Technology competence for the constructive use of AI-based technology in companies
![[Translate to English:] [Translate to English:]](/fileadmin/_processed_/3/b/csm_CAIL_iStock-466959513_9b7ed39d1b.jpg)
Stefan Strauß is a social and computer scientist researching at the nexus between IT and society, particularly on governance of socio-technical systems, privacy, security and surveillance, digital identity and privacy impact assessment. Current research focus on big data, artificial intelligence and machine learning. Further research interests include information- and computer ethics.
Born and raised in Upper Austria, Strauß received his diploma in business informatics/information systems specialising in information engineering and management at the Johannes Kepler University in Linz in 2007; his thesis dealt with e-government and its perspectives on electronic democracy. Strauß earned his PhD at the Technical University of Vienna (2018) in social and economic sciences. In his doctoral thesis, he analysed the interplay of privacy and socio-technical identification practices and developed a framework for privacy impact assessment based on a typology of identifiable information.
After a stay abroad in Berlin, Strauß worked in the field of e-participation between 2006 and 2007 and was involved in organizing and planning ICT-supported participation processes. Until 2008, he worked as web- and software systems engineer in a variety of software development projects. Since 2008 Stefan Strauß has been a researcher at the ITA in the field of information society, with a focus on e-democracy and the politics of information technologies. His scope of research includes a number of European research projects, e.g., on identity management, cloud computing and social networks, ICT-supported participation processes and e-democracy in Europe; security and vulnerability of critical infrastructures, the nexus between privacy, security and surveillance from the perspective of European citizens.
His publication record involves a number of peer-reviewed articles and book chapters; main foci include, e.g., methods of citizen and public participation, identity management in the information society, privacy impact assessment, the tensions relationship between privacy and security, or the societal controversies of big data technology.
With social network sites (SNS) becoming a pervasive phenomenon, already existing conflicts with privacy are further intensified. As shown in this paper, online and (once) offline contexts increasingly conflate, thereby posing new challenges to the protection of the private sphere. SNS quickly evolve their features and challenge privacy preferences, often without user consent; “social graphs” make social relations extensively transparent; social plugins interconnect user traces from inside and outside the SNS. As large amounts of personal information available in SNS are processed with rich context information, the individual’s informational self-determination is heavily strained. These data attract potential and real observers for behavioural advertising and profiling by security authorities alike. We argue that emerging SNS usage (social plugins, increasing role of biometrics, mobile computing) multiplies privacy challenges as all privacy types become affected. This raises additional demand for public policy to foster privacy-by-design combined with awareness-raising mechanisms to improve informational self-determination.
The paper reviews various eco-feedback systems including carbon calculators and discusses how different disciplinary approaches conceptualise and explain anticipated impacts of these systems. The European collaborative research project e2democracy investigates how citizen participation combined with long-term CO2 monitoring and feedback can contribute to achieve local climate targets. Empirical results from local climate initiatives in Austria, Germany and Spain show positive effects in terms of learning about CO2 impacts, increased awareness, enhanced efforts and guidance as well as individual empowerment leading to slightly reduced CO2 emissions. The findings highlight that a combined approach integrating eco-feedback and (e‑)participation is promising to foster sustainability.
The emergence of identity management indicates that the process of identification has reached a stage where analog and digital environments converge. This is also reflected in the increased efforts of governments to introduce electronic ID systems, aiming at security improvements of public services and unifying identification procedures to contribute to administrative efficiency. Though privacy is an obvious core issue, its role is rather implicit compared to security. Based on this premise, this paper discusses a control dilemma: the general aim of identity management to compensate for a loss of control over personal data to fight increasing security and privacy threats could ironically induce a further loss of control. Potential countermeasures demand user-controlled anonymity and pseudonymity as integral system components and imply further concepts which are in their early beginnings, e.g., limiting durability of personal data and transparency enhancements with regard to freedom of information to foster user control.
Cloud Computing and Social Network Sites (SNS) are some of the most controversially discussed IT developments in recent years. Huge expectations exist for Cloud Computing, providing lower costs of computing while increasing employment. However, Cloud Computing as well as the use of SNS may come with a substantial risk of losing data privacy. The project conducted on Cloud Computing Services and Social Network Sites addressed the potential and impacts of these technologies. The project report showed that (1) adequate data security and privacy are critical but difficult to achieve, that (2) more consumer protection is needed and that (3) the market for Cloud Computing is not growing as fast as initially forecast, resulting in a lower than expected increase of employment and lower contribution to GDP growth.
