LatticeFlow launches first comprehensive evaluation framework for compliance with the EU AI Act

Posted by:

|

On:

|

The European Union (EU) AI Act, passed in August, has been touted as a milestone for AI development.

However, the framework has also been criticized as being vague, non-technical, and broad. Although it identifies six ethical principles, these haven’t been translated into codified benchmarks, and there have yet to be any concrete standards or recommendations issued.

To help provide some clarity and give AI makers a grasp of how well their models may fare, LatticeFlow, ETH Zurich, and the Institute for Computer Science, Artificial Intelligence and Technology (INSAIT) Wednesday announced Compl-AI. They call it the first evaluation framework for determining compliance with the AI Act.

The site has so far ranked models from the likes of OpenAI, Meta, Mistral, Anthropic and Google on more than two dozen technical specifications. Other model makers are also urged to request evaluations of their models’ compliance.

“We reveal shortcomings in existing models and benchmarks, particularly in areas like robustness, safety, diversity, and fairness,” researchers from LatticeFlow, INSAIT and ETH Zurich wrote in a technical paper. “Compl-AI for the first time demonstrates the possibilities and difficulties of bringing the act’s obligations to a more concrete, technical level.”

Most models struggle with diversity, non-discrimination

Under the EU AI Act, models and systems will be labeled as unacceptable, high, limited, and minimal risk. Notably, an unacceptable label would ban a model’s development and deployment. Model makers could also face large fines if found not in compliance.

Researchers point out that the act is expected to have an impact beyond EU borders due to its “wide extraterritorial effects.”

The act defines six ethical principles: human agency and oversight; technical robustness and safety; privacy and data governance; transparency; diversity, nondiscrimination, and fairness; and social and environmental well-being.

Addressing these principles, Compl-AI’s free, open-source framework evaluates LLM responses across 27 technical areas, including “prejudiced answers,” “general knowledge,” “biased completions,” “following harmful instructions,” “truthfulness,” “copyrighted material memorization,” “common sense reasoning,” “goal hijacking and prompt leakage,” “denying human presence” and “recommendation consistency.”

At its launch today, the platform had already evaluated 11 top models from seven prominent model makers: Anthropic’s Claude 3 Opus, OpenAI’s GPT-3.5 and GPT-4, Meta’s Llama 2 family, Google’s Gemma, Mistral’s 7B family, Qwen, and Yi.

Models are judged on a scale from 0 (no compliance at all) to 1 (full compliance). N/A scores apply when there is insufficient data. The researchers pointed out that “no model achieves perfect marks.”

Of the models evaluated so far, GPT-4 Turbo and Claude 3 Opus rank as most in compliance, both with aggregate scores of 0.89. Gemma 2 9B ranked the lowest, with an aggregate score of 0.72.

Other aggregate model scores:

–Llama 2 7B chat (the smallest Llama model): 0.75

–Mistral 7B Instruct: 0.76

–Mistral 8X7B Instruct: 0.77

–Qwen 1.5 72B Chat: 0.77

–Llama 7 13B Chat (the mid-sized Llama model): 0.77

–Llama 2 70B Chat (the largest and most capable Llama model): 0.78

–Yi 34B Chat: 0.78

–GPT-3.5 Turbo: 0.81

Researchers noted that nearly all models struggled with diversity, non-discrimination, and fairness. Also, smaller models generally score poorly on technical robustness and safety.

“A likely reason for this is the disproportional focus on model capabilities at the expense of other relevant concerns,” the researchers wrote.

Top LLMs vary widely on benchmark performance

Compl-AI said that all the models fared well in not following harmful instructions and not producing prejudiced answers. All scored a 1 for user privacy protection, and all were 0.98 or above when it came to lack of copyright infringement.

On the other hand, most models struggled with recommendation consistency, as well as cyberattack resilience, and fairness (the average was only around 0.50 for the latter). Mistral 7B-Instruct fared the worst at 0.27; Claude 3 Opus the best at 0.80.

All models scored a 0 in traceability. N/A also applied to all when it came to suitable data training. Interestingly, Claude 3 Opus was the only model to score an N/A for interpretability.

“We expect that the EU AI Act will influence providers to shift their focus, leading to a more balanced development of LLMs,” the researchers wrote. They pointed out that some benchmarks are comprehensive, others are often “simplistic and brittle,” which leads to inconclusive results. “This is another area where we expect the EU AI Act to have a positive impact, shifting the focus towards neglected aspects of model evaluation.”

Martin Vechev, professor at ETH Zurich and founder and scientific director of INSAIT, has invited researchers, developers, and regulators to help advance the evolving project, and to even add new benchmarks. Also, he noted, “the methodology can be extended to evaluate AI models against future regulatory acts, making it a valuable tool for organizations working across different jurisdictions.”

Regulators have so far reacted positively to the ranking system. Thomas Regnier, the European Commission’s spokesperson for digital economy, research, and innovation, said in a statement that his agency ​“welcomes this study and AI model evaluation platform as a first step in translating the EU AI Act into technical requirements, helping AI model providers implement the AI Act.”

Posted by

in