Connect with us

Technology

Accelerating the future of privacy through SmartData agents

Avatar

Published

on

Digital Life of Mind
Share this:

Imagine a future where you can communicate with your smartphone – or whatever digital extension of you exists at that time – through an evolved smart digital agent that readily understands you, your needs, and exists on your behalf to procure the things and experiences you want. What if it could do all this while protecting and securing your personal information, putting you firmly in control of your data?

Dr. George Tomko, University of Toronto

Dr. George Tomko, University of Toronto

Dr. George Tomko Ph.D, Expert-in-Residence at IPSI (Privacy, Security and Identity Institute) at the University of Toronto, Adjunct Professor in Computer Science at Ryerson University, and Neuroscientist, believes the time is ripe to address the privacy and ethical challenges we face today, and to put into place a system that will work for individuals, while delivering effective business performance and minimizing harms to society at large. I had the privilege of meeting George to discuss his brainchild, SmartData: the development of intelligent agents and the solution to data protection.

As AI explodes, we are witnessing incident after incident from technology mishaps to data breaches, to data misuse, and erroneous and even deadline outcomes. My recent post, Artificial Intelligence needs to Reset advances the need to take a step back, slow down the course of AI, and examine these events with a view to educate, fix, prevent and regulate towards effective and sustainable implementations.

Dr. Tomko is not new to the topic of privacy. He also invented Biometric Encryption as well as the Anonymous Database in the early 90’s.  His invention of SmartData was published SmartData: Privacy Meets Evolutionary Robotics, co-authored with Dr. Ann Cavoukian, former 3-term Privacy Commissioner in Ontario and inventor of Privacy by Design. This led to his current work, Smart Data Intelligent Agents, the subject of this article.

There is an inherent danger with the current model today. How the internet evolved was not its intended path. Tim Berners-Lee envisioned an open internet, owned by no one,

…an open platform that allows anyone to share information, access opportunities and collaborate across geographical boundaries…

This has been challenged by the spread of misinformation and propaganda online has exploded partly because of the way the advertising systems of large digital platforms such as Google or Facebook have been designed to hold people’s attention…

People are being distorted by very finely trained AIs that figure out how to distract them.

What has evolved is a system that’s failing. Tomko points to major corporations and digital gatekeepers who are accumulating the bulk of the world’s personal data:

He who has the personal data has the power, and as you accumulate more personal information (personally identifiable information, location, purchases, web surfing, social media), in effect you make it more difficult for competitors to get into the game. The current oligopoly of Facebook, Google, Amazon etc will make it more difficult for companies like Duck Duck Go and Akasha to thrive.

That would be okay if these companies were to utilize the data in accordance with the positive consent of the data subject for the primary purpose intended and protected it against data hacking. However, we know that’s not happening. Instead, they are using it for purposes not intended, selling the data to third parties, transferring it to government for surveillance, often without a warrant for probable cause.

Tomko asserts if Elon Musk and the late Stephen Hawking are correct about the potential of a dystopian-like AI popularized by Skynet in The Terminator series, this is likely if the AI has access to large amounts of personal data centralized into databases. While this implies an AI with malevolent intentions, humans are relentlessly innovative and Tomko argues for the importance of putting roadblocks in place before this happens.

Enter SmartData. This is the evolution of Privacy by Design, which shifts control from the organization and places it directly in the hands of the individual (the data subject).

SmartData empowers personal data by, in effect, wrapping it in a cloak of intelligence such that it now becomes the individual’s virtual proxy in cyberspace. No longer will personal data be shared or stored in the cloud as merely data, encrypted or otherwise; it will now be stored and shared as a constituent of the binary string specifying the neural weights of the entire SmartData agent. This agent proactively builds-in privacy, security and user preferences, right from the outset, not as an afterthought.

For SmartData to succeed, it requires a radical, new approach – with an effective separation from the centralized models which exist today.

