Harms

Updated May 16, 2024

 

Harms that can be caused by artificial intelligence are a subject of intense debate. There is little agreement on what the potential harms are, or what harms are of greatest concern. The core mission of Saihub.info is to take a disciplined approach to identifying and analyzing all actual or potential harms from AI that are credible and significant. We list the types of harm that we have identified in our harms register, which is explained further below.

 

Harms-Specific, Risk-Based Approach

The debate about AI risk and AI safety has become confused by the tendency to treat disparate AI harms as a single problem, and by public disagreement over which harms deserve most attention (particularly between those focused on harms emerging now and those focused on long-term existential risk).

 

We believe that it is important to assess and respond to different harms differently, and often individually. We have begun to assess harms in this way, through:

• a harms register, which takes an approach similar to that of a risk register under established risk management approaches like ISO 31000 and M_o_R® -- We use the term "harms register" rather than "risk register" to draw a distinction between risks (which these frameworks associate with uncertain events) and our focus is on categories of harm that may be (i) already occurring and/or (ii) logically associated with development of AI. However, the two terms are closely related.
• a set of web pages that assess issues and solutions separately for each entry in the harms register, as sub-pages of this page.

 

There are various emerging standards and policies that inform risk management for AI:

• As noted above ISO 31000 and M_o_R are general risk management standards not specific to AI.

• ISO 23894 and the Artificial Intelligence Risk Management Framework (issued by the US National Institute of Standards and Technology (NIST)) set out AI-specific risk management approaches. As a supplement to its framework, NIST in April 2024 proposed the Artificial Intelligence Risk Management Framework: Generative Artificial Intelligence Profile.

• ISO 42001 is a more general standard for management of AI systems, with a focus beyond risk.
• OpenAI has:
  • released a Model Spec (May 2024) that "specifies [OpenAI's] approach to shaping desired model behavior and how we evaluate tradeoffs when conflicts arise"
  • announced in October 2023 that it would release a Risk-Informed Development Policy (it is unclear whether this is still planned).

 

Others are also urging a disciplined, risk-focused approach to AI harms:

• A group of leading researchers and thinkers including Yoshua Bengio and Geoff Hinton advocated a risk-focused approach in "Managing AI Risks in an Era of Rapid Progress" (November 2023)
• The UK Department for Science, Innovation & Technology has released a consultation response (February 2024) proposing creation of a "cross-economy AI risk register".
• The Communications and Digital Committee of the UK House of Lords has produced a report Large language models and generative AI (February 2024) which includes a chapter on risk. 
• Gladstone AI released an Action Plan (February 2024) for the US government, focused on weaponization and loss of control over advanced AI systems, as the output of a project commissioned by the US State Department.

 

Our application of this harms/risk-specific approach is preliminary and incomplete, and we expect some of our harm/risk assessments to be controversial. Please get in touch if you have comments or suggested additions or changes to the harms register.

 

Closed vs Open Models

 

In discussions of AI harms / risks, an important cross-cutting issue (affecting multiple harms) is whether open-source AI models are beneficial (including because they promote innovation, and help avoid market capture by the largest companies) or dangerous (because they put the most powerful AI tools in the hands of many). An excellent paper on this issue was published by Stanford HAI in December 2023.

 

Other Resources

A few other resources on AI harms include:

• the OECD AI Policy Observatory, which organizes by policy area the "latest AI policy research taking place in different policy communities across the OECD and beyond"

• a series of reports on capabilities and risks of "frontier AI", published by the UK government ahead of the first AI Safety Summit in November 2023

• the GPT-4 System Card, which covers (1) "safety challenges presented by [GPT-4]", (2) "a high-level overview of the safety processes OpenAI adopted to prepare GPT-4 for deployment" and (3) a "demonstrat[ion] that while ... mitigations and processes alter GPT-4’s behavior and prevent certain kinds of misuses, they are limited and remain brittle in some cases"

• Google DeepMind paper The Ethics of Advanced AI Assistants (April 2024)

• a taxonomy of harms developed by the AI Vulnerability Database project.

 

We helped organize a consultation on 'AI -- Threats and Opportunities' at St George's House, Windsor Castle in October 2023, at which some of these issues were discussed. The report of the consultation is available here.