A Decentralized Approach Towards Responsible AI in Social Ecosystems
AA Decentralized Approach Towards Responsible AI in Social Ecosystems
FirstName Surname † Department Name
Wenjing Chu
Futurewei Technologies, Inc. Santa Clara, CA 95050
Abstract
For AI technology to fulfill its full promises, we must design effective mechanisms into the AI systems to support responsible AI behavior and curtail potential irresponsible use, e.g. in areas of privacy protection, human autonomy, robustness, and prevention of biases and discrimination in automated decision making. In this paper, we present a framework that provides computational facilities for parties in a social ecosystem to produce the desired responsible AI behaviors. To achieve this goal, we analyze AI systems at the architecture level and propose two decentralized cryptographic mechanisms for an AI system architecture: (1) using Autonomous Identity to empower human users, and (2) automating rules and adopting conventions within social institutions. We then propose a decentralized approach and outline the key concepts and mechanisms based on Decentralized Identifier (DID) and Verifiable Credentials (VC) for a general-purpose computational infrastructure to realize these mechanisms. We argue the case that a decentralized approach is the most promising path towards Responsible AI from both the computer science and social science perspectives.
1. Introduction
The rise of new AI technologies promises a new era of advanced digital services that would be impossible or impractical before. AI powered services, not only in web and social media, but also autonomous vehicles, robotics, medicine, and finance, could form the basis of our future economy and social fabric. But, like all human technologies before it, AI comes with a potential dark side, e.g. deep fake news, deep influence operations, facial recognition in surveillance, opaque automated systems with biases and collection of unfathomable amounts of personal data. We believe there are fundamental structural causes to these problems and therefore we must design mechanisms into the AI infrastructure to curtail irresponsible use. Before we start to frame the problems, we want to explicitly state our human-centric objective: our goal is to design an AI computational infrastructure that is general purpose (applicable to many applications) and can enable and facilitate social trust and social convention to achieve Responsible AI. The social trust and social conventions can manifest as future digital institutions (e.g. law, economic exchange, finance, culture, government). In this pursuit, we take key concepts and mechanisms from both computer science and social sciences. We start by asking how we can make AI systems more responsible through an integrated computational (machine) and social (human) approach, with human-centric guiding principles. Among these principles, we advocate that we must design a system to empower human agency, for people to form effective human institutions in the digital domain, and for the individuals and their institutions to effectively regulate the system’s behavior.
All technologies have irresponsible use problems. Some are well studied, such as the security danger of nuclear energy and the planet warming effects of fossil fuels. As AI (we use this term in the general sense, including all enabling computing technologies) and its adoption are still in their infancy, we may yet understand its potential problems in a deeper sense in the future. For this paper, we categorize four areas of focus: ●
Surveillance AI powered behavior modeling, computer vision, natural language processing and other sensing technologies have the danger of severe erosion of privacy and more systemic surveillance capitalism or surveillance authoritarianism, undermining human agency and welfare. ●
Social Media Deep fake, AI-enabled influence campaigns, biases, misinformation, and other media fueled social conflicts may cause further harm to a society's collective wellbeing. ●
Security At the personal level, AI could be used for more sophisticated digital fraud, hacking, data theft, and unauthorized access. At the national level, AI use could impact the security of nation states as a dual-use technology. ●
Technology We also examine inwardly how technologies are developed by the scientific and engineering communities, specifically the data collection, model training, and software development processes.
Root cause analysis helps us to abstract the problems to a level that we can act upon. At this stage, we have identified these root causes: ●
Fake Identity Inauthentic identity use is one of the root causes in many of the symptoms we studied. Here, we use the broader phrase of inauthentic identity rather than the narrower definition of “true identity”. One can be authentic but still anonymous or not bound to a physical world identity. ● Missing Trust Layer One of the most severe shortcomings of the original Internet architecture is that it does not envision a universal trust layer. The original Internet architecture is decentralized in addressing and routing layers with an ambition to scale to a planet level but made an implicit assumption that everyone is a good-willed, responsible user. This is the clearest drawback of the Internet, in retrospect. ●
Misaligned Interests and Power The commercial and other interests realized these shortcomings in identity and trust and filled the needs with centralized solutions that naturally benefit their own interests. These problems existed before wide adoption of the latest AI developments, but AI made the problem much worse and amplified the potential downsides. ●
Weak Digital Social Institutions Throughout human history, every time a new technology wave was adopted, social institutions inevitably rose to form social norms, conventions, rules and regulations, that match the need to minimize the undesirable effects of the new technology. We believe this will be true for AI as well and the proper social institutions have not yet come to match today’s needs. For example, rampant misinformation in social media is an equivalent of the lack of effective digital social media journalism ethics and norms. Next, we describe an integrated approach combining computational and social means.
