filmov
tv
Debugging Bug Bounties in Cyberspace: From Vulnerability Discovery to Algorithmic Harms Redress
Показать описание
Debugging Bug Bounties in Cyberspace: From Vulnerability Discovery to Algorithmic Harms Redress
Google, the Department of Defense, Starbucks, and hundreds of other companies and organizations now use “Bug Bounty” programs to buy flaws from hackers. Paying hackers to disclose bugs was once radical, now it’s common. Recently, pilot projects from Facebook, Twitter, and others have looked to extend the bounty model to address an expanded set of socio-technical harms. This event launches two reports that examine the state of bug bounty programs and what we can learn from them to address algorithmic harms. One report—Bounty Everything: Hackers and the Making of the Global Bug Marketplace—was written by Ryan Ellis and Yuan Stevens for Data & Society Research Institute and was based on 40+ interviews with bug bounty workers and cybersecurity experts. It examines the rise of bug bounty programs and highlights the risks of relying on vulnerable workers to fix vulnerable systems. The other report—Bug Bounties for Algorithmic Harms? Lessons from Cybersecurity Vulnerability Disclosure for Algorithmic Harms Discovery, Disclosure and Redress—was authored for the Algorithmic Justice League by Josh Kenway and Camille François. It examines the cautionary and constructive design lessons that can be gleaned from bug bounty programs for participatory approaches to the discovery and disclosure of sociotechnical issues, with a focus on flaws in algorithmic systems.
Ryan Ellis, Associate Professor of Communication Studies, Northeastern University; Affiliate, Data and Society Research Institute, NYC
Camille François, Lecturer, Columbia SIPA; Co-lead of the Algorithmic Justice League Community Reporting of Algorithmic System Harms (CRASH) Project
Josh Kenway, Policy Analyst, PayPal; Research Fellow, Algorithmic Justice League
Yuan Stevens, Affiliate, Data and Society Research Institute, NYC; Research Fellow, University Research Chair in Technology and Society, University of Ottawa Centre for Law, Technology and Society
Moderated by Matt Goerzen, Researcher, Data and Society Research Institute, NYC.
Presented by The Cyber Program at the Arnold A. Saltzman Institute of War and Peace Studies in association with The Niejelow Rodin Global Digital Futures Policy Forum
Google, the Department of Defense, Starbucks, and hundreds of other companies and organizations now use “Bug Bounty” programs to buy flaws from hackers. Paying hackers to disclose bugs was once radical, now it’s common. Recently, pilot projects from Facebook, Twitter, and others have looked to extend the bounty model to address an expanded set of socio-technical harms. This event launches two reports that examine the state of bug bounty programs and what we can learn from them to address algorithmic harms. One report—Bounty Everything: Hackers and the Making of the Global Bug Marketplace—was written by Ryan Ellis and Yuan Stevens for Data & Society Research Institute and was based on 40+ interviews with bug bounty workers and cybersecurity experts. It examines the rise of bug bounty programs and highlights the risks of relying on vulnerable workers to fix vulnerable systems. The other report—Bug Bounties for Algorithmic Harms? Lessons from Cybersecurity Vulnerability Disclosure for Algorithmic Harms Discovery, Disclosure and Redress—was authored for the Algorithmic Justice League by Josh Kenway and Camille François. It examines the cautionary and constructive design lessons that can be gleaned from bug bounty programs for participatory approaches to the discovery and disclosure of sociotechnical issues, with a focus on flaws in algorithmic systems.
Ryan Ellis, Associate Professor of Communication Studies, Northeastern University; Affiliate, Data and Society Research Institute, NYC
Camille François, Lecturer, Columbia SIPA; Co-lead of the Algorithmic Justice League Community Reporting of Algorithmic System Harms (CRASH) Project
Josh Kenway, Policy Analyst, PayPal; Research Fellow, Algorithmic Justice League
Yuan Stevens, Affiliate, Data and Society Research Institute, NYC; Research Fellow, University Research Chair in Technology and Society, University of Ottawa Centre for Law, Technology and Society
Moderated by Matt Goerzen, Researcher, Data and Society Research Institute, NYC.
Presented by The Cyber Program at the Arnold A. Saltzman Institute of War and Peace Studies in association with The Niejelow Rodin Global Digital Futures Policy Forum
1:57:07
0:00:27
0:01:28
0:00:58
0:00:47
0:09:08
0:08:03
0:05:34
0:49:03
0:12:14
0:00:11
0:53:28
0:00:20
0:00:31
1:35:32
0:00:13
0:00:52
0:00:16
0:04:16
0:00:52
0:00:24
0:03:16
0:00:40
0:00:32