Introducing Twitter’s first algorithmic bias bounty challenge

By and
Friday, 30 July 2021

Finding bias in machine learning (ML) models is difficult, and sometimes, companies find out about unintended ethical harms once they’ve already reached the public. We want to change that. As part of this year’s DEF CON AI Village, we’re trying something radical by introducing the industry’s first algorithmic bias bounty competition. 

In May, we shared our approach to identifying bias in our saliency algorithm (also known as our image cropping algorithm), and we made our code available for others to reproduce our work. We want to take this work a step further by inviting and incentivizing the community to help identify potential harms of this algorithm beyond what we identified ourselves. 

We’re inspired by how the research and hacker communities helped the security field establish best practices for identifying and mitigating vulnerabilities in order to protect the public. We want to cultivate a similar community, focused on ML ethics, to help us identify a broader range of issues than we would be able to on our own. With this challenge we aim to set a precedent at Twitter, and in the industry, for proactive and collective identification of algorithmic harms.

For this challenge, we are re-sharing our saliency model and the code used to generate a crop of an image given a predicted maximally salient point  and asking participants to build their own  assessment. Successful entries will consider both quantitative and qualitative methods in their approach. For more details on the challenge, including how to enter and the rubric we’ll use to score entries, visit the submission page on HackerOne. Aiding us in reviewing entries will be our esteemed panel of judges: Ariel Herbert-Voss, Matt Mitchell, Peiter “Mudge” Zatko, and Patrick Hall.  

Winners will be announced at the DEF CON AI Village workshop hosted by Twitter on August 8th where we will invite the winners to present their work. The winning teams will receive cash prizes via HackerOne: 

  • $3,500 1st Place
  • $1,000 2nd Place
  • $500 3rd Place
  • $1,000 for Most Innovative 
  • $1,000 for Most Generalizable (i.e., applies to the most types of algorithms)

We’ll be hosting a Twitter Spaces conversation on Friday, July 30 at 1:30 pm PT to discuss the challenge with a few of the folks who have helped bring this to life. Follow @ruchowdh to listen in on the conversation.

Ready to Participate?

We’re grateful to HackerOne and AI Village for their support in facilitating the bounty challenge. The challenge will be open for entries from July 30, 2021, 9:01am PT to August 6, 2021, 11:59pm PT. 

All participants must enroll with HackerOne to make a valid submission; anyone with a HackerOne account may participate in this challenge. If you’re ready to go: Start here!



Legal Disclaimer

Entry period 7/30/21 9:01 am PT through 8/6/21 11:59 pm PT.  Void where prohibited.  No purchase necessary.  Participation is not limited to DEF CON conference attendees.  For full rules and prize descriptions see Twitter reminds all participants to adhere to the HackerOne Terms and Conditions, Code of Conduct, Privacy Policy and Disclosure GuidelinesCode of Conduct when preparing their submission.

This challenge is not related to the existing Twitter Security Bug Bounty Program on HackerOne and is a one-off challenge. This Algorithmic Bias Bounty Challenge does not expand nor does it modify the conditions or scope of the existing Twitter Security Bug Bounty Program. Algorithmic Bias Bounty reports shall not be submitted to the existing Twitter Security Bug Bounty program. If they are wrongly submitted, please note that these reports will be closed as Not Applicable and will not count as a valid submission for this challenge. This Algorithmic Bias Bounty Challenge is not owned or operated by Twitter’s Information Security organization.


This post is unavailable
This post is unavailable.