Privacy Optimism

Ben Garfinkel, a research fellow at Oxford University, writes about the difference between social privacy (what your intimates and acquaintances know about you) and institutional privacy (what governments and corporations know about you):

How about the net effect of these two trends? Have the past couple hundred years of change, overall, constituted decline or progress?

. . . . .

My personal guess is that, for most people in most places, the past couple hundred years of changes in individual privacy have mainly constituted progress. I think that most people would not sacrifice their social privacy for the sake of greater institutional privacy. I think this is especially true in countries like the US, where there are both high levels of development and comparatively strong constraints on institutional behavior. I think that if we focus on just the past thirty years, which have seen the rise of the internet, the situation is somewhat more ambiguous. But I’m at least tentatively inclined to think that most people have experienced an overall gain.

The Case for Privacy Optimism

And overall he concludes that he is optimistic about privacy trends, particularly because of artificial intelligence:

The existence of MPC [Multi-Party Computation] protocols implies that, in principle, training an AI system does not require collecting or in any way accessing the data used to train it. Likewise, in principle, applying a trained AI system to an input does not require access to this input or even to the system’s output.

The implication, then, is this: Insofar as an institution can automate the tasks that its members perform by training AI systems to perform them instead, and insofar as the institution can carry out the relevant computations using MPC, then in the limit the institution does not need to collect any information about the people it serves.

This view, which of course assumes quite a bit of technology, is both plausible and consistent with a number of other researchers who view AI technology as being a potential improvement on our ability to manage human bias and privacy intrusions.

I also tend to believe the glass is half full. That’s my own bias.

AI researchers submitting to NeurIPS conference must now address ethical concerns

Khari Johnson, writing for Venture Beat:

For the first time ever, researchers who submit papers to NeurIPS, one of the biggest AI research conferences in the world, must now state the “potential broader impact of their work” on society as well as any financial conflict of interest, conference organizers told VentureBeat.

NeurIPS requires AI researchers to account for societal impact and financial conflicts of interest

NeurIPS, or the Conference on Neural Information Processing Systems, is the largest AI conference in the world.

NLP models keep getting bigger and better

Microsoft Research has trained a transformer-based generative language model with over 17 billion parameters. And it performs very well, answering many natural language questions directly:

Turing-NLG: A 17-billion-parameter language model by Microsoft

What is the right size? How much bigger can they get? We are rapidly approaching human levels of natural language performance (but not comprehension).

Summary of EARN IT Act of 2019

Senator Lindsey Graham has introduced the EARN IT Act of 2019, which would eliminate online service providers’ immunity for the actions of their users under Section 230 of the Communications Decency Act.

The Act essentially establishes a National Commission on Online Child Exploitation Prevention, tasks this commission with drafting online best practices for preventing child exploitation by users (which would presumably mean no end-to-end encryption), and eliminates Section 230 immunity unless service providers follow those best practices.

SAFE HARBOR.—Subparagraph (A) [removing immunity] shall not apply to a claim in a civil action or charge in a criminal prosecution brought against a provider of an interactive computer service if – (i) the provider has implemented reasonable measures relating to the matters described in section 4(a)(2) [referring to creation of the best practices] of the Eliminating Abusive and Rampant Neglect of Interactive Technologies Act of 2019 to prevent the use of the interactive computer service for the exploitation of minors . . . .

Page 17 of the EARN IT Act of 2019

Other sections create liability for “reckless” violations (instead of “knowing” violations), require online service providers to certify that they are complying with the created best practices, and set forth the requirements for membership in the newly created commission.

This bill comes after a hearing in December 2019 over the issue of legal access to encrypted devices. During that hearing Senator Graham warned representatives of Facebook and Apple that, “You’re gonna find a way to do this or we’re going to do it for you.”

