Will Anderson, director of the Wisconsin AI Safety Initiative, compares the ascent of artificial intelligence to the rise of the automobile.
The parallel is less about the revolutionary nature of the technology and more about how its proliferation relies on consumer trust.
“We use cars because they have seatbelts and airbags and brakes, and we can get in them and trust that we can get where we’re trying to go,” he said as a panelist at the Oct. 28 Wisconsin Technology Council luncheon in Monona.
“Similarly, when we’re implementing all of these AI technologies, we want to be able to unlock the profound benefits to innovation (and) our economy. In order to actually unlock these, though, we can’t have it be the case that these systems are failing.”
He and other panelists, including state Rep. Adam Neylon, R-Pewaukee, and Sahab Aslam, founder of Middleton’s Vectorify Labs, emphasized the threats posed by irresponsible AI usage, including infiltration by “bad actors” and threats to company and consumer data.
Panelists maintained, however, that AI will inevitably transform the business landscape and could prove highly beneficial — especially from an economic standpoint — if policies are established at the organizational, statewide and federal level to inform its responsible usage.
Safety and trust, they argued, are key ingredients to promote Wisconsin’s innovation in the AI space and help companies and consumers capitalize on the benefits of new technologies.
“The businesses of the future … (they’re) going to be different because the people that are able to utilize the technology are able to build things, and scale things and do things that would (otherwise) take teams, take money, infrastructure,” said Neylon. “Now, you’re able to build something and create something from nothing with these tools that we have. I think it’s really going to change the level of productivity.”
“I see AI (as) a way to level the playing field,” added Aslam.
Playing it safe
Neylon favors a high-level approach to establishing policies that govern organizations’ AI usage.
He highlighted his bipartisan legislation, Wisconsin Act 123, which regulates the use of AI when it comes to elections.
“We’re kind of a leader in the country in making sure there are disclaimers on campaign commercials when you’re utilizing AI,” he said. “And part of that was because I think all of us knew something needed to be done around AI.
“Truly, we probably need to be looking at federal rules. We need to be looking at this from a national perspective, not necessarily having patchwork rules from state to state.”
He said much of the “AI deception” he sees on a daily basis lies in the advertising space and cited examples “like Tupac and Michael Jackson trying to sell me a car, or Elon Musk telling me where to invest my money.”
“I thought, this is no good,” he said. “How can we avoid this … where you have deceptive practices, maybe someone endorsing somebody where they didn’t, saying something where they didn’t?”
Vectorify Labs’ Aslam stressed the importance of cooperation between regular citizens and the government to determine what further AI-related regulations are necessary and how they will be enforced.
“We need to learn as consumers, as citizens of the United States, and then take ownership of what the rules should be,” she said. “The government is us. We get to tell the government what we want. … We need to decide what’s good for us as a society. … We put it out there. Not the commercial organization.”
Aslam said many companies are already using AI, but the rush to build and deploy new models without understanding them poses serious risks.
“Most of my career has been in the regulatory space, so I’ve had lots of red tape. Whenever we would build a machine-learning model, AI model, depending on the use case, we would try to choose a ‘how’ versus a ‘why’ model.”
As one might expect, in the case of a ‘how’ AI model, she explained, users can determine how decisions are made, but with a deep learning or ‘why’ AI model, users can only discover why a particular, individual decision was made — and only after the fact.
While initially this latter type of AI model previously received pushback from industries like health care and finance, Aslam said, that’s quickly changing.
“Now, thanks to OpenAI and other bots … doctors are using it, lawyers are using it, everybody’s using it themselves,” she said. “They feel like this is actually a good system. And because of that, all the executives and enterprises are pushing for it, and they want it.
“And all the testing and the rigor that we used to do before, the pressure has changed it. It’s more of a business objective. It’s just like, ‘We’ve got to do it otherwise we’re going to be behind.’
”It’s a little bit different kind of urgency than solving a problem (to say), ‘I want to use AI.’ What’s happening is that there is very little time spent on … is this the right use of AI?”
When asked to define AI safety in practical terms for Wisconsin companies, Anderson of the Wisconsin AI Safety Initiative, who also is studying at the University of Wisconsin-Madison, cited three “pillars.”
When it comes to a “safe AI system,” he said, “it has to be aligned, it has to be secure and it has to be interpretable. … An aligned system is one that follows the intent and instructions of the developer reliably across many domains. It would respond to user queries in the way that the developer wanted. It wouldn’t go off and say harmful, risky things, or as we build out these agents that are interacting in the world, potentially controlling things in a way that we don’t want.”
