Ensuring AI Safety

Artificial Intelligence (AI) has been heralded as a transformative force in various sectors, from healthcare and finance to education and entertainment. However, the rapid development of AI technologies brings with it significant safety concerns. As Arvind Narayanan and Sayash Kapoor astutely pointed out, "Safety is a property of applications, not a property of technologies (or models)." This perspective is crucial when considering legislation like California's SB-1047, which aims to regulate AI but may miss the mark in its current form.

Understanding AI Safety

To comprehend AI safety, it's essential to draw an analogy. Just as the safety of a blender cannot be judged by its motor alone, the safety of an AI system cannot be determined solely by its technology. The application and context in which AI is used are crucial for its safety.

For example, in healthcare, AI must be rigorously tested and monitored to ensure accurate diagnoses, as errors can have serious consequences. Meanwhile, AI for recommending movies needs to protect user privacy and avoid harmful content, though it may not require the same level of scrutiny.

AI's adaptability adds complexity. Models can be repurposed unpredictably, leading to potential misuse if not properly controlled. For instance, a language model for writing could generate misleading information if misused.

As AI evolves, new risks emerge, necessitating continuous evaluation and adaptation of safety protocols. This requires collaboration among developers, regulators, and users to effectively identify and mitigate risks.

AI safety involves more than just technology. It requires considering the application context, implementing safeguards, and staying vigilant as technology changes. A holistic approach ensures we can benefit from AI while minimizing risks.

The Misguided Approach of California’s SB-1047

SB-1047 fails to recognize this distinction, potentially stifling innovation while not effectively addressing the core issues of AI safety. The bill does not account for the vast number of beneficial uses of AI models, similar to how electric motors power a wide range of devices, most of which are beneficial. Unfortunately, just as it's impossible to create a motor that cannot be misused, it's also challenging to design an AI model immune to harmful adaptations.

This legislative shortcoming is particularly concerning given California's prominent role in AI innovation. California State has been a hub for technological advancements, and legislation that hampers innovation could have far-reaching consequences. Additionally, other jurisdictions often look to California as a model, which means the impact of SB-1047 could extend well beyond state lines.

The Challenges of Ensuring AI Safety

A significant challenge in AI safety is "jailbreaking," where even rigorously aligned, closed-source models can be manipulated to produce harmful responses. Recent data illustrates this concern effectively.

For example, Table 1 (below) shows the fraction of jailbreaks achieved using different methods across both open-source and closed-source models. The TAP method achieved jailbreaks in 98% of cases for the open-source model Vicuna and up to 98% for the closed-source model PaLM-2, demonstrating the vulnerability of these systems. The number of queries required to achieve these jailbreaks was relatively low, indicating the ease with which these models can be exploited.

Such exploits are frequently highlighted by "Pliny the Prompter" on social media, underscoring the persistence and ease of these vulnerabilities. Furthermore, research by Anthropic's Cem Anil and collaborators shows that "many-shot jailbreaking" can coerce leading large language models into giving inappropriate responses, posing a difficult-to-counter threat. This data highlights the need for more robust safety measures and continuous monitoring to mitigate these risks effectively.

Open Source Models and Fine-Tuning

Open-source AI models, in particular, present unique challenges. There's currently no known method to prevent fine-tuning from removing alignment achieved through Reinforcement Learning from Human Feedback (RLHF). This makes it nearly impossible to ensure that open-source models cannot be adapted for harmful purposes. The flexibility that makes these models valuable for innovation and development also makes them vulnerable to misuse.

General Guidelines and the Path Forward

LLMs have the potential to be transformational in business. Appropriate safeguards to secure models and AI-powered applications can accelerate responsible adoption and reduce risk to companies and users alike. As a significant advancement in the field, TAP not only exposes vulnerabilities but also emphasizes the ongoing need to improve security measures.

Enterprises must adopt a model-agnostic approach that can validate inputs and outputs in real-time, informed by the latest adversarial machine learning techniques. This approach ensures robust security and mitigates potential risks. Contact us to learn more about our AI Firewall and see the full research paper for additional details on TAP.

