Explicitly calling out that they are not going to train on enterprise's data and SOC2 compliance is going to put a lot of the enterprises at ease and embrace ChatGPT in their business processes.
From our discussions with enterprises (trying to sell our LLM apps platform), we quickly learned how sensitive enterprises are when it comes to sharing their data. In many of these organizations, employees are already pasting a lot of sensitive data into ChatGPT unless access to ChatGPT itself is restricted. We know a few companies that ended up deploying chatbot-ui with Azure's OpenAI offering since Azure claims to not use user's data (https://learn.microsoft.com/en-us/legal/cognitive-services/o...).
We ended up adding support for Azure's OpenAI offering to our platform as well as open-source our engine to support on-prem deployments (LLMStack - https://github.com/trypromptly/LLMStack) to deal with the privacy concerns these enterprises have.
My company (Fortune 500 with 80,000 full time employees) has a policy that forbids the use of any AI or LLM tool. The big concern listed in the policy is that we may inadvertently use someone else’s IP from training data. So, our data going into the tool is one concern, but the other is our using something we are not authorized to use because the tool has it already in its data. How do you prove that that could never occur? The only way I can think of is to provide a comprehensive list of everything the tool was trained on.
It’s a legal unknown. There’s nothing more to it. Your employer has opted for one side of the coin flip, and it’s the risk averse-one. Any reasonably-sized org is going to be raising the same questions, but instead opting to reap the benefits and take on the legal risk, which is something organisations do all the time anyway.
For me that discussion is always hard to grasp. When a human would learn coding autodidacticly by reading source code, and later they would write new code — then they could only do so because they read licensed code. No one would ask for the license, right?
Because humans aren't computers and the similarities between the two, other than the overuse of the word "learning" in the computer's case, are nonexistant?
Don't know if they are, and don't really care either and I don't care to anthropomorphize circuitry to the extent that AI proponents tend to, especially.
Humans and Computers are 2 wholly separate entities, and there's 0 reason for us to conflate the two. I don't care if another human looks at my code and straight up copies/pastes it, I care very much if an entity backed by a megacorp like Micro$oft does the same, en-masse, and sells it for profit, however.
Okay, so the scale at which they sale their service is a good argument that this is different from a human learning.
However, on the other hand we also have the scale at which they learn, which kind of makes every individual source line of code they learn from pretty unimportant. Learning at this scale is statistical process, and in most cases individual source snippets diminish in the aggregation of millions of others.
Or to put it the other way round, the actual value lies in the effort of collecting the samples, training the models, creating the software required for the whole process, putting everything into a good product and selling it. Again, in my mind, the importance of every individual source repo is too small at this scale to care about their license.
The idea that individual source snippets at this scale diminish in aggregation, is undercut by the fact that OpenAI and MSFT are both selling enterprise-flavoured versions of GPT, and the one thing they promise is that enterprise data will not be used to further train GPT.
That is a fear for companies because the individual source snippets and the knowledge "learned" from them is seen as a competitive advantage of which the sources are an integral part - and I think this is a fair point from their side. However then the exact same argument should apply in favour of paying the artists, writers, coders etc whose work has been used to train these models.
So it sounds like they are trying to have their cake and eat it too.
Hmm. You sure this is the same thing? I would say it’s more about confidentiality than about value.
Because what companies want to hide are usually secrets, that are available to (nearly) no one outside of the company. It’s about preventing accidental disclosure.
What AIs are trained on, on the other hand, is publicly available data.
To be clear: what could leak accidentally would have value of course. But here it’s about the single important fact that gets public although it shouldn’t, vs. the billions of pieces from which the trained AI emerges.
It's really not different in scale. Imagine for a moment how much storage space it would take to store the sensory data that any two year old has experienced. That would absolutely dwarf the text-based world the largest of LLMs have experienced.
But that also exists in the AI world. It’s called „fine tuning“: a LLM trained on a big general dataset can learn special knowledge with little effort.
I’d guess it’s exactly the same with humans: a human that received good general education can quickly learn specific things like C.
Humans have experienced an amount of data that absolutely dwarfs the amount of data even the largest of LLMs have seen. And they've got billions of years of evolution to build on to boot
The process of evolution "from scratch", i.e. from single-celled organisms took billions of years.
This is all relevant because humans aren't born as random chemical soup. We come with pre-trained weights from billions of years of evolution, and fine-tune that with enormous amounts of sensory data for years. Only after that incredibly complex and time-consuming process does a person have the ability to learn from a few examples.
