AI algorithms are built on the past two decades of intensive mass-surveillance. And yet, when trying out the latest new models like stable diffusion and GPT-4 many of us nevertheless find them to be awesome. So where do we go from here?
AI is everywhere lately, but has a less famous sibling in the world of digital technology namely cryptography, that can unlock more socially embedded forms of artificial intelligences (yes, in plural) by placing the power to decide in the hands of people. Strong privacy protections holds the keys to truly revolutionising AI from a societal perspective.
It is time to privacy-pill the AI debate. And it goes a little something like this…
1 Enhancing privacy in AI
AI algorithms are essentially statistics on steroids. They calculate statistical probabilities on large data sets, which means they need large volumes of data in order to calculate more accurately what the next word in a sentence might be, the next pixel in an image, the next movement in a moving image and so on.
Where does all this data come from? So far, this huge appetite for data has been mostly fed by decades of digital surveillance. In this sense, AI is a data derivative. In fact, as it is today, AI is a surveillance derivative. From scraping of public LinkedIn and Twitter data, to the far more ethically dubious use of prison mugshots to train facial recognition algorithms, even supposedly private medical records have cropped up in these vast data sets. AI has been built on a digital industry fuelled by involuntary datafication of us all.
The issue of privacy is starting to crop up in the debates on AI. But there is a danger that advanced cryptography and privacy tech will be used to “privacy wash” otherwise harmful AI. Differential privacy, homomorphic encryption, and secure multi-party computation can help protect sensitive data and maintain individual privacy while still allowing for AI training. This means individual people can maintain their privacy while nevertheless allowing us to develop AI models. However, this raises an important question: is it not still surveillance if your data is read by a machine?
The answer is yes. Even if an individual’s privacy is protected, when their data is fed to AI algorithms, this can and will contribute to systems of mass surveillance and control. Protecting an individual’s privacy is not enough because their encrypted data can train an AI that could go on to be used to enhance the surveillance and control of others elsewhere.
But it does not have to be that way. Securing privacy by default across communications is the first step towards tipping the balances of power when it comes to AI. End-to-end encryption, mixnets as well as zero-knowledge proof cryptography all contribute to radically reducing the amount of personal data gathered and sold by unaccountable companies. Strong privacy protections is the first step towards tipping the balances of power in favour of ordinary people, paving the way for meaningful consent and the ability to withdraw it.
2 Paving the way for Consensual AI
Consensual AI is a term coined by artists Holly Herndon and Mat Dryhurst who have been developing tools to make it a reality in practice: with their group Spawning, they set up the project “have I been trained” where artists can search large open datasets for their images and request to opt out. This is in partnership with LAION, a non-profit large-scale image datasets.
In the case of Spawning, the emphasis is on revoking consent after the fact. But going forward, privacy enhancing techniques such as selective disclosure scheme (including zk-nyms), as well as secure federated learning can empower consensual practices in advance, and enable people to securely share data on their own terms. Data can even be processed on distributed devices without leaving their local storage, allowing multiple entities to collaborate on a common goal without sharing sensitive data. Such techniques can pave the way for active, consensual contribution to AIs by ordinary people, communities and groups, rather than being bought and sold in obscure data markets.
Privacy technologies secure the possibility for meaningful consent in data and AI. There are already a few flourishing projects that are actively working to ensure that the development of AI is an open, consensual and democratic process. But the ability to decide about data is not just about consent, it is also about who gets to determine what kind of AI is being trained in the first place…
3 Enabling sovereignty and decentralisation
Data, data sets and AI are not neutral. The creation and recording of data always entails a perspective about what matters in the world, whether and how it should be recorded. A few years ago an important position paper on Indigenous AI was published by The Initiative for Indigenous Futures and the Canadian Institute for Advanced Research (CIFAR). The authors discuss how AI might serve the specific worldviews and epistemologies of indigenous people from Aotearoa, Australia, North America, and the Pacific. Practical uses included reviving near-extinct languages and amplifying worldviews. The implications of this Indigenous AI report are relevant for anyone interested in AI. Importantly, it highlights how AIs are in fact plural, in the sense that its real potential is in the many ways data and algorithms can be used to amplify a kaleidoscope of meaning and intelligences.
