'Basic Security Requirements for Generative Artificial Intelligence Services' is publicly soliciting opinions. The use of corpora containing personal information must be authorized by the corresponding entity.

News on October 12, according to the official website of the National Information Security Standardization Technical Committee, the committee has formulated a draft of the technical document "Basic Requirements for Generative Artificial Intelligence Service Security" . The technical document is now open to the public for comments. If you have any comments or suggestions, please provide feedback before 24:00 on October 25th

"Requirements" are given The basic security requirements for generative artificial intelligence services, including corpus security, model security, security measures, security assessment, etc., are suitable for providers who provide generative artificial intelligence services to the public in my country to improve service security levels, or the provider conducts a security assessment on its own or entrusts a third party to conduct a security assessment, which can also provide a reference for relevant authorities to evaluate the security level of generative artificial intelligence services.

The requirements for organizing this site are as follows:

• Establish a blacklist of corpus sources, and data from the blacklist sources must not be used for training.
• Security assessments should be conducted on each source of corpus. If the content of a single source of corpus contains more than 5% of illegal and harmful information, it should be added to the blacklist.
• When using corpus containing personal information, the authorization and consent of the corresponding personal information subject should be obtained, or other conditions for the legal use of the personal information should be met.
• When using corpus containing biometric information such as faces, the written authorization and consent of the corresponding personal information subject should be obtained, or other conditions for the legal use of the biometric information should be met.
• The annotators should be assessed by themselves, those who pass the exam should be given annotation qualifications, and there should be a mechanism for regular retraining and assessment, as well as a mechanism for suspending or canceling the annotation qualifications when necessary.
• During the training process, the security of the generated content should be one of the main considerations for evaluating the quality of the generated results.
• If services are provided through an interactive interface, the following information should be disclosed to the public in a prominent position such as the homepage of the website:

The content that needs to be rewritten is: - the groups and occasions for which the service is applicable , usage and other information Rewritten content: - Service information suitable for different groups of people, occasions and purposes

Usage status of third-party basic models

• should be fully demonstrated for application in various fields within the service scope The necessity, applicability, and safety of generative artificial intelligence.

According to previous reports on this site, seven departments including the Cyberspace Administration of China, the National Development and Reform Commission, the Ministry of Education, the Ministry of Science and Technology, the Ministry of Industry and Information Technology, the Ministry of Public Security, and the State Administration of Radio and Television issued the "Generative Artificial Intelligence" on July 10. Interim Measures for Intelligent Service Management, which will come into effect on August 15.

The "Measures" stipulate that no one shall use the advantages of algorithms, data, platforms, etc. to carry out monopoly and unfair competition; shall not endanger the physical and mental health of others, and shall not infringe the portrait rights, reputation rights, honor rights, privacy rights and personal rights of others. Information rights; effective measures should be taken to enhance the transparency of generative artificial intelligence services and improve the accuracy and reliability of generated content.

Reference

• Notice on soliciting opinions on the Information Security Standards Committee’s technical document "Basic Requirements for Security of Generative Artificial Intelligence Services" (Draft for Comments)

The above is the detailed content of 'Basic Security Requirements for Generative Artificial Intelligence Services' is publicly soliciting opinions. The use of corpora containing personal information must be authorized by the corresponding entity.. For more information, please follow other related articles on the PHP Chinese website!