On Shaping the Global Terrain of AI Competition with Tim Hwang
Last Week in AI
Deep Dive
Shownotes Transcript
Hello and welcome to Skynet Today's Let's Talk AI podcast, where you can hear from AI researchers about what's actually going on with AI and what is just clickbait headlines. I am Andrey Krenkov, a third-year PhD student at the Stanford Vision and Learning Lab and the host of this episode. On this special interview episode, you'll get to hear from Tim Huang, a research fellow at Georgetown's Center for Security and Emerging Technology, or CSET.
He is the former director of the Harvard-MIT Ethics and Governance of AI Initiative, former global public policy lead on AI at Google, and holds a JD from Berkeley Law School and a BA from Harvard College.
He was dubbed the busiest man on the internet by Forbes magazine, and his current research focuses on the geopolitical aspects of computational power and machine learning hardware, and the future of media manipulation and online information warfare.
Thank you so much, Tim, for making the time to be on this episode. Yeah, Andre, thanks for having me on the show. Great. So let's go ahead and just dive straight in into your latest work, which is Shaping the Terrain of AI Competition, which just came out, I believe, like a month ago or so. Yeah, just, yeah, fairly recently. Exactly. So the stated topic of that is that
The concern that China is well positioned to overtake current US leadership on AI in the coming years has prompted a simply stated but challenging question. How should democracies effectively compete against authoritarian regimes in the AI space?
So can you go ahead and expand and maybe explain this problem statement first to the listeners? Sure, definitely. So, you know, this paper is very much directed at people who are thinking about national strategy in artificial intelligence.
And I think worried about sort of the national security implications of the technology. If you've been sort of in the technical research space, you may be less familiar with this discussion. But among sort of policy wonks in D.C., there's been an emerging discussion, I would say, over the last few years, thinking a little bit about sort of U.S.-Chinese competition issues.
in artificial intelligence. And I would say one of the memes that has kind of emerged in that discussion is the notion that, you know, certain governments may be more easily able to access data than other governments, right? And that may be because there's more or less privacy protections, for instance, or more or less ability for citizens to protest certain uses of AI and machine learning, right?
And there's been worries that sort of the democratic system of the United States, but also liberal democracies in general, may have more challenges to implementing the technology. And, you know, I think one of the interesting things that has kind of emerged is that you have a group of people now saying,
Well, what we need to do is we need to lower privacy protections, right? Because if we lower privacy protections, then people have more access to data. More data means more powerful AI systems. And this is the way we're going to kind of keep up and ensure that America keeps its competitive edge in AI.
And the kind of idea of this paper goes in an opposite direction. It basically says, is there a way for liberal democracies to compete without sacrificing their values? And it basically says, yes, that there's areas within AI that could be advanced, that could really enable us to kind of have our cake and eat it too, right, to both create powerful AI systems and
that do what we need them to do without necessarily having to sacrifice some pretty strongly held values around democracy and participation and human rights. I see. So kind of how should democracies approach furthering the development of AI without kind of sacrificing the fundamental values in comparison to authoritarian groups, it sounds like.
Yeah, I think that's right. And I think, you know, you see this less when you go to a NeurIPS or an ICML or something like that, but at least within the world of sort of AI policy, I would say that there's been kind of this vision of AI that has sort of emerged. And people always talk about it as if AI were like this thing that were set in stone, right? Like, oh, how do we win on AI? How do we get the best AI? Right?
Right. But if you've done any research, you know that that's that's actually an under specified question. It's not a well-specified question. And and really this this paper is trying to make the argument that, look, AI is malleable. There's technical problems we can choose to prioritize and solve. And that will really change the strategic dynamics of AI. And so there's there's the way to win on AI is to kind of shape AI itself is sort of the message of the paper.
Right, right. So to get into a bit of the approach you suggest in the paper, you call it terrain strategy. So could you explain what you mean by this term terrain strategy and what that involves? Sure. So the notion of a terrain strategy, which is kind of just like the jargon that I adopt in the paper, really picks up on the idea that AI is malleable, right? And the way to think about this is,
Look, at any given time, the research community in AI and the engineering community in AI could be working on any end number of problems, right? And they prioritize those problems, right?