An LLM can generalize from a few examples on a new language that you invent yourself and isn't in the training set. Go ahead and try it.
There is the element of the unknown with LLMs etc.
There is a legal difference between learning from something and truly making your own version and simply copying.
It's vague of course - take plagiarism in a university science essay - the student has no original data and very likely no original thought - but still there is a difference between simply copying a textbook and writing it in your own words.
Bottom line - how do we know the output of the LLM isn't a verbatim copy of something with the license stripped off?
The way I see it is that with AI you have really painted your own Caravaggio, but instead of an electrochemical circuit of a human brain you've employed a virtual network.
> but instead of an electrochemical circuit of a human brain you've employed a virtual network.
technically it is still a tool you are using, differently from doing it on your own, with your hands, using your own brain cells, that you trained over the decades, instead of using a virtual electronic brain pre-trained in hours/days by someone else on who knows what.
Okay if it’s about looking at one painting and fake that. However, if you train your model on billions of paintings and create arbitrary new ones from that, it’s just a statistical analysis on what paintings in general are made of.
The importance of the individual painting diminishes at this scale.
I'd add to this, the damage an LLM could do is much less than a human could do in terms of individual production. A person can paint so many forgeries... A machine can create many, many more. The dilusion of value from a person learning is far different than machine learning. The value extracted and diluted is night and day in terms of scale.
Not to say what will/won't happen. In practice, what I've seen doesn't scare me much in terms of what LLMs produce vs. what a person has to clean up after it's produced.
They are not the same because an LLM is a construct. It is not a living entity with agency, motive, and all the things the law was intended for.
We will see new law as this tech develops.
For an analogy, many people call infringement theft and they are wrong to do so.
They will focus on the someone getting something without having followed the right process part while ignoring the equally important someone else being denied the use of, or loss of property part.
The former is an element in common between theft and infringement. And it is compelling!
But, the real meat in theft is all about people losing property! And that is not common at all.
This AI thing is similar. The common elements are super compelling.
But it just won't be about that in the end. It will be all about the details unique to AI code.
Using the word "construct" isn't adding anything to the conversation. If we bioengineer a sentient human, would you feel OK torturing it because it's "just a construct"? If that's unethical to you, how about half meat and half silicon? How much silicon is too much silicon and makes torture OK?
> Most people will [privilege meat]
"A person is smart. People are dumb, panicky dangerous animals, and you know it". I agree that humans are likely to pass bad laws, because we are mostly just dumb, panicky dangerous animals in the end. That's different than asking an internet commentor why they're being so confident in their opinions though.
Full stop. We've not done that yet. When we do, we can revisit the law / discussion.
We can remedy "construct" this way:
Your engineered human would be a being. Being a being is one primary difference between us and these LLM things we are toying with right now.
And yes, beings are absolutely going to value themselves over non beings. It makes perfect sense to do so.
These LLM entities are not beings. That's fundamental. And it's why an extremely large number of other beings are going to find your comment laughable. I did!
You are attempting to simplify things too much to be meaningful.
Define "being". If it's so fundamental, it should be pretty easy, no?
And I'd like if this were simple. Unfortunately there's too many people throwing around over-simplifications like "They are not the same because an LLM is a construct" or "These LLM entities are not beings". If you'll excuse the comparison, it's like arguing with theists that can't reason about their ideological foundations, but can provide specious soundbites in spades.
A being is a living thing with a will to survive, need for food, and a corporeal existence, in other words, is born, lives for a time, then dies.
Secondly, beings are unique. Each one has a state that ends when they do and begins when they do. So far, we are unable to copy this state. Maybe we will one day, but that day, should there ever be one, is far away. We will live our lives never seeing this come to pass.
Finally, beings have agency. They do not require prompting.
Also twice now you've said the equivalent of "it hasn't happened yet so no need to think about the implications". Respectfully, I think you need to ponder your arguments a bit more carefully. Cheers.
They've got a few fantastic attributes, lots of different beings do. You know the little water bear things are tough as nails! You can freeze them for for a century wake them up and they'll crawl around like nothing happened.
Naked mole rats don't get any form of cancer. All kinds of things the beans present in the world that doesn't affect the definition at all.
You didn't gain any ground with that.
And I will point out, it is you who has the burden in this whole conversation. I am clearly in the majority if you want things with what I've said. And I will absolutely privilege meets face over silicon any day, for the reasons I've given.
