As artificial intelligence gains ubiquity, its use brings significant governance challenges. Across the world, many countries have responded to the new technology in their own ways. We see the horizontal approach of the EU AI Act, characterized by its comprehensiveness in attempting to cover AI’s applications across different sectors. Drastically different is China’s vertical and iterative approach, targeting specific AI applications in areas that attract the most governmental attention. In the United States, “technology federalism” has created a unique phenomenon where subnational AI regulations flourish in the states, and Congress remains slow to act.
Despite the differences, the regulations share one sentiment: all of us are treading uncharted waters. Luckily, as the old saying goes, nihil sub sole novum (nothing new under the sun). While AI governance feels like uncharted territory, we can look to cybersecurity for guidance. Many of the challenges AI regulators face, such as authentication, risk mitigation, and iterative oversight, have been tackled in cybersecurity before. In this article, we will articulate two lessons that AI regulators can learn from cybersecurity: authentication and the regulation of deepfakes, as well as the innovative approach of AI sandboxing.
Problem of Authentication: Digital Watermarks and Deepfakes
Authentication lies at the heart of cybersecurity. It is the process that companies use to confirm that only the right people, services, and apps with the right permissions can get organizational resources. Distinguishing between real content and AI-generated deepfakes presents an authentication challenge that mirrors those seen in cybersecurity. One primary deepfake detection method is provenance-based detection, which relies on embedded data about the origin and history of the content, such as watermarks or metadata. Therefore, authenticating the unique “marks” of AI-generated content is a key method for distinguishing real from fake.
To uphold their social responsibility in combating public misinformation and ensuring AI transparency, many AI companies have committed to facilitating effective provenance-based detection by labeling their AI-generated content with watermarking. Existing AI regulations, such as the EU AI Act, also rely heavily on the provenance-based method. It mandates providers of AI systems to watermark their output so that it may be detectable as artificially generated or manipulated. In the United States, bipartisan legislation was being introduced to require the labeling of AI-generated videos and audio.
Nevertheless, cybersecurity experts Bob Gleichauf and Dan Geer caution against over-optimism regarding provenance-based AI detection. They argue that digital watermarks, much like weak authentication measures in cybersecurity, are susceptible to removal, alteration, and forgery, making them an incomplete solution for deepfake detection.
Cybersecurity has strengthened authentication by shifting from single-factor authentication to multi-step verification methods, such as adaptive multi-factor authentication, biometric authentication, and token-based authentication. By incorporating multiple verification factors, these systems reduce vulnerability: an attacker might steal a password, but they cannot easily replicate behavioral patterns or biometric data.
Deepfake detection should similarly consider incorporating stronger authentication methods. There have already been worries over how policies moving forward with ineffective watermarks may confuse consumers and detract from other efforts to address misinformation, echoing the analysis of Gleichauf and Geer. One potential approach to supplement provenance-based detection is inference-based detection, which assesses behavioral or contextual clues to determine authenticity. This is much like anomaly detection and behavioral biometrics in cybersecurity, where the system can identify irregularities in a virus’s behavior by analyzing usage patterns. Similarly, in deepfake detection, inference-based methods could help detect AI-generated content by analyzing linguistic patterns or deviations from typical human behavior.
Beyond the technicalities, what does this mean for policymakers? A more comprehensive approach will pay attention not only to regulating content generation through watermarking but also to controlling its dissemination. Online platforms where users can distribute AI-generated content are another crucial player in deepfake regulation. Instead of just relying on developers to self-label their content, regulators should consider imposing duties of care on online platforms, because they are in a better position to implement more complex deepfake detection schemes. Just as cybersecurity regulations require companies to implement resilient security measures, AI regulations could mandate platforms to strengthen authentication mechanisms, protecting users from the harms of deepfakes.
Cybersecurity Toolbox: AI Sandboxing
Sandbox is a term not unfamiliar to all cybersecurity professionals. It is an isolated virtual machine in which potentially unsafe software code can execute without affecting network resources or local applications. It is like a playground where applications can be tested, allowing security professionals to observe their behavior without real-world consequences. Sandboxing is particularly useful when dealing with unknown risks. Through rigorous testing in a controlled and contained setting, sandboxes minimize the potential harm to the software before wider deployment.
Adopting the ethos of sandboxing, Singapore has taken a very novel approach to AI regulation. Last year, the Info-communications Media Development Authority and Enterprise Singapore launched the Generative AI Sandbox for small and medium-sized enterprises. Companies can experiment with AI solutions in this controlled environment.
Singapore’s Sandbox is widely regarded as striking a good balance between encouraging innovation and risk management. By “playing around” in the sandbox, companies better their understanding of security controls and business policies, helping them integrate AI responsibly into their operations. At the same time, because the sandbox is an isolated environment, concerns around privacy and security are significantly reduced. This controlled experiment offers important insights for both businesses and regulators, who can study AI risks in a low-stakes setting before implementing broader policies.
Regulators worldwide can learn from this approach. In the United States, various organizations have also developed AI sandboxes. An interesting example is the National Center for State Court’s new AI Sandbox, which provides the judges and court staff a way to experiment with the applications of AI in State Courts.
Regulatory insights from these sandboxes can help shape AI governance across industries. Just as cybersecurity frameworks emphasize controlled testing to prevent vulnerabilities from reaching live systems, AI sandboxes offer a crucial regulatory tool to fine-tune governance strategies before full-scale implementation. In an industry-driven regulatory environment like the United States, these sandboxes may be a good way to learn the most effective way to regulate AI.