The Nuclear Governance Model Won’t Work For AI

Uploaded on 2023-07-04 in TECHNOLOGY-Key Areas-Artificial Intelligence, GOVERNMENT-Defence, FREE TO VIEW

AI is increasingly discussed as an existential threat on the same scale as nuclear weapons and climate change. This parallel is distorting the conversation about regulation.

By Yasmin Afina and Dr Patricia Lewis


As AI technologies are developed and deployed at scale, concern is growing around the risks they pose. In May, some industry leaders and scientists went as far as to claim AI is as great a threat to humanity as nuclear war.  

The analogy between both fields is gaining increasing traction and influential figures, including OpenAI’s CEO Sam Altman and the UN Secretary-General Antonio Guterres, have proposed the establishment of an international agency akin to the International Atomic Energy Agency (IAEA).  

But they are very different types of technology, and the nuclear governance model would not work at all well for AI.

What The IAEA Is

The IAEA was established in 1957 to promote the peaceful use of nuclear technology thanks to US President Eisenhower, who proposed the agency in his ‘Atoms for Peace’ speech, with the hope that  ‘… the splitting of the atom may lead to the unifying of the entire divided world.’  

The agency is charged by its statute to promote nuclear energy for peace, health and prosperity and ensure – as far as it is possible – that it is not used in ways that further military purposes. The IAEA conducts safeguarding inspections in civil nuclear facilities such as nuclear power plants and research reactors to ensure that nuclear materials in non-nuclear weapons states are not transferred to military programmes.  

The agency has been extraordinarily successful in its safeguarding, with the exception of Iraq in the late 1980s. It has discovered several instances of non-compliance and, except in the case of North Korea, has contributed significantly to the reversal of behaviour and prevention of proliferation, including thus far in Iran. 

Existential Fear Of Nuclear War

From early on in their development nuclear weapons posed a known, quantifiable existential risk. The nuclear bombing of Hiroshima and Nagasaki in August 1945 attested to the destructive, indiscriminate, and uncontainable nature of these weapons. One of the key motivations for founding the IAEA and for arms control treaties such as the Nuclear Non-Proliferation Treaty (NPT) was the deep fear of nuclear war. These fears were well founded. At the height of the Cold War, the US and then Soviet Union were said to have enough nuclear weaponry to ‘destroy humanity as we know it’.

Recent calculations reveal that the number of nuclear weapons required to destroy conditions for human habitation is fewer than 100.  

The risks posed by nuclear weapons’ very existence and the threat of their use are therefore existential; and the profound humanitarian risks and consequences that would result from their use was a driving force leading to the 2017 adoption of the Treaty on the Prohibition of Nuclear Weapons. 

Fear Of Catastrophe Is Distracting Efforts Away From Known Risks

Many of the concerns remain hypothetical and are derailing public attention from the already-pressing ethical and legal risks stemming from AI and their subsequent harms. This is not to say that AI risks do not exist: they do. A growing body of evidence documents the harm these technologies can pose, especially on those most at risk such as ethnic minorities, populations in developing countries, and other vulnerable groups.  

Over-dependency on AI, especially for critical national infrastructure (CNI), could be a source of significant vulnerability – but this would not be catastrophic for the species.  Concerns over wider, existential AI risks do need to be considered, carefully step-by-step, as the evidence is gathered and analysed. But moving too fast to control could also do harm.

AI Is Difficult, If Not Impossible, To Contain

The technicalities of nuclear weapons are inherently different from AI. The development of nuclear weapons is faced with physical bottlenecks. Their manufacture requires specific materials in specific forms – such as plutonium and highly-enriched (above 90 per cent) uranium and tritium.  

These materials produce unique, measurable signatures. The tiniest of traces can be discovered in routine inspections, and clandestine activities exposed.

Nuclear weapons cannot be made without these special materials. Controlling access to the materials physically prohibits countries that are not allowed to acquire them from doing so. This is very different from AI, which is essentially software-based and general-purpose. 

Although the development and training of AI can require heavy investment and supercomputers with tremendous processing power, its applications are widespread and increasingly designed for mass use across all segments of society. AI is, in that sense, the very opposite of nuclear weapons.  

The intangible nature of AI would make it difficult, if not impossible, to contain – especially with the increase of open-source AI.

Safeguarding measures and verification methods akin to those employed by the IAEA would therefore not work for AI due to these inherent technical differences.

What Could Work?

Policy responses are necessary to address the risks in developing and deploying AI technologies. But governance models away from the nuclear field offer better inspiration.  

