One thing
that I have written about extensively are the data privacy laws that not only
the United States has enacted, but also other nations. While the intention of them is to give consumers
the right to know what is happening with their datasets, but to also make sure that
the companies that are the stewards have deployed more than enough controls to
make sure that the datasets are as protected as possible.
While this is
of course a huge step forward, there is just one huge problem: There is no uniformity amongst them. Take for example our own 50 states. Because of this lack of centralization, each
one of them is producing their own version of a data privacy law.
So, if a
business were to conduct financial transactions with customers in all of the states,
are they bound to each one? This is a
very murky area in which there no clear-cut answers, and unfortunately, will
not be so for a long time to come.
Now, as
Generative AI is coming into the fold of our society, it appears that each state
now is producing their laws in an effort to protect consumers and their
datasets, in the very same manner as they have approached data privacy laws.
One such example
of this is California. A number of years
ago, they passed the CCPA. Now, they have produced their own Generative AI
bill, which was designed to do the following:
*Create a
comprehensive regulatory framework to govern the use of Generative AI, in all foreseeable
aspects.
*Create a set
of standards and best practices to ensure that the datasets the models use are
not prone to security breaches.
This became
known officially as Senate Bill 1047.
But believe it or not, the governor of California, Gavin Newsom,
rejected the passage of this bill. Why
did he do this, you might be asking?
Well, here are his direct words:
““While
well-intentioned, SB-1047 does not take into account whether an AI system is
deployed in high-risk environments, or involves critical decision-making or the
use of sensitive data," Newsom wrote. "Instead, the bill applies
stringent standards to even the most basic functions — so long as a large
system deploys it. I do not believe this is the best approach to protecting the
public from real threats posed by the technology."”
(SOURCE: https://www.darkreading.com/application-security/calif-gov-vetoes-ai-safety-bill)
Here are
other reasons why he rejected this bill:
*The emphasis
of it was purely on large scale Generative AI models. There also needs to be a focus on more
specialized models, which serve different purposes.
*The bill appeared
to be too stringent to the governor. His
reason for this was that it could stifle innovation and ideas. To counter this, he proposed that a much more
flexible approach needs to be taken, and that each model should be taken into
account on a case-by-case basis.
*The bill did
not address the deployment of Generative AI in those environments that are
deemed to be of high risk.
As a result
of this, the following pieces of advice were offered for consideration:
*Create a joint
task force that includes a representative sample who will be involved in this
process. This will include people all the
way from consumers to the private sector, to academia, and all levels of both
the state and federal governments.
*The focus of
Generative AI should on the size and the resources that the models use, but
rather, there needs to be a huge emphasis on the risks that are borne from
using AI to begin with.
*Implement a
process where the any passed legislation on Generative AI can be updated as the
technology evolved and advances. Of course,
as we know from the efforts in doing this for Cybersecurity, this is very tall
order to fill. In other words, the passage
of any updates simply will not keep up with the pace of the rapid advances
being made in Generative AI.
*It is highly
recommended that any new bill that is presented to the governor for signing be
modeled after the bill that the European Union (EU) recently passed. This is known as the “EU Artificial
Intelligence Act”, and is actually highly regarded as a comprehensive approach to
regulating Generative AI. More details
about this can be seen at the link below:
https://artificialintelligenceact.eu/
My
Thoughts On This:
This is bill
that was rejected by the governor of California was officially known as the “Safe
and Secure Innovation for Frontier Artificial Intelligence Models Act.” Many people supported the passage of this
bill (even Elon Musk), but there was also a fair share that rejected it as
well. It has been viewed as a good step
forward, but of course, a lot of work still needs to be done on, as I have
eluded to previously.
The bottom
line is that creating any kind of regulatory bill on Generative AI is going to
be very complicated. For example, it is
not just a few segments of American society that are impacted by Generative
AI. Rather it is the entire population and
almost every business.
Also, there are
too many unknowns and variables that are involved in the actual creation of a
Generative AI model, and the list here will just keep on growing.
On a very
macro level, my thinking is that we simply need to have a Department of
Cybersecurity created, in the very same manner that the Department of Homeland
Security was right after 9/11. But, we
should not wait for a disaster to happen in Generative AI in order for this to
happen. The federal government needs to
act now in order to start this effort.
Under this
newly created department, Generative AI would
also fit into here as well. This will
not only lead to a centralization of the data privacy laws, but it will also
lead to the same result for Generative AI.
Apart from this, we need to start simple first.
Let us draft
a bill that details a framework for all aspects of AI, such as Computer Vision,
Natural Language Processing, Large Language Models, Neural Networks,
Machine Learning, etc.
The bottom
line here is that Generative AI is not a field all in its own world. It includes all of these aspects. What impacts one area will have a cascading
effort on the other as well. Then over
time, updates should be added to this framework, which although will take a very
long time to accomplish, I am a huge proponent of it.
No comments:
Post a Comment