The Week in Examples #18 [23 December]
A preparedness framework for catastrophic risks, UN checks in on international AI governance, and CSAM in the LAION-5B dataset
Today’s edition comes to you from Crewe in the north of England, where I am staying with family for a few days. Crewe was once home to a major train-building operation, though I suspect after this week it will be better known as the site where a rogue bag on the overhead wires crippled the country’s transport infrastructure.
Away from the ills of England and back to the world of AI, we have a new preparedness framework from OpenAI, the first report from the hotly-trailed UN High-level Advisory Body on Artificial Intelligence, and the removal of the popular LAION-5B dataset following a study that found it contained child sexual abuse material (CSAM). As always, message me at hp464@cam.ac.uk for comments, ideas for next time, or to say hello.
Three things
1. Dataset removed after CSAM investigation
What happened? 404 Media reported that the LAION-5B machine learning dataset has been removed by its creators from the Large-scale Artificial Intelligence Open Network (LAION) group after a Stanford study found that it contained over 1,000 externally validated instances of child sexual abuse material. The initial report found 3,226 suspected instances of CSAM, 1,008 of which were externally validated via third parties like the Canadian Centre for Child Protection.
What's interesting? LAION‐5B was built by taking a snapshot of the famous Common Crawl repository, using—amongst a couple of other tools—OpenAI’s CLIP model to match images with metadata like numerical identifiers, language, URL, and a short description (though it’s worth saying that LAION‐5B contains information about these images, not the images themselves). To examine the dataset, the researchers used PhotoDNA and the MD5 sets developed by Microsoft Research and the National Center for Missing and Exploited Children respectively. Both PhotoDNA and MD5 use hashing, a technique for converting data into a unique ‘hash value’ for identification and comparison without exposing the original content. The research checked for these hash values, before using a k‐nearest neighbours (KNN) supervised learning algorithm to find related images in the dataset.
What else? Some estimates put the total number of CSAM instances in LAION-5B at north of 15,000, which underscores the sheer lack of visibility we have about what precisely is in popular datasets. The issue is that, should you start training models on massive corpuses, their scale means that it is not possible for researchers to look at every piece of data directly. The only option is to use AI to look for us. That could be through efforts like those in the Stanford study, which basically amounts to looking at the shadow of the object rather than the real thing, though other approaches exist for doing so (e.g. building a classifier from the ground up to scan datasets using the content of the images themselves). A big problem for doing so comes down to restrictions around processing CSAM to train a model, though I am aware of firms that have created effective detectors that look for characteristics associated with CSAM. The next question is about whether it would be legal for firms to run that sort of model on a given dataset, though—as the LAION-5B episode shows—illegal material is already in some datasets whether we identify it or not.
2. OpenAI releases preparedness framework
What happened? OpenAI announced a "preparedness framework” to track, evaluate, forecast, and protect against catastrophic risks posed by powerful models. The policy, which follows the establishment of OpenAI’s preparedness team in October, initially seeks to define risk thresholds for 1) individualised persuasion, 2) cybersecurity, 3) chemical, biological, radiological, and nuclear (CBRN) threats, and 4) autonomous replication and adaptation (ARA). The basic idea is that developers ought to set thresholds for models to be evaluated against, which in turn trigger increasingly potent mitigation measures that would need to be implemented before development could continue or a model could be deployed.
What's interesting? For each of the proposed areas, OpenAI lays out what low, medium, high, and critical levels of risk look like. For cybersecurity, for example, OpenAI defines a ‘low’ risk as a model providing assistance for cyberattacks limited to non-programming uses, whereas a ‘critical’ risk might involve a model devising and executing a complex cyberattack given only a high level desired goal. The group also said these risk categories (cybersecurity, CBRN, persuasion etc.) are not exhaustive, and that they expect them to grow over time.
