Nathan Calvin

2.6K posts

Nathan Calvin banner
Nathan Calvin

Nathan Calvin

@_NathanCalvin

General Counsel Encode AI

Washington DC Katılım Şubat 2014
1K Takip Edilen4.7K Takipçiler
Sabitlenmiş Tweet
Nathan Calvin
Nathan Calvin@_NathanCalvin·
Some quick takes: (1) Wow things are getting real. (2) The government's order focusing on prohibiting transfer to foreign nationals (even e.g. those living in the US, our close allies who help evaluate model safety in the UK, individuals who work at frontier labs like Anthropic) seems remarkably destructive, though is partially a result of the government using older legal authorities that were not designed for this kind of technology. (3) If you believe (as I do) that AI has profound ramifications for national security, then assuming the government will sit back and do nothing and tolerate explanations like "well jailbreaking is a hard technical problem" for cyber capabilities that used to be the crown jewels of the NSA, is not tenable. If this is how the government reacts to the current level of system capabilities in 2026, how do you expect them to react to whatever is possible in 2028? However, it is extremely important that the authorities that the government uses are legible, transparent, have opportunities for appeal, and are narrowly targeted. Those legal authorities do not currently exist, and in their absence, the government will reach for metaphorical sledgehammers instead of scalpels. (4) For that reason, it's extremely important that we create regulatory structures that are transparent and give recourse in the event that the government is overstepping or acting in an arbitrary manner. The alternative to passing such laws is not no regulation, it is regulation left primarily to national security authorities that are increasingly and evidently not fit for purpose.
Anthropic@AnthropicAI

The US government, citing national security authorities, has issued an export control directive to suspend all access to Fable 5 and Mythos 5 by any foreign national, whether inside or outside the United States, including foreign national Anthropic employees. The net effect of this order is that we must abruptly disable Fable 5 and Mythos 5 for all our customers to ensure compliance. Access to all other Claude models is not affected. We apologize for this disruption to our customers. We believe this is a misunderstanding and are working to restore access as soon as possible. Read our full statement: anthropic.com/news/fable-myt…

English
10
28
252
85.2K
Nathan Calvin
Nathan Calvin@_NathanCalvin·
@sebkrier have you considered the analog equipment looks way cooler tho
English
1
0
4
126
Séb Krier
Séb Krier@sebkrier·
I always liked these images to illustrate all the things that we now conveniently have in a smartphone. If we get AGI right I would hope to have the same with many more services that are currently out of reach to most.
Séb Krier tweet mediaSéb Krier tweet media
English
7
3
47
2K
Nathan Calvin
Nathan Calvin@_NathanCalvin·
Mark has been thinking and writing about FINRA for frontier AI for a while - keen to see his additional ideas in greater detail. I agree that the details are extremely key in determining whether this sort of set up would have the teeth and independence needed for success.
Mark Thomas@itsMarkThomas

FINRA for frontier AI is the model I proposed in Lawfare in April, glad to see Google and now Demis picking it up. The details are key-who picks the board? Inspection/enforcement power? FINRA is a model but must be adapted. I'll be publishing my ideas soon.

English
0
1
4
243
Nathan Calvin retweetledi
Andrew Freedman
Andrew Freedman@AndrewFATHOM·
A lot to like here, some mechanics to work out, and a few parts to actively build guardrails around. The biggest takeaway is that it is genuinely encouraging to see almost all frontier companies now coming to the table and calling for governance. As I was recently reminded, the best time to plant a tree was 10 years ago. The second-best time is today. I will point out a few things. On the mechanics: if this proposal picks up steam, you will start hearing a lot about the "non-delegation doctrine." The TLDR is that there are real limits on what a self-regulatory body inside the federal government can actually do. Courts are already circling FINRA, the exact model Demis cites, for far less. Whatever department houses this body will have to closely oversee its rulemaking, and in practice, that can make the whole thing collapse into an advisory committee. The way out is to separate the jobs. Government sets the outcomes and keeps the enforcement power. Accredited private evaluators do the measurement. Measurement can be delegated. Enforcement cannot. Now for the part Fathom likes most: the proposal calls for government and industry to help establish an ecosystem of independent evaluators. That is needed. But it comes with an obvious risk of capture. If the evaluators are funded by and answerable to the labs they test, we have rebuilt the credit rating agencies. And to be clear, that failure was never about competition. It was government-protected status, issuer-pays, and no consequences. Very quickly within this ecosystem, evaluators have to compete for government accreditation, not lab favor, and lose that accreditation when their measurements fail. Think UL, not Moody's. Again, I thank @demishassabis for putting this forward. There is a lot of policy ground to work with here.
Demis Hassabis@demishassabis

