US Export Control of Artificial Intelligence Research Considered Harmful

On November 11, 2018, regulators in the US announced a review of export controls across a range of emerging technologies. The list includes artificial intelligence and machine learning, as well as technologies that would make substantial use of AI and ML such as robotics and brain-computer interfaces, and enabling technologies such as microprocessor technology and quantum computing. This could make the US the first nation to explicitly attempt to control the spread of these technologies.

The US government has always had the responsibility of balancing economic prosperity and growth against public safety threats. Private sector companies such as Google, Apple, and Salesforce have invested heavily in the development and deployment of AI and ML products and services, granting the US a competitive advantage in this area. There is a growing concern about intellectual property theft by foreign countries, which corrodes the competitive advantage of these companies Export controls would make it harder for foreign agents to obtain and reverse engineer AI and ML products. AI and ML also have military applications, such as the design of autonomous and semi-autonomous weapons and cybersecurity tools. US law already prohibits the export of technologies with obvious military applications, but AI and ML algorithms can be considered dual-purpose: the same code behind commercial services can potentially be repurposed for military ends.

At the heart of whether export control of AI and ML is a good idea comes down to what one means by “artificial intelligence” and “machine learning”. The terms “artificial intelligence” and “machine learning” can refer to either algorithms or systems. Briefly, an algorithm is a mathematical construct, a set of rules that precisely defines a sequence of operations for transforming a set of inputs into a set of outputs. A system is a manifestation of an algorithm in software and hardware. Whereas algorithms are abstract and can be expressed in many different ways, systems are concrete and factor in details such as how data is stored in a database, how data is moved between processors, how information is transmitted over the internet, access to hardware sensors, etc. The distinction about whether we are talking about an algorithm or a system is often left vague when we talk about artificial intelligence and machine learning. The potential for folly comes from two observations about AI and ML: there are no secret algorithms, but there are secret system engineering details.

There are no secret AI or ML algorithms. There are broad categories of well-known AI and ML algorithms. They go by different names: state-space search, reinforcement learning, optimization search, convolutional neural networks, recurrent neural networks, etc. Within different categories, specific algorithms tend to be derivations of each other with newer algorithms modifying details of older algorithms for the purposes of achieving better performance on a specific problem or task. The broad classes of algorithms are well-known; they are taught in universities. Some of the most influential algorithms are also taught. Many more are published by university researchers and industry researchers in conference papers, journal articles, and in public paper repositories such as arXiv. In many cases, sample code that implements algorithms is publicly available in code repositories such as GitHub. It is likely that anyone working on a specific problem or application will likely use a similar algorithm. While it is possible that a company tweaks the details of algorithm and chooses not to share those details publicly, it is also a distinct possibility that anyone else working on that same problem could independently discover and use or publish the same algorithmic tweaks. It is extremely unlikely that there exists a broad class of algorithms that we do not yet know about and that a company or government discovers it and chooses to keep it a secret.

What is left to control when we exclude algorithms? While there might not be any secret algorithms, there are engineering secrets. The process of creating a product or service from an algorithm requires a multitude of design decisions that don’t change the algorithm itself, such as choice of programming language, where and how to place input and data checks to improve robustness to failure, how to efficiently move data from computer memory to processor, user interface design (if any), etc. There are also secret datasets that don’t change the algorithm but affect the accuracy of the algorithm’s outputs. These software and hardware engineering details are absolutely critical to the commercial success of a product or service. There is a valid argument that these engineering details and datasets should be protected. These engineering details are already protected by various national and international rules and laws pertaining to intellectual property and trade secrets.

It should be noted that the proposed rule explicitly states that the U.S. Commerce Department does not seek to expand jurisdiction over technologies that can be considered ‘‘fundamental research’’. However, what constitutes fundamental research versus applied research in computing science has never been easy to articulate. Should the distinctions between algorithms and systems remain vague, it opens up the possibility of governmental control of AI research publication, which would have a chilling effect on world-class U.S. academic and industry research. Even with clarity, export control of AI either equates to controlling the export of “math” (and by extension all math is thus a military secret), or controlling the proliferation of fine-grained engineering decisions that go into commercial products and services that will be so application-specific as to be virtually irrelevant to military-grade applications.

If implemented poorly, export control of AI and ML can have a detrimental effect on U.S. economic competitiveness in international markets if U.S. companies are prohibited from releasing products and services overseas or if they are required to make separate U.S. and international versions to stay in compliance. While I am not anti-regulation — for example, I endorse Etzioni’s five guidelines for AI regulation — we must first have clarity and agreement about what is meant by export of artificial intelligence and machine learning, and why existing rules and laws are insufficient.

[A version of this post appears in New Scientist]