3/15/20 Update – A revised version of the EARN IT Act, introduced on March 5, alters how so-called “best practices” are created. First, a 19-member commission comprising the Attorney General, the Secretary of Homeland Security, the Chairman of the FTC, and (to be chosen by the heads of each party in the House and Senate) four representatives from law enforcement, four from the community of child-exploitation victims, two legal experts, two technology experts, and four representatives from technology companies. The support of 14 members would be required to approve any best practices, the recommendations must be approved by the AG, Secretary of Homeland Security, and the FTC Chair, and then Congress itself must enact them.

Facial recognition tech in Moscow

First London, now Moscow.

Moscow is the latest major city to introduce live facial recognition cameras to its streets, with Mayor Sergei Sobyanin announcing that the technology is operating “on a mass scale” earlier this month, according to a report from Russian business paper Vedomosti.

. . . . .

Moscow started trialing live facial recognition in 2017, using technology from Russian firm NtechLab to scan footage from the Russian capital’s network of 160,000 CCTV cameras. The company is best known for its FindFace software, which it launched in 2016 and let users match anyone in a picture to their profile on VK, known as Russia’s Facebook.

The app was criticized by some, particularly as it was used to dox and harass sex workers, and NtechLab eventually shut it down in favor of enterprise and government work.

Moscow rolls out live facial recognition system with an app to alert police

Prediction vs thought in GPT-2

GPT-2 is a neural network model originally developed by OpenAI and based on Google’s Transformer model. It has demonstrated impressive, even fantastic performance, on a variety of language metrics. But is it in any way embodying real intelligence? The Gradient’s Gary Marcus says no.

Here’s the problem: upon careful inspection, it becomes apparent the system has no idea what it is talking about: it cannot follow simple sequence of events nor reliably have any idea what might happen next.

GPT-2 and the Nature of Intelligence

Marcus cites some impressive prediction results, such as the following where the GPT-2 predicted text follows the bolded part:

I grew up in Rome I speak fluent Italian and can use Italian throughout my notes.

I grew up in Rio de Janeiro. I speak fluent Portuguese, Spanish and many of the local languages.

I grew up in Shanghai. I speak fluent Mandarin, and I have learned a lot of Chinese, so I really don’t have any issues with learning Chinese

Nevertheless, GPT-2 is unable to follow basic causality:

Suppose for example that I ask the system what happens when I put two trophies a table and another:

I put two trophies on a table, and then add another, the total number is is five trophies and I’m like, ‘Well, I can live with that, right?

What happens if I have four plates and put one cookie on each?

I have four plates and put one cookie on each. The total number of cookies is 24, 5 as a topping and 2 as the filling

Marcus suggests that these results support the view that GPT-2 is simply very good at predicting which words will follow other words. It does not actually understand what it is predicting. And this failure to achieve any kind of understanding despite a huge training set of 40 gigabytes of text suggests that true language understanding might not be the result of empirical experience or statistics after all.

One of the most foundational claims of Chomskyan linguistics has been that sentences are represented as tree structures, and that children were born knowing (unconsciously) that sentences should be represented by means of such trees. Every linguistic class in the 1980’s and 1990s was filled with analyses of syntactic tree structures; GPT-2 has none.

. . . . .

Rather than supporting the Lockean, blank-slate view, GPT-2 appears to be an accidental counter-evidence to that view. Likewise, it doesn’t seem like great news for the symbol-free thought-vector view, either. Vector-based systems like GPT-2 can predict word categories, but they don’t really embody thoughts in a reliable enough way to be useful.

If GPT-2 is fundamentally prediction, and prediction is fundamentally not understanding, how far will this road take us? Would we ever be able to rely on a GPT-2-like model for critical tasks? It may be that common sense is always just out of reach.

Heart prints are a new biometric

While the world debates the utility and ethics of existing facial recognition technology, new biometrics are constantly being developed. They are likely to replace facial recognition in the long term.

