90 likes | 204 Views
The Deterrence of Deception. Ross Anderson Cambridge. Detecting deception. Jeff Hancock ’ s demonstration yesterday reminded us that we usually can ’ t detect deception much better than random Yet all societies believe the contrary!
E N D
The Deterrence of Deception Ross Anderson Cambridge
Detecting deception • Jeff Hancock’s demonstration yesterday reminded us that we usually can’t detect deception much better than random • Yet all societies believe the contrary! • Most think that gaze avoidance is a signal while others also believe in fidgeting, finger tapping … (see Aldert Vrij’s book) • So what’s the purpose of looking your counterparts in the eye?
Hypotheses • Big-stakes lies can be different (Robert noted “Darwin the detective”, ten Brinke et al) • My hypothesis: in-group versus out-group – moving the relationship from “risk” to “vengeance” (this makes the stakes bigger … a vindictive response not a diplomatic one) • Maybe leaders are also assessing other stuff, such as intelligence, neuroticism, faith …
Hypotheses (2) • In some activities, deception is part of the game – such as bluffing at poker • Can you affect online game behaviour by personalising game pages (e.g. David’s “puppy eyes” versus “predator eyes”)? • Does it work differently for low-stakes lies, such as small-scale credit-card fraud? • Suggested repersonalisation at SHB last year but still haven’t found the right experimental partner
Future payment page? Alessandro, you’re about to pay Ross $70. Are you still Alessandro? Password: ******
What is privacy anyway? • The Internet makes some cheating easier (forging a bank branch) but much cheating harder (fact checking has expanded from witness testimony to writing to science to Google :- ) • How is being deterred by human watchers different from software watchers? • Many geeks have high privacy preferences but are relaxed about search ads • Are we more more ready to have our self-delusions punctured by software than by people?
What are the longer term effects? • Blackstone described the law as “a long march from status to contract” • Are we on a long march from honor codes to pervasive technical surveillance? • If so, how does it change power relationships between people, state and corporations? • Bruce remarked how we’re not as good as the doctors yet at selling our expertise • What other policy gaps likely to open up?
And finally… • Eight of us have a big cyber-crime survey paper at WEIS at the end of this month • “traditional” frauds like tax, welfare have indirect costs < direct costs • in the middle, card fraud has direct and indirect costs about equal • “modern” crimes have indirect > direct • Where we can’t leverage human behaviour things can get very hard to control • And just as terrorism evolves to be annoying, crime will evolve to be inconspicuous