Legal Risks of Adversarial Machine Learning Research

Adversarial machine learning is the systematic study of how motivated adversaries can compromise the confidentiality, integrity, and availability of machine learning (ML) systems through targeted or blanket attacks. The problem of attacking ML systems is so prevalent that CERT, the federally funded research and development center tasked with studying attacks, issued a broad vulnerability note on how most ML classifiers are vulnerable to adversarial manipulation. Google, IBM, Facebook, and Microsoft have committed to investing in securing machine learning systems. The US and EU are likewise putting security and safety of AI systems as a top priority.Now, research on adversarial machine learning is booming but it is not without risks. Studying or testing the security of any operational system may violate the Computer Fraud and Abuse Act (CFAA), the primary United States federal statute that creates liability for hacking. The CFAA’s broad scope, rigid requirements, and heavy penalties, critics argue, has a chilling effect on security research. Adversarial ML security research is likely no different. However, prior work on adversarial ML research and the CFAA is sparse and narrowly focused. In this article, we help address this gap in the literature. For legal practitioners, we describe the complex and confusing legal landscape of applying the CFAA to adversarial ML. For adversarial ML researchers, we describe the potential risks of conducting adversarial ML research. We also conclude with an analysis predicting how the US Supreme Court may resolve some present inconsistencies in the CFAA’s application in Van Buren v. United States, an appeal expected to be decided in 2021. We argue that the court is likely to adopt a narrow construction of the CFAA, and that this will actually lead to better adversarial ML security outcomes in the long term

Politics of Adversarial Machine Learning

In addition to their security properties, adversarial machine-learning attacks and defenses have political dimensions. They enable or foreclose certain options for both the subjects of the machine learning systems and for those who deploy them, creating risks for civil liberties and human rights. In this paper, we draw on insights from science and technology studies, anthropology, and human rights literature, to inform how defenses against adversarial attacks can be used to suppress dissent and limit attempts to investigate machine learning systems. To make this concrete, we use real-world examples of how attacks such as perturbation, model inversion, or membership inference can be used for socially desirable ends. Although the predictions of this analysis may seem dire, there is hope. Efforts to address human rights concerns in the commercial spyware industry provide guidance for similar measures to ensure ML systems serve democratic, not authoritarian endsComment: Authors ordered alphabetically; 4 page

Ethical Testing in the Real World: Evaluating Physical Testing of Adversarial Machine Learning

This paper critically assesses the adequacy and representativeness of physical domain testing for various adversarial machine learning (ML) attacks against computer vision systems involving human subjects. Many papers that deploy such attacks characterize themselves as "real world." Despite this framing, however, we found the physical or real-world testing conducted was minimal, provided few details about testing subjects and was often conducted as an afterthought or demonstration. Adversarial ML research without representative trials or testing is an ethical, scientific, and health/safety issue that can cause real harms. We introduce the problem and our methodology, and then critique the physical domain testing methodologies employed by papers in the field. We then explore various barriers to more inclusive physical testing in adversarial ML and offer recommendations to improve such testing notwithstanding these challenges.Comment: Accepted to NeurIPS 2020 Workshop on Dataset Curation and Security; Also accepted at Navigating the Broader Impacts of AI Research Workshop. All authors contributed equally. The list of authors is arranged alphabeticall

FOSTA in Legal Context

In the spring of 2018, Congress passed the Allow States and Victims to Fight Online Trafficking Act of 2017 (FOSTA), which combined a House bill of the same name with provisions from a Senate bill, the Stop Enabling Sex Traffickers Act (SESTA).[1] FOSTA as passed makes changes to three federal statutory schemes: the Communications Decency Act (Section 230), the Trafficking Victims Protection Act (TVPA), and the Mann Act. Members of Congress claimed FOSTA would fix loopholes in those statutory schemes through which they believed websites such as Backpage.com had avoided liability for sex trafficking. This Article analyzes the legal reality of FOSTA, fully exploring its changes to the Mann Act and the TVPA in context along with the more broadly discussed changes to Section 230. When contextualized, the changes to 230 are far less broad than initially reported, with a strict textual reading of the amendments resulting in relatively little change to immunity in most circumstances.  The new criminal provisions, on the other hand, have the potential to criminalize vast amounts of speech and advocacy. This Article is the first piece to comprehensively analyze the scope of all of these various components of the law

Astrocytic glutamate transport regulates a Drosophila CNS synapse that lacks astrocyte ensheathment.

