There is currently intense debate about the significance of user consent to data practices. Consent is often taken to legitimate virtually any data practice, no matter how invasive. Many scholars argue, however, that user consent is typically so defective as to be ‘meaningless’ and that user privacy should thus be protected by substantive legislation that does not rely (or does not rely heavily) on consent. I argue that both views rest on serious mistakes about the validity conditions for consent. User (...) consent is sufficiently impoverished that it does not guarantee legitimacy but is not so impoverished as to be ‘meaningless’; it can legitimate data practices that are independently reasonable but not those that are exploitative. Since many valuable data practices must be consented to if they are to be legitimate (or so I argue), our privacy legislation should continue emphasizing the importance of user consent, even if auxiliary protections are also desirable. (shrink)

Embedding ethics modules within computer science courses has become a popular response to the growing recognition that CS programs need to better equip their students to navigate the ethical dimensions of computing technologies like AI, machine learning, and big data analytics. However, the popularity of this approach has outpaced the evidence of its positive outcomes. To help close that gap, this empirical study reports positive results from Northeastern’s program that embeds values analysis modules into CS courses. The resulting data suggest (...) that such modules have a positive effect on students’ moral attitudes and that students leave the modules believing they are more prepared to navigate the ethical dimensions they’ll likely face in their eventual careers. Importantly, these gains were accomplished at an institution without a philosophy doctoral program, suggesting this strategy can be effectively employed by a wider range of institutions than many have thought. (shrink)

Technology companies are increasingly being asked to take responsibility for the technologies they create. Many of them are rising to the challenge. One way they do this is by implementing “guardrails”: restrictions on functionality that prevent people from misusing their technologies (per some standard of misuse). While there can be excellent reasons for implementing guardrails (and doing so is sometimes morally obligatory), I argue that the unrestricted authority to implement guardrails is incompatible with proper respect for user freedom, and is (...) not something we should welcome. I argue instead that guardrails should be implemented for only two reasons: to prevent accidental misuse of the technology, and as a proportionate means of preventing people from using the technology to violate other people’s rights. If I’m right, then we may have to get more comfortable with developers releasing technologies that can, and to some extent inevitably will, be misused; people using technologies in ways we disagree with is one of the costs of liberty, but it is a cost we have excellent reasons to bear. (shrink)