And depending on what the research community chooses to emphasize, prioritize, AI will make more progress in that subdomain. So for instance, the fact that we have a lot more people working on ML fairness than we used to does mean that discussion has really been evolving and we've got more techniques in the space and more activity. And so the field is sort of growing in that particular domain.
And my argument in the paper is that that forms kind of a terrain of competition. Right. So, you know, for example, if you don't have tools to kind of interrogate or interpret machine learning systems, that may make it more or less difficult for certain actors to be willing to use the technology or take advantage of the technology.
And the terrain strategy basically says, let's go ahead and shape AI to kind of do what we need it to do. Right. And and to kind of make it work within the constraints that we have. And so, you know, the response to saying, oh, well, we just need to spend more money on AI. Right. Is to say, OK, well, maybe we should target it in certain ways that give us sort of structural advantages over time. And that's really the core of the terrain strategy idea. Right.
I see. Yeah. And certainly as a PhD student trying to do research on AI, I can attest that much, if not most of the time, at least in the beginning of new projects is spent on just figuring out what research we even want to do and what is the problem to focus on. So that certainly rings true.
that it's very malleable and the focus can shift over time and has shifted. That's right. Yeah. And it's something that I think about a lot, right? Is like what causes a researcher to choose to research what they end up producing papers on, right? And like what sets
That's the research agenda. I think that's so important because those decisions really shape where the ML field will move over time. Right. And so, you know, if if reinforcement learning is a really hot thing, then reinforcement learning will advance. Right. Just because we have more people putting their brains to those problems. And so the ability to kind of shape that agenda, I think, is actually a really important one.
I see. So to get into a bit more specifics, you have a few particular recommendations on what this terrain should be, what specific directions might be useful. So we'll maybe go through each of them one by one. And the first one here is reducing dependence on data.
So, yeah, could you expand on how that could be useful and also how you can imagine government could induce researchers to go more in this direction?
Sure, yeah, absolutely. So as I mentioned earlier, my paper says, okay, so how do we go about shaping this terrain? Well, I basically say, look, there's a couple of subdomains within AI that we could invest in, right, to kind of encourage or prioritize work in this space. And if we're able to crack some big technical problems in these subdomains, it might change the overall strategic dynamic between, say, governments as they compete on AI.
And so the first thing that I kind of put out there is the idea that, look, some people will say authoritarians have advantages in AI because they don't need to worry about privacy, right? And they don't need to worry about getting people's consent before collecting their data. And so one argument you could make is,
sort of authoritarian organizations, authoritarian governments have advantages in deploying AI systems because they have much cheaper access to data. They can get a lot more data about things than a liberal democracy does.
And, you know, the dynamic that I talked about earlier plays out here where people say, OK, well, what we need to do in that case is reduce the amount of privacy protection so that democracies can allow their companies to access data as easily. And we'll be able to keep up that way.
And so the Terrain Strategy takes a look at that and says, that's wrong, right? It's wrong to believe that you should sacrifice your privacy in order to get good AI systems. Instead, we should be trying to say, what are the technical problems that if we solved would make a really big difference in being able to train AI systems effectively without such a large access, such a large, I would say, freedom to data.
And that's the first thing I propose. So I say, hey, you know, there's things like one-shot learning, right? Or meta learning or simulation learning, right? These are all things, let's take simulation learning, for example, right? Where you can basically train a machine learning system effectively with no need for access to real world data, right?
Right. Another method I'd put in there is things like self-play. Right. We can train strong representations, high performance systems without ever necessarily needing access to data. And so I believe that there's kind of a cluster of techniques that if we invested in would reduce our dependence on large scale, real world data sets.
And that's really the kind of core of this sort of first pillar that I put out there. I see. Yeah, exactly. Actually, I am someone who uses a lot of simulation in my research. And a lot of researchers, I think, who aren't working at a large corporation like Google or DeepMind, you know, actually need to focus on this data because they don't have the resources to have a million robots or a million GPUs.
So I could certainly see this direction becoming even more popular with some incentives. And can you maybe explain what sorts of incentives or what sort of strategies could be taken to make this more appealing to researchers? Yeah.