You, on the other hand, have a hell of a sales job ahead of you. Good luck maybe this little exchange helped a bit take care
> Or do they magically become "beings" when they die?
quoting from your link
although in practice individuals can still die. In nature, most Turritopsis dohrnii are likely to succumb to predation or disease in the medusa stage without reverting to the polyp form
This sentence does not apply to an LLM.
Also, you can copy an LLM state and training data and you will have an equivalent LLM, you can't copy the state of a living being.
Mostly because a big chunk of the state is experience, like for example you take that jellyfish, cut one of its tentacles and it will be scarred for life (immortal or not). That can't be copied and most likely never will.
Regarding the copying of a being state, I'm not really sure that's ever even going to be possible.
So for the sake of argument I'll just amend that and say we can't copy their state. Each being is unique and that's it. They aren't something we copy.
And yes that means all of us that thinks somehow they're going to get downloaded into a computer? I'll say it right here and now that's not going to fucking happen.
> The only way I can think of is to provide a comprehensive list of everything the tool was trained on.
There are some startups working in the space that essentially plan to do something like this. https://www.konfer.ai/aritificial-intelligence-trust-managem... is one I know of that is trying to solve this. They enable these foundation model providers to maintain an inventory of training sources so they can easily deal with coming regulations etc.
Microsoft/OpenAI are selling a service. They’re both reputable companies. If it turns out that they are reselling stolen data, are you really liable for purchasing it?
If you buy something that fell of a truck, then you are liable for purchasing stolen goods. But if it turns out that all the bananas in wall mart were stolen from cosco you’re not as a customer liable for theft.
Similarly, I don’t know if Clarkson Intelligence have purchased proper license for all the data they are reselling. Maybe they are also scraping some proprietary source and now you are using someone else’s IP.
Even if you find a way to successfully forward liability and damages to Microsoft and OpenAI - which I doubt you will be able to as the damages are determined by your use of the IP - you do not gain the right to use the affected IP and will have a cease and desist for whatever is built upon it.
How legitimate the IP concern is and whether it holds up in court is one thing, but finger pointing will probably not be sufficient.
Realistically you can prove that just as well as you can prove that employees aren't using ChatGPT via their cellphones.
There are also organizations that forbid the use of Stack overflow. As long as employees don't feel like you're holding back their career and skills by prohibiting them from using modern tools, and keep working there, hey. As long as you pay them enough to stay, people will put up with a lot, even if it hurts them.
Using $technological_aide \in {chatgpt,ide,stackoverflow,google,debuggers,compilers,optimizers,high-mem VMs}$ to code is not a skill. It’s a crutch. Any employees that feel held back by not being able to access it aren’t great in the first place.
I don't think using ChatGPT is similar to searching for answers on S.O. Maybe if you were asking people on S.O. to write your code for you, or plugging in exact snippets. The point here is that letting ChatGPT write code directly into your repo is effectively plagiarism and may violate any number of licenses you don't even realize you're breaking, whereas just looking at how other people did something, understanding, and then writing your own code, does not.
Honestly I couldn’t tell you whether copying code out of Stack Overflow or out of ChatGPT is more legally suspect. For SO, you don’t know where the user got the code from either (wrote it themselves? Copied it out of their work repo? Copied from some random GPL source?)
I've been experiencing carpal tunnel on and off for a couple of weeks now.
I can tell you that reading through some code generated by "insert llm x" is substantially less painful than writing all of it by my own hand.
Especially if you start understanding how to refine your prompts to the point where you use a single thread for project management and use that thread to generate prompts for other threads.
Not all value to be gained from this is purely copypasta.
Same here. End of last year I had to take more time off than I wanted to because of my wrists and hands. Copilot and GPT4 (combined with good compression braces) got me back in the game.
Stackoverflow yes, the others aren’t the same category. Asking someone else to give you code to do X means you have struggled synthesizing algorithms yourself. It’s not a good habit because it means you struggle to be precise in how the program behaves.
I am not a programmer and only know some very rudimentary HTML and Java. After hearing everyone enthuse about how they use ChatGPT for everything, I thought that I could use it to generate a page that I thought sounded simple enough. Gist of it was that I needed 100 boxes of the same dimensions that text could be inputted into. I figured that it'd be faster with AI than with me setting up an excel sheet that others would have to access.
