discrimination: When the AI system directly discriminates based
on sensitive attributes like race, gender, or ethnicity (e.g., facial
recognition systems performing worse on people of color).

Indirect Discrimination: When AI uses a proxy variable that correlates
with sensitive attributes, leading to unequal outcomes even without
explicit reference to them (e.g., ZIP codes as a proxy for race in
credit scoring).

Direct Discrimination:

Hiring Algorithms: If an AI system is trained using historical hiring
data that includes explicit gender preferences (e.g., favoring male
candidates over female ones), the algorithm might directly reject women,
because it learned to do so from the biased data. This is direct
discrimination because the AI is making decisions based on a sensitive
attribute (gender) explicitly.

Facial Recognition Technology: Some AI facial recognition systems
perform worse on people with darker skin tones.

Indirect Discrimination:

In the U.S. health insurance system, scores are often used to decide who
qualifies for insurance. This scoring system might unintentionally
benefit people who already have good insurance or are wealthier. As a
result, an AI system that helps decide how hospital resources are used
could unfairly limit healthcare access, using wealth and insurance
status as indirect factors.

Another example is in diagnosing illnesses. If symptoms that are more
common in men are used as the main guide, women might not get the right
diagnosis because their symptoms may be different. Also, AI used in
diagnostic tools may work better for some racial or ethnic groups than
others, leading to unequal care in detecting and treating diseases.

Selection bias: This happens when the data used to train an AI system
is not representative of the reality it\'s meant to model. It can occur
due to various reasons, such as incomplete data, biased sampling, or
other factors that may lead to an unrepresentative dataset. If a model
is trained on a dataset that only includes male employees, for example,
it will not be able to predict female employees\' performance
accurately.

Confirmation bias: This type of bias happens when an AI system is
tuned to rely too much on pre-existing beliefs or trends in the data.
This can reinforce existing biases and fail to identify new patterns or
trends.

Measurement bias: This bias occurs when the data collected differs
systematically from the actual variables of interest. For instance, if a
model is trained to predict students\' success in an online course, but
the data collected is only from students who have completed the course,
the model may not accurately predict the performance of students who
drop out of the course.

Stereotyping bias: This happens when an AI system reinforces harmful
stereotypes. An example is when a facial recognition system is less
accurate in identifying people of color or when a language translation
system associates certain languages with certain genders or stereotypes.

Out-group homogeneity bias: When this happens, an AI system is less
capable of distinguishing between individuals who are not part of the
majority group in the training data; it\'s a form of out-group
homogeneity bias. This may result in misclassification or inaccuracy
when dealing with minority groups.

Will AI ever be unbiased?

The short answer? Yes and no.

It is possible, but it's unlikely that an entirely impartial AI will
ever exist. The reason for this is because it's unlikely that an
entirely impartial human mind will ever exist. An Artificial
Intelligence system is only as good as the quality of the data it
receives as input. Suppose you can clear your training dataset of
conscious and unconscious preconceptions about race, gender, and other
ideological notions. In that case, you will be able to create an
artificial intelligence system that makes data-driven judgments that are
impartial.

However, in the actual world, we know this is unlikely. AI is
determined by the data it's given and learns from. Humans are the ones
who generate the data that AI uses. There are many human prejudices, and
the continuous discovery of new biases increases the overall number of
biases regularly.

Examples of AI bias in the real world:

Healthcare---Underrepresented data of women or minority groups can
skew predictive AI algorithms. For example, computer-aided diagnosis
(CAD) systems have been found to return lower accuracy results for black
patients than white patients.

Applicant tracking systems---Issues with natural language processing
algorithms can produce biased results within applicant tracking systems.
For example, Amazon stopped using a hiring algorithm after finding it
favored applicants based on words

like "executed" or "captured," which were more commonly found on men's

resumes.

Online advertising---Biases in search engine ad algorithms can
reinforce job role gender bias. Independent research at Carnegie Mellon
University in Pittsburgh revealed that Google's online advertising
system displayed high-paying positions to males more often than to
women.