Anatomical, molecular, and physiological interactions between astrocytes and neuronal synapses regulate information processing in the brain. The fruit fly Drosophila melanogaster has become a valuable experimental system for genetic manipulation of the nervous system and has enormous potential for elucidating mechanisms that mediate neuron-glia interactions. Here, we show the first electrophysiological recordings from Drosophila astrocytes and characterize their spatial and physiological relationship with particular synapses. Astrocyte intrinsic properties were found to be strongly analogous to those of vertebrate astrocytes, including a passive current-voltage relationship, low membrane resistance, high capacitance, and dye-coupling to local astrocytes. Responses to optogenetic stimulation of glutamatergic premotor neurons were correlated directly with anatomy using serial electron microscopy reconstructions of homologous identified neurons and surrounding astrocytic processes. Robust bidirectional communication was present: neuronal activation triggered astrocytic glutamate transport via excitatory amino acid transporter 1 (Eaat1), and blocking Eaat1 extended glutamatergic interneuron-evoked inhibitory postsynaptic currents in motor neurons. The neuronal synapses were always located within 1 μm of an astrocytic process, but none were ensheathed by those processes. Thus, fly astrocytes can modulate fast synaptic transmission via neurotransmitter transport within these anatomical parameters. J. Comp. Neurol. 524:1979-1998, 2016. © 2016 Wiley Periodicals, Inc.This is the author accepted manuscript. The final version is available from Wiley via http://dx.doi.org/10.1002/cne.2401

Gender and Videogames: The political valency of Lara Croft

The Face: Is Lara a feminist icon or a sexist fantasy? Toby Gard: Neither and a bit of both. Lara was designed to be a tough, self-reliant, intelligent woman. She confounds all the sexist cliches apart from the fact that she’s got an unbelievable figure. Strong, independent women are the perfect fantasy girls—the untouchable is always the most desirable (Interview with Lara’s creator Toby Gard in The Face magazine, June 1997)

A Target Enrichment Bait Set for Studying Relationships among Ostariophysan Fishes

© 2020 by the American Society of Ichthyologists and Herpetologists. Target enrichment of conserved nuclear loci has helped reconstruct evolutionary relationships among a wide variety of species. While there are preexisting bait sets to enrich a few hundred loci across all fishes or a thousand loci from acanthomorph fishes, no bait set exists to enrich large numbers (\u3e1,000 loci) of ultraconserved nuclear loci from ostariophysans, the second largest actinopterygian superorder. In this study, we describe how we designed a bait set to enrich 2,708 ultraconserved nuclear loci from ostariophysan fishes by combining an existing genome assembly with low coverage sequence data collected from two ostariophysan lineages. We perform a series of enrichment experiments using this bait set across the ostariophysan tree of life, from the deepest splits among the major groups (\u3e150 Ma) to more recent divergence events that have occurred during the last 50 million years. Our results demonstrate that the bait set we designed is useful for addressing phylogenetic questions from the origin of crown ostariophysans to more recent divergence events, and our in silico results suggest that this bait set may be useful for addressing evolutionary questions in closely related groups of fishes, like Clupeiformes

GAWMerge expands GWAS sample size and diversity by combining array-based genotyping and whole-genome sequencing

Genome-wide association studies (GWAS) have made impactful discoveries for complex diseases, often by amassing very large sample sizes. Yet, GWAS of many diseases remain underpowered, especially for non-European ancestries. One cost-effective approach to increase sample size is to combine existing cohorts, which may have limited sample size or be case-only, with public controls, but this approach is limited by the need for a large overlap in variants across genotyping arrays and the scarcity of non-European controls. We developed and validated a protocol, Genotyping Array-WGS Merge (GAWMerge), for combining genotypes from arrays and whole-genome sequencing, ensuring complete variant overlap, and allowing for diverse samples like Trans-Omics for Precision Medicine to be used. Our protocol involves phasing, imputation, and filtering. We illustrated its ability to control technology driven artifacts and type-I error, as well as recover known disease-associated signals across technologies, independent datasets, and ancestries in smoking-related cohorts. GAWMerge enables genetic studies to leverage existing cohorts to validly increase sample size and enhance discovery for understudied traits and ancestries