Technologies that can be used in military and civilian applications are referred to as dual-use. The dual-use nature of many information and communications technologies (ICTs) raises new questions for research and development for national, international, and human security. Measures to deal with the risks associated with the various dual-use technologies, including proliferation control, design approaches, and policy measures, vary widely. For example, Autonomous Weapon Systems (AWS) have not yet been regulated, while cryptographic products are subject to export and import controls. Innovations in artificial intelligence (AI), robotics, cybersecurity, and automated analysis of publicly available data raise new questions about their respective dual-use risks.
Dual-use risks have been systematically discussed so far, especially in the life sciences, which have contributed to the development of methods for assessment and risk management. Dual-use risks arise, among other things, from the fact that safety-critical technologies can be easily disseminated or modified, as well as used as part of a weapon system. Therefore, the development and adaptation of robots and software requires an independent consideration that builds on the insights of related dual-use discourses. Therefore, this dissertation considers the management of such risks in terms of the proliferation, regulation, and design of individual dual-use information technologies. Technology Assessment (TA) is the epistemological framework for this work, bringing together the concepts and approaches of Critical Security Studies (CSS) and Human-Computer Interaction (HCI) to help evaluate and shape dual-use technologies.
In order to identify the diffusion of dual-use at an early stage, the dissertation first examines the diffusion of dual-use innovations between civilian and military research in expert networks on LinkedIn, as well as on the basis of AI patents in a patent network. The results show low diffusion and tend to confirm existing studies on diffusion in patent networks. In the following section, the regulation of dual-use technologies is examined in the paper through two case studies. The first study uses a discourse analysis to show the value conflicts with regard to the regulation of autonomous weapons systems using the concept of Meaningful Human Control (MHC), while a second study, as a long-term comparative case study, analyzes the change and consequences of the regulation of strong cryptography in the U.S. as well as the programs of intelligence agencies for mass surveillance. Both cases point to the central role of private companies, both in the production of AWS and as intermediaries for the dissemination of encryption, as well as surveillance intermediaries. Subsequently, the dissertation examines the design of a dual-use technology using an Open Source Intelligence System (OSINT) for cybersecurity. For this purpose, conceptual, empirical, and technical studies are conducted as part of the Value-Sensitive Design (VSD) framework. During the studies, implications for research on and design of OSINT were identified. For example, the representative survey of the German population has shown that transparency of use while reducing mistrust is associated with higher acceptance of such systems. Additionally, it has been shown that data sparsity through the use of expert networks has many positive effects, not only improving the performance of the system, but is also preferable for legal and social reasons. Thus, the work contributes to the understanding of specific dual-use risks of AI, the regulation of AWS and cryptography, and the design of OSINT in cybersecurity. By combining concepts from CSS and participatory design methods in HCI, this work provides an interdisciplinary and multi-method contribution
