Motivated by mitigating potentially harmful impacts of technologies, the AI community has formulated and accepted mathematical definitions for certain pillars of accountability: e.g. privacy, fairness, and model transparency. Yet, we argue this is fundamentally misguided because these definitions are imperfect, siloed constructions of the human values they hope to proxy, while giving the guise that those values are sufficiently embedded in our technologies. Under popularized methods, tensions arise when practitioners attempt to achieve each pillar of fairness, privacy, and transparency in isolation or simultaneously. In this position paper, we push for redirection. We argue that the AI community needs to consider all the consequences of choosing certain formulations of these pillars -- not just the technical incompatibilities, but also the effects within the context of deployment. We point towards sociotechnical research for frameworks for the latter, but push for broader efforts into implementing these in practice.

Restless multi-armed bandits are often used to model budget-constrained resource allocation tasks where receipt of the resource is associated with an increased probability of a favorable state transition. Prior work assumes that individual arms only benefit if they receive the resource directly. However, many allocation tasks occur within communities and can be characterized by positive externalities that allow arms to derive partial benefit when their neighbor(s) receive the resource. We thus introduce networked restless bandits, a novel multi-armed bandit setting in which arms are both restless and embedded within a directed graph. We then present Greta, a graph-aware, Whittle index-based heuristic algorithm that can be used to efficiently construct a constrained reward-maximizing action vector at each timestep. Our empirical results demonstrate that Greta outperforms comparison policies across a range of hyperparameter values and graph topologies.

Reinforcement Learning (RL) algorithms have been successfully applied to real world situations like illegal smuggling, poaching, deforestation, climate change, airport security, etc. These scenarios can be framed as Stackelberg security games (SSGs) where defenders and attackers compete to control target resources. The algorithm's competency is assessed by which agent is controlling the targets. This review investigates modeling of SSGs in RL with a focus on possible improvements of target representations in RL algorithms.

Facial analysis systems have been deployed by large companies and critiqued by scholars and activists for the past decade. Many existing algorithmic audits examine the performance of these systems on later stage elements of facial analysis systems like facial recognition and age, emotion, or perceived gender prediction; however, a core component to these systems has been vastly understudied from a fairness perspective: face detection, sometimes called face localization. Since face detection is a pre-requisite step in facial analysis systems, the bias we observe in face detection will flow downstream to the other components like facial recognition and emotion prediction. Additionally, no prior work has focused on the robustness of these systems under various perturbations and corruptions, which leaves open the question of how various people are impacted by these phenomena. We present the first of its kind detailed benchmark of face detection systems, specifically examining the robustness to noise of commercial and academic models. We use both standard and recently released academic facial datasets to quantitatively analyze trends in face detection robustness. Across all the datasets and systems, we generally find that photos of individuals who are $\textit{masculine presenting}$, $\textit{older}$, of $\textit{darker skin type}$, or have $\textit{dim lighting}$ are more susceptible to errors than their counterparts in other identities.

Green Security Games with real-time information (GSG-I) add the real-time information about the agents' movement to the typical GSG formulation. Prior works on GSG-I have used deep reinforcement learning (DRL) to learn the best policy for the agent in such an environment without any need to store the huge number of state representations for GSG-I. However, the decision-making process of DRL methods is largely opaque, which results in a lack of trust in their predictions. To tackle this issue, we present an interpretable DRL method for GSG-I that generates visualization to explain the decisions taken by the DRL algorithm. We also show that this approach performs better and works well with a simpler training regimen compared to the existing method.

