SECURITY AND PRIVACY ISSUES IN ANALYTICS.REFERENCE: HARVARD(DEAKIN)
SIT719 Security and Privacy Issues in Analytics Assessment 1: Privacy/security report Key information • Due: by Friday 2 August 23:59 (AEDT) • Weight: 20% of total mark for this unit • Length: 2000 words • Submit: Electronically via Turnitin during Week 4 (FutureLearn Course 2, Week 2). Learning outcomes In this assignment, you will be focusing on the following unit learning outcome (ULO) and related Graduate Learning Outcomes (GLO): Unit Learning Outcome (ULO) Graduate Learning Outcome (GLO) ULO1: Analyse the potential privacy and security issues associated with the application, use and/or production of data in analytics. GLO1: through student ability to demonstrate specific knowledge and skills in identifying relevant privacy and security issues along with the related ethical, regulatory and governance requirements. ULO2: Recognise and apply the relevant ethical, regulatory and governance constraints on organisations and professionals when dealing with data and analytics. GLO2: through student ability to understand and communicate with stakeholders and interpret their needs, as well as communicate privacy and security issues and GLO3: through student ability to locate, collate and relate relevant security and privacy issues for dissemination with stakeholders. GLO4: through student ability to critically evaluate system functional and non-functional requirements as well as evaluate their own work against a set of learning outcomes. Brief description of the task A 2000 word report on the research and findings of the potential security and privacy issues faced when dealing with data and analytics. The associated constraints from a regulatory, governance and ethical perspective must also be presented. Instructions Pretend that you are a new data scientist for a tech start up. The CTO of the company has two queries he wants your help with. Firstly, the CTO has been reading about the Netflix data challenge and wants to run a similar contest to improve the company analytics. He wants to know if there are any issues he should be aware of. It turns out there has been significant research into the privacy vulnerabilities from the release of Netflix training data. Your report should address at a high technical level how it is possible to attack the anonymity of this data set. In particular, you should explain the following: 1. What a high dimensional sparse dataset is? 2. Why the Netflix data falls into this grouping? 3. In your opinion is it possible for a similar contest to go forward safely for the corporation? If yes, what changes would need to be made? Secondly, the CTO is thinking about bidding for a contract with a local government to build an image recognition system that will have access provided to the law enforcement. The image recognition system will capture the images of all people that enter the corporate premises, and will serve the purpose of security for the corporation. The CTO wants to know if there are any ethical issues associated with the capture and use of public images. 1. Do you think there are any ethical issues with such a contract? 2. Do you think these issues can be addressed? You may find the following citations helpful in getting started, but you may freely cite additional works Netflix http://www.sti.uniurb.it/events/fosad14/slides/deanonymization.pdf https://www.cs.utexas.edu/~shmat/shmat_oak08netflix.pdf https://cs.stanford.edu/~jtysu/anonymity.pdf https://www.cs.cornell.edu/~shmat/netflix-faq.html http://www.cs.columbia.edu/igert/courses/E6898/privacy-igert.pdf Image matching https://www.theatlantic.com/technology/archive/2016/04/the-underlying-bias-of-facial-recognition- systems/476991/ https://www.theverge.com/2018/7/26/17616290/facial-recognition-ai-bias-benchmark-test https://www.businessinsider.com.au/amazon-response-to-aclu-facial-recognition-study-congress-member- photos-2018-7?r=US&IR=T https://pdfs.semanticscholar.org/ca69/ebedd468b808f4a9a6f862245c5923777498.pdf Report structure The report of 2000 words could be structured in the following way: • Executive Summary of your report findings (200 words). • Privacy Issues (900 words) • A discussion on the privacy raised by these types of analytical datasets, the technical issues involved, and your opinion on if the contest should proceed. • Ethical issues and Analytics (900 words) • A discussion of the ethical issues that may arise from the use of machine learning in this context, and your opinion clearly stated. • A list of references that you have used (not part of the word count) What do I do now? • Start collecting and researching information. • Think creatively! • Develop the report in Microsoft Word. • Look at the assessment rubric and the unit learning outcomes to ensure that you understand what you are being assessed (and marked) on. Submission details Your assessment should be submitted as a Microsoft Word document via the unit site. Extension requests Requests for extensions should be made to Unit/Campus Chairs well in advance of the assessment due date. Please follow the link for detailed information and form: http://www.deakin.edu.au/students/faculties/sebe Special consideration You may be eligible for special consideration if circumstances beyond your control prevent you from undertaking or completing an assessment task at the scheduled time. See