Privacy Requires Decentralization and Distribution

Our current systems and policies present hurdles we need to overcome as privacy becomes the norm. The advent of Europe’s GDPR is already making waves and challenging business today. Through GDPR’s Article 20 (The Right to Data Portability) and Article 17 (The Right to Be Forgotten), the mechanisms to download personal data, plus the absolute deletion of data belie current directives and processes. Most systems ensure data redundancy, therefore data will always exist. Systems will need to evolve to fully comply with these GDPR mandates. In addition, customer transactions on private sites are collected, analyzed, shared and sometimes sold with a prevailing mindset that data ownership is at the organizational level.

Tomko explains the SmartData solution must be developed in an open source environment.

A company that says: “Trust me that the smart agent or app we developed has no “back-door” to leak or surreptitiously share your information,” just won’t cut it any longer. Open source enables hackers to verify this information. I believe that such a platform technology will result in an ecosystem that will grow, as long as there is a demand for privacy.

Within this environment, a data utility within the SmartData platform can request all personal data under GDPR-like regulations from the organizational database. As per the SmartData Security Structure, each subject’s personal data is then cleaned and collated into content categories e.g. A = MRI data, B = subscriber data. They will be de-identified, segmented, encrypted and placed in these locked boxes (files in the cloud) identified by categorized metatags. A “Trusted Enclave” like Intel’s SGX will be associated with each data subject’s personal data. The enclave will generate a public/private key pair and output the public key to encrypt the personal data by category.

Today, information is stored and accessed by location. If breaches occur, this practice increases the risk of exposure as information about data subjects are bundled together. By categorizing and storing personal information by content, this effectively prevents personal identity to be connected with the data itself. Only SmartData will know its data subjects and pointers to their unique personal information, accessed by a unique private key.

SmartData Security Structure, George Tomko

SmartData Security Structure, George Tomko

Ensuring Effective Performance while Maintaining Individual Privacy

Organizations who want to effectively utilize data to improve efficiencies and organizational performance will take a different route to achieve this. How do companies analyze and target effectively without exposing personal data? Tomko declares that using Federated Learning, to distribute data analytics such as Machine Learning(ML) is key:

Federated Learning provides an alternative to centralizing a set of data to train a machine learning algorithm, by leaving the training data at their source. For example, a machine learning algorithm can be downloaded to the myriad of smartphones, leveraging the smartphone data as training subsets. The different devices can now contribute to the knowledge and send back the trained parameters to the organization to aggregate.  We can also substitute smartphones with the secure enclaves that protect each data subject’s personal information.

Here’s how it would work: An organization wants to develop a particular application based on machine learning, which requires some category of personal data from a large number of data-subjects as a training set. Once it has received consent from the data subjects, it would download the learning algorithm to each subject’s trusted enclave. The relevant category of encrypted personal data would then be inputted, decrypted by the enclave’s secret key, and used as input to the machine learning algorithm. The trained learning weights from all data-subjects’ enclaves would then be sent to a master enclave within this network to aggregate the weights. This iteration would continue until the accuracies are optimized. Once the algorithm is optimized, the weights would then be sent to the organization. Tomko affirms,

 

The organization will only have the aggregated weights that had been optimized based on the personal data of many data subjects. They would not be able to reverse engineer and determine the personal data of any single data subject. The organization would never have access to anyone’s personal data, plaintext or otherwise, however, would be able to accomplish their data analytic objectives.

Federated Learning - Master Enclave, George Tomko

Federated Learning – Master Enclave, George Tomko

Building a Secure Personal Footprint in the Cloud

To ensure personal web transactions are secure, a person will instruct his SmartData agent to, for example, book a flight. The instruction is transmitted to the cloud using a secure protocol such as IPSec. This digital specification (a binary string) is decrypted and downloaded to one of many reconfigurable computers, which will interpret the instructions.

Natural language (NLP) would convert the verbal instructions into formal language, as well as the encoded communications, back and forth between subject and organization to facilitate the transaction, eliciting permission for passport and payment information. What’s different is the development of an agreement (stored on the Blockchain) that confirms consented terms of use between the parties. It also adds an incentive component through cryptocurrency that enables the data subject to be compensated for their information, if required. This mechanism would be used before every transaction to ensure transparency and expediency between parties.

Tomko realizes Blockchain has its limitations:

Everyone wants to remove the intermediary and the crypto environment is moving quickly. However, we can’t rely on Blockchain alone for privacy because it is transparent, and we can’t use it for computation because it is not scalable.