We need to develop strong and widely adopted digital identities so that people have easy and common access to credible information. This computational trust infrastructure must be as accessible as the Internet itself as a foundation layer. Without this layer, we will not be able to fundamentally solve these problems. But we believe it is not enough to solve our challenges without the more critical work of forming social norms and institutions for prevalent responsible AI adoption; that is why we must design the computational infrastructure with a clear objective to support development of new digital social institutions. In social sciences, the adoption of a major technology like AI that would have a huge impact on many aspects of the lives of almost everyone, needs an ethical and moral standard. The formulation of such a standard will take the participation of all people and take complex forms. We believe, through these processes, digital institutions of the future will rise, in law, commerce, culture, government, faith and so on. Much of the responsible AI research in recent years proposes various forms of regulation, be it voluntary conventions, community common practices, or government mandated regulation schemes. We refer to all these forms of constraining AI use as social regulations in this paper and refer to the formulation and enforcement of these norms as institutions. In order for these social mechanisms to be effective, they must be developed within and for a computational infrastructure model. We must take into account the structural problems in technology, in social media, and so on, to come up with a solution that is most effective in this space. In this paper, we advocate a co-design approach, to design the computational infrastructure to support digital social institutions, and to design digital social institutions to be effective with that computational infrastructure. We describe a clear and simple model of common AI systems in Section 2 to capture the main structure and interfaces of those systems. We then proceed, in Section 3, to propose two computational primitives that we argue will bring in a new computing paradigm for AI that favors responsible use. In Section 4, we introduce the key concepts in our decentralized approach and show its crucial primitives that can be used in realizing responsible AI objectives. In Section 5, we summarize our work and make a case for the decentralized approach towards responsible AI.
Supporting responsible AI encompasses a huge area of research. It is beyond the scope of this paper to summarize such a wide area. For backgrounds in Decentralized Identifiers and Verifiable Credentials, we refer readers to the work of respective World Wide Web Consortium (W3C) working groups (W3C DID Working Group, 2020) (W3C Verifiable Credential Working Group, 2020). Our approach proposes a trust framework built on top of these concepts. A recent summary report (Brundage, Avin, Wang, Belfield, & Krueger, 2020) on the topic of using verifiable claims to enhance trustworthiness of AI offers a review of open challenges and some of the solution approaches. While they also use the term verifiable claims , their meaning is looser. We follow W3C (W3C Verifiable Credential Working Group, 2020) definition with strong cryptographic assurances. There are many active developments combining AI and blockchains together to achieve goals including privacy preservation and fairer economic incentives (Cheng, et al., 2019) (Harris & Waggoner, 2019). Our design leverages standard based techniques and open source implementations (Hyperledger Indy, 2020). These standard based techniques are more likely to be widely adopted in open and unrestricted ways. To enable society wide adoption, equal access to technology and open participation in its development are crucial. Algorithmic contracts have been widely studied for tokenization. Recently it has also been proposed for Service Agreements (Rakova & Kahn, 2020). More generally, legal scholars, regulatory agencies, and other social science fields have proposed various rights in privacy, identity, and consents in algorithm-human interactions. The European Union’s GDPR regulation (European Union, 2018) and California’s CCPA (State of California, 2018) manifest many of these legal concepts. We propose that some of these important legal and regulatory concepts need both computational and social means to become effective. Practitioners in AI have also recognized that responsible AI requires a collaborative approach (Askell, Brundage, & Hadfield, 2019). Our work is unique in that we propose an approach that the computational means and the social means are mutually reinforcing.
2. Modeling AI Systems
We propose a clear and simple model for capturing the key components and interfaces of common AI systems. This model captures the essential data ownership, model training and software distribution and their trust boundaries. In future, we may extend the model to capture additional aspects.