the following link for advice on the application process: http://www.deakin.edu.au/students/studying/assessment-and-results/special- consideration Assessment feedback You will receive a mark and feedback on your assessment task in the form of a rubric within two weeks of submission of your assessment. Referencing, plagiarism and collusion You must correctly use the Harvard method in this assessment. See the Deakin referencing guide. Any work that you submit for assessment must be your own work. Please note that this unit has systems in place to detect plagiarism and all submissions are submitted to this system. http://www.sti.uniurb.it/events/fosad14/slides/deanonymization.pdf https://www.cs.utexas.edu/~shmat/shmat_oak08netflix.pdf https://cs.stanford.edu/~jtysu/anonymity.pdf https://www.cs.cornell.edu/~shmat/netflix-faq.html http://www.cs.columbia.edu/igert/courses/E6898/privacy-igert.pdf https://www.theatlantic.com/technology/archive/2016/04/the-underlying-bias-of-facial-recognition-systems/476991/ https://www.theatlantic.com/technology/archive/2016/04/the-underlying-bias-of-facial-recognition-systems/476991/ https://www.theverge.com/2018/7/26/17616290/facial-recognition-ai-bias-benchmark-test https://www.businessinsider.com.au/amazon-response-to-aclu-facial-recognition-study-congress-member-photos-2018-7?r=US&IR=T https://www.businessinsider.com.au/amazon-response-to-aclu-facial-recognition-study-congress-member-photos-2018-7?r=US&IR=T https://pdfs.semanticscholar.org/ca69/ebedd468b808f4a9a6f862245c5923777498.pdf http://www.deakin.edu.au/students/faculties/sebe Submitting work, in whole or in part, that is copied or paraphrased from other authors (including students), without correct acknowledgement, is considered one of the most serious academic offences. This practice is equivalent to cheating in examinations and it may lead to expulsion from the University. For further information, you should refer to Regulation 4.1(1), Part 2—Academic Misconduct, via (Current university legislation). Please note that these regulations are not intended to discourage group work and exchange of views and information with other students and staff. Such interaction is most desirable, provided that you ultimately write your own answers and acknowledge any quoted sources. We see responsible attitudes to plagiarism as part of general good ethical practice. Ensure you have familiarised yourself with the rules and regulations on plagiarism and collusion. http://www.deakin.edu.au/about-deakin/faculties-and-divisions/administrative-divisions/university-solicitors-office/legislation http://www.deakin.edu.au/about-deakin/faculties-and-divisions/administrative-divisions/university-solicitors-office/legislation SIT719 Security and Privacy Issues in Analytics Assessment Task 1 rubric: Privacy/Security Issues Report CRITERIA PERFROMANCE INDICATOR EXCEEDS STANDARD MEETS STANDARD YET TO ACHIEVE MINIMUM STANDARD High distinction 80– Distinction 70–79 Credit 60–69 Pass 50–59 Fail 0-49 Criteria 1: Executive summary 20% Provides a comprehensive description, with detailed evidence of the analysis of the issues that has been undertaken through both the executive summary and the conclusion. Depth and insight clearly shown Provides a good description, with clear evidence of that analysis of the issues has been undertaken and expressed. Depth and insight clearly shown in some areas. Provides a basic description of the task via the executive summary and conclusion and there is some evidence of analysis of the issues. Depth and insight is sometimes shown but not always well expressed. Provides a simple description of the task via the executive summary and conclusion but not evidence of analysis of the issues. Depth and insight is not clearly shown. No demonstration of analysis via the executive summary and conclusion. Provides no meaningful information related to the task. Criteria 2: Privacy assessment 40% Provides an assessment which shows high level initiative and technical understanding while being extensively supported by theory and practical examples. Provides an assessment which shows some well developed initiative and technical understanding while being supported by clearly by theory and practical examples. Provides an assessment which shows some initiative and technical understanding and is supported by theory and practical examples. Provides an assessment which shows little initiative and technical understanding and is not supported clearly by theory and practical examples. Provides no meaningful information related to the task. No analysis has been undertaken that is relevant to an assessment of either the security or privacy issues Criteria 3: Ethical assessment 40% Provides a comprehensive demonstration of such an assessment and presents in a manner wholly appropriate for a professional assessment Provides a good demonstration of such an assessment and presents in a manner wholly appropriate for a professional assessment Provides a basic demonstration of such an assessment and presents in a manner wholly appropriate for a professional assessment. Does not demonstrate a Professional understanding of such an assessment and fails to present in a manner appropriate for such a professional assessment. Has not recognised and demonstrated an understanding of the constraints associated with ethical, regulatory and governance matters.