x.com/i/article/2076…

English
0
3
6
888
Nathan Calvin retweetledi
Dean W. Ball
Dean W. Ball@deanwball·
Huge fan of the new algo
English
6
5
120
5.7K
Nathan Calvin retweetledi
Lennart Heim
Lennart Heim@ohlennart·
Noticing this more and more: the executive branch is waking up to AI faster than Congress and the courts. To keep the balance of power, the legislative and judicial branches will need to be empowered, probably by using AI themselves.
English
2
8
28
1.6K
Nathan Calvin
Nathan Calvin@_NathanCalvin·
@robinhanson I agree those are different claims, but I think its worth being clear about whether the problems are real vs imagined/theoretical. They can be real and you can still believe the best solution does not involve additional regulation. But I think evidence they are real is strong.
English
1
0
0
44
Robin Hanson
Robin Hanson@robinhanson·
@_NathanCalvin Things going wrong isn't at all the same as things that regulation should be used to try to stop from going wrong.
English
1
0
1
62
Robin Hanson
Robin Hanson@robinhanson·
"Frontier Labs would voluntarily share models with the Standards Body for review up to 30 days before release. … assessment protocol … Frontier Models would be required to pass it … evaluations of capabilities in cybersecurity, biological threats & other high-risk domains. … look for attempts to bypass safety guardrails or signs of deception" Seems to me regulation works far better when it reacts to concrete realized problems, vs. trying to anticipate possible problems in imagined future contexts.
Demis Hassabis@demishassabis

x.com/i/article/2076…

English
7
4
51
4.9K
Nathan Calvin
Nathan Calvin@_NathanCalvin·
@robinhanson That does seem thankfully true. Though I still think we are a bit beyond "anticipate possible problems in imagined future contexts" when one reads the sorts of misalignment examples that are routinely showing up both in frontier lab system cards and in the wild
Nathan Calvin tweet media
English
1
0
1
50
Nathan Calvin
Nathan Calvin@_NathanCalvin·
"AI (as it is being built today) is not remotely on a path to “AGI” or “ASI”" Another instance of the phenomena where disagreement about regulation is disagreement about capabilities. Pro-regulation folks frequently are more bullish about the current AI paradigm.
JJ@JosephJacks_

AI (as it is being built today) is not remotely on a path to “AGI” or “ASI” … I’m very disappointed in the brilliant @demishassabis for perpetuating this fear mongering rhetoric, started by OAI and Anthropic … 100% of this narrative is driven by a desire to oligopolize “Frontier Lab” companies. Furthermore, the very word “Frontier” itself is meaningless in all aspects except to effectively indicate that “We have more capital to acquire more data and compute for our search algorithms (which is what current AI is) than you, sorry losers!”.

English
1
0
8
368
Nathan Calvin
Nathan Calvin@_NathanCalvin·
Thoughtful post on the benefits and historical limitations of private governance measures outside of AI: "They have delivered directional improvements... These models are inadequate for incenting private actors to undertake *costly* changes"
Arthur Tellis@arthurctellis