Figure 1
In Figure 1, the individual user is represented as the joint roles of data source and recipient of some utility . The user makes a joint decision of contributing source data and in return receives some form of benefits, i.e. a computational utility. This decision process is often opaque and unfair as an individual user often has no practical choice or equal standing in determining the conditions or cost of this exchange. The AI system is modeled with a learning component and an inferencing component. The learning element utilizes source data from many users to algorithmically produce a trained or learned model . This model is the form where knowledge, learned from the source data, is codified and distributed. Typically, this model is utilized in the overall software system by combining a traditional source code program and the learned model . The combined software program is then deployed to an AI application, i.e. inference, using the AI model. Similarly, learned models can also be used in a new revision of the learning algorithm itself, e.g. in a reinforcement learning setting or other forms of iterative or meta-learning algorithms.
3. Computational Intervention Mechanisms Towards Responsible AI
In this section, we propose two basic types of intervention mechanisms to regulate the exchanges in the AI system model defined in the last section and discuss how they can move AI systems towards more responsible behavior. The main ideas are illustrated in the following diagram (Figure 2).
Figure 2
The first mechanism is to regulate the exchange between a user and an AI system, i.e. a service provider. The relationship between these two roles are often determined by a combination of public regulations (such as laws regulating privacy and data use or industry self-regulations) and contractual agreements (such as Terms of Use and End User License Agreement). Current practices in the industry have manifested several severe problems as we briefly summarized in Section 1. In Section 1.3, we also suggested that an effective solution to these problems may require mutually reinforcing computing and social mechanisms. We call the mechanism
Computational Agency because it is an empowerment mechanism in favor of the end users to own and exercise practical and effective control of their source data, and, to become an equal party in the service agreement. This is why we symbolically move the human figure to the front side of the combined data source and utility box in the diagram (Figure 2). In order to make this empowerment effective, (1) the end user must, by him or herself, have a recognized identity to exercise such rights in the digital domain; (2) the AI infrastructure must offer simple enough user experience for all people to conveniently exercise their rights as a daily routine; and, (3) the system must be scalable to support planet-level people and organizations as well as their physical or digital assets. The second mechanism is programmable codification of regulations or restrictions on the behavior of the main components of AI systems. These regulations can be imposed as laws by government bodies, or by industry bodies, or communities of users and providers working jointly to promote healthy ecosystems. One example of such regulation is putting constraints on a learned model’s behavior regarding permissible biases. These constraints could be formally defined but could also be informal. In either case, its compliance could be formally verified or informally evaluated and audited. Another aspect is to put constraints on software code and behavior. The software and learned model properties can be codified relatively easily and efficiently as automated verification mechanisms in common software distribution registries (such as model zoos, container registries, and software library distributions).
4. Designing A Decentralized Computational Infrastructure for Responsible AI
In this section, we describe the main design concepts that construct a decentralized computational infrastructure to realize the objectives we set out in the previous sections. We also discuss how these eventually contribute to the responsible AI goals. There are two computational methods,
Decentralized Identifiers (W3C DID Working Group, 2020) and
Verifiable Credentials (W3C Verifiable Credential Working Group, 2020), that we will introduce first in Section 4.1 and 4.2, primarily based on the work of the respective Working Groups in the World Wide Web Consortium (W3C). These technologies will lay the foundation. We then follow with proposed ideas on applying these basic concepts to establish human-centric identities (Section 4.3), to enable proof and verification with privacy (Section 4.4), to reach binding agreements (Section 4.5), to enforce agreements (Section 4.6), to enable market-based economic incentives (Section 4.7), and to introduce various forms of governance (Section 4.8) that may be familiar to people and communities in the physical world. This familiarity is an important objective because it helps to create and integrate reliable and durable trust models and social institutions into the digital AI systems. For easier communication of the primary ideas, which we believe are the most important contributions in this paper, we will use examples to illustrate our ideas informally throughout this section. When appropriate, we will provide additional references for readers interested in further research in each technical area.
Decentralized Identifiers, or DIDs, are a new type of globally unique identifier. The DID Working Group (W3C DID Working Group, 2020) in W3C specifies DIDs to be URIs conformant to IETF RFC 3986 (Berners-Lee, Fielding, & Masinter, 2005). In addition to being globally unique, DIDs are universally resolvable to a document which provides core properties such as verification, authentication, controller and so on (
Error! Reference source not found. ). Persons or organizations of persons may exercise control through public key-based signing algorithms, while digital assets may use passive
DIDs with an active
DID as its controller . In other words, active DIDs are also a means of distributing and managing public keys.