AI as it exists today is going through some stumbling blocks. Most experiments are largely within ANI: Artificial Narrow Intelligence, with models and solutions built for very specific domains, which cannot be transferred to adjacent domains. Deep Learning has its limitations. The goal of SmartData is to develop a smart digital personal assistant to serve as a proxy for the data-subject across varied transactions and contexts. Tomko illustrates,

With current Deep Learning techniques, different requests such as ‘Hey SmartData, buy me a copy of …” or “book me a flight to…” encompass different domains, and accordingly, require large sets of training data specific to that domain. The different domain-specific algorithms would then need to be strung together into an integrated whole, which, in effect, would become SmartData. This method would be lengthy, computationally costly and ultimately not very effective.

The promise of AI: to explain and understand the world around us and it has yet to reveal itself.

Tomko explains:

To date, standard Machine Learning (ML) cannot achieve incremental learning that is necessary for intelligent machines and lacks the ability to store learned concepts or skills in long-term memory and use them to compose and learn more sophisticated concepts or behaviors. To emulate the human brain to explain and generally model the world, it cannot be solely engineered. It has to be evolved within a framework of Thermodynamics, Dynamical Systems Theory and Embodied Cognition.

Embodied Cognition is a field of research that “emphasizes the formative role that both the agents’ body and the environment will play in the development of cognitive processes.” Put simply, these processes will be developed when these tightly coupled systems emerge from the real-time, goal-directed interactions between the agents and their environments, and in SmartData’s case, a virtual environment. Tomko notes the underlying foundation of intelligence (including language) is action.

Actions cannot be learned in the traditional ML way but must be evolved through embodied agents. The outcomes of these actions will determine whether the agent can satisfy the data subject’s needs.

Tomko references W. Ross Ashby, a cybernetics guru from the 50’s, who proposed that every agent has a set of essential variables which serve as its benchmark needs, and by which all of its perceptions and actions are measured against. The existential goal is to always satisfy its needs. By using this model (see below), we can train the agent to satisfy the data subject’s needs, and retain the subject’s code of ethics. Essential variables are identified that determine the threshold for low surprise or high surprise. Ideally, the agent should try to maintain a low-surprise and homeostatic state (within the manifold) to be satisfied. Anything outside the manifold, i.e., high surprise should be avoided. Tomko uses Ashby’s example of a mouse, who wants to survive. If a cat is introduced, a causal model of needs is built such that the mouse uses its sensory inputs compared to its benchmark needs to determine how it will act when a cat is present and maintain its life-giving states.

Apply this to individual privacy. As per Tomko,

The survival range will include parameters for privacy protection. Therefore, if the needs change or there is a modified environment or changing context the agent will modify its behavior automatically and adapt because its needs are the puppet-master.

This can be defined as a reward function. We reward actions that result in low surprise or low entropy. For data privacy, ideally, we want to avoid any potential actions that would lead to privacy violations equating to high surprise (and greater disorder).

 

Manifold of Needs, George Tomko

Manifold of Needs, George Tomko

Toronto’s Sidewalk Labs: The Need for Alternative Data Practices

At the time of writing this article, Dr. Ann Cavoukian, Expert-in-Residence at Ryerson University, former 3-term Privacy Commissioner, resigned as an advisor to Sidewalk Labs, in Toronto, a significant project powered by Alphabet, which aimed to develop one of the first smart cities of privacy in the world. Cavoukian’s resignation resulted in a media coup nationally because of her strong advocacy for individual privacy. She explains,

My reason for resigning from Sidewalk Labs is only the tip of the iceberg of a much greater issue in our digitally oriented society.  The escalation of personally identified information being housed in central databases, controlled by a few dominant players, with the potential of being hacked and used for unintended secondary uses, is a persistent threat to our continued functioning as a free and open society.