水印是保护创作者对数字图像，视频和音频的权利的常用策略。最近，水印方法已扩展到深度学习模型 - 原则上，当对手试图复制该模型时，应保留水印。但是，实际上，智能对手通常可以去除水印。几篇论文提出了水印方法，这些方法声称对不同类型的拆除攻击具有耐药性，但是在面对新的或更好的对手时，这些新技术通常会失败。在本文中，我们提出了一种可认证的水印方法。使用Chiang等人提出的随机平滑技术，我们表明我们的水印是不明显的，除非模型参数的更改超过一定的L2阈值。除了获得认证外，与以前的水印方法相比，我们的水印在经验上也更强。我们的实验可以在https://github.com/arpitbansal297/certified_watermarks上复制。

研究深度学习的鲁棒性的一个主要挑战是定义了给定神经网络（NN）不变的``毫无意义''扰动集。关于鲁棒性的大多数工作隐含地将人作为参考模型来定义这种扰动。我们的工作通过使用另一个参考NN来定义给定的NN应该不变，从而使对任何NN的依赖概述对任何NN的依赖。这使得衡量鲁棒性等同于衡量两个NN共享不稳定的程度，我们提出了一种称为搅拌的措施。搅拌重新调整现有的表示相似性措施，使其适合衡量共享的不稳定。使用我们的度量，我们能够深入了解共享的不断增长，随着重量初始化，体系结构，损失功能和培训数据集的变化如何变化。我们的实现可在：\ url {https://github.com/nvedant07/stir}中获得。

尽管机器学习的其他领域越来越多地自动化，但设计高性能的推荐系统仍然需要高水平的人力努力。此外，最近的工作表明，现代推荐系统算法并不总是比调整良好的基线改进。一个自然的后续问题是：“我们如何为新数据集和性能指标选择正确的算法？”在这项工作中，我们首先要通过比较85个数据集和315个指标的18算法和100组超参数的大规模研究。我们发现，最好的算法和超参数高度依赖于数据集和性能指标，但是，每种算法的性能与数据集的各种元元功能之间也存在很强的相关性。在这些发现的激励下，我们创建了Reczilla，这是一种推荐系统的元学习方法，该方法使用模型来预测新的，看不见的数据集的最佳算法和超参数。通过使用比先前的工作更多的元培训数据，Reczilla可以大大降低面对新推荐系统应用时人类参与水平。我们不仅发布了我们的代码和预处理的Reczilla模型，而且还发布了所有原始的实验结果，因此从业者可以为其所需的性能指标训练Reczilla模型：https：//github.com/naszilla/reczilla。

可视化优化景观导致了数字优化的许多基本见解，并对优化技术进行了新的改进。但是，仅在少数狭窄的环境中生成了增强学习优化（“奖励表面”）的目标的可视化。这项工作首次介绍了27个最广泛使用的增强学习环境的奖励表面和相关的可视化。我们还探索了政策梯度方向上的奖励表面，并首次表明许多流行的强化学习环境经常出现“悬崖”（预期回报中突然下降）。我们证明，A2C经常将这些悬崖“脱落”到参数空间的低奖励区域，而PPO避免了它们，这证实了PPO对PPO的流行直觉，以改善以前的方法。我们还引入了一个高度可扩展的库，该库使研究人员将来可以轻松地生成这些可视化。我们的发现提供了新的直觉，以解释现代RL方法的成功和失败，我们的可视化构成了以新颖方式进行强化学习剂的几种失败模式。

我们研究公平的机器学习（ML）设置，其中“上游”模型开发人员的任务是生产公平的ML模型，该模型将被几个类似但独特的“下游”用户使用。这种设置引入了新的挑战，这些挑战因许多现有的公平干预措施而尚未解决，这与现有的批评相呼应，即当前方法并非在现实世界公平的ML用例的多元化需求中广泛适用。为此，我们通过采用基于分配的公平分类视图来解决向上/下流设置。具体而言，我们引入了一种新的公平定义，分布奇偶校验，该定义衡量了跨受保护组的结果分布的差异，并提出了一种后处理方法，以使用最佳运输技术来最大程度地减少此措施。我们证明我们的方法能够为所有下游用户，跨各种公平定义创造更公平的成果，并在推理时间内在未标记的数据上工作。我们通过与几种类似方法和四个基准任务进行比较，通过比较实验验证了这一主张。最终，我们认为可以通过开发特定的干预措施来产生更公平的分类结果。