- Ethical Risk Assessment for Social Robots: Case Studies in Smart Robot ToysWinfield, Alan F. T.; van Maris, Anouk; Winkle, Katie; Jirotka, Marina; Salvini, Pericle; Webb, Helena; Schuler Scott, Arianna; Freeman, Jaimie Lee; Kunze, Lars; Slovak, Petr; Theofanopoulou, Nikki (Springer, 2022)Risk Assessment is a well known and powerful method for discovering and mitigating risks, and hence improving safety. Ethical Risk Assessment uses the same approach, but extends the scope of risk to cover ethical risks in addition to safety risks. In this paper we outline Ethical Risk Assessment (ERA), and set ERA within the broader framework of Responsible Robotics. We then illustrate ERA, first with a hypothetical smart robot teddy bear (RoboTed), and later with an actual smart robot toy (Purrble). Through these two case studies this paper demonstrates the value of ERA and how consideration of ethical risks can prompt design changes, resulting in more ethical and sustainable robots.
- Emerging Cybersecurity Capability Gaps in the Industrial Internet of Things: Overview and Research Agenda IIoT Capability GapsAxon, Louise; Fletcher, Katherine; Schuler Scott, Arianna; Stolz, Marcel; Hannigan, Robert; Kaafarani, Ali El; Goldsmith, Michael; Creese, Sadie (ACM, 2022-03)Internet of Things (IoT)-enabled devices are becoming integrated into a significant and increasing proportion of critical infrastructures, changing the cybersecurity-risk landscape. Risk is being introduced to industry sectors such as transport, energy and manufacturing, with new attack surfaces exposed and potential for increased harm. Furthermore, risk and harm arising in the Industrial IoT (IIoT) could propagate across interconnected organisations and sectors, resulting in systemic risk. Aspects of this changing risk landscape are not addressed by current cybersecurity approaches, leaving cybersecurity-capability gaps. In this paper, we show how current and emerging cybersecurity needs in the IIoT align with a key industry cybersecurity standard, the NIST Cyber Security Framework. The key capability gaps emerging in the IIoT are identified based on our findings from a series of workshops with over 100 expert participants. We present a comprehensive research agenda to enable researchers to prioritise research focus to address these gaps; this research agenda covers the full lifecycle of IIoT development (design, implementation, use and decommission). Further, we conclude that there is a significant gap in understanding of the nature of systemic risk, which should be a key priority if we are to develop effective solutions for cybersecurity and safety in IIoT environments.
- Why we trust dynamic consent to deliver on privacySchuler Scott, Arianna; Goldsmith, Michael; Teare, Harriet; Webb, Helena; Creese, Sadie (Springer, 2019-01-01)Dynamic consent has been discussed in theory as a way to show user preferences being taken into account when data is accessed and shared for research purposes. The mechanism is grounded in principles of revocation and engagement – participants may withdraw or edit their permissions at any time, and they receive feedback on the project they are contributing to if they have chosen to do so. The level of granular control offered by dynamic consent means that individuals have informational control over what they are sharing with the study, and to what extent that data can be used further. Rather than attempt to redefine privacy, this paper takes the position that data controllers have certain obligations to protect a data subject’s information and must show trustworthy behaviour to encourage research participation. Our model of privacy is grounded in normative, transaction-based requirements. We argue that dynamic consent is a mechanism that offers data controllers a way to evidence compliance with individual privacy preferences, and data subjects with control as and when they require it. The key difference between dynamic consent and a “rich” database consisting of a dataset with the ability for a subject to revoke access is human engagement, or relations of trust. We must re-think how consent is implemented from the top-down (policy-based) and bottom up (technical architecture) to develop useful privacy controls.
- Wider research applications of dynamic consentSchuler Scott, Arianna; Goldsmith, Michael; Teare, Harriet (Springer, 2019-01-01)As research processes change due to technological developments in how data is collected, stored and used, so must consent methods. Dynamic consent is an online mechanism allowing research participants to revisit consent decisions they have made about how their data is used. Emerging from bio-banking where research data is derived from biological samples, dynamic consent has been designed to address problems with participant engagement and oversight. Through discussion that emerged during a workshop run at the IFIP 2018 Summer School, this paper explores wider research problems could be addressed by dynamic consent. Emergent themes of research design, expectation management and trust suggested overarching research problems which could be addressed with a longer term view of how research data is used, even if that use is unknown at the point of collection. We posit that the existing model of dynamic consent offers a practical research approach outside of bio-banking.
- A Multiple-Motive Heuristic-Systematic Model for Examining How Users Process Android Data and Service Access NotificationsJames, Tabitha L.; Ziegelmayer, Jennifer L.; Schuler Scott, Arianna; Fox, Grace (ACM, 2021)Android access notifications are presented to users to obtain permission to access data and services on smartphones. The number of 'unsafe' apps in the Android marketplaces underscores the importance of understanding what factors influence whether users engage in more effortful systematic processing of access notifications. We propose a multiple-motive heuristic-systematic model to examine how different motives impact users' processing modes. We find that the need to be accurate in making decisions (accuracy), the desire to defend preferred positions (defense), and social pressure from others (impression) influence how users process Android access notifications, and they do so in different ways.