Google expands its bug bounty program to focus on generative AI assaults

With issues round generative AI ever-present, Google has introduced an enlargement of its Vulnerability Rewards Program (VRP) targeted on AI-specific assaults and alternatives for malice. As such, the corporate launched up to date pointers detailing which discoveries qualify for rewards and which fall out of scope. For instance, discovering coaching information extraction that leaks personal, delicate info falls in scope, but when it solely exhibits public, nonsensitive information, then it would not qualify for a reward. Final 12 months, Google gave safety researchers $12 million for bug discoveries.

Google defined that AI presents totally different safety points than their different expertise — equivalent to mannequin manipulation and unfair bias — requiring new steerage to reflect this. “We imagine increasing the VRP will incentivize analysis round AI security and safety, and convey potential points to mild that may in the end make AI safer for everybody,” the corporate stated in an announcement. “We’re additionally increasing our open supply safety work to make details about AI provide chain safety universally discoverable and verifiable.”

AI firms, together with Google, gathered on the White Home earlier this 12 months, committing to better discovery and consciousness of AI’s vulnerabilities. The corporate’s VRP enlargement additionally comes forward of a “sweeping” government order from President Biden reportedly scheduled for Monday, October 30, which might create strict assessments and necessities for AI fashions earlier than any use by authorities businesses.