What are the Actual Risks of AI?
Michael Spencer
A.I. Writer, researcher and curator - full-time Newsletter publication manager.
This is a guest post by Tobias Jensen - he writes the Futuristic Lawyer Newsletter.
What do you think about when you think of AI risks?
Visit the AI Risk Repository here.
?? In partnership with Read Futurist ??
With so many various Newsletters, I wanted to return to my roots and start a blog. This is a passion project in development (Born August 20th, 2024).
Emerging tech, breaking news on the beat of the futurity.
Read Futurist is my new blog, where I will seek to cover Tech & innovation breaking news in a minimalist short-form way. It’s experimental, half-undecided and a passion project starting from zero.
Only those who are crazy obsessed with the future of technology will benefit from it fully.
Understanding the Actual Risks of AI
The structure and key findings of the AI risk repository + comparison with risk frameworks applied by BigTech.?
Introduction
On August 14, MIT FutureTech and its partners released the AI risk repository - the most comprehensive database of AI risks assembled to date. The stated goal is to create a common frame of reference for understanding and addressing the risks from AI.?
You can explore the database for yourself and read the preprint via the website here.
In this post, we will look closer into how the new database can be used in combination with the “domain taxonomy” and the “casual taxonomy" and how it differs from similar risk frameworks that are used by BigTech.?
The AI risk repository was released by Peter Slattery, Neil Thompson, Alexander Saeri and Emily Grundy from MIT FutureTech in collaboration with Michael Noetel and Jess Graham from the University of Queensland, James Dao and Soroush Pour from Harmony Intelligence, Stephen Casper from MIT CSAIL, and Risto Uuk from Future of Life Institute and KU Leuven.?
How the AI Repository Can Be Used & the Domain Taxonomy
As I see it, the project has two important use cases: It provides practitioners with a clear overview of the full risk landscape, and it helps to reveal research gaps in the current literature on AI risks.?
As for the first point, the literature on AI risks is rich but fragmented.?
There are several good risk frameworks that can be used by organizations that want to (or are legally obligated to) analyze and mitigate potential risks when deploying an AI model. However, up until now, there haven’t been any coordinated efforts to create a database like the AI risk repository which combines insights from many different frameworks. As a result, organizations, risk evaluators, security professionals, and policymakers do not have a clear overview of the full risk landscape, and risk mitigation plans and policies may be incomplete and insufficient.?
Secondly, the AI risk repository reveals research gaps in the current literature on AI risks.?
Building on risk classification systems from 43 peer-reviewed articles, preprints, conference papers, and other reports - that were carefully selected after screening through more than 17.000 documents - the authors identify 777 AI risks in total. Each of these risks is listed in the AI risk database with a short description from the relevant paper and a reference citation.?
The risks are also grouped into 7 domains and 23 sub-domains. The authors refer to this categorization as the “domain taxonomy”.?
领英推荐
The 7 risk domains with percentage points from highest to lowest according to how often they were cited across the 43 risk frameworks look as follows:
And for the 23 sub-domains:
Of all these sub-domains, I am generally most concerned about a combination of “pollution of information ecosystem and loss of consensus reality” and “overreliance and unsafe use”. The personalized infinite scrolling loops on social media platforms like Facebook, Instagram, TikTok, and X, are both addictive and polluting and causing mental and spiritual harm, especially to the young users that are being targeted. As we can see, these two sub-domains appear to be underemphasized across the AI risk frameworks relative to other sub-domains
Casual Taxonomy
The AI risk repository does not only group the identified risks according to domain categories but also by “casual factors”.?
The risks are sorted by “entity”, whether the risk is caused by an AI or a human, “intent” whether the risk occurs due to an intentional or unintentional outcome from pursuing a goal, and “timing” whether the risk occurs pre-deployment or post-deployment. Specifically, it looks like this:?
Looking at the first two categories, I am reminded of how Mark Zuckerberg argued in a blog post following Llama 3.1s release, “Open Source AI Is the Path Forward” that AI should be developed open-source (according to Meta’s home-cooked version of “open source”) for safety reasons:
“My framework for understanding safety is that we need to protect against two categories of harm: unintentional and intentional. Unintentional harm is when an AI system may cause harm even when it was not the intent of those running it to do so. For example, modern AI models may inadvertently give bad health advice. Or, in more futuristic scenarios, some worry that models may unintentionally self-replicate or hyper-optimize goals to the detriment of humanity. Intentional harm is when a bad actor uses an AI model with the goal of causing harm.
It’s worth noting that unintentional harm covers the majority of concerns people have around AI – ranging from what influence AI systems will have on the billions of people who will use them to most of the truly catastrophic science fiction scenarios for humanity. On this front, open source should be significantly safer since the systems are more transparent and can be widely scrutinized. Historically, open source software has been more secure for this reason”
Considering that the majority of identified risks in the AI risk repository comes from the AI system itself rather than human decision-making and that more risks are "unintentional" than "intentional", Zuckerberg seems to raise a valid point.?
Open code is a better protection against unintentional harms that are caused by system failures because users of the model have access to do thorough security testing and report and fix mistakes.??
At the same time, it’s impossible for the developer of an open foundation model to control how the model is used since it can be installed and run on a local hard drive. Guardrails can be installed by the developer but anyone with a strong interest in bypassing these guardrails is typically able to do so. The same cannot be said for closed AI models where the developer has much more control over its application.??
An example of intentional harm humans can do with open-access AI is to make AI-generated nudes. San Francisco's city attorney, David Chiu recently brought a case to shut down 16 of the most popular websites and apps that use AI to “undress” or “nudify” women and girls. Quoting from the complaint:
“By exploiting open-source AI image generation models, these websites and apps manipulate images of real women and girls without their consent to create photorealistic images showing these women and girls with AI-generated nude bodies and intimate body parts (..)?
