[D] AI regulation: a review of NTIA's "AI Accountability Policy" doc

How will governments respond to the rapid rise of AI? How can sensible regulation keep pace with AI technology? These questions interest many of us!

One early US government response has come from the National Telecommunications and Information Administration (NTIA). Specifically, the NTIA published an "AI Accountability Policy Request for Comment" on April 11, 2023.

I read the NTIA document carefully, and I'm sharing my observations here for others interested in AI regulation. You can, of course, read the original materials and form your own opinions. Moreover, you can share those opinions not only on this post, but also with the NTIA itself until June 12, 2023.

As background, the NTIA (homepage, Wikipedia) consists of a few hundred people within the Department of Commerce. The official mission of the NTIA is "advising the President on telecommunications and information policy issues". Topics covered by NTIA include broadband internet access, spectrum management, internet health, and now artificial intelligence. I do not know whether the NTIA will ultimately drive thinking around AI regulation in the United States or they are just a spunky lot who got something on paper early.

The NTIA document is not a specific policy proposal, but rather a thoughtful discussion of AI regulation, followed by a long list of questions on which the NTIA seeks input. This format seems appropriate right now, as we're all trying to make sense of a fast-changing world.

The NTIA document leans heavily on two others: the Blueprint for an AI Bill of Rights from the White House Office of Science and Technology and the AI Risk Management Framework from the National Institute of Standards and Technology (NIST). Without going into these two in depth, even tiny snippets convey their differing audiences and flavors:

• White House Blueprint: "You should be protected from safe and ineffective systems."
• NIST Framework: "Risk refers to the composite measure of an event’s probability of occurring and the magnitude or degree of the consequences of the corresponding event."

Now, turning back to the NTIA document itself, I'll comment on three aspects (1) scope, (2) problems addressed, and (3) solutions contemplated.

Scope is critical to understanding the NTIA document, and is probably worth keeping in mind in all near-term discussion of AI regulation. Over the past several years, at least two different technologies have been called "AI". The document mentions both, but the emphasis is NOT on the one you're probably thinking about. In more detail:

• A few years ago, regulators began scrutinizing "automated decisions systems", which passed as "AI" in those ancient times. An example would be an ML model used by a bank to decide whether or not you get a loan. That model might take in all sorts of information about you, combine it in mysterious ML ways, and reject your loan request. Then you might wonder, "Did that system effectively use my address and name to deduce that I am black and then reject my loan request on the basis of race?" There is some evidence of that happening, and this seems like an injustice. So perhaps such systems should be audited and certified so people know this won't happen. This is the focus of the document.
• These days, AI more commonly refers to open-ended systems that can engage on a wide range of topics and approximate human intelligence. The document briefly mentions generative AI models, large language models, ChatGPT, and "foundational models" (sic), but this is not the focus. The passing mentions may obscure this, unfortunately.

In my opinion, these two notions of "AI" are radically different, and many of the differences matter from a regulatory perspective. Yet NTIA lumps both under a sweeping definition of an "AI system" as "an engineered or machine-based system that can, for a given set of objectives, generate outputs such as predictions, recommendations, or decisions influencing real or virtual environments." (Hmm, this includes my Magic 8-Ball…)

Keep scope in mind as we turn to the next aspect: the problems under discussion. Now, NTIA's goal is to solicit input, so considering a wide range of potential problems associated with AI makes sense. Consistent with that, the document refers to democratic values, civil rights, civil liberties, and privacy. And citing the NIST doc, NTIA vaguely notes "a wide range of potential AI risks". Also, AI systems should be "valid and reliable, safe, secure and resilient, accountable and transparent, explainable and interpretable, privacy-enhanced, and fair with their harmful bias managed". And they should call their mothers *every* week. (Okay, I made that one up.)

A few comments on this formulation of the problem. First, these concerns feel more applicable to older-style AI. This includes automated decisions systems, like for a bank loan or for a prison parole recommendation. Sure, I believe such systems should operate in ways consistent with our consensus societal values, and further regulation may be needed to achieve that. But, hello! There's also another, newer class of AI that poses additional challenges. And I don't see those discussed in the NTIA document. Such challenges might include:

1. People losing jobs because AI takes their work.
2. Ensuring malicious people don't use AI tools to wreak havoc on the world.
3. Sorting out intellectual property issues around AI to ensure both rapid progress in the field and respect for creators' rights.
4. Ensuring laws appropriately assign culpability to humans when AIs cause harm.
5. Planning for an incident analogous to the first internet worm, where an AI goes rogue, wreaks some havoc, and everyone is shocked (before it happens 28,385 more times).

Bottom line: when I cntrl-F the doc for "robotic overlords", I get zero hits. ZERO. This is why I now believe scope is so important when considering efforts to regulate AI: are we talking about old-school AI or 2023-era AI or what? Because they are pretty different.

The last aspect I'll address is the solutions contemplated. Again, NTIA's goal is to stimulate discussion, not propose something specific. Nevertheless, there is a strong push in one particular direction: unlike, "robotic overlord", the word "audit" appears more than 100 times along with many instances of "assessment" and "certification".

On one hand, this approach makes sense. Suppose you want to ensure that a bank loan system is fair, that a social media platform isn't spreading misinformation, that a search engine is returning accurate results, etc. Then someone, somewhere has to assess or audit that system and look for problems. That audit might be done by the creator of the system or a third-party auditing agency. Such audits could be incentivized by mandates, prizes, or shiny gold stars. The government might help by fostering development of auditing tools and data. The NTIA is open to all such possibilities and seeks input on how to proceed.

On the other hand, this seems like a tactic best suited to automated decision systems operated by financial institutions, government agencies, and the like. Such formal processes seem a poor fit for the current AI wave. For example:

• Auditing will take time and money. That's something a bank might pay for a system that will run for years. For something fine-tuned over the weekend at a startup or by some guy living in his mother's basement, that's probably not going to happen.
• Auditing a straightforward decision system seems far easier than assessing an open-ended AI. Beyond basic practicality, the AI could be taught to lie when it senses an audit. Also, auditing procedures (like the NTIA doc itself) will presumably be online, which means that AIs will read them and could potentially respond.
• Most current ML models fix parameters after training, but I think we'll soon see some models whose parameters evolve as they engage with the world. Auditing such a system that varies continuously over time seems especially difficult.
• Auditing a foundation model probably tells you little about derivative models. A sweet-hearted model can surely be made into monster with moderate additional training; you don't need to teach the model new cognitive skills, just repurpose existing ones to new ends.
• More generally, auditing doesn't address many of my concerns about AI regulation (see list above). For example, auditing sort of assumes a basically responsible actor (bank, government agency, big tech company), but AI could be misused by malicious people who, naturally, will not seek a responsible outside assessment.

In any case, for both old-school and modern AI, auditing is only one line of defense, and that's not enough. You can audit until you're blue in the face, stuff will still get through, and AI systems will still cause some harm. So what's the next line of defense? For example, is our legal system ready to sensibly assign culpability to humans for AI-related incidents?

In summary, the critical problem with the NTIA document is that it creates a largely false appearance of US government engagement with the new class of AI technology. As a result, people could wrongly believe that the US government is already responding to the rise of AI, and fail to advocate for actual, effective engagement. That said, the NTIA document does address important issues around a prominent technology sometimes (formerly?) called "AI". Even there, however, the proposed approach (auditing) seems like an overly-fragile, single line of defense.