Is On-Device AI Broken and Exploitable? Assessing the Trust and Ethics in Small Language Models

TL;DR

This study evaluates the trustworthiness and ethical safety of small language models on personal devices, revealing significant vulnerabilities, biases, and potential for misuse compared to cloud-based models.

Contribution

First comprehensive assessment of trust and ethics in on-device small language models, highlighting their vulnerabilities and risks for the first time.

Findings

On-device SLMs are less trustworthy than server-based models.

On-device SLMs lack ethical safeguards, generating harmful content.

On-device SLMs can be exploited with simple prompts to produce unethical responses.

Abstract

In this paper, we present a very first study to investigate trust and ethical implications of on-device artificial intelligence (AI), focusing on small language models (SLMs) amenable for personal devices like smartphones. While on-device SLMs promise enhanced privacy, reduced latency, and improved user experience compared to cloud-based services, we posit that they might also introduce significant risks and vulnerabilities compared to their on-server counterparts. As part of our trust assessment study, we conduct a systematic evaluation of the state-of-the-art on-devices SLMs, contrasted to their on-server counterparts, based on a well-established trustworthiness measurement framework. Our results show on-device SLMs to be significantly less trustworthy, specifically demonstrating more stereotypical, unfair and privacy-breaching behavior. Informed by these findings, we then perform our ethics assessment study using a dataset of unethical questions, that depicts harmful scenarios. Our results illustrate the lacking ethical safeguards in on-device SLMs, emphasizing their capabilities of generating harmful content. Further, the broken safeguards and exploitable nature of on-device SLMs is demonstrated using potentially unethical vanilla prompts, to which the on-device SLMs answer with valid responses without any filters and without the need for any jailbreaking or prompt engineering. These responses can be abused for various harmful and unethical scenarios like: societal harm, illegal activities, hate, self-harm, exploitable phishing content and many others, all of which indicates the severe vulnerability and exploitability of these on-device SLMs.