Leading US AI companies are working now to fulfill voluntary safety commitments they made to the government last year. They’re conducting internal and external security tests of their latest AI systems before they’re released, according to updates provided to MLex by the original signers of the commitments.
They are sharing what they’ve learned about managing AI risks with other companies and researchers to increase transparency. They’re designing watermarks to clearly identify AI content, among numerous steps.
That’s good news for consumers as AI weaves its way into nearly every aspect of modern life, from autonomous vehicles to health care. Officials in the Biden administration say they’re happy with the progress so far.
But critics say self-regulation isn’t enough.
The Electronic Privacy Information Center, a digital rights group, submitted a complaint about OpenAI to the US Federal Trade Commission over its data scraping practices, saying the company hasn’t lived up to its reporting commitments under a sweeping White House executive order of October last year and isn’t providing enough information about whether it’s upholding those commitments.
OpenAI also failed to implement effective AI testing, evaluation, or risk management procedures to mitigate potential inaccuracies and biases, EPIC said in its complaint (see here).
“OpenAI has ceased publication of any details regarding the data being used to train these newer and larger models,” EPIC said. “Without transparency or regulation, OpenAI’s business practices pose serious risks and concerns for the public at large.”
Former employees and board members from AI companies are also warning US lawmakers that massive investments in AI companies and soaring valuations will likely undermine any voluntary commitments that the companies make.
"Voluntary self-regulation is a myth,” David Evan Harris, a former member of Meta Platforms' responsible AI team, told the committee.
A few weeks after the hearing, OpenAI, maker of ChatGPT, raised $6.6 billion in its latest funding round, nearly doubling the company’s valuation from $86 billion to $157 billion in one of the largest funding rounds ever for a private company.
Anthropic recently published its list of voluntary privacy and safety commitments, in an effort to spur standard-setting dialogue with the AI community (see here). Yet, even Anthropic has acknowledged that self-regulation has its limits, with Anthropic co-founder Dario Amodei recently telling an international gathering of AI safety experts in San Francisco that mandatory safety testing of powerful AI systems will be needed in the next year or so (see here).
— Self-regulation strategy —
For decades the US government had been content to let tech companies largely police themselves, again for fear of stifling the lucrative industry. That began changing in 2018 when the Cambridge Analytica scandal showed how easily Facebook user data could be misused and manipulated.
Three years later, former Facebook product manager and whistleblower Frances Haugen exposed how the company was putting profits ahead of child safety. She shared internal documents with lawmakers in the US, UK and EU, triggering a maelstrom of accusations.
A regulatory "techlash” soon began, with tech CEOs repeatedly appearing before Congress to answer questions from irate lawmakers. When partisan divides waylaid efforts to enact federal privacy legislation, state lawmakers stepped in. Since 2018, California and 19 other US states have passed consumer data protection laws, along with a wide range of legislation to protect children online.
Despite the social media backlash, regulation of AI companies is following a similar path: Let AI companies largely self-regulate and invent cutting-edge products, until there’s a problem.
As public frenzy around generative AI reached a peak in mid-2023, the White House announced that seven leading AI companies — Amazon, Anthropic, Google, Inflection, Meta, Microsoft and OpenAI — had signed commitments to develop their products safely, share what they’ve learned through their efforts, and make products that help humanity (see here).
The White House later issued an executive order expanding on those commitments (see here), and other companies including Apple have since signed the agreements. In September, Adobe, Anthropic, Cohere, Microsoft and Open AI agreed to additional commitments aimed at combatting image-based sexual abuse online (see here).
The first prescriptive requirements for AI companies in the US are working, said Ben Buchanan, the Biden administration’s special advisor for AI. The agreements have been a much-needed source of information about the industry’s development, he said at an event in Washington, DC, in September.
“One of the things companies committed to and have lived up to is when they publish a major new system, they publish what's called a model card or transparency report with that system, which shows the testing that they've done and shows performance of [the] system on a number of different tasks, often including things like hallucinations and the like,” Buchanan.