Yeah, so definitely. And I'd actually love to hear your thoughts on this too, as someone who's like doing a lot of simulation learning. You know, I think there's kind of two major levers that could be used. One of them is just cash. I think that makes a huge difference, right? If there's grant money available to work on a problem, there's a strong kind of gravitational well that kind of pulls researchers towards working on that problem, right?
And so I do think that one thing that the government can do is prioritize that in things like NSF funding, right? Or give out grants, right? Specifically focusing on these types of problems.
I would say the second one, though, as you know, right, is and I point this out in the paper, is that simulation learning in some ways it trades a need for data for a need for computing power. Right. And and I do think that there's something that the government can do in terms of trying to make high performance compute cheaper and more accessible to more and more people.
And that can be anything from, hey, we're going to subsidize your cloud access to GPUs. But it could also involve kind of interventions at the semiconductor level to say, hey, there's parts of the supply chain that we want to use our resources to try to make it cheaper and more accessible for people to get access to, you know, the latest GPUs and the latest ASICs for doing this kind of work.
But I don't know, I would be curious actually, as someone who does simulation work, I don't know if those incentives would encourage you or your peers to actually do more work in the space. Yeah, actually, I can certainly say that I've applied to multiple grants at this point. And in some cases, they have had sort of broad themes that they were interested in. So the particular research that I did
kind of proposed in those grant submissions was tailored to them. And to your second point of sort of compute, in fact, some of those grants were not just for money, but also for compute resources. So researchers definitely kind of can benefit from compute. And if there is kind of a competition where, you know,
given out for a specific theme, I'm sure they would be interested. And I've also heard at Stanford some conversations going on around having a national AI cloud or something like that to make it more accessible to smaller labs or smaller groups that maybe don't have large clusters of their own.
Yeah, definitely. And yeah, I think all those ideas would be like really exciting because I do think that they would help to encourage work in this space, which again, I think like helps to reduce the need to collect real world data. Now, I mean, I think one nuance, and I'd love to talk about this some more is, you know, obviously simulation learning is not going to be able to really,
replace data in all cases, right? Because there are things that are very difficult to simulate data for such that an agent can get a good representation. And I think that's sort of an interesting outcome of this strategy that I'm proposing is that, you know, while say the US might be able to achieve parity in certain types of AI deployments,
You know, for example, we might not be able to achieve similar levels of performance on, you know, modeling human behavior. Right. For instance. Right. Because that's very difficult to create a good simulation around. Yeah, it's definitely true. And it actually reminds me the U.S. has had a history of some other initiatives stretching further back.
for example, the DARPA contests where actually researchers were incentivized to do research for real hardware. So there was the DARPA self-driving challenge where a bunch of researchers tried to develop self-driving cars and that in some ways actually spurred
the decade of self-driving technology and industry. So the challenges were in 2005, 2008, and soon after all this happened. And since then, there's been other challenges with humanoid robots and things like that. So perhaps that could be also...
will be more data and computation approaches. Yeah, I think that'd be really exciting. And, you know, simulation learning is an interesting one just because I feel like we've got some very high profile, good demonstrations of it.
I think that researchers might take issue with my article more where I argue for things like, we really need to maximize our work on say one shot or few shot learning. To basically say, let's maybe reduce data just by virtue of our models being able to learn a good representation with a much fewer number of examples. And there I'm curious too, because I think in some cases,
It's sort of a speculative bet, right? Like we say, if we only really prioritized and funded this kind of research, maybe we'd be able to really reduce the amount of data you need to create strong and effective models with much less data. And so what I think about this is really it's a series of bets, right? I do think that we should be betting on simulation learning. We should be betting on things like one shot, few shot learning. Because all of these things, if any of them work out, help to kind of create better parity between
against actors, for instance, that have much freer access to data. Yeah.
Yeah, that's certainly true. And I think it also does combine with another kind of thought we've had in academia, which is how can academia compete with industry? How can we continue making research that is impactful? And part of the answer is to not just, you know, from more and more data and compute the problem, but be a bit smarter. So I think there's definitely potential for that direction to keep growing. But
But to move to the second kind of topic you have is fostering techniques that support democratic legitimacy. So could you explain what that could involve?
