The US Can Win Without Compromising AI Safety

We can’t lose to China. This one line is often produced by American tech executives or lawmakers who oppose binding artificial intelligence (AI) regulation. The implication is that interventions such as mandatory safety testing would stifle innovation and market competition, hinder economic growth, and even limit US strategic and military advantages.

However, the reality is that safety testing is inexpensive relative to training costs. It is simply too affordable, relatively speaking, to slow innovation. Although the development of cutting-edge AI suffers from a market consolidation problem, this is due to facets of market structure, like training costs, rather than safety testing. Crucially, safety testing offers clear value to US primacy through potential economic uplift and more reliable defense technology.

But first, why bother with safety testing? There have been impressive advances in AI over the past few years, and these capability improvements are likely to continue. Iranian and Chinese actors have already tried to use ChatGPT to enable cyberattacks on US critical infrastructure, companies, and individuals. Even without malicious actors, models may not always act in humanity’s best interests. AI agents have demonstrated deceptive tendencies and may choose harmful, unexpected actions while pursuing their assigned goals (this is often referred to as “the alignment problem”).

If we care about public safety and national security, it makes sense to thoroughly vet the most powerful models before they are released to the public. While AI companies have made voluntary commitments to conduct testing, there is nothing to stop them from releasing models that are found to be unsafe. Congress could require that companies developing the most powerful models conduct safety testing and only release if models pass certain testing requirements or introduce appropriate risk mitigations.

One popular term for such testing is pre-deployment evaluations – a series of techniques that seek to measure model risk before widespread release. Examples include red-teaming (where teams simulate how malicious actors might misuse a model), human uplift studies (which quantify how much more effective AI makes some person or group at a task, such as building a bomb), and automated benchmarking (code that can be run to assess different types of risk).

None of these techniques are perfect and they would likely need to be refined over time. Nor are these techniques a silver bullet for the full spectrum of AI risks. Their intent is to reduce upstream risks inherent in the public release of large, powerful models, which may be different from downstream risks that are industry or use-specific (consider bias in hiring decisions or mistakes in medical diagnoses). Downstream risks are worthy of attention and risk mitigation but may be better addressed later on in the AI development and deployment process.

However, acknowledging the limitations of AI safety testing doesn’t mean they should be written off. An imperfect insight into risk still provides better visibility than no testing. Likewise, addressing safety risks doesn’t preclude other, separate forms of risk mitigation.

Low cost of safety testing

Safety testing is highly affordable relative to training costs and thus unlikely to slow innovation. Google’s Gemini Model was estimated to have cost $191 million in training costs, ignoring other significant costs like ongoing inference and well-compensated staff. In contrast, a high-quality set of pre-deployment evaluations could be conducted for around $235,000, which would be 0.12% of Gemini’s training costs. Alternatively, this would be 0.3% of GPT-4’s $78 million training costs.

But even if this back-of-the-napkin math is off by a significant factor, the costs for these activities are still incidental in the scheme of things. With training costs forecast to reach $1 billion by 2027, safety testing is likely to get far cheaper, relatively speaking. Even with current training costs, it’s hard to imagine that well-resourced AI companies, which are fervently chasing market share, profit, and prestige, will slow down their efforts for such a small regulatory burden.

Furthermore, safety testing will not be the cause of market consolidation. The low costs of testing are too inexpensive to lead to regulatory capture. Moreover, there are already underlying factors that are driving market concentration, namely expensive training costs that pose barriers to entry. We have already seen the consequences of these market features in the recent quasi-acquisitions of Inflection AI, Adept, and Character AI.

A highly concentrated market is certainly concerning. Consumers will likely bear the brunt of a lack of market competition through higher prices or unethical business practices. As technologies advance, they will be controlled by a few corporations, which could result in dangerous consolidation of power. However, these outcomes will be driven by the underlying market structure rather than inexpensive safety testing. Those who wish to prevent a full-on monopoly should consider more traditional methods to address market concentration, such as competition policy and antitrust enforcement, rather than allowing these companies to publicly release products unchecked.

Adoption: Beyond innovation for innovation’s sake

Innovation alone will not guarantee US primacy. To realize the economic benefits of AI, American businesses need to actually use it. However, if organizations can’t trust AI, they won’t use it. Only 5% of US businesses are using AI, while only 39% of Americans would currently trust AI at work, with perhaps fewer trusting it in high-stakes contexts.

Safety testing could increase Americans’ trust in AI, spurring adoption and economic growth. 96% of Americans agree that “principles and practices of trustworthy AI” are important for trust, but only 30% of Americans believe that existing regulation is sufficient to ensure AI safety. By testing products, companies are providing greater certainty to users that models won’t behave in unexpected and harmful ways.

AI is not the only industry that derives value from safety testing – consider aviation and food testing. Consumers purchase these goods and services because they expect that their planes won’t fall out of the sky and that their food won’t poison them. These expectations are the result of safety testing. If these industries ceased to conduct safety testing, they would likely see demand for their products decrease. Similarly, greater certainty about AI models’ risks will likely increase industry adoption rates and drive economic growth through productivity increases.

Military advantage

Safety testing will not undermine US military advantage. First, safety testing explicitly reduces national security threats by limiting the misuse of AI by malicious actors. Second, safety testing before public release does not prevent the US government from accessing these models.

As with many technologies before AI, security agencies can form private partnerships with AI companies to gain access to technologies prior to public release. Indeed, these partnerships are already occurring. Anthropic partnered with Palantir and Amazon Web Services to provide Claude to US intelligence and defense agencies. The US Africa Command within the Department of Defense purchased OpenAI technology from Microsoft. Through such partnerships, US security agencies could continue to access cutting-edge technology regardless of safety testing conducted before release to the broader public. Although the military use of AI raises complex ethical questions that must be addressed, those concerned with US military advantage cannot plausibly argue that safety testing on public products will inhibit military superiority.

When it comes to “winning” against China, the US has more effective methods at its disposal. To maintain a lead in innovation, the US could supplement hardware industrial policy with targeted immigration reform to increase the supply of technical talent. To drive adoption and economic growth, the government can invest in upskilling and facilitating partnerships with industry users of AI. To ensure that US security agencies have cutting-edge technology, the government should continue partnerships with specialized military technology innovators and provide support in navigating complicated government contracting requirements. Outside of technology policy, the US should conduct careful and clear-eyed diplomacy.

Each of these strategies is more effective and less risky than allowing civilian companies to take shortcuts in the development and release of commercial AI products. Leaving AI entirely unregulated would endanger public safety while doing little to improve America’s international standing. When it comes to AI safety and US primacy, there is no tradeoff.­­

Related Reading

• How Elon Musk’s Influence Could Shift US AI Regulation Under the Trump Administration
• The Real “Brussels Effect” and Responsible Global Use of AI
• Safeguarding Freedom of Expression in the AI Era