Finding bias in machine learning (ML) models is difficult, and sometimes, companies find out about unintended ethical harms once they’ve already reached the public. We want to change that. As part of this year’s DEF CON AI Village, we’re trying something radical by introducing the industry’s first algorithmic bias bounty competition.
In May, we shared our approach to identifying bias in our saliency algorithm (also known as our image cropping algorithm), and we made our code available for others to reproduce our work. We want to take this work a step further by inviting and incentivizing the community to help identify potential harms of this algorithm beyond what we identified ourselves.
We’re inspired by how the research and hacker communities helped the security field establish best practices for identifying and mitigating vulnerabilities in order to protect the public. We want to cultivate a similar community, focused on ML ethics, to help us identify a broader range of issues than we would be able to on our own. With this challenge we aim to set a precedent at Twitter, and in the industry, for proactive and collective identification of algorithmic harms.
For this challenge, we are re-sharing our saliency model and the code used to generate a crop of an image given a predicted maximally salient point and asking participants to build their own assessment. Successful entries will consider both quantitative and qualitative methods in their approach. For more details on the challenge, including how to enter and the rubric we’ll use to score entries, visit the submission page on HackerOne. Aiding us in reviewing entries will be our esteemed panel of judges: Ariel Herbert-Voss, Matt Mitchell, Peiter “Mudge” Zatko, and Patrick Hall.
Winners will be announced at the DEF CON AI Village workshop hosted by Twitter on August 8th where we will invite the winners to present their work. The winning teams will receive cash prizes via HackerOne:
We’ll be hosting a Twitter Spaces conversation on Friday, July 30 at 1:30 pm PT to discuss the challenge with a few of the folks who have helped bring this to life. Follow @ruchowdh to listen in on the conversation.
Ready to Participate?
All participants must enroll with HackerOne to make a valid submission; anyone with a HackerOne account may participate in this challenge. If you’re ready to go: Start here!
This challenge is not related to the existing Twitter Security Bug Bounty Program on HackerOne and is a one-off challenge. This Algorithmic Bias Bounty Challenge does not expand nor does it modify the conditions or scope of the existing Twitter Security Bug Bounty Program. Algorithmic Bias Bounty reports shall not be submitted to the existing Twitter Security Bug Bounty program. If they are wrongly submitted, please note that these reports will be closed as Not Applicable and will not count as a valid submission for this challenge. This Algorithmic Bias Bounty Challenge is not owned or operated by Twitter’s Information Security organization.