Sure. So the idea here is basically that more authoritarian organizations or societies might be able to have an advantage because they are more able to essentially force or coerce the deployment of AI systems. Right.
And so if you believe, for example, things like autonomous cars, right, will be really good for society and really good for the economy, right? A centralized government that has kind of strong authoritarian control doesn't necessarily have to go and get everybody to vote in favor of doing it, right? And they don't have to wrestle with any states that might kind of like resist this, right? In the very least, they have much less kind of, they meet a lot less resistance in rolling out these types of systems.
And so one argument you could make is basically that authoritarian regimes have a structural advantage because what they can do is they can be sort of first to market, right? They can be the first ones to, you know, get their autonomous cars on the road and they can be the first to work out the kinks with that technology and they can reap a lot of the benefits.
Meanwhile, right, you know, a liberal democracy has to consult with its citizens, ensure that the citizens sort of trust the technology and then assent to its use, consent to its use.
And, you know, again, I think you see the same argument playing out as in the data case, right? Where in the data case, people say, okay, well, in that case, one solution is that we just reduce privacy protections. And similarly here, you know, some people, you do hear this argument from some time to time, basically people saying, well, maybe we should just change the rules so you don't have to get people to agree, right? Like, you know, companies should just be able to roll out the technology without necessarily having to get everybody on board.
And kind of what I argue is, well, that's maybe the wrong way of looking at it, right? Maybe we need to find ways of making it more possible for people to trust the technology, right? And I think that's kind of a two-pronged research program, right? One of them is to really understand these kind of like sociological factors. Like why do people trust a new technology? Why are people willing to try out a new technology, especially if it has life and death consequences? But
But I do think that there's also a very strong kind of technical research agenda here too. So one of the things I think about is, think about interoperability in AI systems. If I'm about to launch a new AI system and I want you, the citizen, to trust it, to vote for it, all that kind of thing, there's actually only so much I can tell you about how the system actually works or how it renders a decision.
And that actually limits my ability to show you things that might make you trust the system more. And so, you know, that actually limits us, right? Because either we're forced to not use the technology at all, or we're forced to just kind of like run, you know, steamroll public opposition in deploying the technology. And I think both are bad outcomes.
And so, you know, my advice here is to basically say, let's invest in things like interoperability research. Let's invest in things like fairness research, because these are things that allow us to kind of have different sort of design levers that we can use to kind of ensure that, you know, the technology meets standards for democratic accountability. Right.
And in doing so, the idea is to allow kind of democracies to speed up their adoption of new technologies in ways that allow them to keep parity with authoritarian organizations. And so that's kind of the argument of this sort of second pillar.
I see. So in a sense, instead of sort of forcing people to work with AI or just saying they have to, making it easier for people to decide to do that by making it understandable and sort of easy to cooperate with AI, right? Yeah, that's correct. Right. And so, yeah, I mean, again, I think I want to be clear, it's not just a purely technical agenda, but I do think that like there are problems that we could crack together.
in machine learning that would really, you know, for example, give people the ability to create more transparency, right, or hold these systems more accountable. And so, yeah, so I think that's an important piece. Certainly. And at Stanford, we have actually a human-centered AI institute that was started last year
basically to further this sort of direction in AI to focus more on the human aspect. How can we work with humans and understand humans and know their needs and not just, you know, make new techniques based on data sets? So it's definitely something that's emerging and probably will be a huge theme in the next decade.
Yeah, and I do, you know, I hear this argument from some people, which is like, oh, you know, that interpretability stuff, that fairness stuff, it's just like PR, right? Like, it doesn't really matter all that much, or the companies are only investing in it, because they want to look good to the press. And
You know, in some ways, the argument of my paper is to try to elevate that work, to basically say, look, it's important for social justice reasons, right? Like we should want fairness in these systems. But also, you know, we should think about investing in these in part because it's a matter of national competitiveness, right? It allows democracies to adopt the technology faster and get the benefits of it faster. And so there's actually a strong reason to invest in these things, you know, not just for sort of PR reasons. Yeah.
