The risks of risk-based AI regulation: taking liability seriously

📄 arXiv: 2311.14684v1 📥 PDF

作者: Martin Kretschmer, Tobias Kretschmer, Alexander Peukert, Christian Peukert

分类: cs.CY, cs.AI

发布日期: 2023-11-03


💡 一句话要点

提出以责任为核心的AI监管机制以应对风险问题

🎯 匹配领域: 支柱九:具身大模型 (Embodied Foundation Models)

关键词: AI监管 法律责任 数据质量 人类监督 风险管理 欧盟AI法案

📋 核心要点

  1. 现有的AI监管方法在应对快速发展的技术和潜在风险方面存在不足,尤其是在数据质量和人类监督的要求上。
  2. 本文提出以责任为核心的监管机制,强调企业在法律违约时需承担明确的责任,确保对AI系统的输入和重训练过程有清晰的了解。
  3. 通过对欧盟AI法案的分析,本文探讨了责任分配的必要性,尤其是在内源和外源潜在伤害的区分上,以优化监管效果。

📝 摘要(中文)

多用途大型AI基础模型的开发与监管已进入关键阶段,专家呼吁暂停训练超越GPT-4的AI系统。全球立法者竞相制定新的监管框架,本文分析了欧盟AI法案的最新法律提案,该法案通过风险导向的方法进行事前监管,旨在预防基于产品安全原则的有害结果。我们对AI法案在数据质量和人类监督方面的义务进行了评估与批判,提出以责任为核心的监管机制,强调企业在法律违约时需明确其输入和系统重训练的责任。此外,我们建议区分潜在伤害的内源和外源,通过合理分配责任来减轻风险。

🔬 方法详解

问题定义:本文旨在解决当前AI监管中存在的法律责任模糊和数据质量不足的问题。现有方法未能有效应对AI技术的快速发展和潜在风险,导致监管缺失。

核心思路:提出以责任为核心的监管机制,强调企业在法律违约时需明确其输入和重训练的责任。这种设计旨在增强企业的合规意识和责任感,从而提升AI系统的安全性。

技术框架:整体架构包括法律责任的明确化、数据质量的提升和人类监督的强化。主要模块包括责任分配机制、数据管理标准和监督流程。

关键创新:最重要的技术创新点在于将责任作为核心监管机制,强调内源与外源伤害的区分。这与传统的事后监管方法形成鲜明对比,具有前瞻性。

关键设计:在责任分配中,建议明确开发者与使用者的责任,设定具体的输入标准和重训练流程,以确保AI系统的合规性和安全性。

🖼️ 关键图片

fig_0
img_1

📊 实验亮点

本文通过对欧盟AI法案的深入分析,提出了以责任为核心的监管机制,强调了数据质量和人类监督的重要性。这一创新方法有望在未来的AI监管中显著提升合规性和安全性。

🎯 应用场景

该研究的潜在应用领域包括AI技术的开发、监管政策的制定以及企业合规管理。通过明确责任和优化数据质量,能够有效降低AI系统的风险,提升公众对AI技术的信任,促进其健康发展。

📄 摘要(原文)

The development and regulation of multi-purpose, large "foundation models" of AI seems to have reached a critical stage, with major investments and new applications announced every other day. Some experts are calling for a moratorium on the training of AI systems more powerful than GPT-4. Legislators globally compete to set the blueprint for a new regulatory regime. This paper analyses the most advanced legal proposal, the European Union's AI Act currently in the stage of final "trilogue" negotiations between the EU institutions. This legislation will likely have extra-territorial implications, sometimes called "the Brussels effect". It also constitutes a radical departure from conventional information and communications technology policy by regulating AI ex-ante through a risk-based approach that seeks to prevent certain harmful outcomes based on product safety principles. We offer a review and critique, specifically discussing the AI Act's problematic obligations regarding data quality and human oversight. Our proposal is to take liability seriously as the key regulatory mechanism. This signals to industry that if a breach of law occurs, firms are required to know in particular what their inputs were and how to retrain the system to remedy the breach. Moreover, we suggest differentiating between endogenous and exogenous sources of potential harm, which can be mitigated by carefully allocating liability between developers and deployers of AI technology.