— Safety testing —
All the original signers except Inflection provided details to MLex about what steps they’ve taken to meet the White House commitments so far.
Inflection CEO Sean White said in a statement the company is continuing to work on “pre-deployment safety evaluation, internal and external red-teaming, and research on societal risk and benefits while advancing humanity, and we do so with forethought and integrity."
All the companies said they’re conducting internal and external security tests of their latest AI systems before they’re released, including what they call red-teaming exercises, to look for and fix any potential flaws.
OpenAI said it has a separate preparedness team that tests models for any possibility they could be misused to cause harm, whether it’s a cybersecurity, chemical, biological or nuclear threat.
Anthropic and OpenAI said they conduct tests with external experts at the UK and US AI Safety Institutes before launching their newest models. Before the launch of Anthropic’s latest model, Claude 3.5 Sonnet, which can independently write, edit and execute code, experts at the UK’s AI Safety Institute tested it and shared their results with the US AI Safety Institute as part of an information-sharing agreement, the company said.
Meta also provides developers with security and safety tools such as Llama Guard 3, Prompt Guard and CyberSecEval 3, a suite of cybersecurity evaluations that help AI model and product developers understand and reduce generative AI cybersecurity risk.
— Information sharing —
They’re sharing what they’ve learned about how to manage AI risks with other companies and researchers, they said. One of the first steps that AI companies took was setting up the Frontier Model Forum, a non-profit group that holds regular meetings on how to develop and deploy safe frontier AI systems, and they also participate.
Amazon said it recently helped host a workshop on AI bio-risk threat models, and a workshop on best practices for third-party evaluations of models to assist the AI safety institutes.
They’re participating in the Artificial Intelligence Safety Institute Consortium, established by the National Institute of Standards and Technology, they said. Google, Microsoft, and OpenAI said they have representatives at the UN’s High-Level Advisory Body on Artificial Intelligence.
Google contributes tools and resources to projects such as the National Science Foundation’s National AI Research Resource pilot, “which aims to democratize AI research in the US,” the company said.
Meta joined the Partnership for Global Inclusivity in AI, a new partnership between the US State Department and a number of leading industry voices, designed to promote safe, secure, and trustworthy AI systems that address global societal challenges. The company said it would help it "work to provide global support to expand open-source AI innovation in areas across Latin America, Africa, the Middle East, and Asia."
— Inviting scrutiny, improving transparency —
The AI leaders are holding competitions and “hackathons” to get researchers involved and launching bug bounty programs to pay people for spotting problems in their models their security tests might have missed, they said.
Google, for example, launched “The Adversarial Nibbler Challenge,” a competition to get researchers to identify the current blind spots in harmful image production.
They’re also offering what companies call “model cards,” which serve as a type of product description for their AI models.
They’re investing in cybersecurity and taking extra measures to protect against insider threats, they said. Google, for example, said it’s applying a new “Secure AI Framework” “throughout the AI responsibility life cycle, which is supported by central security teams and by a security, safety and reliability organization consisting of engineers and researchers with world-class expertise.”
They’re designing watermarks for AI-generated content. For example, Google said it has launched SynthID, a watermarking tool for image, audio, text, and video generated by Gemini.
Microsoft said that as of late 2023 it’s been automatically attaching provenance data to images generated with OpenAI’s DALL-E 3 model, which creates images from text prompts. Amazon said it’s now watermarking by default all images created by the Amazon Titan Image Generator to help reduce the spread of disinformation.
To show their commitment to prioritizing research, Microsoft and Google said they’re publicly reporting their internal findings, as required by the White House. In May, Microsoft released its first “Responsible AI Transparency Report.” Google said it’s making internal research on AI's benefits and risks public, including studies of how generative AI can be misused and the social and ethical risks of AI systems.
Meta is publishing research about AI safety, such as reports about a new set of foundation models, called Llama 3, or on Mechanistic Interpretability, which “promises a path” to understand how neural networks make predictions.
