By James Flint

As almost anyone reading this will be aware, the field of AI and machine learning is moving very fast, with new capabilities and implementations emerging literally every day. It’s challenging to keep up, but fun and exciting… as well as a little alarming, given the impact this new technology is likely to have on many aspects of our lives and jobs. 

Now that powerful and effective AI tools are suddenly within easy reach of nearly every business, at Securys we’re paying close attention to the various proposals for AI regulation, especially the EU’s forthcoming AI Act. This is attempting to set the tone for international standards, although it may be less successful in this than the GDPR was in frontrunning privacy, given that China and the USA are both busily working on regulations of their own.

Initially drafted before the explosion of large language models (LLMs) such as ChatGPT, Bard & Claude onto the public stage in 2023, the Act has been hastily updated to accommodate them. But the regulation is still built around the core assumption that AI capability will be created and hosted by a few key players running “closed source” systems. This means that there’s a rising chorus of questions about the Act’s relevance now that it is becoming apparent that, once trained, extremely powerful AI can be hosted and run locally on quite small machines, even laptops and mobile devices.

For the past few months there have been frequent reports of open source models that challenge the capabilities of those created by the tech giants, some of which, once trained, can be hosted and run locally on quite small machines, even on laptops and mobile devices. Meta has even released a (mostly) open source model of its own, Llama, now available in a second, more powerful, incarnation called, unsurprisingly, Llama2.

Hence all the questions about the continuing relevance of the Act. Will the regulation that flows from it going be capable of policing local, open source deployments? And if it is, are businesses going to find that if they deploy these models on their own infrastructure in order to keep control of the data flows and maintain a good privacy stance, they will then open themselves to a whole new layer of compliance risk and bureaucracy?

Having reviewed the Act with this in mind the answer would appear to be: “not necessarily”. The Act takes a risk-based approach. With some “unacceptable risk” exceptions, such as facial recognition in public spaces, banned altogether from civilian use, it chiefly concerns itself with use of the new technology in the following situations:

  • Biometric identification and categorisation of natural persons;
  • Management and operation of critical infrastructure;
  • Education and vocational training;
  • Employment, worker management and access to self-employment;
  • Access to and enjoyment of essential private services and public services and benefits;
  • Law enforcement;
  • Migration, asylum and border control management;
  • Administration of justice and democratic processes.

When it comes to the large language models, with the possible exception of education and vocational training, it’s hard to see them being used sensibly or effectively in most of these contexts, even with extensive fine tuning. Other kinds of model could be, of course, but such models are more likely to have been built bespoke from scratch and therefore able to comply with rigorous transparency requirements than LLMs, which by dint of the sheer scale of the databases on which they’ve been trained (broadly, the content of the internet) are extremely opaque.

A business should therefore be able to set up its own instance of something like Llama2 on a reasonably powerful server of its own, fine tune it using proprietary data, and use it to generate textual or graphical content for its own ends without needing to register as an AI provider under the terms of the AI Act (which doesn’t mean it can forget about double-checking any output for factual accuracy, personally identifiable data, libellous content and potential copyright infringement).

Having said that, there are some examples beginning to emerge of researchers exploiting GPT-4’s ability to act within the parameters of a given persona and write high quality code in order to get the LLM to produce highly technical functionality. In the example linked to here it is prompted to construct attack algorithms capable of undermining a cyber security system, in which capacity GPT-4 behaves like a very advanced calculator. With improvements in this direction it’s possible to see LLMs contributing into the management and operation of critical infrastructure, and thus falling back within the “high risk” ambit of the Act.

In another recent development, also at DeepMind, an existing robot vision system has been combined with the kind of chain-of-thought reasoning found in LLMs. The resulting “vision-language-action” model has dramatically improved the robot’s ability to understand and respond both to user commands and to situations involving environments and objects on which it has not been directly trained.

Regardless of whether or not we decide it has any kind of sentience or consciousness, if AI is capable of parsing a large range of “experiences” in different media into technical instructions that enable it, or a machine it controls, to navigate a given environment in a largely reliable manner, then it will be used for applications that go far beyond text or image generation, many of which will be defined as high risk. Think about self-driving cars, for example, which could well be only be a couple of innovation cycles away from having a drastic effect on any business that employs delivery drivers, in a setting which is simultaneously extremely dangerous and very mundane. 

What you get when you cross a llama with a robot then, is something that suggests not only is this technology here to stay, but that it’s going to be embedded into all kinds of systems in increasingly intricate and structural ways, most of which we haven’t thought of yet. This is the world for which the EU AI Act and its cousins, for all their faults, are trying to prepare us. It’s worth businesses of all stripes getting to grips with these regulatory implications now, while the stakes are still quite low, if they want to be well placed for faster adoption of the ever more radical uses of AI that are surely coming down the line.