Security, the main focus of Anderson’s own research, focuses on building sufficient protections for AI systems in the event they encounter an attack from an adversary, which Anderson said could be individuals or even other nations.
Interpretability, he said, refers to the ability to look inside a system and understand how its decisions are reached and confirm it is doing what it was intended to do.
“All of this is so difficult,” he said. “There’s this common misconception where people say, ‘We’re building AI systems.’ I think a better term is that we’re growing them. The developers of these systems, they can set the high level objectives, they can control the training data, change the algorithms a bit, but ultimately they have relatively little control over what the final product looks like.
“It’s kind of like if you plant a tree somewhere, you might know that there’s going to be a tree there and roughly what it will look like, but how exactly it grows, what it will end up looking like, you have relatively little control over.”
According to Anderson, creating these aligned, secure and interpretable AI systems is an ongoing process, and even academics are just scratching the surface of how it might be done.
“We don’t understand fundamentally how (these systems) work,” he said. “We don’t understand fundamentally how to make them secure. We’re making progress (but) we don’t understand fundamentally what goals they have.
“These are very, very difficult problems, and there are many people — here at the university and across the world — working on them.”
In the meantime, he suggested a few steps for organizations looking to implement AI technology responsibly.
One of these is red teaming, which Anderson said “stress tests your system” by simulating a real-world attack to evaluate the level of harm caused. The university has several experts that regularly perform such demonstrations.
Anderson also prescribed caution when it comes to AI agents used by companies in administrative capacities.
“They can take actions, they can send emails, they can book things on your calendar,” he said. “There’s a tremendous number of tools that can be integrated with this. … Treat them as though they’re an untrusted insider that could try to cause harm.”
Any agents that have interaction with the outside world, he said, can compromise the whole system.
“You need to think very carefully about what tools you give these models access to, the most harm they could cause if they were behaving … as badly as possible.”
When asked how Wisconsin can attract and retain AI-driven companies and talent while balancing the need for safety, Anderson advised continued investment in the university as it undertakes AI-related work and works to make it “a more trustworthy technology.”
“I think safety is actually critical to unlock all of this innovation and the potential economic benefits,” said Anderson. “I think the University of Wisconsin … can play a big role in this.”
“We can’t have … some system that some manufacturing company has implemented suddenly fail and destroy their assembly line,” he added, “or consumers’ private data being leaked. All of these things would actually get in the way of where we’re trying to go.”
“Two words: transparency and ownership,” said Aslam. “That’s what we have.”
Potential statewide payoff
Panelists contended AI has enormous economic potential, and this is underscored by the growing popularity of AI products offered by large brands.
Panel moderator Nick Myers, founder of startup Redfox AI, which was acquired by Madison’s Recovery.com earlier this year, cited examples like well-known chatbots: Google’s Gemini sees 35 million-45 million daily average users, while OpenAI’s ChatGPT sees as many as 120 million-190 million.
With the right preparation, AI could prove advantageous to statewide organizations of all sizes, panelists said.
Anderson said “bringing in expertise, top researchers, top thinkers, top builders” is paramount.
“We’ve already seen so many startups coming out of the expertise that the university has brought in,” he said. “There’s a tremendous appetite among students, among top thinkers, to make Wisconsin one of the leading voices in this field.
“Right now, the four hubs we talk about are Boston, Berkeley, D.C. and London. I hope five years from now, there’s another one, and it’s Madison. And I think if we invest and if we push, this will be a profoundly impactful technology.”
Neylon added, “We talk so much about generative AI … but there’s also applied AI, and understanding sensors, and understanding systems, and understanding how to troubleshoot things.
“If we want to be a real leader in Wisconsin, especially when we’ve positioned ourselves as a manufacturing powerhouse … being able to leverage that and make sure we have the workforce that’s ready to fill the jobs of tomorrow … is super important.”
Aslam had a more sobering take, asserting that issues of AI safety are likely to get worse before they get better, but she too voiced confidence in its promise for Wisconsin’s economic future.
“It’s going to have real consequences, and until that happens, people won’t take safety seriously,” she said. “And I think that will happen within five years.
“The urge to take the risk for the sake of innovation is very high in Berkeley, New York, Boston and other places. What I like about Wisconsin is sometimes they think before they take an action. That’s not a bad thing when it comes to AI. It’s something needed.”