This system, dubbed Jetson, is able to measure, from up to 200 metres away, the minute vibrations induced in clothing by someone’s heartbeat. Since hearts differ in both shape and contraction pattern, the details of heartbeats differ, too. The effect of this on the fabric of garments produces what Ideal Innovations, a firm involved in the Jetson project, calls a “heartprint”—a pattern reckoned sufficiently distinctive to confirm someone’s identity.

To measure heartprints remotely Jetson employs gadgets called laser vibrometers. These work by detecting minute variations in a laser beam that has been reflected off an object of interest. They have been used for decades to study things like bridges, aircraft bodies, warship cannons and wind turbines—searching for otherwise-invisible cracks, air pockets and other dangerous defects in materials. However, only in the past five years or so has laser vibrometry become good enough to distinguish the vibrations induced in fabric by heartprints.

People can now be identified at a distance by their heartbeat

This is astonishing technology and will surely improve. In the long term your unique identity will be readily available to anyone who cares.

London police adopt facial recognition, permanently

Adam Satariano, writing for the NYT:

The technology London plans to deploy goes beyond many of the facial recognition systems used elsewhere, which match a photo against a database to identify a person. The new systems, created by the company NEC, attempt to identify people on a police watch list in real time with security cameras, giving officers a chance to stop them in the specific location.

London Police Amp Up Surveillance With Real-Time Facial Recognition

The objections voiced in the article are about potential inaccuracies in the system. But that will change over time. I don’t see many objections over the power of the system.

As Europe considers banning facial recognition technology, and police departments everywhere look to it to improve policing and safety, this may be the technology fight of the 2020’s.

Prediction: security wins over privacy.

German Data Ethics Commission insists AI regulation is necessary

The German Data Ethics Commission issued a 240-page report with 75 recommendations for regulating data, algorithmic systems, and AI. It is one of the strongest views on ethical AI to date and favors explicit regulation.

The Data Ethics Commission holds the view that regulation is necessary, and cannot be replaced by ethical principles.

Opinion of the Data Ethics Commission – Executive Summary at 7 (emphasis original).

The report divides ethical considerations into concerns about either data or algorithmic systems. For data, the report suggests that rights associated with the data will play a significant role in the ethical landscape. For example, ensuring that individuals provide informed consent for use of their personal data addresses a number of significant ethical issues.

For algorithmic systems, however, the report suggests that the AI systems might have no connection to the affected individuals. As a result, even non-personal data for which there are no associated rights could be used in an unethical manner. The report concludes that regulation is necessary to the extent there is a potential for harm.

The report identifies five levels of algorithmic system criticality. Applications with zero or negligible potential for harm would face no regulation. The regulatory burden would increase as the potential for harm increases, up to a total ban. For applications with serious potential for harm, the report recommends constant oversight.

The framework appears to be a good candidate for future ethical AI regulation in Europe, and perhaps (by default) the world.

White House Releases AI Principles

The White House has released draft “guidance for regulation of artificial intelligence applications.” The memo states that “Federal agencies must avoid regulatory or non-regulatory actions that needlessly hamper AI innovation and growth.”

Agencies should consider new regulation only after they have reached the decision . . . that Federal regulation is necessary.

Nevertheless, the memo enumerates ten principles that agencies should take into account should they ultimately take action that impacts AI:

  1. Public Trust in AI. Don’t undermine it by allowing AI’s to pose risks to privacy, individual rights, autonomy, and civil liberties.
  2. Public Participation. Don’t block public participation in the rule making process.
  3. Scientific Integrity and Information Quality. Use scientific principles.
  4. Risk Assessment and Management. Use risk management principles.
  5. Benefits and Costs.
  6. Flexibility. Be flexible and ensure American companies are not disadvantaged by the United States’ regulatory regime.
  7. Fairness and Non-Discrimination.
  8. Disclosure and Transparency.
  9. Safety and Security.
  10. Interagency Coordination. Agencies should coordinate.

Overall, the memo is a long-winded directive that agencies should not regulate, but if for some reason they feel they have to, they should consider the same basic principles that everyone else is listing about AI concerns: safety, security, transparency, fairness.