Studie im Auftrag des Präsidiums der Österreichischen Akademie der Wissenschaften
Wien, März 2017 (überarb. Fassung v. Juni 2016)
Institut für Technikfolgen-Abschätzung
der Österreichischen Akademie der Wissenschaften
Projektleitung: Walter Peissl
Autoren: Stefan Strauß, Jaro Krieger-Lamina
Cloud computing and social network websites (SNS) are part of the same societal transformation prominently exemplifying a paradigm shift stating that “the network is the computer”1. While cloud computing includes a variety of technical concepts, SNS represent a broad scope of services and applications addressing mostly end-users. Interrelations are particularly given as regards privacy and security challenges. This is also a core part of this report as privacy is among the heavily debated concepts of our contemporary societies – highlighted in particular by SNS.
The report is structured in four main parts: The first part (Sections 1-3) gives a broad overview on the evolution of SNS describing the main stages in the development process, the major factors determining the current state-of-the-art including insights into user motivations. Section 3 presents the main driving factors determining the current SNS, their main characteristics as well as core functionality of SNS. Based on these elaborations the second part (Section 4) gives an overview on the spectrum of identified societal impacts, discusses the role of SNS as a form of a (digital) semi-public space, as well as their potential for political participation and knowledge production. Section 5 analyses in more depth the privacy implications of SNS including some technical aspects and privacy-by-design concepts. The final Section 6 summarizes the key findings and draws conclusions referring to possible options to address the challenges identified.
Cloud Computing and Social Network Sites (SNS) are among the most controversially discussed developments in recent years. The opportunities of using powerful computing resources on demand via the web are considered as a possible driver for the growth of the European economy. However, there are also critics arguing that economic, social and technical risks prevail or even dismiss the potentials of Cloud Computing and SNS. This project sheds light on these aspects and analysed more specifically, the latest technological and economic developments, driving factors and barriers in Europe, the main actors and their respective interests, the impacts on citizens, business and public administrations and, a broad range of technical, economic, cultural, legal, regulatory issues and their impacts. It showed that at the moment, there is a chance to achieve multiple Cloud Computing and SNS related goals simultaneously. There are no contradictions between assuring European citizens, secure, privacy aware, legally certain and fair use of Cloud Computing and SNS and in increasing the competitiveness of European ICT industries. Moreover it is possible to exploit the potential of Cloud Computing and SNS to the benefit of both the European economy and society at large. Based on this a set of options for European policy makers grouped into four themes with in total 16 options was derived.
Make security a commodity
1. Support the development of open and secure software and hardware and encryption methods.
2. Encourage the use of checklists and security certifications.
3. Assess the economic viability of large hardware security modules.
4. Initiate a dialogue on the structure and governance of the Future Internet.
Establish privacy as a location advantage
5. Proceed with the modernization of data protection.
6. Establish the principles of security and privacy by design.
7. Support the creation of a European Data Protection Board.
8. Ensure the extrate
Cloud Computing and Social Network Sites (SNS) are among the most controversially discussed developments in recent years. They are both part of the same societal transformation referring to a paradigm shift stating that “the network is the computer”. The opportunities of using powerful computing resources on demand via the web are considered as a possible driver for the growth of the European economy. Especially cost savings as well as increased productivity and mobility are seen as key elements by many experts. However, there are also critics arguing that economic, social and technical risks prevail or even dismiss the potentials of Cloud Computing and SNS. This project sheds light on these aspects and analyses the potentials and impacts of these developments. This includes a review of the technological and economic developments Cloud Computing is based on, an identification of driving factors and barriers for Cloud Computing in Europe as well as of main actors and their interests; and an analysis of impacts on citizens, business (including the IT industry itself) and public administration including a broad range of technical, economic, cultural, legal, regulatory issues and the impacts on society and economy as a whole. Cloud Computing not least includes a variety of technical concepts that alter computing infrastructures. SNS represent a prominent phenomenon grounding on Cloud Computing with a wide array of services and applications mainly focussed on end-users. Particular interrelations are given in terms of privacy and security challenges which are main issues addressed by the analysis of SNS related impacts.
This document represents the report for Phase 5 of the STOA project “Potential and Impacts of Cloud Computing and Social Network Sites”, presenting the key findings of this phase. Cloud computing and social network sites (SNS) are part of the same societal transformation prominently exemplifying a paradigm shift stating that “the network is the computer”1. While cloud computing includes a variety of technical concepts, SNS represent a broad scope of services and applications addressing mostly end-users. Interrelations are particularly given as regards privacy and security challenges. This is also a core part of this report as privacy is among the heavily debated concepts of our contemporary societies – highlighted in particular by SNS.
The report is structured in four main parts: The first part (Sections 1-3) gives a broad overview on the evolution of SNS describing the main stages in the development process, the major factors determining the current state-of-the-art including insights into user motivations. Section 3 presents the main driving factors determining the current SNS, their main characteristics as well as core functionality of SNS. Based on these elaborations the second part (Section 4) gives an overview on the spectrum of identified societal impacts, discusses the role of SNS as a form of a (digital) semi-public space, as well as their potential for political participation and knowledge production. Section 5 analyses in more depth the privacy implications of SNS including some technical aspects and privacy-by- design concepts. The final Section 6 summarizes the key findings and draws conclusions referring to possible options to address the challenges identified.
