The AI Risk Repository: A Comprehensive Meta-Review, Database, and Taxonomy of Risks From Artificial Intelligence

Read original: arXiv:2408.12622 - Published 8/26/2024 by Peter Slattery, Alexander K. Saeri, Emily A. C. Grundy, Jess Graham, Michael Noetel, Risto Uuk, James Dao, Soroush Pour, Stephen Casper, Neil Thompson

🤖

Overview

The paper addresses the lack of a shared understanding of AI risks, which can hinder our ability to discuss, research, and respond to them.
It introduces an AI Risk Repository - a comprehensive database of 777 AI risks extracted from 43 taxonomies.
The repository is organized using two overarching taxonomies: a Causal Taxonomy and a Domain Taxonomy.

Plain English Explanation

The paper tackles the issue of AI risks - the potential harms or unintended consequences that can arise from the development and use of artificial intelligence. Despite the growing concern over these risks, the authors note that there is a lack of a common understanding or framework for categorizing and discussing them. This can make it challenging for academics, policymakers, AI companies, and the public to have a cohesive dialogue and take coordinated action.

To address this gap, the researchers have created an AI Risk Repository - a comprehensive database of 777 identified AI risks. This repository is organized using two main taxonomies or classification systems:

Causal Taxonomy: This taxonomy looks at the root causes of AI risks, categorizing them based on whether the risk is caused by a human or an AI system, whether it was intentional or unintentional, and whether it occurred before or after the deployment of the AI system.
Domain Taxonomy: This taxonomy groups the risks into seven main domains: discrimination and toxicity, privacy and security, misinformation, malicious actors and misuse, human-computer interaction, socioeconomic and environmental impacts, and AI system safety, failures, and limitations. These domains are further divided into 23 subdomains.

By creating this centralized and structured repository of AI risks, the researchers hope to provide a common frame of reference that can facilitate more coordinated, coherent, and comprehensive efforts to define, audit, and manage the potential threats posed by artificial intelligence.

Technical Explanation

The researchers conducted a systematic review of existing taxonomies and other structured classifications of AI risks, compiling a comprehensive database of 777 unique risks extracted from 43 source materials. They then developed two overarching taxonomies to organize these risks:

Causal Taxonomy of AI Risks: This taxonomy categorizes each risk based on three causal factors:
- Entity: Whether the risk is caused by a human or an AI system
- Intentionality: Whether the risk was intentional or unintentional
- Timing: Whether the risk occurred before or after the deployment of the AI system
Domain Taxonomy of AI Risks: This taxonomy groups the risks into seven high-level domains:
- Discrimination & Toxicity
- Privacy & Security
- Misinformation
- Malicious Actors & Misuse
- Human-Computer Interaction
- Socioeconomic & Environmental
- AI System Safety, Failures, & Limitations

These domains are further divided into 23 subdomains to provide a more granular classification of the risks.

The researchers used a "best-fit framework synthesis" approach to develop these taxonomies, iteratively refining them based on expert consultations. The resulting AI Risk Repository is designed to be publicly accessible, extensible, and categorized, providing a foundation for more coordinated efforts to define, audit, and manage AI risks.

Critical Analysis

The paper presents a thoughtful and comprehensive approach to categorizing the risks posed by artificial intelligence. The authors acknowledge that the field of AI risk is rapidly evolving, and they have designed the repository to be dynamic and extensible, allowing for updates and additions as new risks emerge.

One potential limitation of the study is the reliance on existing taxonomies and the potential for biases or gaps in the source materials. The authors note that their expert consultation process was intended to address this, but it would be valuable to see ongoing efforts to validate and refine the taxonomies based on feedback from a broader range of stakeholders.

Additionally, while the paper provides a solid foundation for understanding AI risks, it does not delve into the specific strategies or best practices for mitigating or managing these risks. Further research and guidance in this area would be a valuable complement to the risk repository.

Overall, the AI Risk Repository represents an important step towards a more coordinated and comprehensive approach to understanding and addressing the potential harms of artificial intelligence. By providing a common frame of reference, it can help facilitate more productive discussions and collaborative efforts among academics, policymakers, AI companies, and the public.

Conclusion

This paper introduces a novel AI Risk Repository - a comprehensive database of 777 AI risks organized using two overarching taxonomies. By creating a shared understanding and framework for categorizing these risks, the researchers aim to support more coordinated, coherent, and complete efforts to define, audit, and manage the potential threats posed by artificial intelligence. While the paper acknowledges the need for ongoing refinement and validation, it provides a valuable foundation for advancing the critical dialogue around AI risk and responsibility.

This summary was produced with help from an AI and may contain inaccuracies - check out the links to read the original source documents!