Figure 3
DIDs are called decentralized because the IDs can be generated and controlled (proving they have WRITE control) without relying on a centralized entity or the so-called trusted authority. Each of us can have as many DIDs as we need to reflect all the personas that we adopt in specific use cases. Through the various types of DIDs one individual may own, including peer-wise private DIDs, these systems can protect against correlation -based privacy attacks. This is a key differentiation for DIDs in contrast to other universal IDs. In other words, Decentralized Identifiers are not identities , but rather just a root digital key that we can use to establish whatever identity or identities are needed to function and exercise rights in a digital domain. We will describe the establishment of identities in Section 4.3. In practical implementations, DIDs are often realized by decentralized blockchains, for example, Hyperledger Indy (Hyperledger Indy, 2020). However, other mechanisms can also be used. KERI (Smith, 2020) is a promising algorithmic approach resembling earlier web of trust methods with strong data privacy properties. Organizations or enterprises can also implement DIDs through more conventional data structures combined with proper social governance mechanisms if they meet the specific business and technical requirements that are often less strict. Git is such an example for software source code management (Huseby, 2019).
In addition to being decentralized, DIDs enable the issuance and verification of Verifiable Credentials and facilitate a global exchange of trustworthy information.
Figure 4
These concepts can be best illustrated with an example. In the above diagram (Figure 4), we have three parties with their respective DIDs: a college with DID “abcd”, a graduate of this college, also a job applicant, with DID “1234”, and finally a company (who is hiring) with DID “wxyz”. We envision the Company (DID “wxyz”) may use an AI powered system to help screening candidates. To complete a digital job application, the applicant requests a digital diploma from the College which issues a Verifiable Credential based on its private educational records. Once received, and securely stored in a digital wallet , the credential can be used to present a proof to the hiring Company. This proof is cryptographically assured based on message exchanges between the applicant and the Company without involving the credential’s issuer (the College). This exchange confers the trust that the Company has with the College to the applicant even though they do not have a prior trust relationship with each other. This transitive trust relationship is fundamental in the efficient functioning of the proposed decentralized system. Transitive trust is the first key concept that DID and VC enable for trusted digital exchange, and is fundamentally different from a centralized database. In our example, the applicant is the data owner and holder , who stores various credentials from many issuers to the digital wallet in his possession . Disclosure of selective data to the Company is fully controlled by him. There is no centralized database about this person other than himself. The hiring Company only receives information relevant to the job application. With appropriate signature algorithms, the VCs can also support
Zero Knowledge Proof (ZKP) to further enhance privacy protection, for example, CL signatures (Camenisch & Lysyanskaya, 2001) and BBS+ signatures (Camenisch, Drijvers, & Lehmann, 2016) (Credential Community Group of W3C, 2020).
We noted in Section 4.1 that a decentralized identifier is not an identity. This should be obvious (one’s identity cannot be a random string of numbers and letters) but this distinction is often lost. With verifiable credentials, we now have an excellent mechanism to create digital identities that an individual can choose to create to facilitate digital services and commerce. An identity consists of a set of proofs (potentially ZKPs) that are constructed from the received credentials and claims. We emphasize that the subject and the controller of these identities are the individual (or representatives of organizations).
Figure 5
Let us continue the job applicant’s example (Figure 5). In addition to the college diploma, he may request and receive a digital ID from a government office, e.g. a driver license in the U.S. which asserts his name, address, birthday, a facial photo and some physical characteristics for identification. He may also request a letter from his previous employer for employment history and recommendations from his previous coworkers and managers, including digital recommendations such as those found in LinkedIn. These would be unsurprising credentials for a job applicant identity. In a different social context, our identities can be vastly different. In some of these contexts, e.g. an online game, we may wish to be anonymous. The person constructs a particular “proof” to present to the service provider (online game hosting service) for this purpose. VCs can be designed to resist identification or correlation. In many common digital service contexts, we may choose to construct an identity without personally identifiable information (PII) but DIDs and VCs can still assure authenticity (there is a legal person permitted to obtain the service) and sign agreements or conduct commercial transactions. In other contexts, such as the job application example here, or for obtaining government services or banking services, personal identification may be required by law or by convention. Each person can construct as many such identities as he or she needs to obtain digital services. It is important to emphasize the human-centric nature of these identities and its benefits beyond just privacy and autonomy. As an example, these identities can be used as an address for communication services such as email, messaging, or social media. Emails could be addressed to “John Doe” (DID 1234) rather than [email protected]. With a human-centric address, services will be less likely to become self-interested monopolies that users cannot practically leave. We will discuss this point more in the following sections. For this and other reasons, other proponents also use the term Self- Sovereign Identity (SSI) (Reed, 2020). A decentralized SSI layer is an infrastructure that gives ID management back to users and thereby also solves the
ID portability issue (Gans, 2018) (Windley, 2005).
