Name of Project: AI Angels - Privacy preserving distributed language modelling
Proposal in one sentence: To develop personalized AI assistants, we need to solve the problem of data privacy. This proposal is to explore a way to tackle this by combining ideas from edge computing and differential privacy.
Description of the project and what problem it is solving:
AI assistants like chatGPT would provide a lot more value if they had access to more personalized data about you as an individual. Doing this involves several challenges: 1) how to record the personal data, 2) how should the AI model process it, and 3) and how do we keep the data private and secure.
Here we tackle 3). However, data privacy/security is tightly related to 2), the AI system architecture. This is because the kind of AI model induces limitations (e.g. you canât run GPT-3 on your laptop).
One approach to design a personalized AI is to store all the personal user data on the cloud, and run the models on this data directly. However, earning the trust from the user is proving tricky with such an approach. This is why companies like Rewind.AI have opted to keep the personal data on the userâs computer.
However, this runs into the issue of the userâs computer not being powerful enough to run start-of-the-art models like GPT-3.
In this proposal, I want to explore an approach to tackle this problem: by compining distributed language-model computation with a form of differential privacy.
The design I have in mind involves having a small language model (small enough to run on edge/on the userâs laptop) that has access to the personal data of the user (via retrieval + prompting), and uses this to answer a query the user provides (a la chatGPT). However, to compensate for the model being smaller (and thus less powerful), we allow it to do some intermediate computation where it can send questions to an API for a much more powerful model (say GPT-3). The answers it receives from the API are used to provide the final answer.
To maintain privacy in this model, however, we need to ensure that the questions the smaller model sends to the API are privacy preserving, i.e. they donât reveal sensitive information from the user (e.g. the small model could ask âWhat is a good idea for marketing a VR startup?â but not âwhat is a good idea for marketing my secret stealh startup XYZâ. This proposal is about exploring how to best achieve this.
There are two main approaches to be explored: prompt engineering, and fine-tuning via RL where the reward is whether a large language model thinks that the question reveals info from parts of the prompt (including retrieval) labelled as âsensitiveâ (for simplicity we assume the user labels which parts of its personal data are sensitive: e.g. passwords, addresses, health data, trade secrets, etc.). We will probably start with the former as itâs simpler. Evaluation can be done with human/user feedback.
Ultimately, this could be the foundation of a network of AIs and humans, with a distinguished set of AIs, which Iâm calling âAI angelsâ, which are aligned to each individual human via personalization and offer the interface between the human and the wider network of AIs. This vision is related to the vision outlined here for AI alignment.
Grant Deliverables:
-
Results with users studies of different approaches of tackling the problem via prompt engineering of the small/edge language model.
-
Exploration into tackling the problem via RL fine-tuning of the smaller model. If the approach proves feasible within the compute budge, then weâll perform user studies too.
Spread the Love
Iâd be interested in having help with designing and distributing a system for gathering feedback for the user evaluations.
Squad
Squad members:
guillefix
twitter: @guillefix
discord: guillefix#8591
Iâm happy to onboard some people who may be interested to help and share the reward if they want to commit enough time!:>