Instead, the AI kept spitting out slightly-off code, and no matter how much reiterations I did it did not improve. Had I known the programming language, I would have known what needed to be changed. I think that a lot of highly experienced people are using it as a short-hand to get started, and a lot of inexperienced people are going to use it to produce a lot of shoddy crap. Anyone relying on ChatGPT that doesn't already know what they're doing is setting themselves up for failure.
> said by someone who uses chatgpt extensively, it is good for the structure, to get an idea, but as a code generator it kinda sucks.
Interestingly, the same applies to text-to-image programs. Once you used these for a while, you realize their utility and value are little more than an inspiration or a starter. Even if you wanted to ignore the ethical implications, very little they produce is useable. LLM are amazing. However, their end-product application is overrated.
I dunno about that. I honestly tried to extract _any_ value in my day to day work from LLMs, but aside from being an OK alternative to Google/SO, I mostly did find it to be a crutch.
I never had issues with quickly writing a draft or typing in code. I do realise that for a lot of people, starting on a green field is hard, but for me it's easier.
My going hypotheses is that people are just different, and some get true value out of it while others don't. If it works for you, I'm not gonna call you names for it.
Yes, try it with a proprietary language, a closed source environment and lots of domain and application knowledge required to achieve anything. There ChatGPT is completely out of it.
Here is a bunch of JSON. Output the c# classes that can deserialise it.
An intern in college could do that, but it isn’t worth our time to do.
For this function, write the unit tests. Now you do not have anything that you can blindly commit, but you are at the stage where you are reviewing code.
Could you do all of this by hand? Sure but you never would, you would use an IDE. Chatgpt is better than an IDE when you know how to use it.
I think it can be a productivity booster. At my company, I need to touch multiple projects in multiple languages. I can ask ChatGPT how to do something, such as enumerate an array, in a language I’m less familiar with so that I can more quickly contribute to a project. Using ChatGPT as a coach, I am also slowly learning new things.
You mean the search engine that NEVER EVER gives me the documentation I'm locking for, but always goes for a vaguely related blog with hundreds of ads?
Sounds like the perspective of someone who never gave that tool a real chance. To me it’s primarily just another aid like IDE inspections, IDE autocompletions etc.
I use GitHub Autopilot mainly for smaller chunks of code, another kind of autocompletion, which basically safes me from typing, Googling or looking into the docs, and therefore keeps me in the flow.
I'd avoid the use of the word crutch, it sounds ableist as fuck; my girlfriend has a joint disease and relies on a crutch to walk. In other words, while I understand it's just a figure of speech: how dare you.
It's a tool that can help, just like an IDE, code generators, code formatters, etc. No need to talk down on it in that fashion, and there's no need to look down your nose at tools or the people that use it.
How is it offensive to use crutch in this context? The implication being that it's a tool that helps people do something they'd struggle with otherwise. I don't see why anyone might be offended by that.
Your girlfriend is less able to walk and thus uses a crutch to compensate, but it doesn't let her walk as well as a normal person. Replace "walk" with "code" and the sentence works for ChatGPT if the grandparent is correct.
To effectively sue you, I believe the plaintiff would have to prove the LLM you were using was trained on that IP and it was not in the public domain. Neither seems very doable.
I don't actually think either of those things are all that hard, certainly it's a gray area until this actually happens but I think AI generation is not all that different from any other copyright situation. Even with regular copyright cases you don't need to prove "how" the copying occurred to show copyright infringement, rather you just have to show that it's the likely explanation (to the level of some standard). Point being, you potentially don't need to prove anything about the AI training as long as you can show that the AI's result is clearly identifiable as your work and is extremely unlikely to be generated any other way.
Ex. CoPilot can insert whole blocks of code with comments and variable names from copyrighted code, if those aspects are sufficiently unique then it's extremely unlikely to be produced any way other than coming from your code. If the code isn't a perfect copy then it's trickier, but that's also the case if I copy your code and remove all the comments, so it's still not all that different from the current status quo.
The bigger question is who gets sued, but I can't imagine any AI company actually making claims about the copyright status of the output of their AI, so it's probably on you for using it.
It could open quite a wide window for patent trolls though, who generally go for settlements under the threat of a protracted court battle which is of minimal cost to them, as they are often single purpose law firms that do that and only that.
Being able to have your legal counsel tell them to go bug openAI could potentially save you from quite a few anklebiters all seeking to get their own piece.
