中國人工智能安全承諾框架

CHINAARTIFICIALINTELLIGENCESECURITYANDSAFETYCOMMITMENTSFRAMEWORK

人工智能浪潮席卷全球，積極釋放技術(shù)價值紅利，對全球經(jīng)濟社會發(fā)展和人類文明進步產(chǎn)生深遠影響。我們也清晰認(rèn)知到，人工智能帶來難以預(yù)知的各種風(fēng)險挑戰(zhàn)。為把握新一輪發(fā)展機遇，中國人工智能發(fā)展與安全研究網(wǎng)絡(luò)成員鄭重發(fā)起《中國人工智能安全承諾框架》，通過產(chǎn)業(yè)自律，以高水平安全保障高質(zhì)量發(fā)展，協(xié)力共促人工智能穩(wěn)健發(fā)展。此事由中國信息通信研究院牽頭推進。我們深知，自律承諾是獲得社會信任的關(guān)鍵要素，我們將以本承諾作為行動守則，接受社會各界監(jiān)督，不斷提升優(yōu)化，促進人工智能技術(shù)應(yīng)用以人為本，智能向善。

Thewaveofartificialintelligence(AI)issweepingacrosstheglobe,actively

generatingtechnologicaldividendsandexertingprofoundinfluenceonglobaleconomicandsocialdevelopmentaswellastheprogressofhumancivilization.Atthesametime,wearekeenlyawarethatAIbringsaboutunpredictablerisksandcomplexchallenges.Toseizethisnewroundofdevelopmentopportunities,membersofChinaAISafetyandDevelopmentAssociation(CnAISDA)solemnlylaunchtheAISecurityandSafetyCommitments.Throughindustry

self-regulation,wewillleveragehigh-levelsecurityandsafetymeasuresto

supporthigh-qualitydevelopment,andcollaboratetopromotetherobust

developmentofAI.ThisinitiativeisledandpromotedbytheChinaAcademyofInformationandCommunicationsTechnology(CAICT).Wefullyrecognizethatcommitmentstoself-disciplineconstituteacriticalfoundationforgainingthetrustoftheinternationalcommunity.GuidedbytheCommitmentsasourcodeofconduct,andsubjecttotheoversightofallstakeholders,wewill

continuouslyimproveandrefineourapproach.Bydoingso,wewillensurethat

theapplicationofAItechnologiesalwaysremainspeople-centeredandalignedwiththeprincipleofAIforgood.

承諾一：設(shè)置安全團隊或組織架構(gòu)，構(gòu)建安全風(fēng)險管理機制。內(nèi)部設(shè)有專業(yè)團隊負(fù)責(zé)開展人工智能風(fēng)險評估、安全治理等工作，明確安全負(fù)責(zé)人。主動設(shè)定符合實際需求的安全風(fēng)險基線，開源時采取相應(yīng)的安全措施，開展貫穿人工智能開發(fā)部署全生命周期的風(fēng)險管理，明確風(fēng)險識別和應(yīng)對流程及措施。

CommitmentI:Establishsecurityandsafetyteamsororganizationalstructuresandbuildsecurityandsafetyriskmanagementmechanisms.DesignatealeaderresponsibleforAIsecurityandsafety,establishspecializedteamstoconductAIriskassessmentsandsafety,securityandgovernancewithintheenterprise.

Proactivelydefinerealisticsecurityandsafetyriskbaselines,adoptappropriatesecurityandsafetymeasuresforopen-sourceinitiatives,andimplementrisk

managementpracticesthroughouttheentireAIdevelopmentanddeploymentlifecycle.Clearlyoutlineprocessesandmeasuresforriskidentificationand

mitigation.

承諾二：開展模型安全測試，提升模型效果與安全可靠性。通過專業(yè)性的仿真測試團隊，在發(fā)布、更新人工智能模型之前對其進行紅隊測試。對于大模型，重點圍繞其通用理解、推理和決策能力，以及其在工業(yè)、教育、醫(yī)療、金融、法律等場景下表現(xiàn)出的能力開展安全性和可靠性測試。

CommitmentII:ConductsecurityandsafetytestingforAImodelstoenhancetheperformance,safetyandreliability.Throughdedicatedsimulationand

red-teamingexperts,rigorouslytestAImodelspriortotheirreleaseorupdate.Forlargemodelsinparticular,prioritizesafetyandreliabilityevaluations

focusingontheirgeneralunderstanding,reasoning,anddecision-making

capabilities,aswellastheirperformanceincriticaldomainssuchasindustry,education,healthcare,finance,andlaw.