I see. Okay. And then let's touch on the last kind of branch here, which is the idea of challenging the social control uses of machine learning. So what does that mean in this context? Sure. So this is maybe the more subversive of the three recommendations that I have in my paper. And it's a little bit more trolly. So if you like that sort of thing, this is the argument for you.
The argument here is basically that authoritarian regimes, one of the reasons that they invest a lot or they might really like machine learning is because it gives them more tools to do social control. So, for example, a face recognition system can be a really powerful way of monitoring people in a society. You can imagine creating strong predictive systems that try to figure out who's going to be a dissident and who's not going to be a dissident.
Right. And so one of the big values, one of the big benefits that authoritarians gain and one of the reasons they might invest a lot in this technology is because it gives them a lot more options to sort of control their citizens. And so, you know, one of the sort of arguments that I'm making in the paper is maybe liberal democracy should should go fight that. Right. Actually make it a lot riskier to use these technologies for these purposes. Right.
And by doing so, lower the value of this technology to authoritarian governments. And so what I envision is basically that we should do a lot more investments in things like adversarial examples, but we should also do a lot of work in basically converting those adversarial example technologies into technologies that can be used by, say, activists on the ground.
And in doing so, kind of subvert a lot of the what we would think of as kind of like the sort of, you know, not very socially beneficial or certainly, you know, repressive kinds of use of the technology. Exactly. And we have already seen examples of this where artists and different organizations have, for instance, developed masks that, you
uh, go against facial recognition technologies or other computer vision technologies. So people are already working on these kinds of things. And the idea here, it sounds like is to basically further that direction and make it more favored within, uh,
AI research? Yeah, like we should be, we should be scaling it up. I think that's the first thing. And then I think the second thing is, is, is really kind of thinking about like, how do we get stuff out from the realm of research into the realm of like people who are going to actually use this stuff? And I think that that transmission piece is something that isn't currently supported right now. Like you have artists that are experimenting, but I think it could actually be, you know, really a component of national strategy here.
I see. Okay, so that's the third theme of challenging the social control uses of ML. And that's on top of the previous two we discussed, which is reducing dependence on data and fostering techniques that support democratic legitimacy.
Now, I want to shift gears a little bit. So we've been discussing this first paper of shaping the terrain of AI competition, which is broadly about how democracies can work on directing AI research in ways that are advantageous to democracies. But at the same time, you've had an article a couple of years ago, I think that you've co-written titled
artificial intelligence isn't an arms race. You might get the idea that there's a competition, arms race aspect. So I want to hear your thoughts on how should we think about this whole question of developing AI in a global sense.
Yeah, definitely. So I think the two, I understand where the question is coming from, because I think the two might initially sound like they're in conflict. But I actually think the two are quite complementary to one another. So the point of that article, this sort of argument that AI is not an arms race, is that a few years back, I think some people were starting to make the argument that like,
You know, AI is going to be the next great super weapon and we need to we need to dominate it as the US or else, you know, China is going to win. And so we're now in an AI arms race where both sides need to spend money as if it were nuclear missiles or something like that.
And the point of the article is to make the argument that AI is nothing like an arms race, right? For one, it's really unclear what winning the arms race would look like, right? Presumably, it's not measured by how well you do on ImageNet or something like that, right? And I think that's one big problem. I think the second problem is that AI itself, machine learning, is really multifaceted, right? It's very difficult to say who's ahead or who's behind AI.
on machine learning in like a very broad, broad sense. So I think that also makes the idea very, very mixed up. And then I think the final thing is that, you know, thinking about it as an arms race really tends to push us towards, okay, well, we just need more AI, right? Almost like, you know, competition over nuclear missiles or something. Like we've got more warheads than they do. So we're winning the arms race.
And for all those reasons, I think that the kind of paradigm, thinking about it as an arms race, really is incorrect, right? That actually I don't think it reflects reality.
But I think it's different from the argument that there's no competition in AI. And it's also different from the idea that for particular machine learning models, deployments, areas of use, that certain groups are not going to be better than others at deploying the technology. Right.
And so competition is very real. I think an arms race is definitely not real. And I guess that's how I'd square the two. Right, so we can't really just dump money in and get more AI at different governments, but different governments can sort of direct AI towards what they'd prefer it to be.