Image generation---Academic research found bias in the generative AI
art generation application Midjourney. When asked to create images of
people in specialized professions, it showed both younger and older
people, but the older people were always men, reinforcing gendered bias
of the role of women in the workplace.

Predictive policing tools---AI-powered predictive policing tools used
by some organizations in the criminal justice system are supposed to
identify areas where crime is likely to occur. However, they often rely
on historical arrest data, which can reinforce existing patterns of
racial profiling and disproportionate targeting of minority communities.

Strategies to Mitigate Bias and discrimination:

Diverse and Representative Data: Ensure training data reflects the
diversity of the population, including all relevant subgroups. Ensure
that all the proper checks and guardrails are in place when collecting
data. It should be done in a representative way, balanced by age,
gender, race and any other critical factor that could lead to bias.

Fairness-Aware Algorithms: Use techniques such as fairness constraints
(e.g., demographic

parity, equal opportunity) to adjust AI predictions and make them
fairer.

Regular Audits and Testing: Regularly audit AI systems for biases and
ensure that they are fair and ethical in real-world applications.
Introduce tools like Google's What-If Tool, IBM AI

Fairness 360, or Microsoft's Fairlearn, which can be used to detect and
mitigate bias in AI models

And finally, it's crucial to ensure that data and engineering teams
are themselves diverse, as this makes a variety of perspectives and
experiences available during design, development and testing.

Explainability and Transparency in AI

What is explainable AI?

Explainable artificial intelligence (XAI) is a set of processes and
methods that allows human users to comprehend and trust the results and
output created by machine learning algorithms. Is the ability to
understand and explain how an AI system or algorithm arrives at its
decisions or predictions.

What is transparency in AI?

Openness about how an AI system was developed, trained, and deployed,
including details about the data used, the design of the algorithms, and
the decision-making process.

Why its important?

Crucial for an organization in building trust and confidence when
putting AI models into production. AI explainability also helps an
organization adopt a responsible approach to AI development.

With explainable AI organizations can gain access to AI technology's
underlying decision-making and are empowered to make adjustments.
Explainable AI can improve the user experience of a product or service
by helping the end user trust that the AI is making good decisions.

Comparing AI and XAI

What exactly is the difference between "regular" AI and explainable AI?
XAI implements specific techniques and methods to ensure that each
decision made during the ML process can be traced and explained. AI, on
the other hand, often arrives at a result using an ML algorithm, but the
architects of the AI systems do not fully understand how the algorithm
reached that result. This makes it hard to check for accuracy and leads
to loss of control, accountability and auditability.

Ver slides

Transparent AI Done Badly!

OpenAI-- creators of ChatGPT and the image generation model Dall-E--
have been accused of failing to be transparent over what data is used to
train their models. This has led to lawsuits from artists and writers
claiming that their material was used without permission. However, some
believe that OpenAI's users could themselves face legal action in the
future if copyright holders are able to successfully argue that material
created with the help of OpenAI's tools also infringes their IP rights.
This example demonstrates how opacity around training data can
potentially lead to a breakdown in trust between an AI service provider

and its customers.

In banking and insurance, AI is increasingly frequently being used to
assess risk and detect fraud. If these systems aren't transparent, it
could lead to customers being refused credit, having transactions
blocked, or even facing criminal investigations, while having no way of
understanding why they have been singled out or put under suspicion.

Even more worrying is the dangers posed by non-transparency around
systems and data used in healthcare. As AI is increasingly used for
routine tasks like spotting signs of cancer in medical imagery, biased
data can lead to dangerous mistakes and worse patient outcomes. With no
measures in place to ensure transparency, biased data is less likely to
be identified and removed from systems used to train AI tools.

Chapter 7

Ethical Dilemmas in AI

Ethic and moral values in AI

The development of AI raise several ethical and moral dilemmas. These
issues are critical because AI systems are increasingly making decisions
that affect people\'s lives, raising concerns about fairness,
accountability, and the impact of technology on society.

Ver slides