Export control on AI and machine learning algorithms is becoming a more important part of national security strategy as the world moves to a great-power competition landscape and technological changes force accommodation and rapid change to many national interests. However, like security software before it, AI presents unique challenges to how export control has traditionally worked, and these should be considered before being codified into international regulatory frameworks.
As an example, on January 6, 2020, The Bureau of Industry and Security (BIS) in the U.S. Department of Commerce released the following rule, which imposed a license requirement on a particular kind of software useful for automatically identifying objects from drone or other imagery:
“Geospatial imagery “software” “specially designed” for training a Deep Convolutional Neural Network to automate the analysis of geospatial imagery and point clouds, and having all of the following:
- Provides a graphical user interface that enables the user to identify objects (e.g., vehicles, houses, etc.) from within geospatial imagery and point clouds in order to extract positive and negative samples of an object of interest;
- Reduces pixel variation by performing scale, color, and rotational normalization on the positive samples;
- Trains a Deep Convolutional Neural Network to detect the object of interest from the positive and negative samples; and
- Identifies objects in geospatial imagery using the trained Deep Convolutional Neural Network by matching the rotational pattern from the positive samples with the rotational pattern of objects in the geospatial imagery.
Technical Note: A point cloud is a collection of data points defined by a given coordinate system. A point cloud is also known as a digital surface model.”
This is not a patent but a technical description which must cover a controlled technology without including technologies that are more generic and innocuous.
The best practice in export control is to have a numerical signifier to provide specific guidelines. For example, it is important to specify that exporting a chip at 15nm is acceptable and exporting one at 7nm is not. An effective export control regulation provides the industry with clear, specific guidelines that allows no room for interpretation. This aligns your internal industry and keeps any one provider from being pressured to sell sensitive technology to an adversary country that could then be reverse engineered and used against your national interests.
You will note there are no numbers of any kind in the above rule on “geospatial imagery software,” which illustrates the general trend of reduction to “end-use” controls as opposed to technical controls. The exact same code base may apply to medical images or 3-D game images, but not be captured by the above rule. The effect of pure end-use controls to counteract the spread of a particular sensitive technology is thus bounded by the usefulness of that technology. In other words, the more generically useful a technology it is, the more useless a control on any particular use is. Ask yourself if the described technology to identify images sounds generically useful to many new areas of technological growth.
As someone who has done cursory work in machine learning research, I can say that when doing any work of this nature, you create a graphical user interface to make it easy for the user to control the program, do data normalization, and train a deep convolutional neural network to detect objects from positive and negative samples. In other words, nothing other then item four is special to even the most generic description of any work in machine learning.
Export Controls in general make the most sense when the technology they cover cannot be easily recreated and is not already found outside of your control regime (e.g., in China). This seems unlikely for this control, based on what is already publicly available; a number of efforts that implement or come close to implementing the controlled technology are already underway.
Before export controls on AI, we need a study on what makes an effective or ineffective control in various spheres of technology and ask ourselves if end-use controls are even worth implementing. We need to look at past controls and determine what worked and what did not work. Otherwise, we have no hope of leveraging export control to achieve our national security aims. In fact, our controls will be counter productive. As the saying in the export control specialist community goes, “Your export control is 100 percent successful when all the businesses that used to export that item have moved to China and no longer need to export.”