Tagiot

Trust Indicators for Emerging Technologies

T

For the Trustable Technology Mark, we identified 5 dimensions that indicate trustworthiness. Let’s call them trust indicators:

  • Privacy & Data Practices: Does it respect users’ privacy and protect their data rights?
  • Transparency: Is it clear to users what the device and the underlying services do and are capable of doing?
  • Security: Is the device secure and safe to use? Are there safeguards against data leaks and the like?
  • Stability: How long a life cycle can users expect from the device, and how robust are the underlying services? Will it continue to work if the company gets acquired, goes belly-up, or stops maintenance?
  • Openness: Is it built on open source or around open data, and/or contributes to open source or open data? (Note: We treat Openness not as a requirement for consumer IoT but as an enabler of trustworthiness.)

Now these 5 trust indicators—and the questions we use in the Trustable Technology Mark to assess them—are designed for the context of consumer products. Think smart home devices, fitness trackers, connected speakers or light bulbs. They work pretty well for that context.

Over the last few months, it has become clear that there’s demand for similar trust indicators for areas other than consumer products like smart cities, artificial intelligence, and other areas of emerging technology.

I’ve been invited to a number of workshops and meetings exploring those areas, often in the context of policy making. So I want to share some early thoughts on how we might be able to translate these trust indicators from a consumer product context to these other areas. Please note that the devil is in the detail: This is early stage thinking, and the real work begins at the stage where the assessment questions and mechanisms are defined.

The main difference between consumer context and publicly deployed technology—infrastructure!—means that we need to focus even most strongly on safeguards, inclusion, and resilience. If consumer goods stop working, there’s real damage, like lost income and the like, but in the bigger picture, failing consumer goods are mostly a quality of life issue; and in the case of consumer IoT space, mostly for the affluent. (Meaning that if we’re talking about failure to operate rather than data leaks, the damage has a high likelihood of being relatively harmless.)

For publicly deployed infrastructure, we are looking at a very different picture with vastly different threat models and potential damage. Infrastructure that not everybody can rely on—equally, and all the time—would not just be annoying, it might be critical.

After dozens of conversations with people in this space, and based on the research I’ve been doing both for the Trustable Technology Mark and my other work with both ThingsCon and The Waving Cat, here’s a snapshot of my current thinking. This is explicitly intended to start a debate that can inform policy decisions for a wide range of areas where emerging technologies might play a role:

  • Privacy & Data Practices: Privacy and good data protection practices are as essential in public space as in the consumer space, even though the implications and tradeoffs might be different ones.
  • Transparency & Accountability: Transparency is maybe even more relevant in this context, and I propose adding Accountability as an equally important aspect. This holds especially true where commercial enterprises install and possibly maintain large scale networked public infrastructure, like in the context of smart cities.
  • Security: Just as important, if not more so.
  • Resilience: Especially for smart cities (but I imagine the same holds true for other areas), we should optimize for Resilience. Smart city systems need to work, even if parts fail. Decentralization, openness, interoperability and participatory processes are all strategies that can increase Resilience.
  • Openness: Unlike in the consumer space, I consider openness (open source, open data, open access) essential in networked public infrastructure—especially smart city technology. This is also a foundational building block for civic tech initiatives to be effective.

There are inherent conflicts and tradeoffs between these trust indicators. But **if we take them as guiding principles to discuss concrete issues in their real contexts, I believe they can be a solid starting point. **

I’ll keep thinking about this, and might adjust this over time. In the meantime, I’m keen to hear what you think. If you have thoughts to share, drop me a line or hit me up on Twitter.

Monthnotes for October 2018

M

This month: Mozfest, a Digital Rights Cities Coalition, Trustable Technology Mark updates, ThingsCon Rotterdam.

If you’d like to work with me in the upcoming months, I have very limited availability but am always happy to have a chat. I’m currently doing the planning for Q2 2019.

Mozfest

Mozfest came and went, and was lovely as always. It was the 9th Mozfest, 8 or so of which I participated in — all the way back to the proto (or prototyping?) Mozfest event called Drumbeat in Barcelona in, what, 2010? But no time for nostalgia, it was bustling as always. The two things that were different for me that one, I participated as a Mozilla Fellow, which means a different quality of engagement and two, M and I brought the little one, so we had a toddler in tow. Which I’m delighted to say worked a charm!

A Digital Rights Cities Coalition

At Mozfest, the smart and ever lovely Meghan McDermott (see her Mozilla Fellows profile here) hosted a small invite-only workshop to formalize a Digital Rights Cities Coalition — a coalition of cities and civil society to protect, foster, promote digital rights in cities. I was both delighted and honored to be part of this space, and we’ll continue working together on related issues. The hope is that my work with ThingsCon and the Trustable Technology Mark can inform and contribute value to that conversation.

