Research Ethics and Why IIIT Needs to Catch Up

Introduction

Picture this. It’s a conference where your paper has been published. There is a researcher presenting his paper in front of a curious audience. He proudly proclaims – This will be useful in making mass surveillance systems more effective! There are a few muffled gasps, but besides that, people don’t bat an eye.

This was the experience of a student from IIIT attending a conference in Japan. He was struck by the obliviousness, intentional or otherwise, on the part of the researcher and his unconcerned pride in his research.

His experience raises many questions. What are the consequences of our research? Are we aware of the consequences at all? Are we responsible for how our research may be used? If so, to what extent? These questions are but the tip of an iceberg. The most important question for us, however, is—are we, as researchers at IIIT, cognizant of these questions and do we put an effort towards self regulation?

Consequences of Research

While it goes without saying that research in some fields has apparent dangers—anything nuclear, for example—research in computer science comes off as relatively harmless. But the extent of research in computer science has now crossed a point where it must be taken seriously and researchers must put a conscious effort into recognizing the (un)intended uses of their research.

Take Facebook’s machine learning algorithms that analyze user data and essentially represent each of its billion users as a cumulation of whatever they have shared on their platform. Think about it this way, they can compress people’s personas on the basis of their data and form a fairly accurate individual representation.

The benefits of such a representation are undeniable. The auto tagging in pictures, helping the visually impaired use Facebook or a better newsfeed are all benefits.

But how safe is such a representation? For all practical purposes, Facebook’s data is the US government’s data, which the US uses to profile people all around the world, curtail essential freedoms and subvert human rights.

Another example of benign sounding research that can be dangerous is that of user engagement research. Products are designed today in order to be overly addictive. User engagement is one thing, but trying to ensure that every move that a user makes online stimulates a certain section of the brain and releases certain chemicals that all but ensures that people are drawn towards the product, is another. It is essentially identifying people’s weaknesses and exploiting them. An example of this would be the drag to refresh option on most apps in mobile phones. It gets people to manually refresh even though it doesn’t serve any practical purpose as most apps update their content automatically.

Data Collection

Data collection is an important and essential facet of research. Whenever anything is uploaded on Facebook, that’s exactly what is happening from the side of a researcher at Facebook—collection of data.

Credits: XKCD comic by Randall Munroe

While Facebook probably has a convoluted terms of service that users supposedly reads and consent to, and while that may not be ethical by itself, the data collection takes a slippery slope when it comes to an independent researcher from a university. The reason being that there is usually not an implicit consent for data that is collected and it must be explicitly sought as as when data is collected and/or used.

The article Data and IIIT, in last year’s April issue of Ping, highlighted a few cases of data being collected and used for research without consent. Between then and now, little seems to have changed. There has not been an official response from the concerned faculty members or the administration, nor has there been, other than an inconsequential open session on privacy, any significant push from the side of the students to get answers.

Understanding of Research Ethics in IIIT

Recently, there was a paper titled Unsupervised Learning Based Approach for Plagiarism Detection in Programming Assignments published in ISEC’17 that used programming assignments of IIIT students in order to propose a better approach to detect plagiarism in programming assignments. There was no consent given in the collection of these assignments. Apart from comments, code may not have explicit identifiers tying to the author, but a little consent is always appreciated. Attempts to reach out to Jitendra Yasaswi, the first author of the paper requesting for information about the collection of the dataset, were unfruitful. Questions to a researcher about their paper are usually welcomed and graciously answered, often publicly. However, that was not the case here. In some ways, this is against the spirit of research, where a researcher closes themselves to questions from the general public.

Apart from advisors doing so of their own accord, there is no institutional mechanism to ensure that researchers are aware of any ethical code with respect to their research. Even the much criticized Human Values course in the first and second year students do not touch upon research ethics.

Those who are aware of the details of the recent Facebook-Cambridge Analytica scandal will know that this a problem not just with IIIT but with researchers all around the world. Aleksander Kogan, a psychology lecturer at Cambridge University, is accused to have shared academic data obtained from Facebook with Cambridge Analytica, the company using them for the purposes that it did. But is using Facebook data of unsuspecting users for academic purposes ethical in the first place?

In IIIT itself, there are talks of a lab potentially getting access to Aadhaar biometric data for research. Such research may or may not be legal depending on the Aadhaar Act and various past and future Supreme Court judgements, but considering the controversy surrounding Aadhaar and its forced implementation, how ethical can such research be considered to be, even if deemed legal?

It must also be noted that most projects in universities are funded by the industry. With such sensitive data involved, would it be a Cambridge Analytica-like scandal waiting to happen?

The Elusive Ethics Committee

The recent intranet overhaul saw a lot of official documents being updated. Among these was also a document titled Institute Committees, Structures & Responsibilities. [note] Accessible on IIIT intranet only[/note]. This document is updated as recently as the 9th of September, 2017 and lists all the committees on campus along their responsibilities. However, a research ethics committee does not find a place in this document.

Prof. Vasudeva Varma, Dean (Research) was contacted and asked if such a committee exists. He replied in the affirmative and mentioned—“The process is that the principal investigator has to make a case before the committee (about the aspects you have mentioned – how data has to be collected, how it is processed etc) and the committee examines the ethical aspects, debates and determines whether the okay the project or not.” However, when asked if instances of student data usage mentioned in Data and IIIT constituted a breach of this process, we did not receive a reply.

The problem lies herein—based on the reply received, the ethics committee does not seem to have a single permanent member[note]

As has been informed –
The committee should comprise of:

Member Secretary
Internal Subject Expert
Medical Doctor
Representative of General Public

[/note] that can be contacted or consulted. There is little a member of the general public can do even if they discover a case of research misconduct or concerning research. All prominent institutions that conduct research have an easily accessible ethics guidelines webpage and an ethics committee that ensures that rules are followed. Carnegie Mellon University, which is informally considered to be IIIT’s mentor institute, has an Office of Research Integrity and Compliance with an easy to access webpage with several ethical categories ranging from Human Subject Research to Responsible Conduct Research.

Final Words

In their last FSIS as a batch, UG4 expressed their concerns regarding the number of humanities courses that CS and EC students have to complete in order to fulfill their graduation requirements. The main response to this, that was summed up by an article that Prof. Jayanthi later shared, was this—the humanities are important so that the next generation of computer scientists are socially aware in order to enable them to work on things that matter, and not just the things that make money.

Ethics guidelines and a more visible ethics committee should help too.