Right now I’m working on finding a good objective to optimize with ML, rather than trying to make sure our models are robustly optimizing that objective. (This is roughly “outer alignment.”)

That’s pretty vague, and it’s not obvious whether “find a good objective” is a meaningful goal rather than being inherently confused or sweeping key distinctions under the rug.

So I like to focus on a more precise special case of alignment: solve alignment when decisions are “low stakes.” I think this case effectively isolates the problem of “find a good objective” from the problem of ensuring robustness and is precise enough to focus on productively.

In this post I’ll describe what I mean by the low-stakes setting, why I think it isolates this subproblem, why I want to isolate this subproblem, and why I think that it’s valuable to work on crisp subproblems.

1. What is the low-stakes setting?

A situation is low-stakes if we care very little about any small number of decisions. That is, we only care about the average behavior of the system over long periods of time (much longer than the amount of time it takes us to collect additional data and retrain the system).

For example, this requires that all of the AI systems in the world can’t corrupt the training process quickly or seize control of resources from humans. If they try, we can keep collecting data and fine-tuning them, and this will cause their behavior to change before anything irreversibly bad happens.

For a more formal definition see section 6.

2. Why do low stakes require only outer alignment?

If the stakes are low, we can train our model on the decisions that actually arise in practice rather than needing to anticipate tricky decisions in advance. Moreover, because the payoff from an individual action is always small, we can focus on average-case performance and achieve reasonable sample complexities without any additional tricks.

The main substantive claim is that we don’t need to worry about the “distributional shift” between past decisions and future decisions. When the distribution of inputs change, the system may behave poorly for a while, but if we keep retraining on the new data then it will eventually adapt. If individual decisions are low stakes, then the total cost of all of this adaptation is small. I give this argument in more detail in section 7.

Formally this resembles an online regret bound (this textbook gives a nice introduction to online learning). SGD satisfies such a bound in the case of convex losses. For messy model classes like neural networks we usually can’t prove much interesting about SGD (either for online or offline learning), but for a variety of reasons I think it’s reasonable to expect a similar online bound. I discuss this in more detail in section 8.

This isn’t to say that we can totally ignore optimization difficulties, or the online nature of the problem. But it appears that the main difficulty is constructing a good enough objective and arguing that it is sufficiently easy to optimize.

3. Why focus on this subproblem first?

I think it’s really great to focus on a good subproblem if you can find one.

If you solve your subproblem, then you’ve made progress. If you get stuck, well then you were probably going to get stuck anyway and at least you’re stuck on something easier. When working on a big problem like alignment, I feel like it’s easy to bounce off of every solution because it doesn’t handle the whole problem immediately, and splitting into subproblems is a key way to get over that failure.

I think that the low-stakes setting is a particularly good and clean subproblem: it’s definitely not harder than the original, there are clear ways in which it’s much easier, and solving it would represent real progress.

Why do I focus on this problem first, rather than starting with the other side (something more like robustness / inner alignment)?

• I think that finding a “good” objective is likely to be similar to finding a “good” specification for adversarial training or verification, and understanding the structure of our specification will change how we approach robustness.
• I think that defining a good objective likely requires something like “knowing what the model knows.” If this is successful, it’s likely to be an important ingredient for robustness as well (especially for treacherous behavior, where in some sense the model “knows” about the problem).
• Put differently, I feel like we can approximately split the full alignment problem into two parts: low stakes and handling catastrophes. We know how to define the low-stakes part but don’t know quite how to formulate catastrophes, so it’s more natural to start with low stakes.

4. Is the low-stakes setting actually scary?

Many AI safety problems involve AI systems behaving badly in an abrupt and irreversible way. Does the low-stakes assumption dismiss the central concerns?

I think that you could have very risky situations even if every individual decision is low-stakes. For example, suppose that our world was full of safeguards that made it very slow and hard to change anything big (our infrastructure, our government, individual decision-making…). Perhaps any big change will need to take place in tiny pieces spread over thousands of days (though smaller changes occur more easily).

In such a world AI can still cause huge amounts of trouble if humans can’t understand what it is doing. Rather than “taking over” in a single unanticipated shock, the situation can deteriorate in a thousand tiny pieces each of which humans cannot understand.

5. Why focus on "low stakes" rather than "outer alignment"?

Theoretical work in general, and my research methodology in particular, is a lot easier when we can cleanly evaluate proposed solutions rather than being fuzzy about the boundaries of our problem. Alignment is always frustratingly fuzzy, but we don’t have to make it any worse.

