The Principle 2.9 in AAAI Code of Professional Ethics & Conduct (2019) declares that, "Design and implement systems that are robustly and usably secure". What does it mean?
A.
Breaches of computer security cause harm. Robust security should be a primary consideration when designing and implementing systems. AI professionals should perform due diligence to ensure the system functions as intended, and take appropriate action to secure resources against accidental and intentional misuse, modification, and denial of service.
B.
As threats can arise and change after a system is deployed, AI professionals should integrate mitigation techniques and policies, such as monitoring, patching, and vulnerability reporting. AI professionals should also take steps to ensure parties affected by data breaches are notified in a timely and clear manner, providing appropriate guidance and remediation.
C.
To ensure the system achieves its intended purpose, security features should be designed to be as intuitive and easy to use as possible. AI professionals should discourage security precautions that are too confusing, are situationally inappropriate, or otherwise inhibit legitimate use.
D.
In cases where misuse or harm are predictable or unavoidable, the best option may be to not implement the system.