1. So, what do you really do?

At the Second Innovation Convention in March 2014, Mr. Barroso, the then-EU Commission President, said:

“Innovation has a vital role to play in the recovery and in shaping our societies of tomorrow. Europe has a good story to tell, but we still need to do more to foster innovation and we want to do it with our partners”.

As a boutique research and consultancy firm, we want to help tell that story and foster responsible innovation thanks to socio-ethical advisory on tech adoption as well as legal, cybersecurity, and privacy compliance work. At our core, we support customers during the design of technologies by identifying risks with respect to individuals’ fundamental rights and by putting forward recommendations for including legal and ethical safeguards. Our goal is to keep technology amazing, socially acceptable, and compliant with ethical principles and current legal frameworks. To do that, we rely on our gender-balanced, multidisciplinary, and utterly client-oriented team.

We are the one-stop-shop with a well-defined outlook on society that is necessary to conduct responsible innovation. We provide our clients with agile project management and are keen on disseminating findings, so that ethics, security, privacy and social acceptability of technologies become embedded in everyday life. In essence, if you’re an innovative SME or a respected research centre without the firepower to hire a law firm, then we should talk.

Our approach takes into account not only privacy concerns, but more in general ethics principles and fundamental human rights. We offer the complete package – a technologically savvy firm providing strategic consultancy with a strong humane orientation – for expanding scientific scholarship, technological leadership, and knowledge horizons.

2. What is cyber ethics anyway?

Technological progress always concerns humanity ’s needs, wants, and ideas. Talking about cyber ethics means not only reflecting on a past or present model of progress, but also imagining a future model. This model concerns technical and human aspects, that is to say the way in which society can be structured, the relationships between human beings, the rights and responsibilities of individuals. Therefore, questioning cyber ethics requires an analysis of what the foundations of intelligence are, in order to investigate and design artificial intelligence; what is and what will be the place of human beings in an increasingly liquid society governed by new dynamics and new patterns of thought. It is a question of imagining problems that do not yet exist, to prepare the foundations of a democracy that is becoming increasingly digital. Again, cyber ethics is the reflection on what it means to keep a process ethical, which starting from technology shapes and changes the order of a community of people. Ethics allows rules and norms to be full of a properly human and rational value, and not only executive, so that technological progress is guided by a capacity for abstraction capable of protecting rights, meanings, and personal values.

3. Why should social acceptance matter to me? By the way, what does it even mean? I thought the only thing that mattered was offering the best product or service available on the market.

For years, technological progress has continued without adequate investigation of the fundamental aspects of social acceptance. In the pursuit of ambitious technological and economic developments, which have brought many concrete benefits, human beings have often strayed from addressing connected social issues, concerns, and needs . However, when we want to develop an innovation, it is crucial to allow that innovation to find room for growth. At the moment, there is no single definition of the “social acceptance” of a technology; nevertheless, studies show that the plan of acceptance is divided into three main areas: socio-political acceptability, community acceptability, and market acceptability. Consensus today generates popularity and adoption, fundamental elements for the introduction and development of a prototype or product. While it is true that the acceptability of technologies is strongly vari able (what is widely accepted today, perhaps tomorrow it will start to be rejected) , it is essential to dedicate effort, alongside technical development, to this social and individual aspect; it is important that individuals clearly understand the costs and benefits of an innovation, so that they have all the information necessary for judging the relevance of that instrument. In CEL, we have developed the Close the loop model, which utilises six dimensions (Perception, Motivation, Awareness, Confidence, Skills Enabling, and Responsibility) to conduct an analysis of the main aspects of the relationship between technology and society.

4. What is ethics by design?

It is the development of innovations (tools, software, applications, etc.) that are designed and engineered within a framework of ethical values. In 1968, Donn Parker questioned the relationship between computers and ethics with regard to the processing of personal data according to ethical principles and the construction of technology in accordance with the Charter of Fundamental Rights. Ethics by design corresponds to an ethical design model, i.e. a responsive model, which carefully considers the complexity of factors, the potential of tools, and the risks of applications, in an effort to maintain a high and constant attention to respect for human beings in their massive differences (such as gender differences). Ethics by design is the framework that provides the backdrop for aware, considerable, and responsible progress that ensures the human dimension , is always present in the construction of machines and in the decisions they can make.