— AI for good —
The companies also offered numerous examples of how their AI systems help address some of society’s biggest challenges. Microsoft said its AI satellite imagery is being used to map climate-vulnerable populations, which helps researchers predict food insecurity, forced migration and disease.
Anthropic said that Pfizer and the Dana-Farber Cancer Institute is using its Claude to combat cancer, the company said. Amazon said that pharmaceutical company Gilead is using its generative AI technology to design and analyze research studies.
Google said its AI technology is being used to map the human brain, which could help researchers understand neurological diseases such as Alzheimer’s.
— Warning from whistleblowers —
But it’s unclear whether or not those steps would comply with the EU’s AI Act, which requires tech companies to conduct third-party audits. That word, "audit," was conspicuously absent from all the AI companies’ updates about their White House commitments.
The voluntary commitments haven’t assuaged the concerns of former employees and board members for AI companies, who are warning US lawmakers that self-regulation isn’t good enough.
It may seem like science fiction, but a handful of AI companies, including OpenAI, Google, Anthropic, Meta, Amazon, Microsoft and X, are already working to build “artificial general intelligence,” or AGI, which is roughly as smart as a human being, Helen Toner, a former board member for OpenAI, told a Senate Judiciary subcommittee in September.
“The idea of human-level AI being developed in the next decade or two should be seen as a real possibility that necessitates significant preparatory action now,” Toner said. Her time on OpenAI’s board “taught me how fragile internal guardrails are when money is on the line,” she said, “and why it's imperative that policymakers step in.”
Fellow witness William Saunders worked at OpenAI for three years as a technical expert spotting mistakes in language models and agreed companies such as OpenAI have ambitious plans for AGI. But AI companies are prioritizing deployment over rigorous testing, he said.
“I believe there is a real risk they will miss important dangerous capabilities in future AI systems,” he said.
Saunders said he resigned after his team was cut back, and he “lost faith” that the company would make responsible decisions about AGI. “If any organization builds technology that imposes significant risks on everyone, the public and the scientific community must be involved in deciding how to avoid or minimize those risks,” he said.
Harris described a similar experience when he worked at Meta from 2018 to 2023 on its Civic Integrity and Responsible AI teams. He led efforts to combat online election interference, protect public figures, and drive research to develop ethical AI systems and AI governance, he said. “Today, those teams do not exist,” he said.
Harris pointed to a study from Free Press in late 2023 that showed the largest social-media companies have deprioritized content moderation and other user trust and safety protections, including rolling back platform policies that reduced the presence of hate, harassment and lies on their platforms and laying off critical staff.
Harris, who now teaches AI ethics at the University of California Berkeley, said statements from AI CEOs that they want regulation should be viewed with skepticism. He helped state legislators in California craft several AI bills around disclosure and transparency, and quickly learned how the tech industry works behind the scenes to water down or kill bills they don’t like, he said.
“We need to move quickly with binding and enforceable oversight of AI," Harris said.
Pressure on employees to release new AI products faster to make a return on investments is outweighing safety concerns, said Margaret Mitchell, an AI researcher and computer scientist who worked at Microsoft and Google to “proactively” minimize any foreseeable bad outcomes from technology.
At the same time, internal incentives around promotions and raises are pushing employees to release new AI products “without collaborating across complementary approaches, incorporating different perspectives, or developing systems that were informed by the impacts of the technology,” she said.
Those concerns were echoed by the committee’s chair, Senator Richard Blumenthal, a Democrat from Connecticut who challenged “Big Tech to come forward and be constructive here.”
“The pressure is enormous,” Blumenthal said. “Billions and billions of dollars, careers of smart, motivated people, are on the line. And what seemed to be a kind of slow walk on AI has turned into literally a gold rush.”
Please e-mail editors@mlex.com to contact the editorial staff regarding this story or to submit the names of lawyers and advisers.