Trustable Technology Mark

The Trustable Technology Mark is hurtling towards the official launch at a good clip. After last month’s workshop weekend at Casa Jasmina, I just hosted a Trustmark session at Mozfest. It was a good opportunity to have new folks take a look at the concept with fresh eyes. I’m happy to report that I walked away with some new contacts and leads, some solid feedback, and an overall sense that at least for the obvious points of potential criticism that present themselves at first glance there are solid answers now as to why this way and not that, etc etc.

Courtesy Dietrich, a photo of me just before kicking off the session wearing a neighboring privacy booth’s stick-on mustache.

Also, more policy and academic partners signing on, which is a great sign, and more leads to companies coming in who want to apply for the Trustmark.

Next steps for the coming weeks: Finalize and freeze the assessment form, launch a website, line up more academic and commercial partners, reach out to other initiatives in the space, finalize trademarks (all ongoing), reach out to press, plan launch (starting to prep these two).

The current assessment form asks a total of 48 questions over 5 dimensions, with a total of 29 required YES’s. Here’s the most up-to-date presentation:


ThingsCon Rotterdam

Our annual ThingsCon conference is coming up: Join us in Rotterdam Dec 6-7!

Early bird is just about to end (?), and we’re about to finalize the program. It’s going to be an absolute blast. I’ll arrive happily (if probably somewhat bleary eyed after a 4am start that day) in Rotterdam to talk Trustable Technology and ethical tech, we’ll have a Trustmark launch party of some sort, we’ll launch a new website (before or right there and then), and we’ve been lining up a group of speakers so amazing I’m humbled even just listing it:

Alexandra Deschamps-Sonsino, Cennydd Bowles, Eric Bezzem, Laura James, Lorenzo Romanoli, Nathalie Kane, Peter Bihr, Afzal Mangal, Albrecht Kurze, Andrea Krajewski, Anthony Liekens, Chris Adams, Danielle Roberts, Dries De Roeck, Elisa Giaccardi, Ellis Bartholomeus, Gaspard Bos, Gerd Kortuem, Holly Robbins, Isabel Ordonez, Kars Alfrink, Klaas Kuitenbrouwer, Janjoost Jullens, Ko Nakatsu, Leonardo Amico, Maaike Harbers, Maria Luce Lupetti, Martijn de Waal, Martina Huynh, Max Krüger, Nazli Cila, Pieter Diepenmaat, Ron Evans, Sami Niemelä, Simon Höher, Sjef van Gaalen.

That’s only the beginning!

Here’s part of the official blurb, and more soon on thingscon.com and thingscon.nl/conference-2018

Now, 5 years into ThingsCon, the need for responsible technology has entered the mainstream debate. We need ethical technology, but how? With the lines between IoT, AI, machine learning and algorithmic decision-making increasingly blurring it’s time to offer better approaches to the challenges of the 21st century: Don’t complain, suggest what’s better! In this spirit, going forward we will focus on exploring how connected devices can be made better, more responsible and more respectful of fundamental human rights. At ThingsCon, we gather the finest practitioners; thinkers & tinkerers, thought leaders & researchers, designers & developers to discuss and show how we can make IoT work for everyone rather than a few, and build trustable and responsible connected technology.

Media, etc.

In the UK magazine NET I wrote an op-ed about Restoring Trust in Emerging Tech. It’s in the November 2018 issue, out now – alas, I believe, print only.

Reminder: Our annual ThingsCon report The State of Responsible IoT is out.

What’s next?

Trips to Brussels, Rotterdam, NYC to discuss a European digital agenda, launch a Trustmark, co-host ThingsCon, translate Trustmark principles for the smart city context, prep a US-based ThingsCon conference.

If you’d like to work with me in the upcoming months, I have very limited availability but am always happy to have a chat. I’m currently doing the planning for Q2 2019.

Yours truly, P.

New ThingsCon Report: The State of Responsible IoT 2018

N

State of Responsible IoT 2018 header

A quick cross-post from the ThingsCon blog about a report we’ve been working on and that we just pushed online: The State of Responsible IoT 2018

A lot has happened since we published the first ThingsCon State of Responsible IoT report in 2017: Responsibility and ethics in tech have begun to enter mainstream conversations, and these conversations are having an effect. The media, tech companies, and policy makers all are rethinking the effect of technology on society.

The lines between the Internet of Things (IoT), algorithmic decision-making, Artificial Intelligence/Machine Learning (AI/ML), and data-driven services are all ever-more blurry. We can’t discuss one without considering the others. That’s not a bad thing, it just adds complexity. The 21st century one for black and white thinking: It’s messy, complex, quickly evolving, and a time where simple answers won’t do.

