RESEARCH TRIANGLE PARK – IBM is calling for a set of new “design princples” to be followed in building high-tech products as a means of fighting what Big Blue describes as “technology-facilitated abuse.”
IBM’s Policy Lab issued the guidelines Thursday in response to the increase of abuse being reported during the ongoing COVID-19 pandemic.
“Technology-facilitated abuse is a challenging issue, and there is no simple solution to eliminate it. However, by making subtle decisions—balancing intended with unintended consequences—it is possible to design technology to be resistant to it,” wrote Lesley Nuttall, who is part of the team at the IBM UK, Academy of Technology.
Citing “a recent UN report exploring the impact of COVID-19 on women highlighted a trend of increased abuse as homes are placed under strain from self-isolation and lockdown,” Nuttall noted that abuse “has become so widespread that UN chief António Guterres is calling for measures to address this ‘horrifying global surge in domestic violence.'”
Nuttall spelled out the “five key design principles to make products resistant to coercive control.”
The principles:
1. PROMOTING DIVERSITY
Having a diverse design team broadens the understanding of user habits, enabling greater exploration of use cases, both the positive and the negative. Often when developing a new technology, designers have target users in mind. However, they might not be the only type of users that end up using the technology, with other users often leveraging tech in unexpected ways.
2. GUARANTEEING PRIVACY AND CHOICE
Users need to be able to actively make informed decisions about their privacy settings. Small red buttons, or phrases like ‘advanced settings’ can intimidate users, causing them to pick the default settings without necessarily understanding the consequences of that choice. Settings should be simple to understand and easy to configure, and their presentation should not try to influence the user. Include periodic notifications for the user to review configuration that results in data being shared and ensure a diverse user base is considered when establishing default privacy settings.
3. COMBATING ‘GASLIGHTING’
Gaslighting is when a person manipulates someone psychologically into doubting their memories and judgment. If a user can remove all evidence of an action taking place, or if there never was any evidence, this could lead to someone starting to question their memory. Timely and pertinent notifications as well as auditing are essential for making it obvious who has done what and when. Technology needs to be transparent about where changes have been made and when remote functionality is triggered, making it difficult to obscure or hide gaslighting attempts. Where appropriate, a local override for a remote activation should be provided, empowering users with the ability to choose to retain control of their environment. The user interface and design around such notifications and auditing should be treated with equal importance to that of the regular function of the product, and not assigned to some corner of the interface that is hard to find.
4. STRENGTHENING SECURITY AND DATA
It is important that products are secure, only collecting and sharing necessary data, thereby limiting the risk that they could be used maliciously. This involves thinking beyond the traditional security threat models and paying attention to the potential risk trajectories if the technology is used to abuse. For example, it is common that many home computer-based devices/services are managed by one user, even though they are used by many members of the family (e.g. virtual assistants, subscription channels, family calendar/data sharing plans, etc.). An intuitive and easy way for family members to subscribe and unsubscribe could be a more effective model, empowering users with joint control.
5. MAKING TECHNOLOGY MORE INTUITIVE
Victims of coercive control live in complex, ever-shifting worlds and may lack the energy or confidence to navigate new technologies. If all end user technology was intuitive to use and understand, this could help reduce the risk of abusers dominating with their greater technical confidence, either with threats or by installing applications the victim doesn’t understand. The combination of ease of use and an auditing feedback loop to every user can provide reassurance to a potential victim that they are not being controlled by the technology in question.
The rise of IoT
Nuttall noted the rise of the Internet of Things and how linked devices pose a threat when it comes to abuse.
“There could be 125 billion internet-connected devices by 2030. As these devices become more prevalent, abusers will have more tools to manipulate their victims,” she wrote.
“It is critical that we safeguard new technology with strong anti-abuse protections by default so that abusers cannot use these tools to harm victims. Making technology resistant to coercive control ensures that others cannot exploit inventions, tarnish intentions, or dim the light of technological achievement. Most importantly, it is a key step towards making the tech world safer for all of us.”
