
Blaine Dillingham
172 posts




Have heard the idea of insurance mandates for AI labs thrown around a lot, and, candidly, I just think it’s a straightforwardly bad idea. If we are talking about quotidian risks, tort law (you can discuss between negligence and strict) is a better tool. It lets the companies determine whether they are better placed to bear the risk themselves, or, if they’d rather smooth out the lumps, they can voluntarily insure themselves (a field which is rapidly growing). But the types of risks that are routinely mentioned as justifying mandatory insurance (cybersecurity attacks, large scale biological attacks, etc.) would fall into the catastrophe risk category. Taking the latter, as it’s better understood, you’re probably talking about hundreds of billions to trillions of notional exposure to the company in question from a single event. The GLOBAL catastrophic risk insurance market (~600B in capital if you really stretch definition) could not take a blow like that, which means you would have to have government guarantees, which gets back to this just being a political/governance issue anyway. Insurance is one of the great feats of our civilization and a hugely underrated institution, but it is not magic, and it is not very fast moving. Frankly, if one of the labs happens to act so negligently that something terrible happens, we, as a society, will find a way to sent the leadership to jail and throw away the key (see: Enron), which is already a substantially superior incentive aligning mechanism that does not distort what is one of the worlds most important existing institutions.

Well, I know we’ve discussed this and disagreed, so will just go one by one. For the voluntary insurance, that’s why I kept to normal risks, rather than tail risks. For scaling up, it almost certainly won’t work, the big cat bond players are an entirely separate set of firms with different structures, skills, and incentives than the small scale insurance (mostly driven by the risks being not just quantitatively, but qualitatively different). As for coinsurance, I agree it’s better than flat, but for it to work you have to preemptively pick the risk profile you are most worried about (100B/1T/more; 1/5/50%?) and, to get the insurances companies to agree to carry, explicitly define the risks. Otherwise they are very unlikely to be willing to carry on their books. There’s also a ton of other thorny questions about timelines, potential for an insurer to monopolize the market, how an insurer would develop expertise to price the risks, distorting effects on global capital pools, etc. Maybe I’m being pollyannaish, but I just don’t think providing further incentive for the big labs to avoid catastrophic risk is a priority. They have plenty! If your concern is actually race dynamics, regulation/verification and monitoring/mandatory staged deployment are better fits for the risk profile under discussion. I think all have potential massive downsides that are rarely grappled with, but they are at least better at solving the race issue with the insurance market as it exists in the world today.

Everyone worries about AI agent enabled cyberattacks on grids, banks, and pipelines. But America's sewers are often forgotten even though they may be near perfect targets for agentic attacks because of their fragmentation and technical redundancy. Read my latest on why we need def/acc for sewage:

Read the full post here: policygradients.com/p/americas-sew…

Read the full post here: policygradients.com/p/americas-sew…


Not sure I see how any of this cuts against an insurance mandate for AI labs. Some very good points here about why cyber insurance is difficult. But re AI: "the basic problem with liability insurance in the AI context is captured well in the diversity of opinions about failure modes and p(doom)" This doesn't seem like a huge problem for insurance. 'Things could go wrong in multiple ways' is something insurance handles fine all the time. A stronger point for you is that "the risk models are pretty explicit" and "mitigating interventions are pretty obvious" in normal insurance and may not be for AI, but this is exactly the reason that insurance companies will have to hire good third party auditors. In cases with actuarial history like car accidents or health insurance, it's often cheaper for insurance companies to just do statistics rather than invest up front in expensive auditing of every policyholder's risky behaviors and invest in research into safety mitigations. But precisely because we don't have an actuarial history of catastrophic harms from AI, insurance companies can't just use quick heuristics to set premiums. They'll need to audit labs' technical internals and encourage mitigations. I also just want to clarify the specific kind of insurance I think could be good: a mandate for frontier labs to have liability insurance that kicks in after lab bankruptcy. I don't necessarily want labs to buy insurance for harms that they could pay off without going bankrupt -- this could create moral hazard. I just want to make them internalize costs above the judgment-proof amount. Currently, they treat the same all potential liabilities that would go beyond bankrupting them, whether it's them causing a $100b cyberattack or a $1 trillion one. We likely can't start off with a requirement to carry insurance for anywhere near that amount, so it should start small and scale up over time. We can also capture the large tail risks with coinsurance: rather that insurance covering, for example, the first $50 billion in damages after the frontier lab is liquidated, instead you could say that insurance has to cover 5% of the first $1 trillion above liquidation

In cybersecurity, 97% of compromises aren't detected, a persistent actor will almost always get in to most commercial networks, and premia would have to be super costly to incent fundamental IT ops changes -- there are also just problems that are beyond the capacity of insurance-motivated targets to address (e.g., edge device vulnerabilities, APTs' easy access to domestic VPS, network monitoring capabilities that aren't that performant, extreme competition for cybersecurity talent)? So it's really hard for companies to receive a real price signal that motivates productive changes or derive benefits from risk pooling. I think the basic problem with liability insurance in the AI context is captured well in the diversity of opinions about failure modes and p(doom). For car insurance, home fire insurance, theft recovery insurance, and most forms of financial asset insurance, the risk models are pretty explicit, the signals are pretty clear, and the mitigating interventions are pretty obvious. I am not convinced that this is the case in IT or AI risk.

This from @OpenAI strikes me as a bad place to draw boundaries surrounding limits of surveillance abuse. "Mass domestic surveillance" is a pungent but unspecific term, used exclusively by surveillance critics. So many foreign intelligence missions have domestic nexuses, whether because of incidentally collected domestic persons data, because they are collected from U.S. entities, or because they involve detection of foreign intelligence/military operatives within the United States. Likewise, a lot of intelligence activities involve collection of massive datasets, simply because filtering, processing, parsing, analysis, and siloing happens on the backend, after data acquisition. Neither "domestic" nor "bulk" implies illegitimate or improper. One should be wary of implying that it does or acceding to the tendentious terminology of the privacy maximalists, who have been using the same term to define various IC activities despite their substantial transformation over time and the ever-increasing growth of institutional privacy/civil liberties/intel oversight safeguards. The better line in the sand to draw is around institutional design and mission: advanced AI is likely to be abused where political or independent intelligence authorities lack responsible supervision/independent civilian oversight bodies, have inherent or assigned political motivations, and lack processes/policies governing collection or analytic exploitation related to domestic persons. In other words, the FSB and ISI will definitely abuse advanced AI. The risks are substantially lower in the NSA, CIA, and FBI, even though each has missions, authorities, and operational activities that can variously be described as "domestic" or "mass" in various ways, despite their definite value and legitimacy.



This White House is "uniquely well-positioned" to broker a compromise between intelligence agencies and privacy reformers, @blainedilli points out.




The White House can usher in a multi-year FISA reauthorization, @blainedilli writes, by agreeing to close the data broker loophole & require warrants to search Americans' comms. In return, they could empower legit intel-gathering by cutting red tape at law enforcement agencies.
