US Voluntary AI Rules
While lacking in specificity and enforcement, this appears to be a big step toward rapid federal U.S. rulemaking on AI, with a U.S. executive order promised by the end of the 2023 summer.
On Friday (21 July), all the leading AI companies (except Baidu) and the U.S. government announced immediate, joint voluntary commitments on future generative models (i.e., AI models more powerful than the current industry frontier of GPT-4, Claude 2, PaLM 2, Titan, and DALL-E 2). While lacking in specificity and enforcement, this appears to be a big step toward rapid federal U.S. rulemaking on AI, with a U.S. executive order promised by the end of the 2023 summer. It also appears to show common interest among the AI industry in American (not EU) global AI regulation, citing work toward an "international framework [to] support and complement Japan’s leadership of the G-7 Hiroshima Process … as well as the United Kingdom’s leadership in hosting a Summit on AI Safety, and India’s leadership as Chair of the Global Partnership on AI." Who's missing on this list? The EU and Council of Europe (and China).
Let's take a look. OpenAI et al are pledging to:
1. Commit to internal and external red-teaming of models or systems in areas including misuse, societal risks, and national security concerns, such as bio, cyber, and other safety areas;
Red-teaming isn't exactly testing, and it isn’t really a new commitment, as most of the companies already do it. It’s a vague promise to build on, for what testing will be required and who will do the testing when rules are developed.
2. Work toward information sharing among companies and governments regarding trust and safety risks, dangerous or emergent capabilities, and attempts to circumvent safeguards;
The White House’s goal is encouraging the big companies to trade information about the risks that their models do (or don’t) pose. OpenAI specifically raises “self replication” as a capability that would merit collective safety concern. As above, this is a vague promise on which to build.
3. Invest in cybersecurity and insider threat safeguards to protect proprietary and unreleased model weights;
Model weights means the mathematical core of an AI model’s “brain”. The weights do not require huge computers to run, and are what you’d want to steal if you were an agent of a foreign government (or a rival corporation) who wanted to build your own AI product. The companies are already doing this, but Meta in particular has suffered massive leaks of their model weights. This may be a rebuke to Zuckerberg and reminder of the value of these products to national security.
4. Facilitate third-party discovery and reporting of issues and vulnerabilities;
Another vague promise on which to build.
5. Develop and deploy mechanisms that enable users to understand if audio or visual content is AI-generated, including robust provenance, watermarking, or both, for AI-generated audio or visual content;
Foolproof and un-removable watermarking is likely to prove technically impossible. But OpenAI et al are not committing themselves to defeating AI output indistinguishable from humans, just committing not to make such products themselves (even if their watermarking is later removed by third parties). The issue of counterfeit humans is more fraught than it appears—watch this space.
6. Publicly report model or system capabilities, limitations, and domains of appropriate and inappropriate use, including discussion of societal risks, such as effects on fairness and bias;
System capabilities and limitations continue to surprise OpenAI long after deployment. This is another nice idea to build on with huge vagueness.
7. Prioritize research on societal risks posed by AI systems, including on avoiding harmful bias and discrimination, and protecting privacy; and
Societal harms have been underappreciated in the risk mitigation legal frameworks advanced by all governments to date, including the EU AI Act. This nod in the societal direction doesn’t appear to take itself seriously in the company of all the other items on this list (especially the following).
8. Develop and deploy frontier AI systems to help address society’s greatest challenges.
Cynically, this is the most convenient item for the commercial interests and business models of the people who were in the room to negotiate this list. It could be interpreted pretty much as a license to blast ahead on building anything at all that might be good for something. (This level of cheerleading is not something that the AI companies are getting from counterpart EU bodies.)