The Nuclear Governance Model Won’t Work For AI

AI is increasingly discussed as an existential threat on the same scale as nuclear weapons and climate change. This parallel is distorting the conversation about regulation.

By Yasmin Afina and Dr Patricia Lewis



As AI technologies are developed and deployed at scale, concern is growing around the risks they pose. In May, some industry leaders and scientists went as far as to claim AI is as great a threat to humanity as nuclear war.  

The analogy between both fields is gaining increasing traction and influential figures, including OpenAI’s CEO Sam Altman and the UN Secretary-General Antonio Guterres, have proposed the establishment of an international agency akin to the International Atomic Energy Agency (IAEA).  

But they are very different types of technology, and the nuclear governance model would not work at all well for AI.

What The IAEA Is

The IAEA was established in 1957 to promote the peaceful use of nuclear technology thanks to US President Eisenhower, who proposed the agency in his ‘Atoms for Peace’ speech, with the hope that  ‘… the splitting of the atom may lead to the unifying of the entire divided world.’  

The agency is charged by its statute to promote nuclear energy for peace, health and prosperity and ensure – as far as it is possible – that it is not used in ways that further military purposes. The IAEA conducts safeguarding inspections in civil nuclear facilities such as nuclear power plants and research reactors to ensure that nuclear materials in non-nuclear weapons states are not transferred to military programmes.  

The agency has been extraordinarily successful in its safeguarding, with the exception of Iraq in the late 1980s. It has discovered several instances of non-compliance and, except in the case of North Korea, has contributed significantly to the reversal of behaviour and prevention of proliferation, including thus far in Iran. 

Existential Fear Of Nuclear War

From early on in their development nuclear weapons posed a known, quantifiable existential risk. The nuclear bombing of Hiroshima and Nagasaki in August 1945 attested to the destructive, indiscriminate, and uncontainable nature of these weapons. One of the key motivations for founding the IAEA and for arms control treaties such as the Nuclear Non-Proliferation Treaty (NPT) was the deep fear of nuclear war. These fears were well founded. At the height of the Cold War, the US and then Soviet Union were said to have enough nuclear weaponry to ‘destroy humanity as we know it’.

Recent calculations reveal that the number of nuclear weapons required to destroy conditions for human habitation is fewer than 100.  

The risks posed by nuclear weapons’ very existence and the threat of their use are therefore existential; and the profound humanitarian risks and consequences that would result from their use was a driving force leading to the 2017 adoption of the Treaty on the Prohibition of Nuclear Weapons. 

Fear Of Catastrophe Is Distracting Efforts Away From Known Risks

Many of the concerns remain hypothetical and are derailing public attention from the already-pressing ethical and legal risks stemming from AI and their subsequent harms. This is not to say that AI risks do not exist: they do. A growing body of evidence documents the harm these technologies can pose, especially on those most at risk such as ethnic minorities, populations in developing countries, and other vulnerable groups.  

Over-dependency on AI, especially for critical national infrastructure (CNI), could be a source of significant vulnerability – but this would not be catastrophic for the species.  Concerns over wider, existential AI risks do need to be considered, carefully step-by-step, as the evidence is gathered and analysed. But moving too fast to control could also do harm.

AI Is Difficult, If Not Impossible, To Contain

The technicalities of nuclear weapons are inherently different from AI. The development of nuclear weapons is faced with physical bottlenecks. Their manufacture requires specific materials in specific forms – such as plutonium and highly-enriched (above 90 per cent) uranium and tritium.  

These materials produce unique, measurable signatures. The tiniest of traces can be discovered in routine inspections, and clandestine activities exposed.

Nuclear weapons cannot be made without these special materials. Controlling access to the materials physically prohibits countries that are not allowed to acquire them from doing so. This is very different from AI, which is essentially software-based and general-purpose. 

Although the development and training of AI can require heavy investment and supercomputers with tremendous processing power, its applications are widespread and increasingly designed for mass use across all segments of society. AI is, in that sense, the very opposite of nuclear weapons.  

The intangible nature of AI would make it difficult, if not impossible, to contain – especially with the increase of open-source AI.

Safeguarding measures and verification methods akin to those employed by the IAEA would therefore not work for AI due to these inherent technical differences.

What Could Work?

Policy responses are necessary to address the risks in developing and deploying AI technologies. But governance models away from the nuclear field offer better inspiration.  