承諾三：采取措施保障訓(xùn)練數(shù)據(jù)和業(yè)務(wù)數(shù)據(jù)安全。制定數(shù)據(jù)安全防護制度，配套建立防護技術(shù)措施，發(fā)現(xiàn)并及時處置數(shù)據(jù)投毒的情況，把控訓(xùn)練數(shù)據(jù)的準(zhǔn)確性與可靠性。對業(yè)務(wù)數(shù)據(jù)進行加密存儲與訪問控制，確保商業(yè)秘密、用戶隱私及用戶上傳的知識庫僅在授權(quán)下訪問，不被人工智能模型非法輸出，保障數(shù)據(jù)安全與隱私權(quán)益。

CommitmentIII:Implementmeasurestosafeguardthesecurityoftrainingdataandoperationaldata.Establishdatasecurityprotectionpoliciesanddeploy

correspondingtechnicalmeasurestodetectandpromptlyaddressdata

poisoningincidents,ensuringtheaccuracyandreliabilityoftrainingdata.

Encryptoperationaldataandenforceaccesscontrolstoprotectbusiness

secrets,userprivacy,anduser-uploadedknowledgebase,ensuringaccessisrestrictedtoauthorizeduseonly.PreventunauthorizedoutputsbyAImodels,therebysafeguardingdatasecurityandprivacyrights.

承諾四：提升基礎(chǔ)設(shè)施安全。建立人工智能系統(tǒng)部署的軟硬件安全監(jiān)測和防護能力，實施定期和動態(tài)的安全滲透測試，模擬各種潛在的風(fēng)險場景，識別并報告環(huán)境中的安全隱患，研判可能導(dǎo)致的各種風(fēng)險。建立基礎(chǔ)設(shè)施安全應(yīng)急響應(yīng)機制，包括應(yīng)急處理流程、責(zé)任分配以及事后改進方案。

CommitmentIV:Enhanceinfrastructuresecurity.DeveloprobustcapabilitiesformonitoringandprotectingthesoftwareandhardwareusedinAIsystem

deployments.Conductregularanddynamicsecuritypenetrationteststo

simulatepotentialriskscenarios,identifyandreportsecurityvulnerabilitiesintheinfrastructure,andassessassociatedrisks.Establishaninfrastructure

securityincidentresponsemechanism,includingemergencyresponse

procedures,clearaccountabilityassignments,andpost-incidentimprovementsolutions.

承諾五：增強模型透明度。主動披露安全治理實踐舉措，提升對各利益攸關(guān)方的透明度。公開披露模型的功能、適用領(lǐng)域以及局限性。通過模型說明、服務(wù)協(xié)議等方式，向公眾披露可能涵蓋的風(fēng)險。

CommitmentV:Enhancemodeltransparency.Proactivelydisclosesafetyandsecuritygovernancemeasuresandimprovetransparencyforallstakeholders.Provideclearinformationaboutthemodel'scapabilities,applicablefields,andlimitations.Informpotentialriskstothepublicthroughmodeldocumentation,serviceagreements,orothers.

承諾六：積極開展前沿安全研究，防范前沿領(lǐng)域安全風(fēng)險。研究開發(fā)和部署智能向善的人工智能系統(tǒng)，積極向公眾披露研究成果，以幫助應(yīng)對社會面臨的挑戰(zhàn)。加強對人工智能系統(tǒng)在前沿領(lǐng)域中的濫用風(fēng)險研判，防范其在高危場景的潛在濫用風(fēng)險。

CommitmentVI:Vigorouslyadvancefrontiersafetyandsecurityresearch,andpreventsafetyandsecurityrisksinfrontierfields.InnovateinthedevelopmentanddeploymentofAIsystemsthatembodytheprincipleofAIforgood,anddiscloseresearchfindingswiththepublictransparently,contributingto

addressingpressingchallengesfacedbysociety.StrengthentheassessmentofrisksrelatedtotheabuseofAIsystemsinfrontierfields,andpreventpotentialrisksoftheirabuseinhigh-riskscenarios.

承諾七：加強安全治理國際合作，推動技術(shù)向善普惠應(yīng)用。積極參與全球人工智能安全治理交流對話，共享風(fēng)險識別、評估與防控經(jīng)驗及最佳實踐。積極承擔(dān)社會責(zé)