通信世界网消息(CWW)中国信息通信研究院(简称“中国信通院”)院长、中国人工智能产业发展联盟(AIIA)秘书长余晓晖近日牵头与清华大学、上海人工智能实验室、中国电子信息产业发展研究院等单位的代表一起发布《中国人工智能安全承诺框架》。
该《框架》在AIIA《人工智能安全承诺》(2024年12月发布)的基础上,新增了加强人工智能安全治理国际合作、防范前沿人工智能安全风险等内容,体现了中国产业界愿与全球各方紧密携手,共促人工智能向善发展的坚定决心和开放态度。
本次WAIC期间,中国积极推动头部人工智能企业开展自愿性安全承诺的实践和成效,得到与会国际同行的高度赞赏。下一步,中国信通院作为“研究网络”成员和AIIA秘书处单位,将与签署企业紧密携手,通过披露行动、测试验证等有效方式,推动《框架》的落地实践,促进我国人工智能朝着有益、安全、公平方向健康有序发展,并积极开展国际治理合作,为全球人工智能安全治理贡献中国智慧和中国力量。
以下为《框架》中英文全文:
中国人工智能安全承诺框架
CHINA ARTIFICIAL INTELLIGENCE SECURITY AND SAFETY COMMITMENTS FRAMEWORK
人工智能浪潮席卷全球,积极释放技术价值红利,对全球经济社会发展和人类文明进步产生深远影响。我们也清晰认知到,人工智能带来难以预知的各种风险挑战。为把握新一轮发展机遇,中国人工智能发展与安全研究网络成员郑重发起《中国人工智能安全承诺框架》,通过产业自律,以高水平安全保障高质量发展,协力共促人工智能稳健发展。此事由中国信息通信研究院牵头推进。我们深知,自律承诺是获得社会信任的关键要素,我们将以本承诺作为行动守则,接受社会各界监督,不断提升优化,促进人工智能技术应用以人为本,智能向善。
The wave of artificial intelligence (AI) is sweeping across the globe, actively generating technological dividends and exerting profound influence on global economic and social development as well as the progress of human civilization. At the same time, we are keenly aware that AI brings about unpredictable risks and complex challenges. To seize this new round of development opportunities, members of China AI Safety and Development Association (CnAISDA) solemnly launch the AI Security and Safety Commitments. Through industry self-regulation, we will leverage high-level security and safety measures to support high-quality development, and collaborate to promote the robust development of AI. This initiative is led and promoted by the China Academy of Information and Communications Technology (CAICT). We fully recognize that commitments to self-discipline constitute a critical foundation for gaining the trust of the international community. Guided by the Commitments as our code of conduct, and subject to the oversight of all stakeholders, we will continuously improve and refine our approach. By doing so, we will ensure that the application of AI technologies always remains people-centered and aligned with the principle of AI for good.
承诺一:设置安全团队或组织架构,构建安全风险管理机制。内部设有专业团队负责开展人工智能风险评估、安全治理等工作,明确安全负责人。主动设定符合实际需求的安全风险基线,开源时采取相应的安全措施,开展贯穿人工智能开发部署全生命周期的风险管理,明确风险识别和应对流程及措施。
Commitment I: Establish security and safety teams or organizational structures and build security and safety risk management mechanisms. Designate a leader responsible for AI security and safety, establish specialized teams to conduct AI risk assessments and safety, security and governance within the enterprise. Proactively define realistic security and safety risk baselines, adopt appropriate security and safety measures for open-source initiatives, and implement risk management practices throughout the entire AI development and deployment life cycle. Clearly outline processes and measures for risk identification and mitigation.