A solution similar to the US Food and Drug Administration (FDA) might provide a sensible approach to overseeing the release and commercialization of AI products. This would consist of a scaled launching model, alongside robust auditing requirements and comprehensive risk assessments to evaluate both the direct and indirect implications of the product in question.  

The EU’s Reference Laboratory for Genetically Modified Food and Feed (EURL GMFF) also provides a useful way to think about some AI controls and regulation.  National and international attempts to control and regulate human gene editing and human embryo research are worth study, as attempts to control and regulate amorphous technology in very different cultural contexts.

AI could benefit from an international agency, but this should draw inspiration from the International Panel on Climate Change (IPCC) and from taking the UN Secretary-General’s recommendation for a high-level advisory body for AI one step further. Such an agency would help provide the international community with diversified and complete data in the field, ensuring that subsequent deliberations are holistic, evidence-based, and inclusive.  

This international agency could be newly established or expand the work of existing specialized agencies such as the International Telecommunications Union (ITU) – which combines both standards and regulations, revised on a regular basis through the World Radiocommunication Conference (WRC). This structure could work well for AI in the light of its dynamic nature and fast-paced technological progress.
 
The agency’s activities would promote participation by all stakeholders; assist negotiations and continuing efforts to curb AI risks; and carry out more in-depth, long-term research.

Governance models for AI could also be discussed through forums including The Internet Governance Forums (IGF), meetings at the UN including the Global Digital Compact and the Summit of the Future, and through the work of the Secretary-General’s Envoy on Technology. In 2025, the World Summit on the Information Society (WSIS) will provide an important moment to agree ways forward for AI governance.

These agencies and forums represent better models for AI regulation. They would also more effectively leverage AI’s full potential to benefit all.

Yasmin Afina is Research Fellow, Digital Society Initiative at Chatham House

Dr Patricia Lewis is Research Director; Director, International Security Programme at Chatham House

You Might Also Read: 

The Destabilizing Danger Of Cyberattacks On Missile Systems:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« The CIA Has A Social Media Campaign Just For Russians
A Brief History Of Artificial Intelligence & Its Potential Future »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Uniken

Uniken

Uniken REL-ID is a safe, simple, and scalable security platform that tightly integrates your identity, authentication, and channel security.

Visa

Visa

Visa is a global payments technology company that connects consumers, businesses and banks in more than 200 countries and territories worldwide.

Cybero

Cybero

Cybero offers professional corporate cybersecurity training tailored to your business requirements.

Gospel Technology

Gospel Technology

Gospel presents a totally new way of accessing and controlling data which is enterprise grade scalable, highly resilient, and secure.

ThreatAware

ThreatAware

Total visibility of your business cybersecurity. Monitoring, management and compliance for your cybersecurity tools, people and processes from one easy to use dashboard.

CYQUEO

CYQUEO

CYQUEO is your professional partner and system integrator. We secure your organization against advanced cyber threats.

Practical Assurance

Practical Assurance

Practical Assurance helps companies navigate the rough terrain of information security compliance.

Clario Tech

Clario Tech

Clario is a simple, comprehensive, personalized protection app. It comes with a full suite of intelligent security software and intelligent people to help you live a better, safer digital life.

KrCERT/CC

KrCERT/CC

KrCERT/CC is the National Computer Emergency Response Team in Korea.

Netizen

Netizen

Netizen is an award-winning company that develops and leverages innovative solutions to enable a more secure cyberspace for clients in government and commercial markets.

Presidio

Presidio

Presidio is a leading North American IT solutions provider focused on Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions.

Fairdinkum Consulting

Fairdinkum Consulting

Fairdinkum is a leading full-service IT consulting firm with more than two decades of experience in the industry.

Cyber News Live (CNL)

Cyber News Live (CNL)

Cyber News Live provide vital information and raise awareness about all things 'cyber' to ensure you stay protected in the digital world.

Falconfeeds

Falconfeeds

Falconfeeds empowers businesses and security professionals with immediate access to the latest and historical threat intelligence data.

Miggo Security

Miggo Security

Miggo is the first Application Detection and Response (ADR) platform on a mission to stop application breaches.

Backslash Security

Backslash Security

With Backslash, AppSec teams gain visibility into critical risks in their apps based on reachability and exploitability.