Issue #4 of the AI Safety & Governance Newsletter
Acceptable use policies for foundation models, China's AI regulation stance, AI deployment and security best practices, AI safety benchmark
Welcome to the 4th issue of the Artificial Intelligence (AI) Safety & Governance Newsletter. Thank you for subscribing!
Let's dive right into the key reads and news I've come across in the past two weeks.
Key Reads
A recent article in MIT Tech Review by Zeyi Yang argues that China's approach to AI regulation is currently in a phase of lax regulation, due to the Chinese government's interest in the development of China’s AI industry (link). The article posits that Chinese AI regulations are looser than those in the US and Europe when it comes to preventing AI from causing harm, except in areas related to freedom of speech and content control. However, if there is a significant misuse of AI that “threatens social stability,” Angela Huyue Zhang, a law professor at Hong Kong University who is quoted, predicts that the Chinese regulatory pendulum will swing to the harsh side again, and it will be quick and unexpected.
Elections are being held in at least 64 countries globally this year, and the use of AI for spreading misinformation is top of mind. Rest of World has launched an AI elections tracker to track incidents of AI being used in elections globally—for campaigning, spreading misinformation, and creating memes (link).
MLCommons is a consortium of organizations in the technology industry and academia, built on a philosophy of open collaboration to make AI systems better for everyone. The MLCommons AI Safety working group has published a new benchmark to evaluate the safety of large language models (LLMs) (link, link). The benchmark is designed to measure when LLMs respond affirmatively when prompted according to seven hazard categories, including crimes, child sexual exploitation, indiscriminate weapons, suicide, self-harm, and hate. This is an important milestone that coincides with the release of Llama-3, a new LLM by Meta, which is touted as the most capable openly available LLM to date.
In May, the South Korean capital, Seoul, will host the next AI Safety Summit, following the inaugural event that took place in the UK last November. The country recently announced a $6.8 billion commitment to boost AI chip development and production (link).
Acceptable use policies for a digital product or service are often used to articulate how the service provider may restrict what users can and cannot do with their products and services. A recent article by Kevin Klyman catalogs the acceptable use policies for large-scale AI models (foundation models) by 30 technology companies. The article highlights the differences in how developers articulate and enforce acceptable use policies, which affects what content is prohibited and how the use of foundation models may be restricted in certain industries (link).
A recent panel discussion on the newly published 500-page AI Index report highlights emerging topics around AI governance and policy. The AI Index is an independent initiative at the Stanford Institute for Human-Centered AI that tracks, collates, distills, and visualizes data related to AI. The discussion highlighted how the industry continues to dominate frontier AI research (over academia), the shifting geopolitical dynamics of AI governance towards constraining or controlling AI, AI's environmental impact, and the role of open-source development in countries seeking to maintain leadership in AI development (link).
The Trade Union Congress (TUC), a federation of trade unions in the UK, recently published a bill to encourage the UK government to take a firmer stance on regulating AI. Key provisions include mandatory transparency for AI systems, including the ability for them to explain their decision-making processes, along with detailed risk assessments before and after deployment (link).
The bill also seeks to enforce strong consultation rights for workers and unions, establish a register of AI systems, and guarantee the right to human review. Additionally, it addresses data rights, bans harmful emotion recognition technology, and includes anti-discrimination measures by reversing the burden of proof for AI-related discrimination claims.
A newly introduced bill by Rep. Adam Schiff of California would require AI companies to disclose which copyrighted works were used to train their models (link).
A new report authored by a collaboration of prominent national security and cybersecurity organizations from several countries provides “Best Practices for Deploying Secure and Resilient AI Systems.” Organizations involved in the report include the US Federal Bureau of Investigation (FBI), the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC-UK), and their counterparts in Canada and New Zealand. The guidelines include securing the deployment infrastructure for AI systems, monitoring models for unauthorized changes or unexpected modifications, and limiting access to the model weights, among other practices (link).
The Federal Office for Information Security in Germany also published a report titled “Generative AI Models: Opportunities and Risks for Industry and Authorities”. Opportunities include the use of language models to examine existing software for known security vulnerabilities, among others. The report also highlights 28 different risks, with examples including information extraction attacks—where a malicious user attempts to reconstruct an LLM or gain information about its training data, evasion attacks—where a malicious user modifies the input to an LLM in such a way that the LLM's behavior is deliberately manipulated, and poisoning attacks that aim to induce a malfunction or performance degradation by poisoning the targeted model (link).
Thank you for reading!
Victor.