With DIDs and VCs issued to individuals or organizations, proof and verification become very straightforward. This is a key objective: to enable the easy exchange of trusted information. As illustrated in the next diagram, our job applicant can present a proof using the credentials he holds in his digital wallet that proves his qualifications but withholds sensitive information and/or protects such information through ZKP to prevent potential biases in the applicant filtering AI system. In a separate context, he orders a drink from a Bar (DID “mnop”) with a proof that he is over the legal age without disclosing other PII in his digital driver’s license such as his birthday and address. Note that the verifiers, the Company, the Bar, or any other entity, do not need to contact the original credential issuers for verification (Figure 6).
Figure 6
Enabled by decentralized identifiers and transitive trust , the proposed system can achieve scalability and privacy protection. ●
Scalability
Service exchanges can happen with a high degree of trust between any two parties without any prior relationship and without involving a central authority. ●
Privacy
Only the information required to conduct the service exchange is shared, and only between the parties involved in the exchange. Additionally, zero knowledge proof algorithms reduce disclosure needed between the parties to the minimum. There is no central database.
So far, we have outlined a computational infrastructure based on DIDs and VCs that can support the scalable exchange of trustworthy information, i.e. a trust layer. In this section, we discuss how parties can reach agreements using this trust infrastructure. Any service exchange as described in Section 4.4 can be construed as a part of an agreement between two parties. The previous examples, however, assume a pre-agreed protocol . This protocol can be fully digital, and standardized by law, standard bodies, or industry or community forums, and codified in software. In this section, we propose a dynamic framework by which parties can negotiate an agreement. The basic framework is shown in the following diagram (Figure 7). In this example, the service provider has been changed from the hiring company (DID “wxyz”) in the previous examples to an email service provider (DID “qrst”). We propose the negotiation framework can be constituted in three phases, (1) mutual identification, (2) negotiation of terms, and (3) signing.
Figure 7
Mutual identification is straight-forward with DID and VC enabled identities. The negotiation phase consists of proposals and counterproposals between the parties to find an optimal structure. The clauses can be supported by machine readable terms (e.g. IEEE P7012) (IEEE P7012, 2020) but also be computable. We propose that this structure can form the basis of a smart contract (Szabo, 1994) that executes itself and a Ricardian contract (Grigg, 2000) that is human readable and legally binding , i.e. loosely a Ricardian smart contract (Grigg, 2015) (Rothrie, 2018). Legally binding agreements require that the digital identity and signing infrastructure are legally recognized. In recent years, many jurisdictions and institutions in banking, healthcare, standards, and social advocacy, are moving towards such a digital ID system (Trust over IP Foundation, 2020) (GLEIF, 2020). We argue that a decentralized approach, as proposed here, has great advantages in realizing many of the economic and societal goals in these systems, in particular, the goals of avoiding over-centralization of power and weakening of individual autonomy. For common negotiations, relatively simple, yet powerful, methods can be (1) choice , where a user chooses one of multiple alternatives, and (2) option , where either side can propose optional add-on clauses. With SSI portability properties, the choice and option instruments can be a powerful force in rebalancing a collaborative relationship between a user and an AI system to reach more optimal outcomes. We also suggest that more sophisticated ways of digitally negotiating Smart and Ricardian terms of agreement, with an optional human in the loop, is an important problem for future studies. In addition, other forms of agreement, e.g. multi-party agreements, can also be supported with the same base trust layer. A method of reaching agreement by itself is not sufficient for Responsible AI. We need additional mechanisms that give impetus or motive for all parties within an AI ecosystem to move towards a Responsible AI system. In the next few sections, we examine how regulation, market forces, and governance structure may be utilized to provide such impetus.
