AI Governance Recommendation

AI Model Registries:

A Foundational Tool for AI Governance

By

Elliot McKernon,

Gwyn Glasser,

Deric Cheng,

Gillian Hadfield,

October 4, 2024

This report proposes the implementation of national registries for frontier AI models as a foundational tool for AI governance. It explores the rationale, design, implementation, and enforcement of such registries, with recommendations on each.

Abstract

In this report, we propose the implementation of national registries for frontier AI models as a foundational tool for AI governance. We explore the rationale, design, and implementation of such registries, drawing on comparisons with registries in analogous industries to make recommendations for a registry that’s efficient, unintrusive, and which will bring AI governance closer to parity with the governmental insight into other high-impact industries. We explore key information that should be collected, including model architecture, model size, compute and data used during training, and we survey the viability and utility of evaluations developed specifically for AI. Our proposal is designed to provide governmental insight and enhance AI safety while fostering innovation and minimizing the regulatory burden on developers. By providing a framework that respects intellectual property concerns and safeguards sensitive information, this registry approach supports responsible AI development without impeding progress. We propose that timely and accurate registration should be encouraged primarily through injunctive action, by requiring third parties to use only registered models, and secondarily through direct financial penalties for non-compliance. By providing a comprehensive framework for AI model registries, we aim to support policymakers in developing foundational governance structures to monitor and mitigate risks associated with advanced AI systems.

Executive Summary of Our Proposal 

In this report, we propose that national governments should implement AI model registries as a foundational tool for AI governance. By model registry, we mean a centralized database of frontier AI models that includes standard commercial and specific safety-relevant information about these models and their deployers. Developers would be required to report any qualifying models and their information to the registry before public deployment. In Parts I, II, and III, we explore and make recommendations on the purpose of such a registry, what information it should store, and how to practically implement and administer it, respectively. In this executive summary of our proposal we provide a concise, high-level summary of each of our conclusions, without argumentation, analysis, or evidence. To understand why we make each of these specific recommendations, we encourage readers to read the full section on each topic.

The Case for a Model Registry

AI model registries can serve as a foundational lever to increase regulatory visibility, support legal action, and manage societal risks. In other industries, registries successfully serve this same purpose for products and services associated with notable economic impacts or risks to society, as we detail in Registries are a basic, common governance tool. However, while some nations are taking early steps to develop model registries, as we detail in What AI model registries currently exist?, the current standards for frontier AI registration are not yet substantial enough to bring AI oversight into parity with other industries.

We identify four high-level objectives that motivate the adoption of frontier model registries:

  • A registry will facilitate the monitoring of frontier AI technology, providing governments with increased regulatory visibility into the capabilities and risks of leading AI models.

  • A registry will provide a key mechanism for regulatory enforcement of AI models, enabling governments to accurately pinpoint models subject to regulation.

  • A registry will enable the development of new regulation and serve as a foundational governance hub, allowing governments to classify models and create regulation based on specific capabilities or characteristics.

  • A registry will foster public sector field-building by promoting the use of common standards, providing structured information on AI for policymakers, and encouraging the development of the technical skills and knowledge required to manage AI systems.

  • Crucially, a registry can achieve these four important goals efficiently and without hobbling innovation. We elaborate on these benefits in What value does a model registry provide to governments?.

Proposed Design of a Model Registry

Based on our research detailed in Part II, we propose that an effective AI model registry should adhere to the following design principles to achieve the goals listed above:

  • A model registry should be minimal, and aim to only require the information needed to fulfill the described purposes.

  • A model registry should not include licensing requirements or mandatory standards. It should primarily consist of reporting existing information about an AI model, and require minimal additional overhead for developers.

  • A model registry should be interoperable and conform to international standards that minimize the regulatory burden on registry administrators and AI developers.

  • The bar for inclusion into a model registry should be low enough to capture the next generation of highly capable frontier models, but above the current generation of models (those deployed before the publication of this report).

  • Models should be required to be registered prior to deployment.

  • The registry should support categorizing models into families, and allow developers to maintain the model information for only the most capable models in each key measurable dimension to minimize overhead.

  • Developers should be required to revisit their registry entries twice a year, either confirming that the information remains accurate or updating it to reflect any changes.

  • An effective model registry should contain information including:

    • Basic information on the developing organization

    • Open-source status of the model

    • Model size in parameters

    • Compute used during training, retraining, and post-training

    • Training data: amount, type, and provenance

    • A high-level description of model architecture

    • General information about the hardware used for development

    • A description of the security standards protecting key components of the AI model

    • The mechanism and results of any model evaluations or benchmarks conducted by the developer

    • A description of the functions of the model

    • A summary of post-deployment monitoring techniques used.

Proposed Implementation of a Model Registry

Based on our research detailed in Part III, we propose that an effective AI model registry should meet the following implementation principles:

  • A model registry should be enforced by implementing a system to fine AI developers a percentage of annual turnover for non-compliance.

  • A model registry should require third-party users of frontier AI models to verify that those models have been registered.

  • A model registry should be overseen directly by governments with minimal outsourcing to third-parties.

  • A model registry should be implemented at the national level, but remain interoperable with international standards.

  • A model registry should be pragmatically confidential and secure.

Structure of the report

In Part I, we explore why AI models require greater governance and introduce model registries as a potential governance tool. We explore the benefits a registry could provide to governments and society and the risks that should be mitigated in designing and implementing a model registry.

In Part II, we research and make recommendations on how to design an effective registry: which models should qualify for inclusion on the registry, and what information developers should submit to the registry about their models.

In Part III, we research and make recommendations on how to practically implement an effective registry: how it should be administered, whether its information should be public or private, and how to ensure developers share accurate information.

For each topic, we share our research, weigh benefits and risks, and conclude by making specific recommendations.

Report Link

Report Link

Report Link

Download the full PDF of the report

Download the full PDF of the report

Newsletter

Newsletter

Newsletter

Get research updates from Convergence

Leave us your contact info and we’ll share our latest research, partnerships, and projects as they're released.

You may opt out at any time. View our Privacy Policy.