Leaders from the AI research world appeared before the Senate Judiciary Committee to discuss and answer questions about the nascent technology. Their broadly unanimous opinions generally fell into two categories: we need to act soon, but with a light touch — risking AI abuse if we don’t move forward, or a hamstrung industry if we rush it.
The panel of experts at today’s hearing included Anthropic co-founder Dario Amodei, UC Berkeley’s Stuart Russell and longtime AI researcher Yoshua Bengio.
The two-hour hearing was largely free of the acrimony and grandstanding one sees more often in House hearings, though not entirely so. You can watch the whole thing here, but I’ve distilled each speaker’s main points below.
What can we do now? (Each expert was first asked what they think are the most important short-term steps.)
1. Secure the supply chain. There are bottlenecks and vulnerabilities in the hardware we rely on to research and provide AI, and some are at risk due to geopolitical factors (e.g. TSMC in Taiwan) and IP or safety issues.
2. Create a testing and auditing process like what we have for vehicles and electronics. And develop a “rigorous battery of safety tests.” He noted, however, that the science for establishing these things is “in its infancy.” Risks and dangers must be defined in order to develop standards, and those standards need strong enforcement.
He compared the AI industry now to airplanes a few years after the Wright brothers flew. There is an obvious need for regulation, but it needs to be a living, adaptive regulator that can respond to new developments.
Of the immediate risks, he highlighted misinformation, deepfakes and propaganda during an election season as being most worrisome.
Amodei managed not to bite at Sen. Josh Hawley’s (R-MO) bait regarding Google investing in Anthropic and how adding Anthropic’s models to Google’s attention business could be disastrous. Amodei demurred, perhaps allowing the obvious fact that Google is developing its own such models speak for itself.
What can we do now?
1. Limit who has access to large-scale AI models and create incentives for security and safety.
2. Alignment: Ensure models act as intended.
3. Track raw power and who has access to the scale of hardware needed to produce these models.
Bengio repeatedly emphasized the need to fund AI safety research at a global scale. We don’t really know what we’re doing, he said, and in order to perform things like independent audits of AI capabilities and alignment, we need not just more knowledge but extensive cooperation (rather than competition) between nations.
He suggested that social media accounts should be “restricted to actual human beings that have identified themselves, ideally in person.” This is in all likelihood a total non-starter, for reasons we’ve observed for many years.
Though right now there is a focus on larger, well-resourced organizations, he pointed out that pre-trained large models can easily be fine-tuned. Bad actors don’t need a giant data center or really even a lot of expertise to cause real damage.
In his closing remarks, he said that the U.S. and other countries need to focus on creating a single regulatory entity each in order to better coordinate and avoid bureaucratic slowdown.
What can we do now?
1. Create an absolute right to know if one is interacting with a person or a machine.
2. Outlaw algorithms that can decide to kill human beings, at any scale.
3. Mandate a kill switch if AI systems break into other computers or replicate themselves.
4. Require systems that break rules to be withdrawn from the market, like an involuntary recall.
His idea of the most pressing risk is “external impact campaigns” using personalized AI. As he put it:
We can present to the system a great deal of information about an individual, everything they’ve ever written or published on Twitter or Facebook… train the system, and ask it to generate a disinformation campaign particularly for that person. And we can do that for a million people before lunch. That has a far greater effect than spamming and broadcasting of false info that is not tailored to the individual.
Russell and the others agreed that while there is lots of interesting activity around labeling, watermarking and detecting AI, these efforts are fragmented and rudimentary. In other words, don’t expect much — and certainly not in time for the election, which the Committee was asking about.
He pointed out that the amount of money going to AI startups is on the order of 10 billion per month, though he did not cite his source on this number. Professor Russell is well-informed, but seems to have a penchant for eye-popping numbers, like AI’s “cash value of at least 14 quadrillion dollars.” At any rate, even a few billion per month would put it well beyond what the U.S. spends on a dozen fields of basic research through the National Science Foundations, let alone AI safety. Open up the purse strings, he all but said.
Asked about China, he noted that the country’s expertise generally in AI has been “slightly overstated” and that “they have a pretty good academic sector that they’re in the process of ruining.” Their copycat LLMs are no threat to the likes of OpenAI and Anthropic, but China is predictably well ahead in terms of surveillance, such as voice and gait identification.
In their concluding remarks of what steps should be taken first, all three pointed to, essentially, investing in basic research so that the necessary testing, auditing and enforcement schemes proposed will be based on rigorous science and not outdated or industry-suggested ideas.
Sen. Blumenthal (D-CT) responded that this hearing was intended to help inform the creation of a government body that can move quickly, “because we have no time to waste.”
“I don’t know who the Prometheus is on AI,” he said, “but I know we have a lot of work to make that the fire here is used productively.”
And presumably also to make sure said Prometheus doesn’t end up on a mountainside with feds picking at his liver.