Enabling External Scrutiny of AI Systems with Privacy-Enhancing Technologies

TL;DR

This paper presents a technical infrastructure using privacy-enhancing technologies that enables external researchers to scrutinize AI systems without risking sensitive data exposure, thereby improving transparency and governance.

Contribution

It introduces a mature, integrated PET-based infrastructure for privacy-preserving AI audits, demonstrated through real-world case studies, advancing AI governance practices.

Findings

Successful deployment in real-world governance scenarios

Enhanced privacy-preserving capabilities for AI audits

Potential for broader adoption in AI oversight

Abstract

This article describes how technical infrastructure developed by the nonprofit OpenMined enables external scrutiny of AI systems without compromising sensitive information. Independent external scrutiny of AI systems provides crucial transparency into AI development, so it should be an integral component of any approach to AI governance. In practice, external researchers have struggled to gain access to AI systems because of AI companies' legitimate concerns about security, privacy, and intellectual property. But now, privacy-enhancing technologies (PETs) have reached a new level of maturity: end-to-end technical infrastructure developed by OpenMined combines several PETs into various setups that enable privacy-preserving audits of AI systems. We showcase two case studies where this infrastructure has been deployed in real-world governance scenarios: "Understanding Social Media Recommendation Algorithms with the Christchurch Call" and "Evaluating Frontier Models with the UK AI Safety Institute." We describe types of scrutiny of AI systems that could be facilitated by current setups and OpenMined's proposed future setups. We conclude that these innovative approaches deserve further exploration and support from the AI governance community. Interested policymakers can focus on empowering researchers on a legal level.