Weekly Roundup (February 26, 2025)

AI goes to War, Google sells sensitive consumer data, Anthropic falls into step with DeepSeek, and more.

• How to regulate a dual-use technology? Reporting from the Associated Press (AP) provides new detail on how the Israeli Defense Force (IDF) has been extensively using OpenAI’s generative AI models via Microsoft’s cloud Azure. Per AP’s investigation: “the Israeli military’s usage of Microsoft and OpenAI artificial intelligence spiked last March to nearly 200 times higher than before the week leading up to the Oct. 7 attack…Usage of Microsoft’s huge banks of computer servers by the military also rose by almost two-thirds in the first two months of the war alone.” Israel has praised the technology as a “game changer” for combing through mountains of surveillance data to identify ‘military targets’ and translate communications.
  
  Public insight into how important military sales are to Big Tech’s AI and cloud products, along with its implications for AI capabilities development, is unclear though. Military technology may advance AI towards the sorts of “existential” risks, such as unaligned model autonomy, that developers are apparently trying to guard against in their risk management frameworks. But discussion of this remains missing from OpenAI’s model system card. As private companies, OpenAI and Anthropic don’t have to provide public disclosures on the specific sources of their revenue by product or “operating segment”. But for Amazon and Microsoft, as public companies, shareholders could and should demand more disaggregated disclosures on how their cloud platforms as a whole are being used — and by whom.

  
  Lastly, the “tech industrial” partnerships highlighted by the AP underscore the importance of the cloud layer in AI’s ongoing worldwide deployment, including for military applications. It makes sense then that judicious disclosures and monitoring of cloud activity can help ensure AI deployments are not being misused globally. And although AI’s foundation model developers are the current focus of most draft AI regulations, cloud providers are really the essential arteries for the development and deployment of AI models, and have the potential to become a far more significant regulatory layer in AI markets, we would argue.

Source: Made with DALLE-3

• European Commission reviews its past antitrust efforts. The European Commission (EC) has published a string of important macroeconomic reports (summarized here), including an assessment of the impact and efficacy of its competition (antitrust) rulings - and in particular the remedies used to deal with the harms identified by the courts. The review (summarised here) finds that less than half the remedies were effective in achieving their desired objective. It calls for more specialized remedy design, along with greater use of “interim measures”. But for us, the core question is whether this will be used to lend support to the EU’s shifting AI agenda towards leveraging industrial policy for AI’s homegrown development – instead of relying on regulations or the courts. This comes as the EU considers adopting a more explicitly protectionist stance to U.S. tech firms deemed to violate the EU’s principles. Elon Musk’s very public interventions into the politics of several European countries may, perhaps ironically, end up accelerating regional EU technological integration on AI.

• Google serves up consumer data to the highest bidder. Despite clear advertising policies that prohibit targeting consumers based on specific traits, a Wired investigation revealed that Google is still selling such data to advertisers. Advertisers can purchase via Google audience “segments” — lists of mobile IDs that point to mobile devices and online profiles — that are categorized by identifiers, such as “US government employees who are considered ‘decision makers’ working ‘specifically in the field of national security’” and “Individuals likely to have a Cardiovascular condition.” Yet a spokesperson from Google insisted to Wired that “Our policies do not permit audience segments to be used based on sensitive information like employment, health conditions, financial status, etc.”

  Along with being a serious national security risk, and a violation of consumer privacy, Google’s latest ads violations highlights the gap between its corporate policies and its practices. AI policy discussions take note: a policy without enforcement is closer to marketing than material controls to keep a technology safe & secure. It’s clear that Google has no commercial incentive to enforce their ads data targeting policies. (Are the rules sufficient? Where are the prohibitive fines? Where is the investigation?) Similarly, for Google’s AI policies that are already in place, given the commercial incentives at play, how likely are they to be enforced? Several leading AI model developers have fairly detailed terms of service and acceptable use policies for their AI products; but there’s little evidence so far of the sort of rigorous enforcement required to make these controls meaningful. See our forthcoming paper on Gaps in AI Best Practices for more.
  

• Tell me how you really think, model. Anthropic announced their latest model on Monday, Claude 3.7 Sonnet. It’s their first “hybrid” reasoning model — meaning users can select if they want extra reasoning or not. Notably, they have chosen to show users the full, unfiltered, model chain of thought (CoT), after users raved about DeepSeek’s R1 showing the unfiltered CoT. This means the user can see the model’s thought process before it spits out some sort of response / answer. Earlier this month, in response to the enhanced transparency introduced into the market by DeepSeek’s competitive introduction, OpenAI also “updated” its model CoT outputs, but it remains a more sanitized summary.

  Anthropic acknowledges in Claude 3.7 Sonnet’s model card that releasing the unfiltered CoT has some potential drawbacks, as it shows the user more information and could lead to more effective jailbreaks. But they argue that the benefits from enhanced transparency and utility outweigh any costs. Although this might generate more jailbreaks (as model violations of its safeguards) in the short-term, it seems equally likely to enhance model security in the long-run, as it speeds up Anthropic’s understanding of 3.7’s existing model vulnerabilities and how to secure them.

• Policy shapes practice. As Meta fires their fact checkers, they are revamping a program that monetizes so-called “viral” content, ProPublica reports. This is content that lands up being seen by a large swath of users. Reports ProPublica: “With the removal of fact-checks in the U.S., “what is the protection now against viral hoaxes for profit?” said Jeff Allen, the chief research officer of the nonprofit Integrity Institute and a former Meta data scientist.” It doesn’t take an online safety expert to see how a business model, premised on algorithmically maximizing for engagement, can cause major societal harms when its safeguards are removed. The platform’s incentive structure now risks rewarding sensationalism and misinformation (again), creating a high-reward, low-consequence environment for bad actors. This underscores how technological guardrails often shape ‘safety’ outcomes through impacting the incentives firms face in the marketplace. In other words, the business model itself is the source of risk. In this situation, measures that better align a content creator’s or firm’s private incentives with the public interest should be our priority.
  
  This is a case of policy (re)shaping practice and an example of just how much it can matter to get the policy right. And that’s not to say that Facebook’s policy should necessarily require a human army of third-party fact checkers. But only that its content promotion algorithms should consider a range of factors, and include automated safeguards, especially as content is shown to more and more users. Just as stock markets have circuit breakers to halt trading when a security moves too far outside of its normal range, so too could algorithmic mechanisms be implemented on social media platforms to halt — or at least closely monitor — viral activity. Humans remaining “in the loop” will always be necessary to ensure algorithms behave as intended, and with adequate controls in place, though.

---

Thanks for reading! If you liked this post please share it and click “subscribe now”, if you aren’t yet a subscriber.