This report focuses on the impacts of Cloud Computing and the resulting challenges. It is based on an evaluation of the available scientific and industry literature, as well as on expert interviews. It should be mentioned that statements regarding Cloud Computing in reports and media on this are often contradictory. One reason for this is that various definitions are used. Some authors apply “cloud washing” and rename traditional outsourcing or web services. Based on the previous deliverable we focus on common used definitions such as the one from NIST. A second issue is that statements often are based on experts estimation due to lack of reliable time series of data. This explains the great bandwidth of results, which have to be taken with care.
Deliverable No. D1.1 of the (FP7-) Project "IRISS – Increasing Resilience in Surveillance Societies". Objective: To investigate societal effects of different surveillance practices from a multi-disciplinary social science and legal perspective.
A report addressing and analysing the factors underpinning the development and use of surveillance systems and technologies by both public authorities and private actors, and their implications in fighting crime and terrorism, social and economic costs, protection or infringement of civil liberties, fundamental rights and ethical aspects.
The take-up of Cloud Computing is one of the most controversial developments within the Information and Communication Technologies (ICT) in the last years. While its proponents argue with cost, security and technological advances that will result in more innovation and growth, its opponents argue the opposite way. Therefore the aim of this report is to lay the foundations for the overall project examing the challenges, impacts and benefits of Cloud Computing. This includes:
...to analyse the basic concepts (incl. definitions, characteristics etc.) as well as the evolution of the concept (incl. predecessors and related concepts) and the underlying technologies; to review the market situation (incl. on overview of offered services and existing providers) and to analyse the adoption and usage patterns of Cloud Computing;
...to identify driving factors and barriers based on existing literature as well as an initial assessment of indentified factors.
This document is the result of the consultation phase of the STOA-project “Potential and Impacts of Cloud Computing Services and Social Network Sites”. It addresses in the first place cloud computing and furthermore social network sites. While Cloud computing (CC) has broad implications for all areas of society and business applications are perhaps crucial for its sustained breakthrough, social network sites (SNS) have their main impact on relationships between private citizens or private citizens and businesses. Beside the impact on the IT industry itself, the development of both is also seen as pivotal for the overall competitiveness of the European economy and society. However, both also pose a number of challenges for enterprises as well as for private citizens. There could be increasing virtualisation of the processing of personal and other sensitive data that is transmitted and stored by commercial providers on servers situated in a location unknown to the costumer. Given these challenges, it is not clear whether both and in particular cloud computing will meet its potential and the high expectations connected to it. Therefore the goal of the project is to analyse this blurry situation and to assess potentials as well as positive and negative impacts for citizens, business and public authorities from a European perspective.
This interim report summarises the results of the first project phase, which lasted from April 15th to June 15th 2012. The main objective of this first project phase was the development of a detailed plan for the next four phases of the project. A preparatory meeting, held in May 2012, and several telephone conferences during the consultation phase with the project partners were very instrumental in discussing and prioritising research themes and issues.
The report itself consists of two parts. The main part presents an introductory overview of the debates on Cloud Computing Services and Social Network Sites and their
-> Today, social and economic processes are highly dependent on different technologies and their interaction.
-> Critical infrastructures are therefore the "main artery" of the digitally networked society and their functionality is essential for the provision of services of general interest.
-> System failures due to external risk factors, errors inherent to the system or unknown weak points can seriously impair the stability of societal processes.
-> The creation of effective security measures requires above all a greater awareness of the previously underestimated problem of system dependencies.
-> Gesellschaftliche und wirtschaftliche Prozesse sind heute hochgradig von verschiedenen Technologien und deren Zusammenspiel abhängig.
-> Kritische Infrastrukturen sind damit die „Hauptschlagader“ der digital vernetzten Gesellschaft, deren Funktionsfähigkeit wesentlich für Daseinsvorsorge und Grundversorgung ist.
-> Systemausfälle durch externe Risikofaktoren, systemimmanente Fehler oder unbekannte Schwachstellen können diese Funktionsfähigkeit gravierend beeinträchtigen.
-> Die Schaffung wirksamer Sicherheitsmaßnahmen erfordert vor allem mehr Bewusstsein für die bislang unterschätzte Problematik von System-Abhängigkeiten.
-> Big Data steht für die Auswertung großer Datenmengen mittels digitaler Technologien und verspricht neue Einsichten und verbesserte Entscheidungsfindung in vielen Bereichen.