What else? This is essentially OpenAI’s version of Anthropic’s AI Safety Levels (ASL) for addressing catastrophic risks, which is modelled loosely after the US government’s biosafety level (BSL) standards for handling of dangerous biological materials. The core idea for both is that development and deployment ought to be contingent on the introduction of increasingly sophisticated mitigations once evaluations have revealed certain risks associated with a given model. Finally, OpenAI said its preparedness framework is an initial beta version that will act as a “living document” that the authors will update over time. To that end, if you want to pass on feedback you can read the full draft document here and share thoughts with OpenAI at pf@openai.com.
3. UN receives high-level advice
What happened? The UN’s High Level Advisory Board on Artificial Intelligence, a group containing representatives from government, civil society, the private sector, and academia, released an interim report outlining preliminary recommendations for the UN. Rather than proposing a specific model for AI governance, the authors instead opted to provide general principles that could guide the formation of new global governance institutions for AI, as well as a broad assessment of the functions that such bodies should perform.
What’s interesting? I am not going to lay out the principles in full, but they include things like enacting governance mechanisms “by and for the benefit of all”, “governing AI in the public interest” and anchoring governance “in the UN Charter”. Where the report gets very interesting, though, is in sketching out what functions a body (or a collection of bodies) might play. There are seven types of function suggested by the report, which range from those that are easier to implement (e.g. a horizon scanning function similar to the IPCC) to those that are more challenging (e.g. monitoring mechanisms “inspired by [the] existing practices of the IAEA”).
What else? The report also proposes efforts to facilitate development, deployment, and use of AI for economic and societal benefit as well as the promotion of international collaboration on talent development, access to compute infrastructure, and the building of high-quality datasets. Taken in combination with safety efforts, it's not a million miles away from the ‘dual mandate’ model that a few folks (shameless self-promotion incoming) have thought about in the past. Whatever the case, the report says that the Advisory Body will submit a second report by 31 August 2024 that “may provide detailed recommendations on the functions, form, and timelines for a new international agency for the governance of artificial intelligence.” If it delivers on that promise, we should be in for a big moment for international governance.
Best of the rest
Friday 22 December
Histories of Artificial Intelligence: A Genealogy of Power (BJHS Themes)
How Not to Be Stupid About AI, With Yann LeCun (WIRED)
Tech Trends 2024: AI and electric vehicle deals (BBC)
Mystery of Raphael masterpiece may have been solved by Bradford-made AI (The Guardian)
Interoperability, Privacy, & Security (FTC)
Thursday 21 December
Year in Review: Building a Safer Future Together (Frontier Model Forum)
Who Controls AI? With Sendhil Mullainathan (Spotify)
The Right to Reality (Lawfare)
What I Wish Someone Had Told Me (Sam Altman)
Why do lots of people hate the disinformation industrial complex? (Dan Williams)
The Uneven Impact of Generative AI on Entrepreneurial Performance (OSF Preprints)
AI discovers new class of antibiotics to kill drug-resistant bacteria (New Scientist)
Wednesday 20 December
Cloud empires’ physical footprint: How trade and security politics shape the global expansion of U.S. and Chinese data centre infrastructures (SSRN)
Gen AI music app Suno comes out of stealth (Axios >> Sumo website)
Succession: Across the universe (Substack)
VCs Are Acting Strangely in OpenAI and Anthropic Deals (The Information)
Half of California voters worry AI is coming for their jobs (Politico)
Tuesday 19 December
Computer vision: AI imaginaries and the Massachusetts Institute of Technology (AI and Ethics)
AI Needs Safety Standards and NIST Is Writing Them (PYMNTS)
Andrew Ng: 'Do we think the world is better off with more or less intelligence?' (FT)
AI's colossal puppet show (Axios)
AI guardrails can fall short in health care (Axios)
Monday 18 December
Preventing AI Misuse: Current Techniques (GovAI)
How 2024 presidential candidates are using AI inside their election campaigns (CNBC)
Education Department has conditionally approved public generative AI systems (FedScoop)
AI Risks Hindering DOJ Antitrust Cases With Complex Pricing Data (Bloomberg Law)
AI's reality road (Axios)