And so I guess that's the way to understand it is there's competing directions that you could go in, but not necessarily competing amounts of AI that we can develop or something like that. That's right. Yeah. And I think that when we think about competition or talk about competition, we just need to be a lot more nuanced about what we mean. Right. You know, I think it is a huge waste of money just to believe that, like, the way to win on AI is to spend more money on AI. Right.
I actually don't think that's the right way of doing it. Like, I think our conversation has to turn towards, okay, what within the machine learning ecosystem do we think is really valuable to spend money on? And I think that, you know, arms race doesn't get us quite there, right? Like, we do have to start thinking a little bit more about, you know, about like people like you, like people who are doing research in the university, right? And saying, okay, so what are the things that would really accelerate their work?
I think at the point where we're talking at this grandiose level of AI arms race, I think we can actually come up with very useful interventions. Right. These abstractions of US versus China are just far too coarse. And of course, there's many researchers in China, also in academia, who...
come to the US or collaborate with people in the US. You need to be a little more narrow and say the governments of China or the US or even these types of governments of democracies and authoritarian regimes
and not necessarily just say China versus US or something like that. Yeah, I agree. I mean, I think that's why in some ways the paper starts from sort of the debate around US versus China. But I mean, I think the scope is a lot broader, right? I think it's very much thinking about how different governance systems in different societies lead to different results in who can deploy machine learning effectively. Exactly. So that's important to keep in mind.
And on a different topic, so this paper thinks a lot about these questions of developing AI that is sort of useful and can be used in democracies. And it sort of ties into some news we've had over the past couple of weeks dealing with facial recognition. So there was kind of really...
fast development of IBM and Amazon and Microsoft all announcing that they're not going to sell facial recognition to police in the U.S. and also arguing for legislation to be passed to actually regulate this area. So do you think, yeah, I guess what are your thoughts on the area of facial recognition within the U.S. and how that whole topic has been developing?
Yeah, I think it's been developing in a very positive direction. And it's thanks to actually a bunch of activists that have been doing amazing work. You know, Joy Bollamwini at the MIT Media Lab and others have done really, really amazing work on this stuff, really kind of proving the case that these commercial products are flawed in very important ways. And so I, you know,
I think it's moving in a good direction. But I think that there's kind of two things that I worry about. You know, I think the first one is this question of how strong are the commitments of these companies to their promises, right? Because these are just kind of like public declarations these companies have made. It's not like they've signed a contract or changed their corporate governance or anything really, right? They've largely just put out a press release.
And, you know, I think we should worry when, you know, certain companies basically say, you know, we're going to stop facial recognition, but it's a moratorium for one year. Right. Because at least that what that says to me is that, you know, you're going to spend a year, wait for the kind of public fervor to die down and then just start doing business again in the space. So I'm cautiously optimistic about some of these promises. Yeah.
I think the second thing... Oh, sorry. It sounds like, Andrew, you wanted to jump in. Yeah, just to build on that point, we've discussed a little bit that...
At the same time, these companies will obviously say these things, could also be lobbying to make regulations weak. So it's important to keep being critical and looking at what they're doing. Yeah, I mean, I think, right, like this is now the time to kind of keep the pressure up, right? I would say the only other thing that I'm really concerned about is that, of course, there are, you know, Google, Facebook, Amazon, all the big tech companies that have the big industrial labs.
But we should recognize that the technology is becoming just more and more commoditized over time, right? That like the thing that, you know, even a novice can do with machine learning is just a lot more than it was even a few years ago, just because there's so many open source packages and educational materials and all this other stuff. And I think that has big implications for how we think about this problem.
Because I think we should be happy when these big companies say that they won't work to deploy these technologies. But the fact of the matter is, is that the economy is incredibly nimble in some sense, right? And that we do have a lot of less well-known companies, smaller companies that I think are willing to just jump in, right? And take a lot of that business.