It is all the more important to consider the implications, to make sure that all the new data-driven systems we’ll see deployed across our physical and digital environments work well—not just for the users but for all who are impacted.

Things have evolved and matured in big strides since our last State of Responsible IoT. This year’s report reflects that evolution, as well as the enormous breadth and depth of the debate. We couldn’t be happier with the result.

Some background as well as all the relevant links are available at thingscon.com/responsible-iot-report/ or using the short URL bit.ly/riot-report. The publication is available on Medium and as a PDF export.

This text is meant for sharing. The report is published by ThingsCon e.V. and licensed under Creative Commons (attribution/non-commercial/share-alike: CC BY-NC-SA). Images are provided by the author and used with permission. All rights lie with the individual authors. Please reference the author(s) when referencing any part of this report.

“The world doesn’t know where it wants to go”

&

Image: Compass by Valentin Antonucci (Unsplash) Image: Compass by Valentin Antonucci (Unsplash)

One of the joys of my working at the intersection of emerging tech and its impact is that I get to discuss things that are by definition cutting edge with people from entirely different backgrounds—like recently with my dad. He’s 77 years old and has a background in business, not tech.

We chatted about IoT, and voice-enabled connected devices, and the tradeoffs they bring between convenience and privacy. How significant chunks of the internet of things are optimized for costs at the expense of privacy and security. How IoT is, by and large, a network of black boxes.

When I tried to explain why I think we need a trustmark for IoT (which I’m building with ThingsCon and as a Mozilla fellow)—especially regarding voice-enabled IoT—he listened intently, thought about it for a moment, and then said:

“We’re at a point in time where the world doesn’t know where it wants to go.”

And somehow that exactly sums it up, ever so much more eloquently than I could have phrased it.

Only I’m thinking: Even though I can’t tell where the world should be going, I think I know where to plant our first step—and that is, towards a more transparent and trustworthy IoT. I hope the trustmark can be our compass.

Monthnotes for May 2018

M

Trustmark

What’s been happening in the world of the ThingsCon trustmark for IoT?

  • As the concept evolves, I’ve updated the trustmark deck that explains a current snapshot of my thinking and published a first (prototype/draft stage) checklist for the assessment that’s open for comments in this gDoc.
  • As part of some prep work for Dundee Design Festival with fellow Mozfellow Jon Rogers and the Open IoT Studio, I had the opportunity to spend a couple days working with Pete Thomas on the design aspects of the trustmark (visuals, naming, etc.).
  • Speaking of collaborators, I also had the chance to chat with a whole bunch of organizations in the same space to see if and how we can work together, including Ranking Digital Rights, The Digital Standard, Doteveryone, #iotmark, Consumer Reports, and the University of Dresden. More on that soon.
  • And on a more hands-on note, I got a Google AIY Voice kit and a Snips.ai kit and started playing with them.
  • We’re planning a ThingsCon Salon Berlin with a focus on the trustmark, with legal super star Jason Schultz (NYU) in mid-July. Thingscon.com/events has all up-to-date details once it’s all confirmed.
  • Got interviewed about IoT, ownership & trust, and of course the trustmark, once more—and for one of my favorite mags, no less. Exciting! I’ll share the link once it’s available.

All of this and some more is also available over on the ThingsCon blog (category: trustmark)!

Designing IoT

We had a super interesting workshop in Antwerp around IoT and ideation tool kits with designer and PhD researcher Dries de Roeck, who also hosted a ThingsCon Salon in Antwerp the evening before. So that was awesome. Thanks Dries!

What’s next?

NYC then Toronto in June for conferences and meetings. Then a family vacation break after that.

If you’d like to work with me in the upcoming months, I have very limited availability but happy to have a chat.

Have a great June!

A Trustmark for IoT: Some updates

A

Just for the record, a few quick updates regarding my work on a trustmark for IoT.

Last year I did some research with the ThingsCon network and Mozilla about the potential of a trustmark for IoT. (Learn more about my report “A Trustmark for IoT”.) This year, we want to turn this research into action.

This is work that I’ll be doing under the ThingsCon umbrella with support from Mozilla Foundation—as of March 2018 I’m a Mozilla Fellow. (Read the ThingsCon announcement about the fellowship.) It’s an inherent part of this project to work as much in the open as possible. With this constellation in mind, the project documentation won’t happen primarily here at this blog and instead in the following places:

Also, I’m happy to report that the initiative is already getting quite a bit of attention, including an interview with the Wall Street Journal for their cybersecurity newsletter (paywall), and a mention in Mozilla’s Internet Health Report 2018. (See the media mentions round-up on the ThingsCon blog.)

Full disclosure: My partner works for Mozilla.