What Kind of Risks Are Specific to LLMs?
3Check out my essays: https://aisc.substack.com/
OR book me to talk: https://calendly.com/amirfzpr
OR subscribe to our event calendar: https://lu.ma/aisc-llm-school
AF: Topic that was close to the end of your presentation that focused on risks related to LLMs, like privacy risk, breach risk. What I really liked was that framework that you put up that there are different risk factors and different ways that can impact the organization, individuals. That's a very structured way to look at it and I think that that makes a lot of sense.
One of the things that, I think, is interesting and requires a bit of discussion is that a lot of the things you're touching on are not really new problems. We've been dealing with these as early as data became a thing and Internet became a thing, right? Data privacy type of problems have been around for probably two decades. Europe has a regulation for it for a good decade or so.
Which problems that are on the forefront of our attention right now, or the attention of the society, are new and which ones are things that we've been dealing with for a long time and probably have good tools to handle them?
AM: That's a fantastic question. I want to talk about the fact that the impacts depend on the business, the company, and the type of task that we have. For example, in the case of drug discovery, we might deal with one kind of data privacy and compliance challenges compared to medicine that we directly deal with patients.
The Acts that the European Union came up with, many of them are dealing with the risk associated with individuals. At the end of the day, they want to protect people. When we get into some indirect data breaches like we bring some of the information and go through different kind of processes, there's a chance that part of that gets leaked. That is company related. We've had databases for a long time. There have been many solutions around them for direct breach in the data level.
Going back to LLM, imagine we have this notion of breaching proprietary information from the LLMs we are using. That's one of the challenges that there could be malicious attacks for identifying those underlying information, which, OpenAI might not deal with because they're using public knowledge.
There could be people [who] try to benefit from solutions that already existed and then come up with something new that is specific to LLM for those malicious attacks to get the information and if they have any sort of business implication, ethical implications or legal implications.