16.00 UTC = 9:00 PT = 12.00 ET =18:00 CEST = 21:30 IST Zoom Meeting Link https://zoom.us/j/99429712733?pwd=K214bTM4cG54YzZYVnZCL1I5MEdQQT09

Meeting Recording

Main Goal of this meeting: Expert Series 4

Attendees: Nicky Hickman Phil WolffAnita Rau, Karen Elliott, Aad van Moorsel Andrew Slack Jacques Bikoundou Vikas Malhotra Judith Fleenor Rebekah Skeerte; Shireen Mitchell

Time	Item	Lead	Notes
2 mins	Welcome & antitrust notice Agenda review	Andrew	Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role. Join ToIP if not already a member Consent to meeting recording?
8 mins	Intro's & Updates	Kalin	Next expert series 16th June Manu Chatterjee instrumental in the creation of the Palm webOS and new rituals around device pairing, ahead of Apple Article here on his team journey = https://www.theverge.com/2012/6/5/3062611/palm-webos-hp-inside-story-pre-postmortem Interview the Experts: Implementers: Dan Gisolfiagreed - round table discussion format, questions to be curated ahead All to start adding questions, please either put in Slack or add to this page on our wiki. Will be scheduled for July to allow for working sessions interspersed with expert and interview sessions. Karen Elliott - See below Anita Rao - working on EFWG governance framework ToIP Member Vikas Malhotra - ToIP Member, Founder & CEO of ___ Technologies, last 15 years working w/ cloud systems at Microsoft. Jacques Bikoundou- Blockchain technologist working w/ digital identity, main work has been w/GF - e.g. SSI Covid Passport Aad va Moorsel - see below Andrew Slack - Design Strategist working on SSI & privacy preserving digital currency at SICPA in switzerland
45 mins	Expert Series 4. AGENCY - Complex harms reduction through co-design of socio-technical systems in FinTech		Speakers *Aad van Moorsel* is a Professor in Computer Science specialising in cyber security, specifically interdisciplinary research at the intersection of computing, psychology, and social sciences. He has been Principal Investigator of several interdisciplinary projects, funded by UK, EU, and USA funding bodies. His work includes the study of economic mechanism design to incentivize healthy security behaviour, the research in choice architecture for that purpose and more recently the study of trustworthy AI systems. *Karen Elliott* is an Associate Professor in Enterprise/Innovation, specialising in socio-technical interdisciplinary research between business, technology, and social sciences. Named ‘Standout #35 Women in FinTech Powerlist by Innovate Finance’, she is the Co-Investigator of FinTrust (EPSRC) and Finclusion (Gates Foundation/Turing Institute) projects with Prof van Moorsel and forms part of the IEEE Ethical AI and ForHumanity Committees. Her work examines FinTech, trust, digital ethics, and Corporate Digital Responsibility (CDR), to promote an equitable digital society. Description of Event: Introduces a new research program that explores complex online harms linking to Corporate Digital Responsibility and FinTech. Engaging with the general UK population and identifying demographic markers that intersect with complex harm, AGENCY will establish interdisciplinary co-design principles, technology foundations and collaborative governance procedures to assure online citizen agency in the presence of multiple stakeholder interests. For AGENCY to succeed, we will provide a profound understanding of the role of agency in reducing complex online harm and will deliver collaborative methods, technological building blocks and scientifically grounded best practices for our society to provide more proactive and structured approaches to protecting citizens online. We explore agency, law, policy, ethics, corporate digital responsibility, the economics (cost/benefit) of online harms and develop a co-designed platform to reduce online harms. New programme that is is Initiation phase: Funded by UK GOV through UKRI - 3 year program where 10 people will look at agency on the internet, multi-disciplinary approach (culture, legal, business, design, computer scientists interested in AI & IoT. All will come together to work on a number of case studies, where we ant to explore AGENCY where results in online harm and / or a feeling of safety on the Internet, 4 case studies (1. Smart Home, 2. Identity Mgt, How can people use these technologies productively and whilst retaining control of data; 3. Fake News working w/ the BBC - misinformation & disinformation in news and in financial system; 4. Personal well-being & health; particular tech used through wearables & apps, e.g. female health technologies working w/ Swiss Health, specialist in female health products; Work with local groups on the ground, e.g. women who are victims of domestic violence, co-design w/ all stakeholders Co-design is key to success of this project. Divided into diffferent work packages - will mainly be focused on current legislation and regulation (e.g. from FCA Financial Conduct Authority in UK) pushing 'Consumer Duty'- How and when are businesses checking for vulnerabilities. Heavily focused on Corporate Digital Responsibility. Shift in focus of responsibility to organizations otherwise consequences in ESG and UNSDG outcomes. Many considerations with current UK Online Safety Bill - part of the research will be focused on boundaries and alignment with these tech. Goal is to protet the consumer in the end - this goes across Economics, Environment Sustainability, Important to work with colleagues in law, how can the tech enforce governance & compliane w/law. Finally what is the cost/benefit analysis for businesses particularly with respect to vulnerable customers. Want to collaborate w/ groups like ToIP to understand different ways of addressing. Also have won money for Fintech network which will launch in September - there will be funds for distribution in collaboration w/ academics - common themes are co-creation with academia and business and folks on the ground. Profit must have a purpose not conflict w/ purpose together w/ethics by design Question from Vikas How can my start-up participate? Aad: Will organize workshops around the subjects and will then be organized after the summer, then we will invite participants For FS network will be possible for many to become members of the network, partnerships are especially important. Want to set up a network of researchers and innovators with an academic interest. Starting in september have human first approach - not consumer or customer always = see https://www.woplli.com/architecture-principles Karen is already an ambassador for Digital Poverty Alliance, background in behavioural psychology & sociology so always start with human, Aad : likes the approach; Question from Nicky Perspectives on Agency and autonomy Karen answer - this is why we work x-disciplinary perspectives - what is agency and how is that interpreted online and how does it play out online. Will be addressed in a fundamental way in the project Andrew question: How easy is it for an individual to give informed consent to data use / processing - are there ways that we can shape a standard for some of this Karen: Yes this is part of the Consumer Duty Framework - if informed then you have agency - but then we come back to harms (e.g. coercion) - hard to define like Trust - has starts to have consequences in law - so the contractual / consent process is key. e.g. Standard visual practice - for communicating complex consents and what the data is used for and how it is stored. Aad: Standards angle is interesting, addressed in AGENCY project so that the designers in the project co-design w/ stakeholders. In this standardized approaches dont work unless set up that way. Anita Rao - with Smart Home - how do you intend to go about addressing the needs in Smart Home - you have no idea what they're ingesting, how they're going to use it, etc How do you go about managing this? Aad: New House here in Newcastle, Google Home installed took me 6 months to turn it off and still control the system. Even as a computer scientist. Key issue is why should any data go to the provider? Also looking at future homes including ambient assisted living, Also some future thinking - in Newcastle will build some of these smart homes Karen: Also sit on a group focused on Dementia support - always presented with centralized solutions. Who's business model is it? Who's profiting. Almost no control, transparency, unethical billing or new service packages. Agency is a key factor in resilience & capability indicators of vulnerability Anita Rao - when we sign up for these services and when they collect the data legal basis is always about 'improving services' - if it is not aggregated and anonymized and is personalized what are the consequences. Karen: good questions, but tech is not the panacea, who is really benefiting, still the profit/purpose debate - profit still wins. Better clarity needed on what this means for me and my data. Vikas: How about the unknown data users, not just big known ones like Meta & Google. EG childrens' toys using AI. Karen: Main focus is on financial sector, but understand that this works for non trad finance: - established companies using in a pretty well regulated way, whereas start-ups are under the radar. Need courageous leadership from influencers to address harms early on; regulators should not always be playing catch-up. Andrew: Related research of interest https://anatomyof.ai. Note changing interaction models moving from physical, to screen based, to voice based or in gaming environments with blended & virtual realities. Might be signing up in new and unusual ways. New models of modes of interaction in research will also be interesting. Nicky - hopes for future as outcomes from the research Aad - decentralized architectures to make more practicable and meaningful for people; something start-up on tech that we develop; law & business hope will be targeting influence on policy Karen - law school will support policy influence, maybe also policy standards, also needs to be dynamic and able to change, maybe through an agile process. We don't want to reinvent what ToIP are doing but elevate to a new level, back up with evidence and the research to give stronger tools to policy and governments. What can we do to make positive change to people's lives. There will be a spin-out, best practice guidance. Anita: Thank you this was a great discussion. Very important work. Please share progress and let us know how we can help.
5 mins	Actions & follow up		Jim StClair to share use case / case study Phil Wolff to outline potential blog post: "Challenges of human consent at scale" List of challenges: Cognitive limits. Useful fictions and metaphors. Opacity of devices with wallets. Friends-of-Friends-of... consent cascades. Consent on behalf of private enterprises, families, etc. Consent for audiences (different ages, languages, abilities, cultural references). How to communicate threat models, chances, and consequences of each decision in ways that allow for meaningful consent. UX design concerns: timing relative to contexts, user goals, usability, accessibility, visual emphasis, semiotics. Avoiding dark patterns. Applying the list to the ToIP stack, to product design, to research agendas. Nicky Hickman to add HX Terms Wiki Kalin to map stakeholders and steps in decision making to achieve goals using Alice Faber ACME use case, then we can map decisions against it. Kalin to see if Dan Gisolfi will join us for first implementer interview.. Also potential reach out to Darrell O'Donnell Riley Hughes and Karl Kneis

Browser not supported