This page is still being polished. If you have thoughts, please share them via the feedback form.
Data on this page is preliminary and may change. Please do not share or cite these figures publicly.
Output attribution, content watermarking, and AI detection mechanisms.
Also in Non-Model
There are a number of different approaches to watermarking: - Visual or explicit: for example, by putting a banner at the bottom of an image stating it is AI-generated. This can be removed intentionally or accidentally by cropping or inpainting the content. - Metadata: attaching extra information to a file that declares it was created by AI - common formats and locations include [EXIF](https://en.wikipedia.org/wiki/Exif), [IPTC IIM](https://en.wikipedia.org/wiki/IPTC_Information_Interchange_Model), [XMP](https://en.wikipedia.org/wiki/Extensible_Metadata_Platform) and [JUMBF](https://www.iso.org/standard/84635.html). People already often use this to convey copyright information like the author and licensing details. Metadata can be trivially (and sometimes accidentally) removed. - Steganography: tweaking outputs to embed hidden information directly into the content itself. For example, by changing the colours of an image in an imperceptible way to humans, but in a way that is detectable to computers. There are a range of methods within this, which range from trivial to break to somewhat resistant to adversaries.
Reasoning
Embeds attribution markers (visual, metadata, steganography) into AI outputs to enable detection and provenance tracking.
Compute goverance
Regulate companies in the highly concentrated AI chip supply chain, given AI chips are key inputs to developing frontier AI models.
3.1.1 Legislation & PolicyData input controls
Filter data used to train AI models, e.g. don’t train your model with instructions to launch cyberattacks.
1.1.1 Training DataLicensing
Require organisations or specific training runs to be licensed by a regulatory body, similar to licensing regimes in other high-risk industries.
3.1.4 Compliance RequirementsOn-chip governance mechanisms
Make alterations to AI hardware (primarily AI chips), that enable verifying or controlling the usage of this hardware.
1.2.4 Security InfrastructureSafety cases
Develop structured arguments demonstrating that an AI system is unlikely to cause catastrophic harm, to inform decisions about training and deployment.
2.2.4 Assurance DocumentationEvaluations (aka “evals”)
Give AI systems standardised tests to assess their capabilities, which can inform the risks they might pose.
2.2.2 Testing & EvaluationThe AI regulator’s toolbox: A list of concrete AI governance practices
Jones, Adam (2024)
This article explains concrete AI governance practices people are exploring as of August 2024. Prior summaries have mapped out high-level areas of work, but rarely dive into concrete practice details. This summary explores specific practices addressing risks from advanced AI systems. Practices are grouped into categories based on where in the AI lifecycle they best fit. The primary goal of this article is to help newcomers contribute to the field of AI governance by providing a comprehensive overview of available practices.
Build and Use Model
Training, fine-tuning, and integrating the AI model
Developer
Entity that creates, trains, or modifies the AI system
Manage
Prioritising, responding to, and mitigating AI risks