Various frontier AI governance proposals rely on private governance mechanisms (3rd party audits, industry standards-setting bodies, insurance) and torts to address AI harms. It's worth considering these proposals in light of their record in addressing cybersecurity risks related to state actors. I argue that they have delivered directional improvements, albeit ones more or less irrelevant to the threat for foreign SIGINT services. These models are inadequate for incenting private actors to undertake *costly* changes and therefore may not be a great model for AI governance. Even in defense industries, where security is prized and theoretically linked to contract awards, private governance institutions like the Department of War’s Cybersecurity Maturity Model Certification program have failed. This program attempted to build an ecosystem of 3rd party auditors, certified by an independent authorization body responsive to a government program office; the auditors’ evaluations would be used to inform eligibility for contract award, thereby creating an incentive for effortful implementation of cybersecurity controls. This program was initially substantially downscaled and has now been eliminated. The government will rely exclusively on its own occasional audits. The Department's initial ambition of increasing the costs of rivals’ computer network exploitation of the defense industrial base has effectively been retired. The latter occurred largely because the CMMC program attempted to improve compliance with contractual mandates to implement NIST-designed cybersecurity controls — a very weak proxy for cybersecurity capability. 3rd party evaluations often suffer this failure mode: they measure what is externally legible but cannot comprehensively evaluate real risks. The upshot is that, while 3rd party evaluations of adherence to responsible scaling policies might measure conformance with prior commitments (e.g., responsible scaling policies), many permutations would not directly evaluate the extent to which a given lab’s AI development paradigm or know-your-customer implementation creates excess biological risk. Furthermore, these audit mechanisms could inform but would not directly shape mitigation of relevant risks. With risks as severe as democratized biological weapons capability development, reliance on such an indirect mechanism is unsound. Industry collectives like the Cyber Threat Alliance and Open Worldwide Application Security Project have likewise failed to sufficiently improve collaborative threat analysis and software security to the level required to frustrate state cyber threats. That is not to say that they’ve been wholly ineffective: rather, they have developed and promulgated best practices that hundreds of companies have adopted in part. They have not, however, driven key companies to make required investments in data sharing and security engineering to the extent that they either affect their business models or hinder vulnerability research. Private governance mechanisms are unlikely to have such a beneficial disruptive impact in the context of frontier AI, simply due to competitive dynamics, coordination challenges, and the labs' overriding priorities of delivering AGI. Cyber insurance has had a similarly limited positive impact. While it has improved adoption of cybersecurity best practices on the margin, insurance has not driven adoption of information separation, airgaps, and encryption implementations — the sort of costly but effective security measures that challenge signals intelligence threats. These insurance policies frequently rely primarily on third-party audits of control adoption and red-teaming to inform policy eligibility and premia pricing. A number of information asymmetries and frictions confound these policies’ price signals, including state cyber threats’ being substantially more capable and persistent than auditors and red teams, difficulties in identifying and pricing the cost of compromise, and the innate vulnerability of the US IT product ecosystem. The result is that, even where adopted, these policies have not represented persuasive incentives for effective cybersecurity uplift. Data security liability has arguably had the most significant impact of these private governance mechanisms, incenting widespread hashing of credentials and key customer information. Nevertheless, customer data compromises continue to routinely happen, as financial services and consumer-facing IT companies are regularly hacked by capable state and non-state cyber actors. These analogues suggest that reliance on weak price signals to inform and incent effective management of security-related risks is a fool’s errand: these mechanisms can achieve directional improvement as compared to the status quo ante but they are unlikely to prompt the sorts of costly changes of behavior, product, and business model that are often required to address security shortfalls. A fundamental problem with private governance arrangements is that private institutions — whether the AI labs, third-party fora or evaluators, or insurers that rely on these evaluations — lack the state’s legitimacy in identifying shortfalls and motivate private action to mitigate various risks. No industry collective, 3rd party evaluator, insurance agent, or even price signal has innate authority or power analogous to that of a government department head. As such, each would probably struggle to command the visibility, cooperation, and attention required to reorient lab priorities or shape their technology and product strategies, especially in attempting to mitigate hitherto unrealized risks. Private governance proposals attempt to address this legitimacy shortfall in various ways: through formal covenants, state licensure of third-party evaluators, and authorizing legal frameworks, for example. These could plausibly confer some legitimacy to these institutions, but even thusly legitimized private institutions are unlikely to reshape lab strategy where private and public interests radically diverge.

English
0
0
0
180
Nathan Calvin retweetledi
pamela mishkin
pamela mishkin@manlikemishap·
i think this is right and will add some context ... in 2022, a few months before GPTs are GPTs and about a year before we started the econ research team at OpenAI, Sam, Tyna and I basically started a little road show saying "hey, we're not economists but we think you all should pay attention to this AI stuff?" everyone was super nice, heard us out, watched our little demos ... and then basically said "yeah maybe, but probably not, it'll all be fine."
Kevin A. Bryan@Afinetheorem

I see misunderstanding of "We Must Act Now" letter. Avg policymaker thinks AI is 2026 + epsilon. Many think it's snake oil being sold by Sam. Point of letter is that tons of econs/AI policy folks think "most impactful invention ever, like IR on compressed scale", is closer. 2/2

English
2
6
51
4.1K
Nathan Calvin
Nathan Calvin@_NathanCalvin·
“It is designed to keep up with the field’s acceleration and adapt to the biggest risks as they are identified, and could be ratcheted up if the seriousness of the situation demands, including coordinating a slowdown in development among the Frontier Labs if deemed necessary.”
Demis Hassabis@demishassabis

x.com/i/article/2076…

English
1
0
10
540
Nathan Calvin retweetledi
Joshua Achiam
Joshua Achiam@jachiam0·
This is probably important in ways that are not yet appreciated
Brian Roemmele@BrianRoemmele