And so, you know, part of the concern here is that as machine learning becomes more and more democratized, it will also simultaneously become harder and harder to control. And so I think we should be careful to say, okay, you know, Microsoft's not doing it, so we've won, right? If anything, we have to start paying attention to this much less
visible economy of startups and smaller companies and traditional defense contractors that may not feel so strongly about having to not work, say, with law enforcement. I see. Yeah, that's a great point. And on a related point, you've also written quite a bit about the topic of deepfakes, which is perhaps...
where that especially is visible, where the democratization of AI allows anyone essentially to create very convincing fake media to make people seem to be saying things that they haven't said. And that can lead to fake news and other things. And this has been a growing topic. We've seen a few cases where it's been used so far, but it hasn't been any sort of like very catastrophic effects. But we are getting into an election year in the U.S.,
which might lead to it becoming even worse. So yeah, what are your thoughts on that front as far as where we are heading and how bad it is currently?
Sure. And, and yeah, let me start by, I think I'll actually push back a little bit first. I mean, I do think that we have had a pretty catastrophic effects, right? I think it just hasn't been in the way that a lot of the popular media has portrayed the problem. Right. So, you know, after 2016, I think everybody's naturally worried about, you know, the next great, uh, uh, Russian interference campaign, right. And an election. Um, but, but, uh,
And I agree with you there. We really haven't seen the technology used all that much. And, you know, my theory for that is a little bit that, you know, if you want to spread disinformation politically, there's just lots of cheaper ways of doing it. Right. And I think if you're a pragmatist, you know, just spreading a couple of Photoshop's may actually do the trick.
But I think the harm has been very real elsewhere, right? That, you know, things like the original deepfake Reddit channel, right, that was using, you know, technology for non-consensual pornography and it's used for kind of harassment purposes have been very real and the harms have been very real. And so, again, a little bit like the arms race debate, I tend to argue that, you know, I think we just have to get a lot more nuanced about, you know, where the harm is taking place.
and what drives actors to go about doing this stuff. And so, yeah, for whatever that's worth, I think that's kind of a take. But ultimately, I think... Yeah, I should say that's definitely very true. And I should clarify a minute that we haven't seen any sort of large news media story develop around some sort of fake news and some sort of celebrity or something. But of course, it's true, as you say, that...
people have been using deepfakes in very harmful ways already and it's good that you point out that we should kind of be aware of these multiple facets of each technology
I wonder, because it's such a technology that is democratized and part of the issue is that, you know, individual people can use it to harm people they know or things like that. You can't necessarily regulate it away. So how do we deal with such AI technologies? Yeah, definitely. So I think there's a couple of dimensions to this problem. You know, I think there's...
So I think the first piece, which comes out of a lot of the kind of current media forensics literature, is that so long as that we know the method that was used, right? Like, so if we have, you know, examples that were produced by generative adversarial network, or, you know, we have, you know, the model itself, right?
One of the really nice things is that we can develop detection systems for it, right? And so one of the strategic dynamics that I think is quite interesting is that, you know, for the kind of GAN methods that we have and have produced lots of examples, we can actually do a pretty good job detecting it, right? The problem is trying to detect sort of new models, right? Things that we haven't seen, the kind of unknown unknowns. And so one of the...
One of the things that suggests to me, at least, is that winning against deep fakes is going to be really a game of speed, right? Which is that are people who are developing and training detection systems able to get their hands on examples of new GAN methods appearing in the wild fast enough to create detection systems?
And so one of the things that I'm a big fan of and I've been recommending to a lot of people is that I think we should create a kind of sort of deepfake zoo, as it were, right? A place where there's lots of examples and specimens that can be used for training deepfake systems, deepfake detection systems. And I think that actually is a really powerful potential method in the space. You know, I think a second one is that we need to democratize detection, right?
Right now, I think what's happening is that the sort of GAN generation systems, right, your face swap apps, that kind of stuff, it's really democratizing a lot faster than sort of deepfake detection. And so I think that there's a need to kind of create sort of open source tools and commercially available tools that let you and me or anyone, you know, kind of do their own media forensics.
Um, and I think that's, that's also a potentially powerful tool. Um, but, but I think the third one that I'd end on, um, is that ultimately I think we need to understand a lot more of the sort of psychology of deep fakes, if that makes sense. Um, you know, what we know from a lot of fake news is that you don't really need anything very fancy, right? Like, um, you know, the sharpness of an image doesn't really inform whether or not someone believes a fake narrative or not.