Organizations in possession of the most personal information about users tend to be the most powerful. Google, Facebook and Amazon are but a few examples in the private sector… As a result, our privacy is being infringed upon, our freedom of expression diminished, and our collective knowledge base outsourced to a few organizations who are, in effect,  involved in surveillance fascism. In this context, these organizations may be viewed as bad actors; accordingly, we must provide individuals with a viable alternative…

The alternative to centralization of personal data storage and computation is decentralization – place all personal data in the hands of the data-subject to whom it relates, ensure that it is encrypted, and create a system where computations may be performed on the encrypted data, in a distributed manner… This is the direction that we must take, and there are now examples of small startups using the blockchain as a backbone infrastructure, taking that direction.  SmartData, Enigma, Oasis Labs, and Tim Berners-Lee’s Solid platform are all developing methods to, among other things, store personal information in a decentralized manner.

Other supporters of Dr. George Tomko concur:

Dr. Don Borrett, a practicing neurologist with a background in evolutionary robotics, with a Masters from the Institute for the History and Philosophy of Science and Technology for the University of Toronto states:

By putting control of personal data back into the hands of the individual, the SmartData initiative provides a framework by which respect for the individual and responsibility for the collective good can be both accommodated.

Bruce Pardy is a Law Professor at Queen’s University, who has written on a wide range of legal topics: human rights, climate change policy, free markets, and economic liberty, among others and he declares:

The SmartData concept is not just another appeal for companies to do better to protect personal information. Instead, it proposes to transform the privacy landscape. SmartData technology promises to give individuals the bargaining power to set their own terms for the use of their data and thereby to unleash genuine market forces that compel data-collecting companies to compete to meet customer expectations.

Dr. Tomko is correct! The time is indeed ripe, and SideWalk Labs, an important experiment that will vault us into the future, is an example of the journey many companies must take to propel us into an inevitability where privacy is commonplace.

This originally appeared om Forbes.

Share this:

Healthcare

AI technology from IBM detects breast cancer risk before it happens

Avatar

Published

on

Share this:

IBM has taken a step forward in disease prevention by designing an artificial intelligence technology that can predict the risk of breast cancer developing up to one year before the first signs of cancer appear.

With this new step in medical diagnosis, IBM has developed an artificial intelligence model which is capable of predicting malignant breast cancer within a year with an 87 percent accuracy rate (when the output from the machine is compared with expert radiologists.) In addition, the technology could correctly predict 77 percent of non-cancerous cases.

The prediction methods uses both mammogram images and medical records in order to make the assessment, based on a data review of the medical evidence. This is the first application of AI to draw upon both images and data to make a prediction in relation to breast cancer.

At the heart of the deep neural network technology is an algorithm, which was trained by IBM technologists along with medical professionals from Israel’s largest healthcare organizations. The training of the artificial intelligence took place using anonymized mammography images which were linked to biomarkers (like patient reproductive history) together with clinical data. The training data-set consisted of 52,936 images from 13,234 women who underwent at least one mammogram between 2013 and 2017.

The aim of the medtech is not to replace the physician, but to act as a ‘second pair of eyes’, providing a backup in the event that something has been missed through conventional patient assessment. This could prove especially useful in areas with staff shortages where a second medical professional is not available to provide a second assessment.

An assessment of the technology has been published in the journal Radiology. The research paper is titled “Predicting Breast Cancer by Applying Deep Learning to Linked Health Records and Mammograms.”

In related news, IBM is applying artificial intelligence to catch Type 1 diabetes much earlier. IBM’s other health technology project could help identify patients at risk and help chart a course for tracking the condition. The predictive tool is a joint project between IBM and JDRF (formerly known as the Juvenile Diabetes Research Foundation).

Share this:
Continue Reading

Technology

OECD issues report on AI in Society

Avatar

Published

on

AI
Share this:

The OECD has published a detailed report looking at how artificial intelligence is affecting global economies and societies. The report considers the acceleration in AI investment and the growth of startups.

The new OECD report is titled “Artificial Intelligence in Society“, issued on June 11, 2019. The report charts the acceleration in artificial intelligence investment since 2016, particularly in the areas of Canada, China, the European Union, Israel and the U.S. As a sign of growth in investment, the report shows how artificial intelligence startups have attracted 12 percent of global private equity investments in the first half of 2018, a figure that is up from just three percent in 2011.