In this section, we discuss examples of using regulation as a force to influence responsible AI behavior. Enforcement can be thought of as a push force and credit as a pull . Figure 8
The basic pattern is shown in the above diagram (Figure 8). The governance authority of a particular regulation, e.g. a designated government office or an industry body, conducts an audit in accordance with the said regulation. If a service provider passes the audit, a verifiable credential to that fact is issued by the authority. Then, in the service exchange setting, the service provider could offer proof of such compliance as an incentive to the customer, or, the customer may request such a proof as a negotiating condition. In order to implement such a pattern, we need to have a verifiable log (Eijdenberg, Laurie, & Cutter, 2015) in addition to DIDs and VCs. A verifiable log is an immutable and irrefutable data structure which can be readily implemented in scale using decentralized blockchain technologies. The truthfulness of data in the log can be further strengthened with enclave or confidential computing (The Confidential Computing Consortium, 2020) hardware with remote attestation (Coker, et al., 2011) or secure multi-party computing (Lindell, 2021) algorithms. Regardless of what level of implementation one chooses, an irrefutable log provides transparency and accountability for the service provider, so that even without stronger computational assurances, the customers will have much stronger trust in the compliance of the respective regulation. In some settings, the log can be transparent so that anyone, e.g. a consumer advocacy group, can conduct rigorous audits. One early example of such a log (albeit without the benefit of DIDs and VCs) is the transparent log project designed to prevent fraudulent public key identities of web sites (Eijdenberg, Laurie, & Cutter, 2015). Enhanced with the VC-based identities, such a system can be the basis of requiring and automatically auditing information security best practices. In some jurisdictions, along with the move to implement universal digital ID service, a verifiable log can also be provided as a public utility. Many other patterns or protocols can be devised, based on the need of the applications. An example is a witness, or notary service, based on an established DID and VC-based identity. Such a service can be used to facilitate asset transfers, for digital or physical assets. More sophisticated mechanisms, such as various types of markets, can be designed in addressing specific needs. Great examples are being developed in the financial services industry and can be applied in other contexts as well. In this section, we continue from earlier discussion of user choice and service portability in the email service example (Figure 9) and generalize it as a method of using market forces to influence responsible AI behavior.
Figure 9
Decentralized identities empower individuals with agency when dealing with AI systems in the digital world. With this freedom, and the identity portability, they can practically exercise their free market choices. In such a system, an email service will be an email service, not an identity service . This means that users maintain full control of their own email addresses (their identities), which are completely separate from the services offered by the mail providers. Customers can readily “vote with their feet” if they are dissatisfied with the service, including the handling of private information and the availability of AI powered capabilities. The basic trade of a user’s data for enhanced services can still function, but the balance of power now favors a fairer trade. Pooling data from a large number of users will improve AI performance and gain competitive advantage, therefore the economy of scale and competitive incentive continue to function in such a marketplace. With automated negotiation of terms of service, we may have the potential to support more fine-grained offerings to better suit individual customers’ preferences and open up a market for additional applications. We argue that such a system, which is fairer and more competitive, is advantageous to the health and growth of markets. Finally, we briefly look at the overall governance structure of the decentralized system we described in this paper and highlight social governance needs with the establishment of future digital institutions . By institutions, we mean very generally, social pacts that people form to advance their common interests. The whole system we are proposing bases its root of trust on these human social pacts: the trust among human beings . Computing technologies merely make the creation, maintenance, and utilization of such trust efficient and scalable in a digital environment.
Figure 10
In this paper, we address three types of such social governance pacts in order for the proposed technical system to work as intended towards responsible AI. The first of these is the rules governing the issuance of credentials. The college in our original job applicant example derives its authority to issue trusted diplomas from its legal charter, its reputation, and its continuous responsible exercise of such authority. Similar reasoning also applies to individual recommendation letters. A government office may derive such authority through political institutional means. We believe that social institutions such as these will continue to play a role in digital services, but more importantly, new types of institutions and methods will emerge to meet the new demands and scenarios that are specific to AI and AI-powered services. The Trust over IP Foundation (ToIP) (Trust over IP Foundation, 2020), for example, is working on frameworks to standardize these governance issues as an inherent component of any decentralized system. The second type of governance is the regulation for the proper functioning of markets. We have discussed some simple examples in the previous section. The recent rapid developments in digital currency, transactions, and markets opened up a new way to study market dynamics in a digital and AI-powered system. The third type of rules are what we see in the regulation of technology businesses, e.g. anti-trust or data protection regulations. In these areas, regulators or ecosystem self-regulators may impose a structure and enforce rules or conventions between the boundaries. For example, as shown in the figure above (Figure 10), we may regulate ● data collection, ● learned model’s biases, and ● supply chain of source code and other components. In each of these examples, a decentralized approach strengthens the AI system’s accountability and gives incentives to responsible AI with flexibility for policy choices. In one of our current ongoing projects, we are developing a decentralized registry and repository for software, with support for data and learned models, to create a scalable decentralized system for responsible AI deployments.