5. Why do you care so much about privacy by design?

For us, building privacy into innovations is the only way to prove trustworthiness to end users. Convenience cannot be, in the long term, the only distinguishing value for technology product and service providers. Quality will increasingly be judged based on the values adhered to during the design phase, and one such value is what has been termed “the right to be left alone.” Even if you’ve approved of your data being processed by someone, somewhere, in exchange for the possibility of using something, is the way in which your data is being processed truly necessary for granting you a higher quality of service? Really? Really, like… really? And does the processor have a procedure in place for proving to you, once you’ve asked, that they’ve stopped processing your data and deleted all the information obtained about you thanks to that process? That seems like something you want to know before getting into a business relationship, and that – a business – you can provide your clients for peace of mind.

Take the case of health care. If patients could choose between two data silos in which their health data were to be stored, a slightly pricier one with excellent and proven security and another cheaper one with spotty safety protocols, then patients would choose the former, regardless of whether as individuals they possessed the skills necessary to technically evaluate the code.

We the people want to know that, to the best of a company’s abilities, traces of our online activity are safe. That they can’t be used against us. That, by design, privacy was conceived into the innovation.

6. Today we all have our apps connected to lots and lots of databases because we like and want more and more seamless experiences. Aren’t privacy concerns just annoying? Why are they so important to you?

While privacy concerns can appear to be just obstacles, we welcome them as occasion developing the best possible technology. Indeed, the core purpose of technology is to make things easier for us as humans, so that we can concentrate on more meaningful issues and not on menial activities. The astounding technological progress we have witnessed in the last half century has effectively led, with different degrees of success depending on where it has taken place, to said greater happiness, better health, and increased wisdom. But it is also evident, in our view, that these outcomes have been reached at the expense of values such as certain forms of personal and collective freedom. Extracting value from the processing of virtualized data generated by our physical use of technology, a certain form of contemporary capitalism creates profit incentives tied to monitoring and controlling more and more aspects of our daily lives without our explicit knowledge or consent. Such behaviours are something that we want to eradicate thanks to the adoption of ethics-by-design principles, which are based partly on privacy concerns.

7. As an organization, what can I get out of all these compliance hurdles I have to jump through?

First, let’s deal with the annoying stuff. We want to help you avoid hefty fines, defined by Art. 83 of GDPR, of up to 2% of your global turnover. How do we do that? We apply adequate assessment techniques, come up with a risk management plan, and issue recommendations (such as whether you should nominate an internal or external DPO) specific for your company.

Second, there is an increasing body of literature dedicated to the benefits of managing your organization’s reputation in order to achieve your operating goals. Too often, organizations’ focus on short-term results comes at the expense of multidimensional connections to their stakeholders. Yet, as an organization, you know that “perception is reality:” the way a particular stakeholder group perceives you will affect your competitive strength. And often times that perception is influenced by factors outside of your control. For instance, other organizations in your sector might choose to operate below your level of compliance; when fate comes knocking, those organizations may suffer a loss in reputation. But their loss may affect you, as well: in fact, reputational contagion occurs when something that happens in a related entity migrates to the other entities. That’s when proving that you had adequate checks and balances in place will be a key determinant to your long-term success. Organizational compliance isn’t something that is done once and for all. On the contrary, it is a dynamic process that positively reflects the identity of an organization committed to it. It’s what allows organizations to move from a stated vision and value proposition to instituting ongoing, trust-based relationships with stakeholders.

8. How should cookie & privacy policies actually work?

The truth is that it’s impossible to give a straightforward answer! We wish it were the opposite, but as we’ve mentioned in the answer above, compliance is an ongoing process. There is no one-size-fits-all checklist that we can hand out to you. The process we come with is tailored to your organization’s needs. Nevertheless, our policies are a good place to start. If you’d like more information after a preliminary chat, don’t hesitate to contact us.

9. I want to apply for funding. How can you help?

With a staff that has close to half a century of experience in submitting grant requests to various European Commission funding programmes, we can help you write your project proposals and figure out which of the many is the best avenue to pursue for funding. After a first meeting, we’ll have a good understanding of your idea and know what the way forward might look like. We can write only a section, such as market analysis, or the entirety of your project for you without taking claim to your invention.

Furthermore, if you so wish, CyberEthics can become involved in the project as research partner, given that we have a proven track record of not only managing innovation, but also of disseminating main results and communicating them in ways adequate to specific target audiences.

10. Geez, there seems to be so much I don’t know. How can I easily learn more?

We also offer educational courses for you and/or your staff! Whether in high-level seminars or webinars on the ethical adoption of technology or in operational classes about best practices for avoiding cybercrime, we make education happen. If you’d like to learn about the technicalities of EU-funded research or the ins-and-outs of ITIL Service management, then once again, you are in the right place. We love passing our knowledge to other people and other organisations, because it is only by increasing awareness around all these aspects that we can live in a better world.