The report additionally looks at the different sectors adopting artificial intelligence systems, the policy challenges of the technology, and issues like risk management and approaches to transparency. This is tune with the focus on how the technology affects society found in the report.

While it is acknowledged that artificial intelligence adoption can generate productivity gains, improve well-being and help address global challenges, such as climate change, resource scarcity and health crises; at the same time, artificial intelligence applications raise questions and challenges related to human values such as fairness. There are also considerations of human determination (self-will), privacy, safety and accountability.

The report follows on from the OECD, together with partner countries, formally adopting a new set of ‘Principles on Artificial Intelligence’. This activity took place at the Organization’s 2019 Ministerial Council Meeting on May 22 in Paris.

The goal of the new report is to help to construct a shared understanding of artificial intelligence and to encourage dialogue on important policy issues, like labour market developments and upskilling for the digital age. There are other issues like privacy, accountability and the responsibility, security and safety questions that artificial intelligence generates. These form part of a section of the report titled “Public policy considerations”.

An interesting section of the report, which runs to 152 pages, it titled “AI applications”. This section considers ten areas that are seeing a rapid uptake of artificial intelligence technologies. These areas are: transport, agriculture, finance, marketing and advertising, science, health, criminal justice, security, the public sector and augmented/virtual reality. The report looks at the benefits in these areas such as raising the efficiency of decision making, saving costs and enabling better resource allocation.

The report also looks at the big investment in startups, which is running somewhere between $26 billion to $39 billion, with three-quarters of this investment coming from big technology companies – primarily: Google, Apple, Baidu, Facebook, Amazon, Intel, Microsoft, Twitter and Salesforce.

The biggest sectors within which artificial intelligence startup companies are developing are cybersecurity (for example, Amazon and Oracle purchased Sqrrl and Zenedge, respectively); autonomous vehicles; and healthcare. While China and the U.S. are the biggest areas for startup investment (ahead of the European Union in third place), the most rapid growth has occurred in Israel, which has seen the share of investments in AI startups jump from five to 25 percent between 2011 and the first half of 2018.

Share this:
Continue Reading

Technology

Paris opens data center to host the city’s digital services

Avatar

Published

on

Share this:

Paris has established its own data center, designed to host the city’s digital services and which will be run by local government officials. This is a strong sign that Paris wishes to chart and control its digital future.

As part of its mission to become a digital city and to lay down the foundations for the future, the local government of Paris has invested close to $18 million (€16 million) in a new data center. The aim is for the data center to be scalable and adaptable, in terms of future-state technology, for the next 50 years. The center, which from the outside resembles any other office building, is located north of Paris in the 18th arrondissement.

According to Paris IT head Joachim Labrunie, who is quoted by Co Fund: “We want to be able to tell citizens where their data is, we want to save some money and we want some stability by avoiding regular moves.”

The most interesting aspect about the project is that Paris has elected to invest heavily in a physical infrastructure, at the same time that many businesses are adopting cloud technology. The reasons for adopting this approach, according to a review by TechCrunch, is to ensure that Parisian officials maintain control of public data, rather than trusting the data to a third party to host elsewhere.

In addition, technologists have made the case that a physical infrastructure will enable more reliable services to be provided. There is additionally a case for lowering the environmental impact of an elaborate information technology system. The data centre controls its heat output through cold water. In order transfer the data centre’s heat, architects have designed a process that injects warm water, diverted from the water cooling system from the centre, into the heating system of residential buildings next door.

A further factor behind the creating of the data center is the desire to control costs. An alternative to building the data centre was renting one. When officials looked into the relative costs, and the tendency for rents to increase in four-year cycles, building a center from scratch in a building owned by the municipal authority remained the moist economic option.

A similar initiative has begun in London — the London Digital Security Centre, which has a narrower remit but is based on the same desire to control data directly. The London Digital Security Centre is a joint venture between the Mayor of London, the Metropolitan Police Service and the City of London Police. The aim is to assist businesses in growing and innovating through operating in a secure digital environment.

Frankfurt has also been developing a physical data center to serve its business district, signaling that several major cities appear to be eschewing the cloud option.

Share this:
Continue Reading

Featured