David Wright
David Wright is Director of Trilateral Research Ltd, a London-based company he founded in 2004. He has published more than 60 articles in peer-reviewed journals, and co-edited and co-authored several books, including Privacy Impact Assessment (Springer, 2012) and Surveillance in Europe (Routledge, 2015). He coined the term and published the first article on ethical impact assessment. The ISO standard on privacy impact assessment (ISO 29134) was based on his PIA methodology. Similarly, the European Standardisation Committee Workshop Agreement (CEN CWA) on ethical impact assessment is based on his EIA methodology. He has participated in several foresight expert groups, including four ENISA expert groups and a DG Research Trust-at-Risk foresight group. He has developed several scenario construction methodologies, including policy scenarios for the EU-funded SHERPA project as well as “dark scenarios”, a term he coined in the SWAMI project. He is a member of the European Foresight Monitoring Network and a freelance member of the faculty of Law Science Technology & Society (LSTS) Studies at the Vrjie Universiteit Brussels. He currently co-ordinates the EU-funded CC-DRIVER project on the human and technical drivers of cybercrime.
Sessions
AI hasn’t been used much yet in cybercrime, but its use is growing and experts have warned that it will transform cybercrime. The cost of cybercrime is already escalating. AI is likely to ratchet up the effectiveness and impact of cybercrimes, including cyber attacks. One of those impacts is the low rate of apprehension and prosecution of cybercriminals, less than one per cent according to some estimates. Meanwhile, the socio-economic impact of cybercrime is extensive. Cybercrime affects virtually everyone with a bank card or a mobile phone or any presence online. The EC and others have said that an improved reporting of cybercrime is desirable, as it’s widely believed that cybercrime is under reported. There are various reasons why companies are not reporting cyber attacks and not sharing more information. Companies may fear damage to their reputation or a hit to their share price or they don’t know to whom they should report a cybercrime or with whom they could usefully share information without giving a competitor an advantage. Or they just think LEAs can’t or aren’t able to do anything about it because they don’t have the resources or the necessary cybersecurity competencies, especially involving AI. CC-DRIVER and CYBERSPACE are two projects addressing these challenges. Both are in a cluster of EU-funded security projects, all of which have LEAs as partners and most of which involve AI. CC-DRIVER started the cluster, initially with eight projects in total. Since then, the number of projects in the cluster has climbed to 19. The projects share a set of objectives, an important aim of which is to leverage the impact of each project in the cluster, so far, mainly through webinars and quarterly meetings of the coordinators.