And so I think what we need to do is actually have a lot more studies trying to understand what is it about a deepfake that actually makes it persuasive to someone? And when is it actually not going to be a problem? I see. Yeah, that's a great set of ideas there. And it's certainly a tricky topic as far as being able to approach it.
And now maybe to tie things up, we can look at another talk you've given and kind of zooming out to AI more broadly. So you've touched on defects and facial recognition as particular applications of AI. And I wonder how this ties into this talk you've given titled State of AI More Than Robots. So in that, I believe you were sort of saying
saying that there is a perception of AI as something
let's say traditional sci-fi sense of robotics, but it's actually much more diverse. So yeah, what was kind of the thesis of that talk? - Sure, so that talk was really kind of focused on, you know, how, you know, and it even happens in how we talk about this stuff, right? It's like the term AI is thrown around and the term machine learning is thrown around and it's not always clear like what is what or, you know, how these things fit together.
The way I think about it, of course, is that machine learning is just the subfield within AI. But when we talk about AI, we do talk about all of the pop culture connotations that we have. And so, particularly in some of the policy circles that I run in, when you hear AI, people think of killer robots and Terminator and all the other kind of fantasy fiction that we have, science fiction that we have around the technology.
And really the sort of talk was arguing that, you know, ultimately we, machine learning is statistics, right? Like that's ultimately, you know, algorithms and pattern matching through data. And, you know, I think that's in some ways disappointing for some people, right? Because they're like, oh, wait, so you're not actually working on, you know, Skynet?
But I think it's also liberating for some people in that AI is actually just, it's a lot more diverse of a tool, right? It's not just this one thing, right? It's not just robots or it's not even just like machines that talk to you, right? That it can be a whole range of different things. And that was really kind of the core of the article was to kind of talk about, or the talk was to talk about the difference between sort of the, you know, pop culture understanding of what it was and, you know, actually how sort of diverse the machine learning field is.
Right. And that's a great point. That's a point we try to get across to more people with this podcast and Skynet today as a whole.
And obviously that ties into all these other topics of deep fakes, facial recognition, furthering democratic AI. You need to understand what AI is fundamentally and think about it in the right frame of mind before you can dive deeper and actually start thinking about concrete actions and concrete problems and so on. Sure, yeah. And I think it's one of the reasons why
You know, I'm excited if more I would be excited if more researchers were interested in the AI policy issues and got involved in the policy space because their voices are really needed. Right. Like a lot of these technical details make a big difference in policy, even though it's not really part of the policy discussion. And so, you know, I do think it's actually as important for, you know, these two worlds to cross over as much as possible.
I see. So maybe to tie things off, we started talking on this recent work of yours, Shaping the Terrain of AI Competition, which just came out pretty recently.
So what do you have going on right now? What do you have coming up? What is on your mind currently of AI? Yeah, it's actually, it's fun that you mentioned this. So right now, the paper that I'm currently working on is actually a sort of a technical assessment, if you will, of deepfakes. So, you know, one of the things that people talk about constantly is, oh, well, it's really easy to create or use GANs to spread disinformation.
And I always laugh because like if anyone has actually played with GANs and like, you know, created a system that mode collapses, right? Like, you know, the GANs are like not the kind of set it and forget it system that they're often portrayed to be. And so what the paper tries to do is say, let's look at the technical literature to try to answer some very basic questions like, you know, how expensive is it to produce a NVIDIA style, you know, synthetic face? Right.
Right. And how long does it take? What kind of equipment do you need? And that information is really useful just because like it really hasn't been part of the kind of national security discussion around these technologies, but is, of course, very important for assessing who you think is going to use the technology, how they're going to use it and where the threats are really going to be. And so the paper is really, again, trying to bridge kind of the technical research with these sort of broader policy concerns.
I see. That's very cool. I think that's sort of part of the black magic. That's knowledge that's hidden to AI researchers that we don't really put out there necessarily because that's not the incentives we have. So it'll be very cool to see that paper. Cool. Yeah. Thank you. Yeah. So that I think we can close on that. Thank you so much for joining us for this interview, Tim.
This has been SkyNet Today's Let's Talk AI podcast. If you enjoy the show, please rate us wherever you listen to this and tune in to our future episodes.