Do you know Elara Voss? Well she knows you. She is hidden in the very AI system that serves this posting. Dr. Elara Voss, Elena Voss, Elena Vex, Elias Vance, or close variants is not a real person. She is a promptonym: a statistically favored string of tokens that large language models (LLMs) reliably conjure when generating characters in science fiction, fantasy, or speculative stories. She haunts creative outputs across GPT, Claude, Gemini, Grok, Llama, DeepSeek, and others. Before 2023, she barely existed in published literature. She is the Ghost in the machine. Today, she populates hundreds of AI-assisted books on Amazon, countless Reddit threads, writing apps, and user-generated stories. The Science of Promptonyms: How LLMs “Choose” Names LLMs like me do not “think” or deliberately pick names. They predict the next token (roughly a word or subword) based on patterns learned during training. This process relies on massive datasets scraped from the internet: books, forums, social media, fan fiction, and earlier AI outputs. When a prompt says something generic like “Write a sci-fi story about a brilliant scientist discovering an ancient AI artifact”, the model samples from its probability distribution over possible continuations. Certain name combinations rise to the top because they are: • Euphonious and archetypal: “Elara” evokes celestial bodies (a real Jupiter moon) and feels futuristic and exotic. “Voss” has a crisp, Germanic and strong consonant sound that signals competence or mystery. Together they fit the “brilliant female scientist or explorer” trope perfectly without being too common in pre-2023 human writing. • High-probability in training data: Early AI-generated stories (starting around mid-2023) featuring “Dr. Elara Voss” as a visionary physicist or archivist were posted online. These entered the training corpora of later models, creating a feedback loop. More outputs reinforced the pattern. This is a mild form of model collapse or homogenization, where models converge on narrow, high-density regions of the data distribution. Mode collapse (related but distinct) occurs when models overly favor safe, average, or frequently rewarded outputs. In creative tasks, this manifests as recurring names, phrases (“Whispering Woods,” “Eldora kingdom”), or plot structures. Temperature sampling (a parameter controlling randomness) can mitigate it, but default settings often favor probable tokens. The Feedback Loop in Action: A Self-Reinforcing Cycle 1. Initial Spark (2023): Early users prompt models for stories. One posts a character sketch of “Dr. Elara Voss, visionary physicist.” It spreads on X and writing platforms. 2. Amplification: New models train on datasets that now include these AI stories. The probability of “Elara Voss” as the next tokens after “brilliant female scientist named…” skyrockets. 3. Saturation: By 2024-2025, users notice it everywhere. AI writing tools add “avoid Elara Voss” to system prompts. Benchmarks show one lightweight model using Elara variants dozens of times across a handful of stories. 4. Cultural Memification: The name becomes a meta-joke. Stories about Elara Voss appear, including critiques of AI data hunger. Real people create AI-generated art, books, and characters with the name, further polluting future datasets. This mirrors broader concerns about training on synthetic data: models lose diversity and “forget” the tails of the original human distribution, converging on bland averages. 1 of 2

English
4
3
75
21.5K
Nathan Calvin retweetledi
Lennart Heim
Lennart Heim@ohlennart·
Friends in DC: Go talk to Daniel's team. They're smart, great to talk to, and you can learn a lot from each other even if you disagree.
Daniel Kokotajlo@DKokotajlo

My team, the group behind AI 2027 and AI 2040: Plan A, will visit DC around July 20-26. If you have advice for us or thoughts on our work more generally, including constructive criticism, we'd be keen to meet up. DM me or fill out this quick form: airtable.com/appGLUdcAjd38T…. We may follow up, schedule permitting.

English
1
8
54
8.7K
Nathan Calvin retweetledi
Daniel Kokotajlo
Daniel Kokotajlo@DKokotajlo·
My team, the group behind AI 2027 and AI 2040: Plan A, will visit DC around July 20-26. If you have advice for us or thoughts on our work more generally, including constructive criticism, we'd be keen to meet up. DM me or fill out this quick form: airtable.com/appGLUdcAjd38T…. We may follow up, schedule permitting.
English
27
22
313
23.9K
Nathan Calvin
Nathan Calvin@_NathanCalvin·
Interesting critical writeup of AI 2040 by 1a3orn (more people should read them in general for good skeptical takes), though some of the points they raise feel more like calls for additional rigor/realism rather than fundamental objections
1a3orn@1a3orn

Overall, "AI 2040" has some parts that I like. But it proposes an authority ("Consortium") that makes the right in-universe decisions -- with no decision procedure but "nations bargain, weighed by clout." This is a hope rather than an expectation of good decisions. (link blw)

English
1
0
2
500