5. The Case for a Decentralized Approach Towards Responsible AI
Let us first summarize the core properties of the proposed decentralized system and why these properties are essential for achieving the goals of Responsible AI or any responsible digital system. ●
Decentralized Identity (or Self-Sovereign Identity): The identity information (identifiers and credentials) is controlled by the individual. The individual can use this identity to conduct digital business autonomously with any other party without a central authority. Transaction data is known only to the parties engaged in the service exchange. In other words, it is decentralized , autonomous , and private . ● An individual can construct many identities based on context and an application’s needs. They can be anonymous in some contexts, yet fully legally compliant for a banking service, without correlation . ●
These identities for the same individual can be self-constructed in a web of trust model (Stahl, Capilnean, Snyder, & Yasaka, 2018), or use credentials issued by institutions recognized by the community associated with the given application. Many institutions can become these issuers, from traditional government bodies, organizations, and business partnerships, to new digital communities, forums, individuals or even algorithms. The issuers are not involved in the service exchange process which requires much higher scalability. This enables decentralized, efficient, flexible and diverse roots of trust. ●
The AI systems (digital service providers) only need to know, or have proof of, relevant information to enable the intended transaction. They will not need to centrally amass a large quantity of personal information in order to establish trust . The trust relationship is now in the hands of individuals (participants) and a decentralized public infrastructure. ●
Higher level mechanisms can then be built on top of this basic decentralized trust layer infrastructure. These mechanisms include agreements/contracts, auditing/enforcement, and effective and efficient forms of regulations. With these properties, we argue that a decentralized approach, as outlined in this paper or similarly designed, is the right approach for achieving responsible AI behaviors, because: 1.
It is human-centric and self-sovereign. 2.
It protects privacy and balances data rights. 3.
It supports governance and facilitates the formation of new digital institutions. 4.
It opens new digital economic and other societal opportunities. 5.
It is highly scalable. While these benefits are applicable to all digital services (and may even apply to some non-digital domains), we believe it is particularly important in the challenge of making AI technologies responsible because of its intense data centric nature and privacy intrusion dangers. In this paper, our main contributions are as follows. First, we analyzed some of the most prominent problems associated with current uses of AI technologies in every day digital services, and identified core areas where technical as well as social instruments can make the most effective impact: (1) giving computational agency to individual users, and (2) enabling smart and legally binding agreements for free market choices and for efficient regulations by a common ecosystem. Second, we outlined the design of a comprehensive scalable solution based on decentralized identifier and verifiable credential technologies. This design can provide both technical assurance and scalability and empower social factors and institutions to effect how AI technology is used. We used common examples to illustrate how these mechanisms can achieve a balance between responsible AI behavior and AI performance and associated benefits. Thirdly, we proposed and discussed several mechanisms in agreement negotiations, market incentives, and technology regulations that can be practically implemented using the proposed decentralized design. We also point out future research areas on these fronts. We see the most important aspect of our proposal is the fact that we strive to empower users to become stakeholders and equal partners in an effective ecosystem. It is such ecosystem, not any algorithm advancement, that produces a responsible AI system. The mechanisms we propose are designed to help the formation, operation and maintenance of such an ecosystem. We wish our work be seen in the context of systems designed to facilitate a human-centric ecosystem that produce the desired responsible AI behavior.
Acknowledgement
We wish to thank all members of the TIC project in Futureiwei and in particular Brice Dobry and Peng Wu for their reviews and discussions and the participants of the AAAI 2020 Spring Symposium for their useful feedback.
References
Askell, A., Brundage, M., & Hadfield, G. (2019, July 10).
The Role of Cooperation in Responsible AI Development.
Retrieved from https://arxiv.org/pdf/1907.04534.pdf Berners-Lee, Fielding, & Masinter. (2005).
Uniform Resource Identifier (URI): Generic Syntax.
