3 Ways to Address AI's More Frightening Implications

AI has vast potential. The technology is being touted as a solution to some of humanity’s most vexing problems, and rightly so. In China, where there aren’t enough radiologists to review the 1.4 billion annual CT scans for lung cancer, algorithms can accurately and efficiently diagnose patients.

Around the world, the next generation of automobiles will be driven quite literally by AI, and removing angry, distracted, or drunk humans from behind the wheel will likely make the road a far safer place. Still, for every positive AI implementation, there’s a downside just waiting to be uncovered.

One of the principal concerns about AI stems from its potential to spread misinformation. Social media platforms such as Facebook and Twitter are already having to deal with this practice, and they’ve taken to shutting down bots designed to spread hate speech and inflame public opinion.

According to Greg McBeth, head of revenue at Node.io, what’s currently an annoyance will only continue to escalate: “I believe there’s potential for an AI-driven misinformation crisis in our lifetime. AI can already convincingly manipulate images and video,” McBeth noted, citing as an example instances in which some actresses’ faces were superimposed onto inappropriate photos. Unfortunately, fake news is just the beginning.

In addition to faking images and videos, programmers with malicious intentions will use AI to commit other crimes, from the forging of financial documents that impact credit to the fabrication of phony evidence to produce wrongful convictions. In order to combat these efforts, we need to take the following steps.

1. Start the conversation now.

Advancements in AI are accelerating, and the use of the technology for nefarious purposes will as well. While news coverage seems to emphasize the revolutionary possibilities of AI, we must not shy away from the potential consequences. Earlier this year, Facebook’s Mark Zuckerberg warned that it could be a decade before AI is able to recognize the nuances that allow it to red flag hate speech or false information.

AI’s more nefarious uses could greatly outpace AI-based countermeasures. As a business leader, you can help guide this conversation. For instance, you could set up a roundtable discussion at an industry conference to share information and increase awareness of how AI may be used to spread misinformation — and where the tech comes up short in detecting it.

2. Create safeguards for defense.

Science fiction author Isaac Asimov thought up his three laws of robotics with android servants in mind. We still don’t have robots doing our household chores (not counting vacuums), but the laws have withstood the test of time.

To prevent AI from causing harm, the business community needs similar, universally accepted safeguards that apply to AI development. For instance, if you intend to use robots, you may be tempted to simplify the interface required to control them in order to make them more user-friendly for your employees. But be careful to balance those efforts with attention to cybersecurity. It’s imperative to address system vulnerabilities that could make it easier for hackers to gain access to your robot and network.

3. Arm citizens with AI education.

In order to mitigate the damages of misinformation, the business community needs to educate the public about what AI is capable of, both good and bad. Include educational resources on this subject on your blog, website, email newsletter, and social media accounts. Inform your customers about your use of AI and what safeguards or policies you have in place to prevent cyberattacks.

When people are aware of ways AI can be used maliciously, they’re more likely to recognize the red flags. For instance, if someone knows how to recognize signs that a Twitter account is potentially a political bot, they may think twice before retweeting something it shared.

On the other hand, when people are ignorant of AI’s misuse, they won’t hesitate to propagate misinformation. This needs to be a society-wide effort, but you can start by working with your team and your customers so they know what AI can do.

AI is responsible for exciting developments, but it’s a powerful tool that can be used to do harm as well. Ultimately, it’s impossible to prevent bad actors from developing AI for their own ill-intentioned purposes. But by taking these steps, business leaders can help minimize the impact of AI’s downsides.

This Is the Most Riotously Insane Thing About the Massive Marriott Data Breach You're Likely to Hear

Not to worry, Yahoo, you still had the largest data breach in corporate history, at 3 billion records. But at 500 million, Marriott is a strong second, and maybe should be first.

That’s because of the nature of the data that went out the door for about 327 million of the people who had stayed at a Starwood property on or before September 10, 2018. (And starting in 2014, because that’s how long it’s been since someone first broke into the system.)

The data included some combination of name, mailing address, phone number, email address, Starwood Preferred Guest (“SPG”) account information, birth date, gender, arrival and departure information, reservation date, communication preferences, and passport number.

Passport number? Yup. They kept them on file. And an undisclosed number of encrypted payment card numbers, expirations dates, and maybe–Marriott’s really not quite sure–enough information to let someone crack the encryption.

Yes, this is really, really bad.

Oh, and TechCrunch also noted the the claim that Russian cybercriminals got into the Starwood servers. It can’t keep getting worse, right?

You know the answer.

Marriott’s promised email notifications to affected customers will come from a fake-ish looking email address, as TechCrunch noted, and one that could be easily spoofed by people who want to cause even more damage. In other words, beware of phishing hacks that stand on the back of Marriott’s efforts to address the terrible position it’s put so many customers into.

And now we come around to the latest insanity. As part of its response, Marriott set up a website that ultimately points you to a third party service that “monitors internet sites where personal information is shared and generates an alert to the consumer if evidence of the consumer’s personal information is found.”

The third party running the service, corporate investigations and risk management firm Kroll, of course is going to need information from you to see if it pops up on the dark web. Here is what they might want, directly from their website:

  • name, address, phone number, and e-mail address
  • date of birth, driver’s license number, social security number, passport number, and other similar information
  • copies of government-issued photo identification, Social Security card and/or utility bill(s), where applicable
  • credit card number and other financial account data, including your consumer credit file(s), as applicable
  • your responses to security questions; the information you provide in customer service correspondence; and general feedback

You’re going to have to cough up enough information to see if they can match it to anything on the dark web. You’ll have to trust that everything will be fine. Which is what you did with Marriott in the first place.

Fat lot of good that did almost half the country.

How does this keep happening? As I explained in a piece over at Vice Motherboard, it all comes down to economics. The ultimate penalties big companies pay are so infrequent and small in comparison to their revenues that it becomes something just as easy to ignore. The millions of dollars you may hear about as the cost of a data breach is significantly smaller than a rounding error in accounting to them.

Not that I’m suggesting Marriott is ignoring this. Just a comment on the general treatment of customer data security by large corporations.

The only hope is that government officials take enough heat from voters that they put significant fiscal punishment into place. I’d settle, at least in this case, for Marriott to pay the cost for all the people who might now need to obtain a new passport. That at least would be a start.

But there’s the other factor: consolidation. Marriott is the largest hotel operator in the world. If you’re traveling, there’s a good chance you’ll land in one of its properties. Unless, of course, you remember all this nonsense and intentionally stay elsewhere.

Even if you don’t get more points, you might at least keep your data secure.