Your observation highlights the complexities of legal actions related to AI-generated content. Proving the exact source of a specific piece of content from a language model like the one I'm based on can indeed be challenging, especially when considering that training data is a mixture of publicly available information. Additionally, the evolving nature of AI technology and the lack of clear legal precedents in many jurisdictions further complicate the matter. However, legal interpretations may vary, and it's advisable for any legal proceedings to involve legal experts well-versed in both AI technology and intellectual property law. Also, check out AC football cases.
Just curious, do they have bans on "traditional" online sources like Google search results, Wikipedia, and Stack Overflow?
From my view, copying information from Google search results isn't that much different from copying the response from ChatGPT.
Notably Stack Overflow's license is Creative Commons Attribution-ShareAlike, which I believe very people actually realize when copying snippets from there.
> Notably Stack Overflow's license is Creative Commons Attribution-ShareAlike, which I believe very people actually realize when copying snippets from there.
A lot of the snippets would not meet the standard for copyrightable code, though. At least that’s my understanding as non-lawyer.
With SO you also have no guarantee that the person has the license to put that snippet. Even that could have been copied from somewhere else.
A customer was scanning for and banning SO, if that was the only determined source.
> but the other is our using something we are not authorized to use because the tool has it already in its data.
We won't know if this is legally sound until a company who isn't forbidding A.I. usage gets sued and they claim this as a defense. For all we know the court could determine that, as long as the content isn't directly regurgitated, it's seen as fair use of the input data.
So, how do you plan to commercialize your product? I have noticed tons of chatbot cloud-based app providers built on top of ChatGPT API, Azure API (ask users to provide their API key). Enterprises will still be very wary of putting their data on these multi-tenant platforms. I feel that even if there is encryption that's not going to be enough. This screams for virtual private LLM stacks for enterprises (the only way to fully isolate).
We have a cloud offering at https://trypromptly.com. We do offer enterprises the ability to host their own vector database to maintain control of their data. We also support interacting with open source LLMs from the platform. Enterprises can bring up https://github.com/go-skynet/LocalAI, run Llama or others and connect to them from their Promptly LLM apps.
We also provide support and some premium processors for enterprise on-prem deployments.
But, in order to generate the vectors, I understand that it's necessary to use the OpenAI's Embeddings API, which would grant OpenAI access to all client data at the time of vector creation. Is this understanding correct? Or is there a solution for creating high-quality (semantic) embeddings, similar to OpenAI's, but in a private cloud/on premises environment?
Enterprises with Azure contracts are using embeddings endpoint from Azure's OpenAI offering.
It is possible to use llama or bert models to generate embeddings using LocalAI (https://localai.io/features/embeddings/). This is something we are hoping to enable in LLMStack soon.
Enterprises can bring up https://github.com/go-skynet/LocalAI, run Llama or others and connect to them from their Promptly LLM apps - So spin up GPU instances and host whatever model in their VPC and it connects to your SaaS stack? What are they paying you for in this scenario?
Usually that’s not a problem it just means adding OpenAI as a data processor (at least under ISO 27017). There’s a difference between sharing data for commercial purposes (which is usually verboten), vs for data-processing purposes.
I've been maintaining SOC2 certification for multiple years, and I'm here to say that it's largely performative and an ineffective indicator of security posture.
The SOC2 framework is complex and compliance can be expensive. This can lead organizations to focus on ticking the boxes rather than implementing meaningful security controls.
SOC2 is not a good universal metric for understanding an organization's security culture. It's frightening that this is the best we have for now.
Will be doing a show HN for https://proc.gg, a generative AI platform I've built during my sabbatical.
I personally believe that in addition to OpenAI's offering, the ability to swap to an open source model e.g. Llama-2 is the way to go for enterprise offerings in order to get full control.
Azures ridiculous agreement likely put a lot of orgs off. They also shouldn't have tried to "improve" upon OpenAI's APIs. OpenAI's APIs are a little under thought (particularly fine tuning) but so what?
From our discussions with enterprises (trying to sell our LLM apps platform), we quickly learned how sensitive enterprises are when it comes to sharing their data. In many of these organizations, employees are already pasting a lot of sensitive data into ChatGPT unless access to ChatGPT itself is restricted. We know a few companies that ended up deploying chatbot-ui with Azure's OpenAI offering since Azure claims to not use user's data (https://learn.microsoft.com/en-us/legal/cognitive-services/o...).
We ended up adding support for Azure's OpenAI offering to our platform as well as open-source our engine to support on-prem deployments (LLMStack - https://github.com/trypromptly/LLMStack) to deal with the privacy concerns these enterprises have.