Nonconsensual intimate images (“NCII”) generated from Defendants’ websites—and other similar websites—are used to bully, threaten, and humiliate women and girls (..)
Victims have little to no recourse, as they face significant obstacles to remove these images once they have been disseminated. They are left with profound psychological, emotional, economic, and reputational harms, and without control and autonomy over their bodies and images.”
By treating the code to AI models as a trade secret, the chances of intentional harms would be significantly reduced. On the other hand, BigTech’s standing practice of refusing to reveal any technical details about how their models work raises another host of security concerns.?
The open AI vs. closed AI discussion is not at all straightforward but it currently seems like Meta’s open approach is the winning strategy, and the premise that most AI harms are unintentionally caused by the systems seems to be in line with the statistics from the AI risk repository.?
Comparison with OpenAI’s Preparedness Framework and Google DeepMind’s Safety Work
In comparison to the comprehensive overview in the AI risk repository, OpenAI managed to identify a grand total of four risks in its “preparedness framework” which covers the company’s “processes to track, evaluate, forecast, and protect against catastrophic risks posed by increasingly powerful models.”?
OpenAI used the preparedness framework to describe, evaluate, and mitigate risks before releasing GPT-4o, according to GPT-4o System Card. OpenAI assessed that GPT-4o scored low on three of the four risk categories in the framework, “Cybersecurity”, “Biological Threats”, and “Model Autonomy”, while scoring medium on the fourth category, “Persuasion” due to the model’s capability to generate convincing text about politically sensitive topics.?
Generally, OpenAI tends to be fixated on concerns that would make a good plot line for a science-fiction movie. The preparedness framework seems to be built around the imaginative danger of a superintelligent AI that develops an agency of its own, engages in warfare with never-before-seen bio- and cybersecurity weapons, and manipulates people with superb persuasion skills in the pursuit of its uncanny mission.??
Present risks related to AI are of course much more mundane, not “catastrophic” in the same sense as a nuclear war but nonetheless, the risks are, you know, real.
If OpenAI abandoned its simplistic framework in favor of the AI risks repository, GPT-5 and onwards could be evaluated based on relevant risk categories such as “energy consumption”, “fairness”, “robustness”, “privacy leakage”, “toxicity generation”, “sociocultural and political harms”, “inequality of wealth”, “AGIs with poor ethics, morals and values”, “bias”, “incompetence”, “competing for jobs”, “overreliance”, degradation”, among many others. Thorough risk assessments in these categories would be very interesting and useful to read.?
If OpenAI was indeed very concerned about the dangers of its future models, it could commission a thorough risk assessment for example from non-partisan members of academia. The report should span +1000 pages and deeply consider the consequential impact of generative AI on society.? If AI is the most transformative general-purpose technology in human history as claimed by prophets and profiteers, an all-encompassing risk report would be in order.??
Actually, Google has done work in this direction. Google is behind five of the top 20 most cited papers on AI risk classification that are all included as resources in the AI risk repository.? Google DeepMind recently released another report, The Ethics of Advanced AI Assistants (2024), which fills 274 pages and is included in the AI risk repository as well.?
The granularity of the AI risk repository makes it a very good starting point to understand the actual risks of AI and brace ourselves for the negative impacts AI may have now and in the future. I hope the database will contribute to raising awareness and the general standards for AI risk assessments, although I wouldn’t expect it to be adopted by BigTech.?
Principal Engineer of Quality + Engineering. Founder of Certified Enterprise Risk Manager? (CERM) Academy, 800Compete.com.
3 个月We're familiar with the MIT etc risk laboratories. The challenge is separatign the critical few from insignificant few. Once identified, then, 'so what' question has to be asked and addressed.
Lead at the AI Risk Repository | MIT FutureTech
3 个月Thank you for sharing, Michael Spencer. It's an honor to be featured in your newsletter! We encourage anyone interested in our work to visit our website to interact with the research: https://airisk.mit.edu/ We'd also welcome feedback, if you have any, here: https://docs.google.com/forms/u/2/d/1tDd-0Olru5dYHY9bjs3oHj9cg3-QRJqf6lMHn4lEVRc/edit
Customer Care Innovation Leader | Customer Service Technology Strategist | Workforce Management (WFM) Expert |
3 个月Fascinating deep dive Michael Spencer the AI risk repository you mention I find very valuable. The contrast between this comprehensive approach and the more simplistic frameworks used by some tech giants is striking IMO..... ?A few thoughts to add if I may... the domain taxonomy breakdown is eye-opening. I'm particularly intrigued by the "overreliance and unsafe use" category, as it's a challenge we grapple with daily in customer care. Balancing AI efficiency with maintaining the human touch is crucial, leaning more Human Touch IMO... Also... the casual taxonomy's focus on unintentional vs intentional harm aligns with my experience.... I am finding I am constantly working to mitigate the unintended consequences of AI implementation... despite all its benefits. I would be curious to hear your thoughts on how mid-size tech companies, like the ones I have been employed in over the last few years out of Berlin, should approach AI risk assessment. Should we develop our own frameworks or adapt existing ones like this repository? Either way great read, as always...keeping us on our toes in this rapidly evolving landscape... thanks for the share Michael Spencer
Solopreneur Leading Digital Transformation Strategy & E-Comm Revenue Generation Expertise for ?? Clientele | B2B & B2C
3 个月it'll also create easy times hence weaker and lazier generations to come.