Homeland Security to release AI guidelines

TECHNOLOGY

The new document is designed to protect sensitive information

By Lauren Hirsch

The New York Times

Companies that own or operate critical infrastructure increasingly rely on artificial intelligence. Airports use AI in their security systems; water companies use it to predict pipe failures; and energy companies use it to project demand.

Today, the U.S. Department of Homeland Security will release new guidance for how such companies use the technology.

The document, a compilation of voluntary best practices, stems from an executive order President Joe Biden signed more than a year ago to create safeguards around AI. Among other measures, it directed the Department of Homeland Security to create a board of experts from the private and public sectors to examine how best to protect critical infrastructure. The risks run the gamut from an airline meltdown to the exposure of confidential personal information.

Homeland Security Secretary Alejandro Mayorkas first convened the board in May. It includes Sam Altman, CEO of OpenAI; Jensen Huang, CEO of Nvidia; Sundar Pichai, CEO of Alphabet; and Vicki Hollub, CEO of Occidental Petroleum.

Given the broad range of companies whose executives worked to put it together, the guidance is general in scope. It encourages companies that provide cloud computing services, like Amazon, to monitor for suspicious activity and establish clear protocol for reporting it. It suggests developers like OpenAI put in place strong privacy practices and look for potential biases. And for critical infrastructure owners and operators, like airlines, it encourages strong privacy practices and transparency around the use of AI.

Mayorkas said in an interview that his goal was for other companies to adopt the framework.

The 35-page document stops short of suggesting any formal metrics that could be used to help companies hold themselves accountable for complying with the guidelines, though it calls on legislators to supplement companies’ internal oversight mechanisms with regulation — a requirement that Biden acknowledged was necessary when he issued his executive order.

“It’s a broad acknowledgment that we’re all responsible for our individual contributions to AI and the technology,” said Ed Bastian, CEO of Delta Air Lines, who is also on the board. “It’s something that, as the end user, we’ve been victims of candidly in the past.”

Bastian was referring to a flawed software update issued this summer by cybersecurity company CrowdStrike that led to widespread technological disruptions. The outage, which affected Delta more than other carriers, highlighted operational vulnerabilities and cost Delta an estimated $500 million. He said he hoped the new guidance could help avoid a similarly disastrous problem.