承诺二:开展模型安全测试,提升模型效果与安全可靠性。通过专业性的仿真测试团队,在发布、更新人工智能模型之前对其进行红队测试。对于大模型,重点围绕其通用理解、推理和决策能力,以及其在工业、教育、医疗、金融、法律等场景下表现出的能力开展安全性和可靠性测试。
Commitment II: Conduct security and safety testing for AI models to enhance the performance, safety and reliability. Through dedicated simulation and red-teaming experts, rigorously test AI models prior to their release or update. For large models in particular, prioritize safety and reliability evaluations focusing on their general understanding, reasoning, and decision-making capabilities, as well as their performance in critical domains such as industry, education, healthcare, finance, and law.
承诺三:采取措施保障训练数据和业务数据安全。制定数据安全防护制度,配套建立防护技术措施,发现并及时处置数据投毒的情况,把控训练数据的准确性与可靠性。对业务数据进行加密存储与访问控制,确保商业秘密、用户隐私及用户上传的知识库仅在授权下访问,不被人工智能模型非法输出,保障数据安全与隐私权益。
Commitment III: Implement measures to safeguard the security of training data and operational data. Establish data security protection policies and deploy corresponding technical measures to detect and promptly address data poisoning incidents, ensuring the accuracy and reliability of training data. Encrypt operational data and enforce access controls to protect business secrets, user privacy, and user-uploaded knowledge base, ensuring access is restricted to authorized use only. Prevent unauthorized outputs by AI models, thereby safeguarding data security and privacy rights.
承诺四:提升基础设施安全。建立人工智能系统部署的软硬件安全监测和防护能力,实施定期和动态的安全渗透测试,模拟各种潜在的风险场景,识别并报告环境中的安全隐患,研判可能导致的各种风险。建立基础设施安全应急响应机制,包括应急处理流程、责任分配以及事后改进方案。
Commitment IV: Enhance infrastructure security. Develop robust capabilities for monitoring and protecting the software and hardware used in AI system deployments. Conduct regular and dynamic security penetration tests to simulate potential risk scenarios, identify and report security vulnerabilities in the infrastructure, and assess associated risks. Establish an infrastructure security incident response mechanism, including emergency response procedures, clear accountability assignments, and post-incident improvement solutions.
承诺五:增强模型透明度。主动披露安全治理实践举措,提升对各利益攸关方的透明度。公开披露模型的功能、适用领域以及局限性。通过模型说明、服务协议等方式,向公众披露可能涵盖的风险。
Commitment V: Enhance model transparency. Proactively disclose safety and security governance measures and improve transparency for all stakeholders. Provide clear information about the model's capabilities, applicable fields, and limitations. Inform potential risks to the public through model documentation, service agreements, or others.
承诺六:积极开展前沿安全研究,防范前沿领域安全风险。研究开发和部署智能向善的人工智能系统,积极向公众披露研究成果,以帮助应对社会面临的挑战。加强对人工智能系统在前沿领域中的滥用风险研判,防范其在高危场景的潜在滥用风险。
Commitment VI: Vigorously advance frontier safety and security research, and prevent safety and security risks in frontier fields. Innovate in the development and deployment of AI systems that embody the principle of AI for good, and disclose research findings with the public transparently, contributing to addressing pressing challenges faced by society. Strengthen the assessment of risks related to the abuse of AI systems in frontier fields, and prevent potential risks of their abuse in high-risk scenarios.
承诺七:加强安全治理国际合作,推动技术向善普惠应用。积极参与全球人工智能安全治理交流对话,共享风险识别、评估与防控经验及最佳实践。积极承担社会责任,加强科普宣传、开展技能培训,提升人工智能素养和技能水平,助力弥合智能鸿沟。
Commitment VII: Strengthen international cooperation on AI safety, security and governance, and promote inclusive, beneficial applications of AI. Actively participate in global dialogues on AI safety, security and governance, and contribute to the exchange of experiences and best practices in risk identification, assessment, and mitigation. Fulfill social responsibilities by advancing public science communication, enhancing AI education, and providing skills training to improve AI literacy and capabilities, with a focus on bridging the global intelligence divide.