A solution similar to the US Food and Drug Administration (FDA) might provide a sensible approach to overseeing the release and commercialization of AI products. This would consist of a scaled launching model, alongside robust auditing requirements and comprehensive risk assessments to evaluate both the direct and indirect implications of the product in question.  

The EU’s Reference Laboratory for Genetically Modified Food and Feed (EURL GMFF) also provides a useful way to think about some AI controls and regulation.  National and international attempts to control and regulate human gene editing and human embryo research are worth study, as attempts to control and regulate amorphous technology in very different cultural contexts.

AI could benefit from an international agency, but this should draw inspiration from the International Panel on Climate Change (IPCC) and from taking the UN Secretary-General’s recommendation for a high-level advisory body for AI one step further. Such an agency would help provide the international community with diversified and complete data in the field, ensuring that subsequent deliberations are holistic, evidence-based, and inclusive.  

This international agency could be newly established or expand the work of existing specialized agencies such as the International Telecommunications Union (ITU) – which combines both standards and regulations, revised on a regular basis through the World Radiocommunication Conference (WRC). This structure could work well for AI in the light of its dynamic nature and fast-paced technological progress.
 
The agency’s activities would promote participation by all stakeholders; assist negotiations and continuing efforts to curb AI risks; and carry out more in-depth, long-term research.

Governance models for AI could also be discussed through forums including The Internet Governance Forums (IGF), meetings at the UN including the Global Digital Compact and the Summit of the Future, and through the work of the Secretary-General’s Envoy on Technology. In 2025, the World Summit on the Information Society (WSIS) will provide an important moment to agree ways forward for AI governance.

These agencies and forums represent better models for AI regulation. They would also more effectively leverage AI’s full potential to benefit all.

Yasmin Afina is Research Fellow, Digital Society Initiative at Chatham House

Dr Patricia Lewis is Research Director; Director, International Security Programme at Chatham House

You Might Also Read: 

The Destabilizing Danger Of Cyberattacks On Missile Systems:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The CIA Has A Social Media Campaign Just For Russians
A Brief History Of Artificial Intelligence & Its Potential Future »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Nutanix

Nutanix

The Nutanix enterprise cloud platform provides performance, robust security, and seamless application mobility for a broad range of enterprise applications.

Law Enforcement Cyber Center (LECC)

Law Enforcement Cyber Center (LECC)

LECC is designed to assist police, digital forensic investigators, detectives, and prosecutors who are investigating and preventing crimes that involve technology.

Stott & May

Stott & May

Stott & May is a specialist cyber security recruitment agency.

Medigate

Medigate

Medigate is a dedicated medical device security platform protecting all of the connected medical devices on health care provider networks.

CLDigital

CLDigital

CLDigital's no-code risk and resilience platform, CL360, provides leaders with risk and resilience data to make strategic and tactical continuity decisions.

Oak Ridge National Laboratory (ORNL)

Oak Ridge National Laboratory (ORNL)

ORNL conducts basic and applied research and development in key areas of science for energy, advanced materials, supercomputing and national security including cybersecurity.

CybeReady

CybeReady

CybeReady’s Autonomous Platform offers continuous adaptive training to all employees and guarantees significant reduction in organizational risk of phishing attacks.

C2A Security

C2A Security

C2A Security offers a comprehensive suite of cyber security solutions for the automotive industry, providing in-vehicle end-to-end protection.

Tego Cyber

Tego Cyber

Tego Cyber delivers a state-of-the-art threat intelligence platform that helps enterprises deploy the proper resolution to an identified threat before the enterprise is compromised.

SEIRIM

SEIRIM

SEIRIM delivers cybersecurity solutions in Shanghai China specializing in Web Application Security, Network Security for SME's, Vulnerability Management, and serving as Managed Security as a Service.

Ward Solutions

Ward Solutions

Ward Solutions are an information security consultancy and managed services company. We help organisations protect their brand, people, assets, intellectual property and profits.

Bright Data

Bright Data

Bright Data Inc is the world’s #1 web data platform, enabling organizations to research, monitor, analyze data, and make better decisions.

iVision

iVision

iVision is a technology integration and management firm that engineers success for clients through objective recommendations, process and technology expertise and best-of-breed guidance.

CypherEye

CypherEye

CypherEye is a next generation trust platform that advances the current state of Multi-factor Authentication (MFA) to enable highly secure, private and auditable cyber-transactions.

Lineaje

Lineaje

Lineaje solves critical Software Supply Chain security problems faced by every organization that builds, uses or sells software.

DynTek

DynTek

DynTek delivers exceptional, cost-effective professional IT consulting services, end-to-end IT solutions and managed IT services.