Given these complexities, how should we approach AI safety? The answer lies in nuanced, well-informed legislation that recognizes the specific challenges of AI applications rather than imposing blanket regulations on the technology itself.

The world needs a framework that encourages innovation while ensuring that AI applications are safe. This could involve:

• Developing Robust AI Governance: Establishing clear guidelines for the ethical use of AI, focusing on applications rather than the underlying technology.

• Promoting Transparency: Encouraging companies to be transparent about their AI models, including their capabilities and limitations.

• Enhancing Collaboration: Fostering collaboration between government, industry, and academia to develop best practices for AI safety.

• Investing in Research: Supporting research into AI safety, including methods to prevent jailbreaking and other exploits.

AI safety is a multifaceted issue that requires a nuanced approach. While well-intentioned regulations can sometimes risk stifling innovation without addressing the real challenges of AI safety, a more effective strategy involves focusing on the applications of AI. By fostering a collaborative, transparent, and research-driven approach, we can ensure that AI continues to benefit society while minimizing its risks. As we navigate this complex landscape, it is imperative to advocate for policies that balance innovation with safety, ensuring a future where AI can thrive responsibly.

About the Author

Sam Obeidat: AI Strategy Expert, Technology Product Lead, Angel Investor, and a Futurist.

Sam Obeidat is an internationally recognized expert in AI strategy, a visionary futurist, and a technology product leader. He has spearheaded the development of cutting-edge AI technologies across various sectors, including education, fintech, investment management, government, defense, and healthcare.

With over 15,000 leaders coached and more than 31 AI strategies developed for governments and elite organizations in Europe, MENA, Canada, and the US, Sam has a profound impact on the global AI landscape. He is passionate about empowering leaders to responsibly implement ethical and safe AI, ensuring that humans remain at the center of these advancements.

Currently, Sam leads World AI X, where he and his team are dedicated to helping leaders across all sectors shape the future of their industries. They provide the tools and knowledge necessary for these leaders to prepare their organizations for the rapidly evolving AI-driven world and maintain a competitive edge.

Through World AI X, Sam runs a 6-week executive program designed to transform professionals into next-gen leaders within their domains. Additionally, he is at the forefront of the World AI Council, building a global community of leaders committed to shaping the future of AI.

Sam strongly believes that leaders and organizations from all sectors must be prepared to drive innovation and competitiveness in the AI future.

Connect with Sam Obeidat on LinkedIn

About the Chief AI Officer (CAIO) Program

The Chief AI Officer (CAIO) Program is a 6-week, live, interactive, and highly personalized AI leadership journey that positions you among the world’s pioneering CAIOs, ready to lead transformative change in your organization. Through hands-on coaching from world-renowned AI experts, you’ll gain crucial skills to master productivity-enhancing Generative AI tools and AI agents, build a powerful AI business model for immediate value creation, and craft a customized AI strategy to solve real-world challenges in your field—all aligned with the latest industry trends and breakthroughs.

Join the next cohort and get a 12-month ongoing access to future CAIO sessions, giving you the opportunity to refine your projects, expand your network, and stay at the forefront of the evolving AI landscape. Plus, as part of the World AI Council, you’ll connect with global thought leaders, access premium resources, and gain speaking opportunities at the World AI Forum.

Secure your spot today and lead your organization into the future with confidence.

About The AI Citizen Hub - by World AI University (WAIU)

The AI Citizen newsletter stands as the premier source for AI & tech tools, articles, trends, and news, meticulously curated for thousands of professionals spanning top companies and government organizations globally, including the Canadian Government, Apple, Microsoft, Nvidia, Facebook, Adidas, and many more. Regardless of your industry – whether it's medicine, law, education, finance, engineering, consultancy, or beyond – The AI Citizen is your essential gateway to staying informed and exploring the latest advancements in AI, emerging technologies, and the cutting-edge frontiers of Web 3.0. Join the ranks of informed professionals from leading sectors around the world who trust The AI Citizen for their updates on the transformative world of artificial intelligence.

For advertising inquiries, feedback, or suggestions, please reach out to us at [email protected].