Follow @aimodelsfyi on 𝕏 →

Related Papers

🤖

The AI Risk Repository: A Comprehensive Meta-Review, Database, and Taxonomy of Risks From Artificial Intelligence

Peter Slattery, Alexander K. Saeri, Emily A. C. Grundy, Jess Graham, Michael Noetel, Risto Uuk, James Dao, Soroush Pour, Stephen Casper, Neil Thompson

The risks posed by Artificial Intelligence (AI) are of considerable concern to academics, auditors, policymakers, AI companies, and the public. However, a lack of shared understanding of AI risks can impede our ability to comprehensively discuss, research, and react to them. This paper addresses this gap by creating an AI Risk Repository to serve as a common frame of reference. This comprises a living database of 777 risks extracted from 43 taxonomies, which can be filtered based on two overarching taxonomies and easily accessed, modified, and updated via our website and online spreadsheets. We construct our Repository with a systematic review of taxonomies and other structured classifications of AI risk followed by an expert consultation. We develop our taxonomies of AI risk using a best-fit framework synthesis. Our high-level Causal Taxonomy of AI Risks classifies each risk by its causal factors (1) Entity: Human, AI; (2) Intentionality: Intentional, Unintentional; and (3) Timing: Pre-deployment; Post-deployment. Our mid-level Domain Taxonomy of AI Risks classifies risks into seven AI risk domains: (1) Discrimination & toxicity, (2) Privacy & security, (3) Misinformation, (4) Malicious actors & misuse, (5) Human-computer interaction, (6) Socioeconomic & environmental, and (7) AI system safety, failures, & limitations. These are further divided into 23 subdomains. The AI Risk Repository is, to our knowledge, the first attempt to rigorously curate, analyze, and extract AI risk frameworks into a publicly accessible, comprehensive, extensible, and categorized risk database. This creates a foundation for a more coordinated, coherent, and complete approach to defining, auditing, and managing the risks posed by AI systems.

8/26/2024

AI Risk Categorization Decoded (AIR 2024): From Government Regulations to Corporate Policies

Yi Zeng, Kevin Klyman, Andy Zhou, Yu Yang, Minzhou Pan, Ruoxi Jia, Dawn Song, Percy Liang, Bo Li

We present a comprehensive AI risk taxonomy derived from eight government policies from the European Union, United States, and China and 16 company policies worldwide, making a significant step towards establishing a unified language for generative AI safety evaluation. We identify 314 unique risk categories organized into a four-tiered taxonomy. At the highest level, this taxonomy encompasses System & Operational Risks, Content Safety Risks, Societal Risks, and Legal & Rights Risks. The taxonomy establishes connections between various descriptions and approaches to risk, highlighting the overlaps and discrepancies between public and private sector conceptions of risk. By providing this unified framework, we aim to advance AI safety through information sharing across sectors and the promotion of best practices in risk mitigation for generative AI models and systems.

6/27/2024

⚙️

A Legal Risk Taxonomy for Generative Artificial Intelligence

David Atkinson, Jacob Morrison

For the first time, this paper presents a taxonomy of legal risks associated with generative AI (GenAI) by breaking down complex legal concepts to provide a common understanding of potential legal challenges for developing and deploying GenAI models. The methodology is based on (1) examining the legal claims that have been filed in existing lawsuits and (2) evaluating the reasonably foreseeable legal claims that may be filed in future lawsuits. First, we identified 29 lawsuits against prominent GenAI entities and tallied the claims of each lawsuit. From there, we identified seven claims that are cited at least four times across these lawsuits as the most likely claims for future GenAI lawsuits. For each of these seven claims, we describe the elements of the claim (what the plaintiff must prove to prevail) and provide an example of how it may apply to GenAI. Next, we identified 30 other potential claims that we consider to be more speculative, because they have been included in fewer than four lawsuits or have yet to be filed. We further separated those 30 claims into 19 that are most likely to be made in relation to pre-deployment of GenAI models and 11 that are more likely to be made in connection with post-deployment of GenAI models since the legal risks will vary between entities that create versus deploy them. For each of these claims, we describe the elements of the claim and the potential remedies that plaintiffs may seek to help entities determine their legal risks in developing or deploying GenAI. Lastly, we close the paper by noting the novelty of GenAI technology and propose some applications for the paper's taxonomy in driving further research.

5/27/2024

Responsible AI Question Bank: A Comprehensive Tool for AI Risk Assessment

Sung Une Lee, Harsha Perera, Yue Liu, Boming Xia, Qinghua Lu, Liming Zhu

The rapid growth of Artificial Intelligence (AI) has underscored the urgent need for responsible AI practices. Despite increasing interest, a comprehensive AI risk assessment toolkit remains lacking. This study introduces our Responsible AI (RAI) Question Bank, a comprehensive framework and tool designed to support diverse AI initiatives. By integrating AI ethics principles such as fairness, transparency, and accountability into a structured question format, the RAI Question Bank aids in identifying potential risks, aligning with emerging regulations like the EU AI Act, and enhancing overall AI governance. A key benefit of the RAI Question Bank is its systematic approach to linking lower-level risk questions to higher-level ones and related themes, preventing siloed assessments and ensuring a cohesive evaluation process. Case studies illustrate the practical application of the RAI Question Bank in assessing AI projects, from evaluating risk factors to informing decision-making processes. The study also demonstrates how the RAI Question Bank can be used to ensure compliance with standards, mitigate risks, and promote the development of trustworthy AI systems. This work advances RAI by providing organizations with a valuable tool to navigate the complexities of ethical AI development and deployment while ensuring comprehensive risk management.

8/23/2024