Retrieved from https://tools.ietf.org/html/rfc3986. Brundage, M., Avin, S., Wang, J., Belfield, H., & Krueger, G. (2020).
Toward Trustworthy AI Development: Mechanisms for Supporting Verifiable Claims.
Retrieved from http://arxiv.org/abs/2004.07213v2 Camenisch, J., & Lysyanskaya, A. (2001). An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation.
Advances in Cryptology — EUROCRYPT 2001 2045, no. 1 (April): 93-118. https://doi.org/10.1007/3-540-44987-6_7.
Camenisch, J., Drijvers, M., & Lehmann, A. (2016).
Anonymous Attestation Using the Strong Diffie Hellman Assumption Revisited.
Retrieved from IACR. https://eprint.iacr.org/2016/663.pdf. Cheng, R., Zhang, F., Kos, J., He, W., Hynes, N., Johnson, N., . . . Song, D. (2019).
Ekiden: A Platform for Confidentiality-Preserving, Trustworthy, and Performant Smart Contracts.
Retrieved from https://arxiv.org/pdf/1804.05141.pdf Coker, G., Guttman, J., Loscocco, P., Herzog, A., Millen, J., O'Hanlon, B., . . . Sniffen, B. (2011). Principles of Remote Attestation.
International Journal of Information Security, June . Credential Community Group of W3C. (2020).
BBS+ Signatures 2020.
Retrieved from https://w3c-ccg.github.io/ldp-bbs2020/ Eijdenberg, A., Laurie, B., & Cutter, A. (2015, 11).
Verifiable Data Structures.
Retrieved from https://github.com/google/trillian/blob/master/docs/papers/VerifiableDataStructures.pdf European Union. (2018).
General Data Protection Regulation.
Retrieved 2020, from https://gdpr-info.eu/ Gans, J. (2018, 10).
Enhancing Competition with Data and Identity Portability. GLEIF. (2020).
Introducing the Legal Entity Identifier (LEI).
On the intersection of Ricardian and Smart Contracts.
Retrieved from https://iang.org/papers/intersection_ricardian_smart.html. Harris, J., & Waggoner, B. (2019). Decentralized and Collaborative AI on Blockchain.
IEEE International Conference on Blockchain.
Huseby, D. (2019).
Git DID Method Specification.
Retrieved from https://github.com/dhuseby/did-git-spec/blob/master/did-git-spec.md. Hyperledger Indy. (2020).
Hyperledger Indy.
IEEE P7012 Machine Readable Privacy Terms Working Group.
Retrieved 2020, from https://sagroups.ieee.org/7012/. Lindell, Y. (2021). Secure Multiparty Computation (MPC).
Communications of the ACM, 64 (1), 86-96. Rakova, B., & Kahn, L. (2020, Jan 7).
Dynamic Algorithmic Service Agreements Perspective.
Retrieved from https://arxiv.org/abs/1912.04947 Reed, D. (2020).
Self-Sovereign Identity. MEAP Edition ed.
Manning Publications. ISBN 9781617296598. Rothrie, S. (2018).
How Ricardian Smart Contracts Enable Blockchain Adoption.
Retrieved from https://coincentral.com/ricardian-smart-contracts/. Smith, S. M. (2020).
KERI: Key Event Receipt Infrastructure Design.
Retrieved 2020, from https://github.com/SmithSamuelM/Papers/blob/master/whitepapers/KERI_WP_2.x.web.pdf. Stahl, H., Capilnean, T., Snyder, P., & Yasaka, T. (2018). Peer to Peer Degrees of Trust. Workshop: Rebooting the Web of Trust VII. State of California. (2018).
California Consumer Privacy Act .
Retrieved from https://oag.ca.gov/privacy/ccpa Szabo, N. (1994).
Smart Contracts.
Confidential Computing: Hardware-Based Trusted Execution for Applications and Data.
Retrieved from https://confidentialcomputing.io/wp-content/uploads/sites/85/2020/06/ConfidentialComputing_OSSNA2020.pdf Trust over IP Foundation. (2020).
Introducing the Trust over IP Foundation.
Retrieved from https://trustoverip.org/wp-content/uploads/sites/98/2020/05/toip_introduction_050520.pdf W3C DID Working Group. (2020).
Decentralized Identifiers (DIDs) v1.0.
Verifiable Credentials Data Model 1.0.
Digital Identity: Unmasking Identity Management Architecture (IMA).