-> Potenzielle Anwendungen reichen von Trend- Prognosen bis zu medizinischer Forschung. Um das Potenzial auszuschöpfen braucht es ein tieferes Verständnis über Funktionen und Risiken.
-> Big Data kann Komplexität deutlich erhöhen und gepaart mit Automatisierung unerwartete gesellschaftliche Folgen mit sich bringen. Zentrale Anforderungen zur Risikobegrenzung sind Transparenz und Überprüfbarkeit von Big-Data-Analysen.
Autor: Stefan Strauß
-> Big Data steht für die Auswertung großer Datenmengen mittels digitaler Technologien und verspricht neue Einsichten und verbesserte Entscheidungsfindung in vielen Bereichen.
-> Potenzielle Anwendungen reichen von Trend- Prognosen bis zu medizinischer Forschung. Um das Potenzial auszuschöpfen braucht es ein tieferes Verständnis über Funktionen und Risiken.
-> Big Data kann Komplexität deutlich erhöhen und gepaart mit Automatisierung unerwartete gesellschaftliche Folgen mit sich bringen. Zentrale Anforderungen zur Risikobegrenzung sind Transparenz und Überprüfbarkeit von Big-Data-Analysen.
Autor: Stefan Strauß
-> New surveillance technologies allow ever deeper observation of the lives of each individual.
-> Security measures are increasingly reliant upon surveillance technologies, based on the claim that more security requires infringements of fundamentalrights.
-> Citizens have more nuanced views: although the use of surveillance technologies is not rejected as such, it remains a contested issue. Therefore their utilisation should be limited categorically and strictly regulated and controlled.
-> The protection of personal data needs to be improved and ensured, also the case of security technologies. In addition, security should remain a public sector responsibility and social root causes of insecurity need to be addressed and solved.
Authors: Johann Čas, Walter Peissl, Jaro Krieger-Lamina, Stefan Strauß
-> Neue Überwachungstechnologien ermöglichen immer tiefere Einblicke in das Leben eines jeden Einzelnen von uns.
-> Sicherheitsmaßnahmen greifen mehr und mehr auf Überwachung zurück, mit dem Argument, dass ein Mehr an Sicherheit eben Eingriffe in Grundrechte erfordere.
-> BürgerInnen sehen dies differenzierter: Der Einsatz von Überwachungstechnologien wird nicht per se abgelehnt, aber kritisch gesehen und sollte daher prinzipiell begrenzt, strikt reguliert und kontrolliert werden.
-> Der Datenschutz sollte verbessert werden, auch bei Sicherheitstechnologien. Außerdem sollte Sicherheit eine öffentliche Aufgabe bleiben und die sozialen Wurzeln von Unsicherheit müssten bekämpft werden.
Autoren: Johann Čas, Walter Peissl, Jaro Krieger-Lamina, Stefan Strauß
-> Nowadays, social network sites (SNS) such as Facebook or Twitter are ubiquitous. They increasingly develop into platforms combining many services.
-> SNS endanger privacy to a large extent as the relationships, contents and interactions displayed there can be matched to individuals.
-> The right of informational self-determination – that is the right to decide oneself about the disclosure and usage of one’s personal data – can hardly be exercised in a world characterised by SNS. In addition, this is aggravated by providers’ terms of use and business models, which favour large-scale linking-up.
-> Not least the recently discovered surveillance scandals underline the pressing need to design SNS in a privacy-enhancing manner. Privacy-by-design is essential when it comes to re-establishing the trust of the users.
-> Soziale Netzwerkseiten (SNS) wie z.B. Facebook oder Twitter sind heute allgegenwärtig. Sie entwickeln sich zunehmend zu Plattformen, die viele Dienste miteinander verknüpfen.
-> SNS berühren in hohem Maße die Privatsphäre, da die darin abgebildeten Beziehungen, Inhalte und Interaktionen Individuen zugeordnet werden können.
-> Das Recht auf informationelle Selbstbestimmung – also das Recht, selbst über die Preisgabe und Verwendung seiner personenbezogenen Daten zu bestimmen – ist in einer durch SNS geprägten Welt schwer durchsetzbar. Zusätzlich erschweren das die auf breite Vernetzung ausgelegten Nutzungsbedingungen und Geschäftsmodelle der Anbieter.
-> Dies, sowie die jüngst bekannt gewordenen Überwachungsskandale, machen den dringenden Bedarf nach einer die Privatsphäre fördernden Gestaltung von SNS („Privacy-by-Design“) deutlich. Privacy-by-Design ist entscheidend, um das Vertrauen der NutzerInnen wiederherzustellen.
Tel.: (+43-1-) 51581-6599
Fax: (+43-1-) 51581-6570
Bäckerstraße 13, 1010 Vienna
sstrauss(at)oeaw.ac.at
vCard