Generative AI has deeply infiltrated our lives, as evidenced by a report from Salesforce titled 'Generative AI Snapshot Research'. The study reveals that approximately 65% of the MZ generation residing in countries like the United States, the United Kingdom, Australia, and India are actively utilizing generative AI tools such as ChatGPT and Stable Diffusion in their work and daily lives. With the everyday integration of AI, including generative AI, the risk of digital sovereignty infringements is increasingly apparent, particularly for users who lack a thorough understanding of generative AI.
What then was the secret to Rockefeller's success? Among many factors, one notable aspect was his profound skepticism – he trusted no one. This trait was ingrained in him since childhood by his father, who taught him never to trust anyone, not even his father. In a lesson, his father once told him to jump from a high chair, promising to catch him. However, when young Rockefeller leapt, his father stepped away, letting him fall to the ground, and then remarked, "Remember, son. Don't trust anyone, not even me." This lesson of mistrust helped Rockefeller navigate the cutthroat world of business, rife with deceit, without ever being swindled himself, eventually leading to his immense wealth and his ability to pay for the water bills of New York City's citizens.
Cybersecurity issues that threaten digital sovereignty, such as personal data breaches, have been a persistent concern since the widespread adoption of PCs and the internet in the 1990s. However, the nature and impact of digital sovereignty violations in the age of artificial intelligence are fundamentally different from those of the past. This difference is closely related to the operating principles and characteristics of generative AI. How does generative AI work, and how might its operational methods pose risks to our digital sovereignty? It's essential to explore the various factors that threaten our digital sovereignty in the age of generative AI and examine potential solutions.
Diverse factors threatening digital sovereignty in the age of artificial intelligence.
1. Distorted Models Caused by Data Bias
Contemporary generative AI predominantly operates through supervised learning, relying heavily on vast amounts of pre-trained data to generate new results. Thus, the quality of training data greatly influences these AI models. Using biased or specific group data can lead to distortions in the model, compromising diversity and fairness. This may result in inaccurate predictions or the embedding of prejudices against certain groups in the model.
Contemporary generative AI predominantly operates through supervised learning, relying heavily on vast amounts of pre-trained data to generate new results. Thus, the quality of training data greatly influences these AI models. Using biased or specific group data can lead to distortions in the model, compromising diversity and fairness. This may result in inaccurate predictions or the embedding of prejudices against certain groups in the model.
For instance, generative AI faces the risk of adopting specific political biases due to skewed training data. A report by The Washington Post in August highlighted that several generative AIs, which claim political neutrality, showed clear political tendencies. Citing a study from the University of East Anglia, it was noted that when large language models (LLMs) like ChatGPT and LLaMA were asked 62 questions on political and economic issues and instructed to respond with 'positive' or 'negative' answers, they exhibited distinct tendencies.
The study found that OpenAI's ChatGPT tended to give more 'progressive' responses, while LLaMA's answers leaned more towards 'conservative' tendencies. As the use of such generative AI becomes more widespread, there's a risk that it could influence voter decisions.
2. Loss of Judgment Due to the Growth and Black Box Nature of AI Models
The performance of generative AI models is increasingly determined by an ever-expanding set of parameters and algorithms based on training data. This trend contributes to the "black boxing" of these models, making it challenging for end-users to comprehend how these AI models process information and generate outputs.
Current generative AI models are founded on complex models and algorithms. This complexity makes it increasingly difficult to understand or judge the inner workings of these models. Such opacity can lead to issues regarding the transparency and accountability of decision-making processes. Users may find it challenging to grasp how decisions are made and may increasingly delegate complex decision-making to AI, potentially losing their ability to judge and make critical decisions themselves.
3. Privacy Breach Issues in Training Data for Generative AI
As examined earlier, generative AI operates based on the data it is fed, which can sometimes contain sensitive personal information. Unauthorized exposure or leakage of this data can pose a threat to an individual's privacy and security. Additionally, generative AI incorporates elements of reinforcement learning, which refines its outputs based on user feedback, potentially exposing it to breaches of digital sovereignty. Users of generative AI, being both consumers and providers of data, are inherently vulnerable.
For instance, users who frequently engage with generative AI in their work and daily lives are at a heightened risk of cyberattacks such as credential stuffing, a prominent topic of discussion nowadays. Credential stuffing involves attackers acquiring various encrypted personal credentials, such as user accounts and passwords, and randomly applying them to systems or sites the user might access (Source: Korea Financial Telecommunications and Clearings Institute). The risk heightens when users input sensitive corporate information or similar data into generative AI as prompts or questions.
Thus, users of generative AI are exposed to risks of personal data theft, unauthorized reuse, user identification, and infringement of their digital sovereignty through networks. This underscores the urgent need for adequate protective measures and regulations to safeguard personal information and data security in the use of generative AI.
Solutions to Prevent Digital Sovereignty Infringement in the Age of Generative AI
The expansion of generative AI can lead to security and ethical issues related to user data privacy, model fairness, and technical transparency. To address these, it is essential to devise strategies that consider both AI algorithms and security technologies.
One potential solution to protect from threats to digital sovereignty is the OTAC (One-Time Authentication Code) developed by SSenStone. OTAC is a groundbreaking authentication method that sets a new standard in authentication in cybersecurity, surpassing the limitations of existing methods.
SSenStone's OTAC, a pioneering one-way dynamic authentication technology, supports user or device authentication even in off-the-network environments by generating a unique, real-time, one-time code for each use. Notably, these generated codes never duplicate with other users, offering a more secure authentication environment.
OTAC technology combines the benefits of the three most commonly used authentication systems including user name and passwords, RSA hardware and software for authentication code generation, and tokenization. This combination results in a more efficient and effective authentication process. It can generate one-way dynamic codes even in areas with no or unstable cellular networks. The generated codes are one-time-use and are allocated for specific users in specific time frames, ensuring they cannot be used or reused by others.
