Politics of Adversarial Machine Learning
Towards Trustworthy ML: Rethinking Security and Privacy for ML Workshop, Eighth International Conference on Learning Representations (ICLR) 2020
6 Pages Posted: 27 Mar 2020 Last revised: 11 May 2020
Date Written: 2020
In addition to their security properties, adversarial machine-learning attacks and defenses have political dimensions. They enable or foreclose certain options for both the subjects of the machine learning systems and for those who deploy them, creating risks for civil liberties and human rights. In this paper, we draw on insights from science and technology studies, anthropology, and human rights literature, to inform how defenses against adversarial attacks can be used to suppress dissent and limit attempts to investigate machine learning systems. To make this concrete, we use real-world examples of how attacks such as perturbation, model inversion, or membership inference can be used for socially desirable ends. Although the predictions of this analysis may seem dire, there is hope. Efforts to address human rights concerns in the commercial spyware industry provide guidance for similar measures to ensure ML systems serve democratic, not authoritarian ends.
Keywords: Artificial Intelligence, AI, Machine Learning, Ml, Security, Socio-Technical Systems, Adversarial Machine Learning, Privacy, Security, Human Rights, Spyware, Politics of Technology, Politics of Machine Learning
JEL Classification: K1, K23, K42, O32, 031,
Suggested Citation: Suggested Citation