Exosoul is an overarching project funded by the University of L’Aquila. The project is about building a software personalized exoskeleton that enhances and protects human beings by mediating their interactions with the digital world according to their own ethics of actions and privacy of data.

Motivation – In their ordinary life, citizens in the digital world continuosly interact with software systems, e.g., by using a mobile device or from on board of a (autonomous) car. These systems are increasingly autonomous in making decisions over and above the users or on behalf of them. Often, their autonomy exceeds the system boundaries and invades user prerogatives. As a consequence, ethical issues – privacy ones included (e.g., unauthorized disclosure and mining of personal data, access to restricted resources) – are emerging as matters of utmost concern since they impact on the moral rights of each human being and affect the social, economic, and political spheres [], [], [], [], []. Besides the philosophical aspects, the way to approach these problems is twofold: regulatory and technical. Europe has recently introduced the GDPR legislation for data protection [], Sweden and Germany are at the forefront on the regulation of autonomous vehicles, while a common EU approach to liability rules and insurance for connected and autonomous vehicles is under discussion []. The scientific community and some big companies are proposing initiatives to identify problems and establish criteria to develop algorithms and systems that embed autonomous capabilities [], [], [], []. As a matter of fact, the digital world is being recognized as potentially hostile to citizens. The initiatives proposed so far go in the direction to make the world less hostile by introducing new laws, from the regulatory side, and transparency and accountability criteria in software development, from the technical side. Regulation is important as well as in-depth insights into the technology. However, we are fully aware that achieving full adherence to regulation and transparency criteria is very difficult or even impossible in practice. We are facing a paradox: human beings are recognized as central actors, the sensitive targets; but they are passive consumers in the digital world, and the power and the burden to preserve their rights remain in the hands of the (software-) systems producers. In the mangrove societies – Floridi’s powerful metaphor – human beings are unprotected in their interactions with the digital world. The great challenge, unattempted so far, is to comprehensively empower them.

The vision – The goal of EXOSOUL is to equip humans with an automatically generated exoskeleton, a software shield that protects them and their personal data via the mediation of all interactions with the digital world that would result in unacceptable or morally wrong behaviors according to their ethical and privacy preferences. The exoskeleton can take a whole spectrum of forms: from customized soft-libraries that the individual may deploy on the machines being used, to a sophisticated software interface that an individual may “wear”, eventually deployed on a body chip. Empowering the users with a personalized exoskeleton will introduce more symmetry of power in the present digital world and will effectively put humans in the center. Exoskeletons development also opens unprecedented business opportunities in the same way open source software did, which promoted the ethical principles of free software against the monopoly proprietary software producers. The European Union (EU) with its companies can become the scientific and technological leader of the future user-driven privacy and ethics systems. Furthermore, bringing back to the user part of the (digital) control helps to solve liability issues in autonomous systems by readdressing responsibility to users according to their specified ethics.

The challenges ahead – We address the challenge of automatically synthesizing a software exoskeleton starting from the ethics and privacy preferences of the user. In the ethical sphere, this requires to answer several cutting edge research questions concerning the need to: (i) identify a space of ethics and privacy preferences for users, to assess their compatibility with regulations, and to orchestrate interactions of users endorsing different preferences, so as to prevent deadlocks and to promote best ethical practices in digital societies; (ii) infer ethics and privacy preferences from the user, given that neither a person nor a society apply moral categories separately, rather everyday morality is in constant flux among norms, utilitarian assessment of consequences, and evaluation of virtues. We define the exoskeleton by considering two specific classes of interactions that citizens have with the digital world. The first one concerns interactions that involve the exchange of personal data, and that as such impact the privacy dimension, notably interactions with mobile apps through mobile devices. Until now, data are considered as passive entities and the logic implementing their life-cycle is decoupled from the data itself. For each datum that is shared over the Internet, the owner loses its track and control []. Such problems have been mitigated by means of regulatory (e.g., GDPR) and technical attempts. Unfortunately, these attempts solve the mentioned issues only partially. We propose a disruptive approach that changes the passive nature of data by introducing active data. As part of the exoskeleton, active data encapsulate data with mechanisms that govern their creation, destruction, use, and sharing according to the owner ethical preferences. Destruction is the basic means to provide the right to be forgotten, which requires to equip data with an apoptosis mechanism – synthesized from the user’s ethical and privacy preferences – whose enactment depends on the use the digital world makes of the data, beyond parameters like time. The second one concerns the interaction with systems that are equipped with some degree of autonomy and that a user may want to ethically control to some extent. Autonomous vehicles and the so-called trolley problem represent a well-known limiting case, but other more ordinary cases exist []. As part of the exoskeleton, we will address the challenge of synthesizing, out of the user’s ethical preferences, an ethical actuator able to intercept the interactions between the autonomous engine and the machine actuators and to prevent behaviours that are not admissible by the ethical preferences. Since this approach cannot be independent from the software the citizens are interacting with, by-product results of the project will be requirements on the way the digital world needs to conform in order to interact with exoskeletons. This is as important as developing the shield since it establishes architecture and protocol requirements the systems producers need to comply with. EXOSOUL citizens will interact only with the part of the digital world that accepts their requirements. This breaks the monopoly of producers by introducing symmetry in the producer/user roles and new economic drivers in the digital market. At the same time, producers can be relieved from the liability burden by readdressing responsibility to users.