I think that if I tried to work on “outer alignment” defined more fuzzily, I might have ended up sweeping some critical issues under the rug or pursuing dead ends. For example:

• If I’d tried to assume that our models generalize “correctly” as long as the objective is good, I might not have been thinking clearly about how models generalize from questions we can evaluate to those we can’t. But I think that’s actually a core issue that can’t be cleanly separated from the rest of outer alignment.
• If I’d tried to assume that models are “trying” to get a low value for the training loss, I might have ended up relying on our ability to incentivize the model to make very long-term predictions. But I think that approach is basically a dead end.

Overall I think that inner alignment and outer alignment are useful intuitive handles but don’t carve the problem space cleanly enough to be good research problems.

6. More formal definition of low-stakes

Say that our AI receives a sequence of inputs x[1], x[2], … x[T], and produces a sequence of outputs y[1], y[2], … y[T].

Let U[t](y) be our expected utility if we intervene to have the AI output y[t] = y and then be aligned in all future timesteps. Let ρ be a bound on the maximum possible utility difference U[t](y) − U[t](y′).

(Assume that our AI sometimes behaves randomly for exploration, so that we can define these as conditional expectations given the state of the world before the system chooses y[t].)

Let k be a constant (the “latency”) such that we can afford to train the AI on all data up to time t before we need to deploy it to make a decision at time t+k.

Then the “low-stakes” goal is to achieve a total utility within O(ρk√T) of an aligned model. I call this “low-stakes” because the bound is only meaningful when ρk — the total damage that can be done by ML systems before retraining — is small relative to the total value at stake. Because this gap grows sublinearly with T, note that it is eventually small if ML is deployed for long enough relative to the stakes and the time required for models to learn.

7. More formal argument that outer alignment is sufficient

Suppose that we could compute the utilities U[t](y) exactly, i.e. that we had a perfect objective. I claim that we could then satisfy the low-stakes goal by performing online RL, i.e. performing SGD with a loss function that is an unbiased estimator for the expectation of U[t](y) for an action y sampled from the model.

I’ll focus on the case k=1 for simplicity, but I think k>1 is basically the same.

For each timestep t, let M[t] be our model at time t, let y[t] be the random output we sample, let M*[t] be the aligned model that is competitive with M, and let y*[t] be the output of M*.

Then:

• U[0](y*[0]) is the utility we’d obtain by taking aligned decisions at every step. U[T](y[T]) is the actual utility we receive. So our “regret” is U[T](y[T]) − U[0](y*[0])
• U[t+1](y*[t+1]) = U[t](y[t]), since U is defined assuming the system is aligned at all future times.
• Thus the regret is the sum of U[t](y*[t]) − U[t](y[t]) across all time steps t.
• But this is identical to the difference in performance between the sequence of models M[t] and M*[t].

If our loss function was convex and M* was fixed, then SGD would have a regret bound of O(ρk√T), as desired. If we are optimizing over the space of neural networks then our loss function is obviously not convex and so we can’t easily prove a bound of this form, but I’ll argue in section 8 that we can aim for a similar guarantee as long as M* is “easy” to find with SGD.

Of course we can’t hope to actually compute the real utility differences U[t] (since e.g. which decision is optimal may depend on hard empirical facts where we don’t get any feedback until years later). So we’ll need to set our sights a bit lower (e.g. to say that in subjective expectation we do as well as the aligned model, rather than being able to say that for every possible sequence we actually do as well). I discuss similar issues in section 3 of Towards formalizing universality, and I don’t think they change the basic picture.

8. Why expect SGD to work online even for neural networks?

SGD enjoys a √T online regret bound only for convex losses. Convexity implies that the iterates of SGD are optimal for a regularized loss function, which is needed to get a bound.

Other than that hiccough I think the regret bound basically goes through. But why am I not concerned about the suboptimality of SGD?

• To the extent that SGD can’t find the optimum, it hurts the performance of both the aligned model and the unaligned model. In some sense what we really want is a regret bound compared to the “best learnable model,” where the argument for a regret bound is heuristic but seems valid.
• Moreover, a satisfactory alignment scheme already needs to explain why finding the aligned model M* is not much harder than finding the unaligned model M. And that’s basically what we need in order to argue that SGD has a regret bound relative to M*.

Overall I’m prepared to revise my view if the empirical evidence suggests that online bounds are problematic, but so far all the experiments I’m aware of are broadly consistent with the theoretical picture.

The other slight subtlety in section 7 is that we care about the regret between the actual model M[t] and the aligned version M*[t], whereas we conventionally define regret relative to some fixed target model. I’m not concerned about this either: (i) regret bounds that compare the actual model M to the best transformed model can be obtained by similar methods, (ii) for our purposes we’d also be fine just bounding our regret compared to the single maximally-competent aligned model at the end of training (although I actually expect that to be somewhat harder).

Overall I don’t think this is completely straightforward, but I think it looks good enough that the main difficulty is probably finding a good objective. I’d personally want to start thinking about these more technical issues only after we’ve solved the thornier conceptual issues.