Technique Developed to Audit AI for Training Data
A new method using “information isotopes” has been developed to audit AI models for unauthorized training data. The technique embeds hidden signatures into content that can later be detected in model outputs. For applications using sensitive data like children's speech, such tools could become a key compliance requirement for verifying that models are trained only on consented and privacy-compliant datasets.
- The "information isotopes" method was tested on ten AI models, including GPT-4o and Claude-3.5, and was able to distinguish between training and non-training data with 99% accuracy. The technique is inspired by how chemical isotopes are used to trace elements through chemical reactions. - This type of tool addresses a core legal issue in many high-profile lawsuits from creators and publishers, such as the Authors Guild and The New York Times, against AI companies. The central claim in these cases is that their copyrighted works were used for training without compensation or permission. - Current legal and regulatory pressure is mounting globally. The U.S. Copyright Office has stated that using copyrighted works for AI training can constitute infringement. In the European Union, the AI Act and GDPR impose strict requirements on how data, especially personal data, is used for training models. - The challenge of proving data misuse is significant because AI models are often opaque, "black box" systems, making it difficult to audit their internal states or training logs, especially for external parties. This has led to a need for methods that can find evidence of training data usage solely by analyzing the model's output. - Beyond copyright, the inadvertent memorization and leakage of sensitive personal information from training data is a significant security risk. Models can inadvertently reveal personally identifiable information (PII) or other confidential data through their outputs, creating privacy compliance risks. - For applications involving children, regulations often impose stricter data privacy and consent requirements. Auditing tools are critical for verifying that models are trained exclusively on datasets that have met these higher standards, such as explicit parental consent. - Other methods for securing training data include cryptographic techniques like homomorphic encryption, which allows models to process encrypted data without decrypting it, and federated learning, where the model is trained locally on devices to keep sensitive data from being centralized.