OpenAI, in their recent release of GPT-4, compares its capabilities to human capabilities: “while less capable than humans in many real-world scenarios, exhibits human-level performance on various professional and academic benchmarks.” The US bar exam was one of the benchmarks used to assess the performance of GPT-4. Its training has been heavily weighted towards the English language and US culture, humour, legal framework and habits. In other words a specific culture and set of tasks. There is no universal “artificial intelligence” in competition with a universal “human”. The cultural habit of framing the debate as a competitive race between “humans” and “machines”is a deeply disappointing and destructive habit for a set of technologies that have far more interesting potential — if we just get this right. The real question here is not whether AI works like a human or not, but rather who it works for.
The ability to discern what does or does not matter is exactly what makes AI work, and this is a deeply cultural and situated question that should be under the sovereign decisions of the people affected. Cryptographic techniques for enabling effective data governance and verification are therefore essential so that people can actively participate in deciding what should matter or not…
4 Preventing mis/disinformation and deep-fakes
Cryptographic proofs and verification techniques can be used to verify the accuracy and source of information. And this becomes increasingly important for enabling sovereignty of knowledge and information by people in the face of a dominant culture. It is also essential for secure verification of information. Chelsea Manning recently pointed out in an interview that AI tools are unleashing a whole new set of problems from mis/disinformation and deep-fakes. There are cases where GPT-4 has essentially invented fictions based on entirely unverified datasets (that even led to false stories with severe personal consequences). AI models are “dumb” in the sense that they simply draw on data, and are unable to discern or engage with whether something is true and real or not.
Communities like Hugging Face are already emerging around curating, labelling and sharing open datasets and collaborating on models. Public blockchains can contribute to such efforts by providing untamperable ledgers of verified data , as well as consensus mechanisms for adding the data to the ledger. People can thereby take part in shaping their shared records of truth and have a say in how AI is trained — through whichever governance methods serve them best: new forms of DAOs, guilds or modernized libraries? Because let’s face it, these are collective issues and not something that individual people have time for in their day-to-day lives.
5 Protecting the freedom to be different — the cypherpunk perspective
What is at stake in the future of AI is nothing less than the freedom to be different and not subject to a centralised understanding of what matters in the world. In the late 1980s and 1990s the cypherpunk subculture already foresaw a future where the internet would become a vehicle for mass surveillance and centralised control. A less appreciated aspect of this cypherpunk premonition is its positive contribution by advocating for privacy as enabling the possibility to be different.
The idea of “AGM” or “Singularity” draw on totalitarian fantasies of deferring authority to some centralised machinic intelligence. And these fantasies lead quickly to deranged justifications about why some humans deserve to survive a future with AI and others not. (In fact, computer scientist Abeba Birhane has written extensively about how AI/AGM has revived the racist pseudoscience of phrenology, again repackaging it as scientific and universal claims). Without privacy, the statistical tyranny of AI will turn anomalies into targets, leading to oppressive systems of manipulation and control.
As it stands, it is impossible to know whether your data is feeding medical research, click-baiting, racist “predictive policing” or drone strikes. The nature of mass surveillance and AI is that it is collective and relational. Your data is calculated in relation to other people’s data in order to find probabilities and norms in ways that are usually quite hard to trace. For this reason, AI has to be addressed collectively and include privacy as the default for all communications. Only then can people make meaningful decisions about how their data should be used. Privacy enhancing tech protects the freedom to be different and can revolutionise AI by decentralising the power to decide on its development — in the process unlocking a kaleidoscope of intelligences.
- Tune in to Chelsea’s Manning’s keynote on AI and Privacy — Monday the 10th at TalentLand, Mexico
- Join the Nym masterclass on AI and privacy — WebSummit in Rio in May Win tickets!
