Un Memor\u00e1ndum de Seguridad Nacional hist\u00f3rico firmado recientemente por el presidente Joe Biden exige supervisi\u00f3n humana, pruebas de seguridad y otras salvaguardas para muchas aplicaciones militares, de inteligencia, y de la inteligencia artificial (IA). El memorando tambi\u00e9n inicia una revisi\u00f3n exhaustiva de c\u00f3mo el Pent\u00e1gono y las agencias de inteligencia adquieren IA, con recomendaciones para cambios regulatorios y otras reformas que se presentar\u00e1n el pr\u00f3ximo a\u00f1o. Los nuevos documentos de pol\u00edtica, no est\u00e1n enfocados en drones, munici\u00f3n o armas aut\u00f3nomas, se centran en la IA utilizada para analizar informaci\u00f3n y tomar decisiones, incluso sobre el uso de la fuerza letal.<\/p>\n
WASHINGTON \u2014 A landmark\u00a0National Security Memorandum<\/a>\u00a0recently signed by President Joe Biden requires human oversight, safety testing and other safeguards for many military and intelligence applications of artificial intelligence. The memo also launches a sweeping review of how the Pentagon and intelligence agencies acquire AI, with recommendations for regulatory changes and other reforms due back next year.<\/p>\n However, neither the memo itself nor the accompanying Risk Management Framework [PDF<\/a>] impose significant new restrictions on AI-controlled drones, munitions and other \u201cautonomous weapons,\u201d the chief concern of many\u00a0arms control activists<\/a>\u00a0around the world. Instead, the RMF largely defers on that issue to existing Pentagon policy, DoD Directive 3000.09 [PDF<\/a>], which was extensively revised last year to\u00a0restrict, but not prohibit, autonomous weapons<\/a>\u00a0(some of which already exist in the form of computer-controlled\u00a0anti-aircraft and missile defenses<\/a>). The new policy documents, by contrast, focus on AI used to analyze information and make decisions \u2014 including about the use of lethal force.<\/p>\n That said, the memo does mention \u201ca classified annex\u201d that \u201caddresses additional sensitive national security issues, including countering adversary use of AI that poses risks to United States national security.\u201d The published documents do not specify what kind of \u201cadversary use\u201d the annex covers nor what other \u201csensitive\u201d issues it might address.<\/p>\n The other major question mark, of course, is the election: Many of the mandates in the memo and the RMF won\u2019t even take effect until next year. While a Kamala Harris administration would presumably continue Biden\u2019s policies, the\u00a0GOP platform<\/a>\u00a0already promises to \u201crepeal Joe Biden\u2019s dangerous\u00a0Executive Order<\/a>\u00a0[published last year] that hinders AI Innovation.\u201d And former advisors to President Donald Trump\u00a0have called for\u00a0a \u201cManhattan Project\u201d approach to accelerate military AI<\/a>. A Trump Administration might well remove all the restrictions and guardrails in the Biden plan.<\/p>\n The Devil\u2019s In The Details<\/strong><\/p>\n Current and former Biden administration officials have emphasized that the goal of the new policy is to accelerate adoption of AI by setting clear guardrails, not to hinder what they call \u201cresponsible\u201d employment. As a result, the memo and RMF rarely impose outright prohibitions and more often allow AI development and deployment to proceed \u2014 if, and only if, an extensive checklist of best practices is followed.<\/p>\n One of the few blanket bans in the RFM is against using AI [to] remove a human \u2018in the loop\u2019 for actions critical to informing and executing decisions by the President to initiate or terminate nuclear weapons employment.\u201d This is a reaffirmation of longstanding US policy that computers can\u2019t be allowed to launch nuclear weapons without human oversight.<\/p>\n The framework restricts use of AI to forecast likely civilian casualties and collateral damage when planning a potential military strike. Any such use of AI requires both technical safeguards, such as continuous \u201crigorous testing\u201d of the AI, and human oversight \u201cby trained personnel.\u201d The framework forbids computer-generated intelligence reports and analysis \u201cbased solely on AI\u201d unless they are clearly labeled with \u201csufficient warnings\u201d to the reader.<\/p>\n The framework then goes into a longer list of \u201chigh impact AI use cases,\u201d all of which are allowed\u00a0 Many of these precautions are about protecting human rights. That includes restrictions on AI \u201ctracking or identifying [or] classifying an individual as a known or suspected terrorist, insider threat, or other national security threat.\u201d The framework also mandates human oversight of any AI assessing eligibility for benefits ranging from political asylum to federal employment. Yet other provisions aim to ensure that human beings remain in control of AI and can be held accountable for whatever the software does, from handling nuclear and other hazardous materials, or deploying malware online.<\/p>\n Before a new AI is even deployed for the first time \u2014 and retroactively for AI already in use \u2014 agencies must conduct a thorough \u201crisk and impact assessment,\u201d including an up-front, bottom-line cost-benefit analysis of whether AI is even the right solution for the problem at hand, as opposed to more traditional tools. The mandated guardrails include extensive testing \u201cin a realistic context,\u201d preferably including a \u201cpilots and limited releases\u201d prior to widespread deployment; analysis of \u201cpossible failure modes\u201d and mitigations; assessment of whether the underlying data to train, test, and update the AI is accurate, adequate, and accessible; and ongoing, continuous monitoring to ensure the AI continues to perform as intended.<\/p>\n The mandatory best practices also address the human users of AI. They must be trained not only to operate it, but to watch for errors instead of blindly trusting the machine (what\u2019s called \u201cautomation bias<\/a>\u201d), with reporting channels and whistleblower protections when problems arise.<\/p>\n Unsurprisingly, the policy does make it possible to waive some or all of these safeguards. But such waivers must come, in writing, directly from an agency\u2019s designated Chief AI Officer,\u00a0and be reviewed and renewed at least annually<\/p>\n Overall, the National Security Memorandum and the Risk Management Framework are not about banning sensitive uses of AI, but regulating them \u2014 without getting in the way of rapid progress in the tech race with China.<\/p>\n \u201cThe NSM does a good job of balancing between making clear what is not allowed and enabling rapid adoption by the national security community, when the technology and the testing environment mean you can validate the ability to do it safely,\u201d said Michael Horowitz, a\u00a0UPENN professor<\/a>\u00a0who, until recently, worked on AI as\u00a0deputy assistant secretary of defense<\/a>\u00a0for emerging capabilities. And, he told Breaking Defense, the Pentagon has spent years figuring out just how to test and safeguard such systems.<\/p>\n \u201cDoD and other agencies have decades of experience in developing and employing AI, and in designing policies to do so safely,\u201d Horowitz \u00a0said. \u201cThe NSM not only builds on those lessons learned, it breaks new ground in ensuring the national security community can adopt AI with responsible speed.\u201d<\/p>\nif, and<\/del>\u00a0only if agencies implement a detailed set of guardrails.<\/p>\n