Hi everyone, we are excited to present our paper on regulating chatGPT and other large generative AI models at ACM Fact 2023. Over the past few weeks and months, there have been tremendous breakthroughs in the technical domain of generative AI systems. However, there have also been significant developments in the political process, particularly concerning the European AI act.
In this short presentation, we will discuss some of the main regulatory challenges related to generative AI. We will start by addressing model regulation and the European AI act. Then, we will move on to content regulation and the Digital Services act, which we believe is an equally important topic. Finally, we will touch on data protection and the GDPR, before proposing some policy recommendations.
Let’s begin with the European AI act. This act introduces a new provision called the Foundation Model, which refers to AI models trained on broad data at scale, designed for generality of output, and adaptable to a wide range of tasks. We believe that this term accurately captures the essence of large generative AI models like GPT-4 and Luminous.
However, the European Parliament’s version of the AI act includes a comprehensive risk management system for foundation models. While this is commendable, it becomes challenging to implement when considering the numerous potential use cases of a single model like GPT-4. The compliance costs could be prohibitive for small and medium-sized enterprises, hindering their ability to bring their own models to the market.
Moreover, we believe that the real issue with large generative AI systems lies in their potential to disrupt democratic discourses, automate hate speech campaigns, and spread fake news. While the European AI act addresses some of these concerns, we argue that the focus should be on the Digital Services act, which specifically targets the moderation of harmful speech online.
The Digital Services act aims to balance freedom of expression and information while mitigating harmful speech online. It introduces notice and action mechanisms, registration of trusted flaggers, and compliance and risk management systems for large online platforms. However, these rules do not currently apply to large generative AI models like GPT-4, which can generate their own content.
Another important aspect to consider is data protection. Large generative AI models like GPT-4 process personal data for training and may scrape data from the internet. This raises issues regarding informed consent, legal basis for processing, and data governance. The Italian data protection authority recently banned chatGPT from Italy, highlighting the need for clearer regulations in this area.
In conclusion, we believe that there should be minimum standards for all large generative AI models, including transparency rules, data governance duties, and cybersecurity provisions. Use case-specific rules should be implemented for high-risk scenarios, and there should be regulations for the entire AI value chain. By addressing these issues, we can ensure responsible and ethical development and use of generative AI.
Thank you for your attention, and we look forward to further discussions and developments in the regulatory field of generative AI.