As a community, the people most familiar with AI understand that trust will play a central role in consumer-facing applications, and that even beyond that, trust is, in so many ways, the currency of today’s digital environment.
After the fairly stillborn launch of cryptocurrencies in the late aughts, AI has taken the world by storm. The benefits are evident. But so are the risks. The benefits are colossal, too. To the society, to individuals – but so are the risks.
So where people gather to talk about where the world is at right now, trust is often a key piece of the conversation.
So it was at Davos, at the Imagination in Action conference, where Matt Henshon, a partner with Henshon Klein, interviewed Fudan University Professor Charles Cheng, Boston University Associate Provost Azer Bestavros, Robert Mahari, Associate Director of the Codex Center at Stanford, and my colleague at MIT, Ramesh Raskar, about the collective effort by humanity to “meet” AI. (Imagination in Action is an event within the summit at Davos, Switzerland, that I help to run.)
What’s central to our trust in AI?
First Principles of AI Trust
“I think as we go down a path with AI, we’re trying to find solutions that lead to collaboration, that lead to global level engagement, and lead to a humankind-level governance,” Cheng said.
“For me, the key trust piece, or at least one of the key trust pieces, is: how do we make sure that we can trust the providers of these large language models that are increasingly ubiquitous, to safeguard the data,” Mahari said, “And ideally, we can do this in verifiable ways, and there are some interesting things in cryptography that we can leverage.”
“It depends on who you work with,” said Bestavros. “If you are the individual, perhaps, worried about your data, well, perhaps not just do I trust my data, but do you trust the algorithm? Do you trust the recommendations? Do you trust whoever deployed that AI? It’s actually not just the AI that needs to be trusted. It’s who is deploying it.”
He asked other questions, too, related to human psychology, and pointed out how that plays a role.
“How do people perceive trust?” he asked. “How do you define it? I have a faculty member who understands how to measure trust with psychology, because we trust each other. We are humans, and the question is, is there a way to use what we know from psychology, in order to develop agents that are trustworthy to the individual?”
The Verification of AI in a Complex World
The four also addressed how to verify AI.
“You verify by measuring, by observing,” Bestavros said. “A big focus here is, we’ll deploy it, but we have the responsibility to develop the tools that allow those who are going to use AI to score it. So we have faculty who will work on scoring ethics. We have faculty working on auditing it.”
He noted the “black box” nature of models, and the use of benchmarks like crypto keys as additional verification tools.
Mahari had more.
“You have like a couple of different ways to make sure things don’t go off the rails, right?” he said. “One is contracts. There are a couple lawyers on this panel, and you make promises, and if you break your promises, we take you to court.”
And then there’s what you might call gumption.
“The other fix is to say, ‘I’ll do it myself, right? The only person I can trust is myself, and I’ll roll up my sleeves,’” He noted. “But you might not know how to do things. Run a local LLM, that kind of thing. So then the third thing is, you can try to design a technical system in such a way that you have guarantees that it can’t go wrong.”
In aid of this idea, Mahari presented a scenario with a “box like an LLM” with a key inside, and then another key, representing the security key.
“The only way that that data can ever be decrypted is in the box, by the LLM, with its key,” Mahari explained. “No one in the world except the LLM can see what’s going in and out of that box. And so you have this ability to, on the one hand, offshore all the maintenance of the box and the GPUs. You don’t have to worry about updating the LLMs.”
Raskar brought up the utility of a protocol for the web, which made sense to me, since they’re working hard on this at MIT. The NANDA (Network of AI Agents and Decentralized Architectures) project aims to address this, and though there are rumors that the deployment has been paused, the general idea is in place.
“If you want to build the internet, and you want the ability to be for any agent to be able to talk to any other agent, then we can use the analogy of a browser and websites,” Raskar explained, in mentioning how protocols are likely to contribute to not just trust, but implementation, in the future. “You can use the analogy of a stock market: you want to list all of the agents that are out there on some kind of a DNS-like system, certifying to authorities that they are cryptographically secure.”
More Thoughts on Trust and Security
The conversation went on in the same vein: watch the video for all of the details that this expert panel brought up in navigating the issue of trust in the technology.
“Autonomy requires this non-deterministic behavior, and the non-deterministic behavior unfortunately requires knowing how the algorithmic security is offered, because when things are happening at a billion-agent scale, it’s going to be very difficult to manage,” Raskar said. “It’s just like launching a car: when you launch a car, before you launch a car, you have crash tests and test tracks, and while you own the car, every year, you have to get your inspection sticker, but every once in a while, you do an audit to see, among millions of cars, where there’s something that went wrong, and then you go and fix all of the cars. So kind of you need all those three at an algorithmic level, and it’s not enough to just rely on whether the right people are doing it.”
“There’s a trust issue,” Mahari added, “especially when it comes to AI companionship, which is a topic that I care a lot about, where people are forming these very deep relationships with AI agents, as companions, meaningful relationships.”
But these, he noted, are in key ways one-sided relationships.
“You just take whatever you want from the AI,” he said. “It doesn’t require you to be available to it emotionally, whatever. And I worry a lot about whether we can trust those kinds of systems.”
“Trust means different things to different people,” Bestavros said.
Raskar used the example of Estonia as an inspiration.
“They’re really emerging in ways that we can learn a lot from,” he said, of a number of emerging national economies. “I think Estonia was a great example. I think many of these countries have learned over time how to leapfrog: the cliche example of the ‘skip the landline and go straight to mobile phones.’ My feeling, based on my partnerships and collaborations, is that we’re going to skip the AI revolution altogether, the give and take problem, and go straight to the AI agents.”
“Where I’m from, we think a lot about the balance between regulation and innovation,” Cheng said, of the Chinese outlook on AI. “The more you regulate, the more you stifle innovation. On the other hand, if you let innovation run wild, then sooner or later, it becomes unregulateable. So we think about that balance.”
I thought all of this was a great intro to trusting AI as it becomes, well, a lot more powerful. What do you think? Drop me a comment.
