Holden Karnofsky’s Singularity Institute Objection 1

The sheer length of GiveWell co-founder and co-executive director Holden Karnofsky’s excellent critique of the Singularity Institute means that it’s hard to keep track of the resulting discussion. I propose to break out each of his objections into a separate Discussion post so that each receives the attention it deserves.

Objection 1: it seems to me that any AGI that was set to maximize a “Friendly” utility function would be extraordinarily dangerous.

Suppose, for the sake of argument, that SI manages to create what it believes to be an FAI. Suppose that it is successful in the “AGI” part of its goal, i.e., it has successfully created an intelligence vastly superior to human intelligence and extraordinarily powerful from our perspective. Suppose that it has also done its best on the “Friendly” part of the goal: it has developed a formal argument for why its AGI’s utility function will be Friendly, it believes this argument to be airtight, and it has had this argument checked over by 100 of the world’s most intelligent and relevantly experienced people. Suppose that SI now activates its AGI, unleashing it to reshape the world as it sees fit. What will be the outcome?

I believe that the probability of an unfavorable outcome—by which I mean an outcome essentially equivalent to what a UFAI would bring about—exceeds 90% in such a scenario. I believe the goal of designing a “Friendly” utility function is likely to be beyond the abilities even of the best team of humans willing to design such a function. I do not have a tight argument for why I believe this, but a comment on LessWrong by Wei Dai gives a good illustration of the kind of thoughts I have on the matter:

What I’m afraid of is that a design will be shown to be safe, and then it turns out that the proof is wrong, or the formalization of the notion of “safety” used by the proof is wrong. This kind of thing happens a lot in cryptography, if you replace “safety” with “security”. These mistakes are still occurring today, even after decades of research into how to do such proofs and what the relevant formalizations are. From where I’m sitting, proving an AGI design Friendly seems even more difficult and error-prone than proving a crypto scheme secure, probably by a large margin, and there is no decades of time to refine the proof techniques and formalizations. There’s good recent review of the history of provable security, titled Provable Security in the Real World, which might help you understand where I’m coming from.

I think this comment understates the risks, however. For example, when the comment says “the formalization of the notion of ‘safety’ used by the proof is wrong,” it is not clear whether it means that the values the programmers have in mind are not correctly implemented by the formalization, or whether it means they are correctly implemented but are themselves catastrophic in a way that hasn’t been anticipated. I would be highly concerned about both. There are other catastrophic possibilities as well; perhaps the utility function itself is well-specified and safe, but the AGI’s model of the world is flawed (in particular, perhaps its prior or its process for matching observations to predictions are flawed) in a way that doesn’t emerge until the AGI has made substantial changes to its environment.

By SI’s own arguments, even a small error in any of these things would likely lead to catastrophe. And there are likely failure forms I haven’t thought of. The overriding intuition here is that complex plans usually fail when unaccompanied by feedback loops. A scenario in which a set of people is ready to unleash an all-powerful being to maximize some parameter in the world, based solely on their initial confidence in their own extrapolations of the consequences of doing so, seems like a scenario that is overwhelmingly likely to result in a bad outcome. It comes down to placing the world’s largest bet on a highly complex theory—with no experimentation to test the theory first.

So far, all I have argued is that the development of “Friendliness” theory can achieve at best only a limited reduction in the probability of an unfavorable outcome. However, as I argue in the next section, I believe there is at least one concept—the “tool-agent” distinction—that has more potential to reduce risks, and that SI appears to ignore this concept entirely. I believe that tools are safer than agents (even agents that make use of the best “Friendliness” theory that can reasonably be hoped for) and that SI encourages a focus on building agents, thus increasing risk.