Thea Riebe hat am Montag, 7. November 2022 ihre Disputation und damit den letzten Teil ihrer Promotionsprüfung zum „Dr. rer. nat.“ am Fachbereich Informatik der Technischen Universität Darmstadt bestanden. Ihre Dissertation Technology Assessment of Dual-Use ICTs – How to assess Diffusion, Governance and Design wurde zuvor von dem Referenten Prof. Dr. Dr. Christian Reuter und dem Korreferenten Prof. Dr. Alfred Nordmann (Fachgebiet Philosophie und Geschichte der Wissenschaften und Technowissenschaften) begutachtet und dem Fachbereich Informatik zur Annahme empfohlen. Die mündliche Prüfung fand unter dem Vorsitz von Prof. Dr. Max Mühlhäuser (Telekooperation) statt. Neben den beiden Referenten waren Prof. Dr. Gunnar Stevens (Wirtschaftsinformatik / Datenschutz und IT-Sicherheit, Universität Siegen) sowie Prof. Dr. Arjan Kuijper (Mathematisches und angewandtes Visual Computing) als weitere Prüfer beteiligt.

Das gesamte PEASEC-Team gratuliert Dr. Thea Riebe herzlich für die erfolgreiche Verteidigung ihrer Doktorarbeit!

Technology Assessment of Dual-Use ICTs – How to assess Diffusion, Governance and Design

Information and Communication Technologies (ICTs) have become relevant for human, national and even international security. IT research, artifacts and knowledge which can be applied in military and civilian contexts, can be used as part of weapon systems or to create harm while also being beneficial are called dual-use. While AutonomousWeapon Systems (AWS) are not yet regulated, the export of cryptography has been restricted by many states as a dual-use good for decades. Advances in Artificial Intelligence (AI), robotics, cybersecurity and social big data raise questions of dual-use risks. But how can the dual-use of such diverse technologies be assessed?

Research in the life sciences has worked on assessment approaches towards dual-use as a multi-layered challenge for the research and development community and industry. Yet, there are differences between the dual-use risks of pathogen research on viruses to the research and development of autonomous systems. Thus, case studies and even a systematic approach towards the assessment of dual-use ICT, as well as how to enable dual-use sensitive and responsible design is still missing. To address the research gap, this thesis uses Technology Assessment (TA) as the epistemological framework to bring together the approaches from Critical Security Studies (CSS) to systematize the dual-use risks and scenarios, as well as participatory design method and theory Value Sensitive Design (VSD) from the field of Human-Computer Interaction (HCI). As ICTs shape everyday socio-technical systems and interactions, this thesis uses a constructivist and post-positivist perspective, which aims to enable change through the assessment of technologies and its design.

For the monitoring of dual-use knowledge and innovation diffusion, this thesis explores the diffusion between civilian and military industry sectors in expert networks by the means of both social media and patent citation. The governance of dual-use is explored in two case studies which analyze technological ambiguity, e.g. one empirical study focuses on value conflicts which lead to the challenges to regulate AWS and investigates the contradictory strategic narratives and technological requirements which prevent an effective regulation.

The following study investigates the changes and consequences of the dual-use regulation of cryptography by the US and how that feeds into the capacity for mass surveillance as a result of a combination of technological regulation and organizational dependence on surveillance intermediaries. The design of dual-use ICT in the case study of an Open Source Intelligence System (OSINT) for public cybersecurity by Computer Emergency Response Teams (CERTs) is investigated using the VSD-approach. In the three investigations (conceptual, empirical and technical) four papers identify the relevant direct and indirect stakeholders, values and value conflicts as well as design approaches for the artifact contribution CySecAlert while integrating the dual-use assessment into the design approach.

Ausgewählte Veröffentlichungen im Rahmen der Promotion:

  • Stefka Schmid, Thea Riebe, Christian Reuter (2022)
    Dual-Use and Trustworthy? A Mixed Methods Analysis of AI Diffusion between Civilian and Defense R&D
    Science and Engineering Ethics ;28(12):1–23. doi:10.1007/s11948-022-00364-7
    [Download PDF]
  • Thea Riebe, Philipp Kuehn, Philipp Imperatori, Christian Reuter (2022)
    U.S. Security Policy: The Dual-Use Regulation of Cryptography and its Effects on Surveillance
    European Journal for Security Research . doi:10.1007/s41125-022-00080-0
    [Download PDF]
  • Thea Riebe, Tom Biselli, Marc-André Kaufhold, Christian Reuter (2022)
    Privacy Concerns and Acceptance Factors of OSINT for Cybersecurity: A Representative Survey
    Proceedings on Privacy Enhancing Technologies (PoPETs) .
    [Download PDF
  • Thea Riebe, Stefka Schmid, Christian Reuter (2021) Measuring Spillover Effects from Defense to Civilian Sectors – A Quantitative Approach Using LinkedIn. Defence and Peace Economics ;32(7):773–785. doi:10.1080/10242694.2020.175578[Download PDF]
  • Thea Riebe, Marc-André Kaufhold, Christian Reuter (2021)
    The Impact of Organizational Structure and Technology Use on Collaborative Practices in Computer Emergency Response Teams: An Empirical Study
    Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing ;5(CSCW2). doi:10.1145/3479865
    [Download PDF]
  • Thea Riebe, Tristan Wirth, Markus Bayer, Philipp Kuehn, Marc-André Kaufhold, Volker Knauthe, Stefan Guthe, Christian Reuter (2021) CySecAlert: An Alert Generation System for Cyber Security Events Using Open Source Intelligence Data. Information and Communications Security (ICICS) . doi:10.1007/978-3-030-86890-1_24[Download PDF]
  • Thea Riebe, Stefka Schmid, Christian Reuter (2020)
    Meaningful Human Control of Lethal Autonomous Weapon System: The CCW-Debate and its Implications for Value-Sensitive Design
    IEEE Technology and Society Magazine ;39(4):36–51. doi:10.1109/MTS.2020.3031846
    [Download PDF]

Die Forschungsarbeiten fanden im Rahmen der BMBF-Projekte CYWARN und KontiKat sowie des TU-FIF-IANUS-Projekts DualUse statt.

Technology Assessment of Dual-Use ICTs – Herzlichen Glückwunsch an *Dr.rer.nat.* Thea Riebe zur erfolgreichen Verteidigung ihrer Doktorarbeit