24 November 2020

Why AI is a sovereign risk

AI Big Data Insights

The Netflix documentary, The social dilemma, has had everyone talking about the influence artificial intelligence (AI) has over our personal lives, but what if we are missing the bigger picture of national security?

As a nation of 26 million, we are producing a lot of data but control very little about how it is used by foreign AI developers.

Australians find ourselves largely on the side-lines of a frantic global race to see who can best use AI to recognise our faces, drive our cars, guess what we will watch, listen to and buy, and even who we should be friends with.

Lesser known is the influence of AI on critical infrastructure including energy, telecommunications and healthcare.

Yet whomever controls these algorithms controls the world.

Since AI algorithms already influence so many aspects of our society, they are the perfect place to intervene if you intend to shift how a nation behaves or disrupt its security.

Home Affairs Minister Peter Dutton raised this issue in Canberra recently, but is focusing solely on cyber defence the right approach?

Protecting health’s critical infrastructure

The nature of the threat is clear and present. If a nation’s citizens receive most of their information from online sources which can be algorithmically manipulated by foreign corporations or nations, then that nation is at risk of direct interference.

Indeed, there is now ample evidence globally that social media has been weaponized by malicious political actors in just this way to manipulate public perceptions and votes.

In healthcare, social media has been manipulated to amplify anti-vaccination messages and right now we are seeing anti-COVID  vaccine sentiment being stoked. The resulting contagion of false beliefs can lead to individuals avoiding vaccination, potentially putting true herd immunity out of reach.

The national security argument is also compelling. It is already commonplace for foreign actors to attack the information infrastructure of other nations. For example, ‘denial of service’ attacks that flood a computer system with internet messages can cause them to shut down. Parliament House has already been hit by such attacks.

Algorithms offer a different attack pathway. AI built using deep learning is notoriously non-transparent about why it behaves in a particular way, and it can be very hard to detect malicious design.

Algorithms transform data into actions, for example controlling the operation of energy and telecommunications grids. If these algorithms can be made to misbehave, they can be triggered to radically change their behaviour.

In 2017, the US Food and Drug Administration recalled 460,000 pacemakers to avoid their algorithms being controlled to run down their batteries or trigger dangerous heart pacing. Likewise, power blackouts can be triggered just by the value of software control settings that connect generators to the grid.

Clearly nations should have strategies in place to protect critical infrastructure from algorithmic attack. Australia’s relative lack of investment in AI puts us in a vulnerable position.

What can Australia do to ensure we have algorithmic sovereignty? In a global economy it makes no sense to build digital fences around a nation, but we could be more discerning. While many nations are wary of Huawei building their telecommunications infrastructure, they have allowed Facebook to enter their country unimpeded.

Some nations will decide they can no longer afford the risk to outsource AI for critical infrastructure such as telecommunications, water, energy or the military.

China has put social media into that category.

Australia will need to ensure AI systems used in healthcare and other critical industries are suitable and safe for use. That means some form of regulation, domestic customisation, and sometimes onshore development from scratch.

All this means then that Australia needs deep capabilities in AI, with a workforce not just expert in algorithm development, but also in testing, certification and calibration. If we do not control our algorithms, then we are outsourcing decisions in our most critical infrastructure to international actors.

Unfortunately, while some nations are investing heavily in AI, Australia currently seems largely comfortable being a data primary producer and algorithm importer. That is probably not a safe place for any nation that values its security to stay.

Professor Enrico Coiera is Director of the Centre for Health Informatics, Australian Institute of Health Innovation, Macquarie University, and Australia’s representative to the OECD Global Partnership in AI.

This piece was originally published at Croakey.org.