This blog post is a work in progress. Comments are solicited. It is an attempt to bring my seventy years of experience in using, governing, managing, and securing innovations in computing technology to the issue of "artificial" intelligence.
In 1956, I was part of the first generation of computer user/programmers. We stood on the shoulders of the giants that I call generation zero, Turing, Flowers, Shannon, Aiken, Eckert, Mauchly, von Neuman, Hopper, et. al.
We had to tell the computer exactly how to arrive at the result that we wanted. We expressed the computations that we wanted in terms of the operation codes of the hardware. Almost all computers had op codes for add, some could subtract. The powerful ones even had operations for multiply and divide. However, even those did multiplication by iterative addition and division by iterative subtraction. We called that programming. Those of us who could describe how to achieve a result by such tiny steps were called programmers.
In the mid fifties, one might create a program on a blackboard, flip-chart, or yellow pad. We would transcribe the program into punched paper cards or tape that could be eletro-mechanically "read" by and into the storage of the computer. The paper and the reader were our user input mechanism, our application programming interface, our API. We would enter the program first, followed by the data, also in punched paper. The process was so expensive that the results had to be very valuable in order for the process to be efficient.
While in the early days, I operated the computer, within a decade programmers had pretty much been excluded from the "computer room" and the role of operator had become specialized. Within another decade the computer terminal was the common user interface. In 1981 the IBM personal computer had a key-board and a CRT that could display 80 columns by 25 lines of green alpha-numeric characters. Like the terminals, it provided what we now think of as a command line interface. Three years later the Apple Macintosh had a graphical user interface (GUI) with a mouse. Two years later came Windows. "Point and click" was now part of how one used a computer.
As computers have become more powerful and cheaper, much of that improved power has gone into the user interface, into making them easier to use. Early examples include high level languages, like Fortran and Cobol, and interpreters like APL and Basic
Today's input devices include touch screens, cameras, microphones, ear phones, and speakers. Modern computers can talk, listen, and recognize and process images. I can testify that we hardly thought about such capabilities in 1956.
Games have always been part of computing and a measure of computer program "intelligence." In 1956, my colleague, Dick Casey, and I wrote a program to teach the IBM 650, using console switches and lights for i/0, to play Tic-Tac-Toe. My mentor, Dr. Albert Samuels, wrote a program for the IBM 701 to "learn" to play checkers. It got really serious in 1997 when IBM's Deep Blue defeated chess champion, Gary Kasparov in a six game match. On February 16, 2011 IBM's Watson defeated champions Ken Jennings and Brad Rutter at the TV Show Game, Jeopardy.
In 2015, Google's Alpha defeated European champion Fan Hui 5-0. Its most famous victory was against world champion Lee Sedol in 2016, winning the series 4-1. Alphagozero "taught" itself the game.
In November 2022 OpenAI introduced ChatGPT and demonstrated its ability to converse in natural language. Using text-to-speech and speech recognition, it can even talk and listen. It was to be the first of many large language models (LLMs), the latest user interface to the computer. However, the ability of these chat bots to communicate in natural language hides the huge data sets, the enormous computing power, and the complexity involved. It caused many people to invest them with the personality and autonomy that they merely mimic.
Using these programs one no longer has to provide the computer with a program, the steps to create the result. One need merely describe the result and the program "figures out" how to arrive at it. The "Model" instantiates both the capabilities and the limitations of the program.
We call the model "large" because it includes a huge amount of data, so much that it all but defies human comprehension. Indeed it can solve difficult problems in conversational time. However, it is correct to think of it as fast "table lookup" in a big table, using so much computing power and energy that it is just now becoming efficient.
The program organizes its data to optimize its use; we call the data "training" and the organization "learning," expressions that we analogize from human intelligence. Therefore, the "model" instantiates both the capabilities and limitations of the program and its data.
In part, because of the complexity, training, and the lack of precision of the natural language used in the prompts, what we want the computer to do, the results are sometimes not what the user intends and expects. Said another way, in spite of its capabilities, artificial intelligence may be no less error prone than natural intelligence. Sometimes the results are so far from the user's intention, again by analogy to the natural, the computer is said to "hallucinate." Therefore, it is best to restrict the use of AI to the set of problems where, while we might not be able to arrive at the results by ourselves we can easily check the result. For example, while one might not be able to compute the cube root of a large integer, we can recognize it when we see it.
Nothing useful can be said about the security of any mechanism except in the context of a specific application and environment. --Robert H. Courtney, his first law.
Some human being or enterprise is responsible for everything a computer is asked to do and for all the properties and uses of the result.
The responsibility of both individuals and enterprises for the application and use of a computer, specifically to include those applications that use natural language and mimic people, includes compliance with law, regulation, contract, morality standards, and prudence.
As with anything else, an individual exercises her responsibility by complying with the law, regulation, contract, ethics, use of appropriate tools, and due care. This requires knowledge, skill, ability, experience, and good judgement. One starts by ensuring that one meets the applicable requirements. One ends by doing nothing rather than doing the wrong thing.
An enterprise exercise its responsibility by governance and policy, i.e.,what it authorizes its agents to do and tells them not to do. Management must use all available controls including, but not limited to:
- Direction
- Training
- Assignment of duties, roles, responsibility, limits, discretion, and authority
- Supervision
- Multi-party controls
- Automation
- Budget
- Recognition and respect
- Compensation
- Disciplinary action
- Other
(Updates of this post will amplify and apply the use of these generic controls to the secure use of artificial intelligence.)
One of the things that policy must do is to express managements risk tolerance in such a way that all managers and professionals at all levels understand what that means that they should do. For example, the management of a mature enterprise might say such things as "Novel technology must be applied in a cautious, conservative manner," "line of business managers (not IT) must authorize and budget for the application of novel technology," "application of novel technology must be initiated, authorized, and budgeted for by two or more levels of line of business management," or "novel technology should be exploited and applied consistent with normal business risk."
Alternatively, the management of a high business risk start-up might say "novel technology should be aggressively applied and exploited in pursuit of business opportunity." Needless to say, that this author recommends the more conservative approach for most enterprises.
Posts
