Questionable assumptions on regulating open source AI

This Guardian article is helpful for containing so many of the questionable assumptions behind calls to strictly limit open source AI tools.

1. Meta’s leaked LLaMA (and similar Large Language Models) are “terrif[ying]”, “incredibly potent artificial intelligence software”. Could we please keep a sense of proportion about advanced autocomplete?

2. The budding LLaMA-based open source ecosystem “could position Meta as owner of the centrepiece of the dominant AI platform, much in the same way that Google controls the open-source Android operating system”. Google actually “controls” that Android ecosystem via its contractual requirements for phone manufacturers if they want access to the Play store (the European Union’s competition authorities are doing their best to remedy this).

3. Only strictly-controlled LLMs operated centrally behind an API “won’t help you build a bomb, plan a terrorist attack, or make fake content designed to disrupt an election”. Do we really think the availability of advanced autocomplete is the limiting factor here?

“This gives anyone – from unscrupulous political consultancies to Vladimir Putin’s well-resourced GRU intelligence agency – freedom to run the AI without any safety systems in place.” Russia, China and other well-resourced state actors are perfectly capable of building, buying and/or stealing their own.

NOW we’re getting somewhere: ‘Meta’s platforms (Facebook, Instagram and WhatsApp) will be among the biggest battlegrounds on which to deploy these “influence operations”. Sadly, the civic integrity team that I worked on was shut down in 2020’.

4. ‘the proliferation of new and growing platforms, each with separate and much smaller “integrity” or “trust and safety” teams, may be even less well positioned than Meta to detect and stop influence operations, especially in the time-sensitive final days and hours of elections’. The impact of disinformation in elections is much more nuanced (and limited) than this kind of statement implies. See my review of the evidence last year.

Next, a long list of discrimination harms which AI can cause if misused by govt and business. None of which should be affected by the availability of open-source LLMs if existing laws on discrimination, data protection, and similar are enforced and developed as they should be ?‍⚖️ (If you are in a jurisdiction where these don’t exist or are limited — notably ?? — there is a more effective place to start.)

5. “Meta appears to stand alone today, however, for its capacity to continue to release more and more powerful models combined with its willingness to put them in the hands of anyone who wants them.” Hasn’t this LLaMA already bolted? Google seems to think so.

6. ‘Tech companies must also put much stronger controls on who qualifies as a “researcher” for special access to these potentially dangerous tools.’ This could do serious damage to transparency of models; to competition; and to what effect?

How far would these controls go on open source development? Try to limit publication of models beyond a certain threshold? Or even training software and very large datasets? Remember US attempts to control the spread of encryption software? (TL;dr=despite multi-decade efforts by the US and its allies, they failed.)

7. “The generative AI companies and communications platforms need to work together to deploy watermarking to identify AI-generated content, and digital signatures to verify that human-produced content is authentic.” I think digital watermarking is destined to fail here for the same reasons it had very limited impact in stopping filesharing in the late 1990s/early 2000s.

8. Finally: we need “new international governance bodies to be created specifically for AI”, long before the EU’s AI Act comes into force in 2025. So the world is going to agree an effective anti-proliferation regime on such a controversial topic in less time than a new EU law?

I’m dismayed by how much of the debate about regulating open source AI floats freely outside evaluation of the effectiveness of existing legal regimes, and of previous attempts to regulate technological systems (<cough>).