CDT Submits Comment on AISI’s Updated Draft Guidance for Managing Foundation Model Misuse Risk

In January, the U.S. AI Safety Institute (AISI) released an updated draft of its guidance on managing the risks associated with foundation model misuse. The guidance describes best practices that developers can follow to identify, measure, and mitigate risks when creating and deploying advanced foundation models. CDT submitted comments suggesting certain improvements on the original draft guidance.

Our comments on the updated draft note that this updated draft is a marked improvement over AISI’s initial draft. We were heartened to see several of the themes we emphasized in our comments on that initial draft incorporated into this update. Two particular improvements stand out:

1. While the focus of the guidance remains on developers, this draft includes clear, actionable recommendations for other actors in the AI value chain as well. This update is in line with the conclusion — found both in our earlier comments and in prior research — that actors across the AI value chain must all act responsibly in order to effectively address AI risks.
2. This update gives developers more robust guidance on how to weigh the potential benefits of a model against its risks when deciding whether to deploy or continue developing it. This guidance is particularly relevant to developers of open foundation models.

Understandably, this guidance does not aim to address every important risk associated with foundation model development, and AISI explicitly notes its limited scope. At the same time, our comments emphasize that the exclusion of certain risks from this guidance should not deter developers from addressing them. Foundation models may be improperly biased or facilitate unlawful discrimination, and developers should continue to mitigate those risks.

We continue to recommend that AISI explicitly encourage developers to seek input from independent domain experts at relevant points throughout the risk management process. This guidance already gives domain experts an important role. However, research from CDT’s AI Governance Lab has shown that involving independent experts allows for crucial scrutiny of a developer’s risk management processes and the resulting determinations of risk. We also push AISI to clarify that domain experts may come from a variety of disciplines, including the social sciences. Social scientists can provide important input on how to identify and measure risks, which developers should be encouraged to solicit and incorporate.

Additionally, while applauding this guidance’s emphasis on thorough documentation, we recommend that AISI clarify the purpose of each documentation artifact that it recommends that developers create. In a similar vein, AISI should also urge developers to develop these artifacts in consultation with the stakeholders that are their intended audience. Prior research from CDT has shown that these steps can help ensure that documentation serves its intended purpose.

Finally, we urge AISI to clarify that post-deployment monitoring must not violate users’ privacy. While post-deployment monitoring is important for preventing dangerous misuse, developers should avoid invasive monitoring methods, and instead rely on privacy-preserving techniques for detecting misuse while respecting privacy.

Read the comments here.