Photo credit: venturebeat.com
Stay informed on the latest progressions and exclusive insights into the realm of artificial intelligence by joining our newsletters.
The challenge of eliminating biases and instances of censorship in large language models (LLMs) is significant. Recently, concerns have heightened around DeepSeek, a model developed in China, as it has raised alarms among political figures and business leaders regarding potential national security threats.
A recent report from a select committee in the U.S. Congress characterized DeepSeek as “a profound threat to our nation’s security” and provided various policy recommendations aimed at addressing its risks.
While traditional approaches, like Reinforcement Learning from Human Feedback (RLHF), aim to mitigate bias, the enterprise risk management company CTGT has introduced an alternative framework. According to CTGT, their innovative method effectively removes inherent biases and censorship found in certain language models, purportedly achieving a complete elimination of censorship.
In a recent study, researchers Cyril Gorlla and Trevor Tuttle elaborated that their framework “directly identifies and modifies the internal features responsible for censorship.”
CTGT’s approach is noted for its computational efficiency and for allowing precise control over model behavior, ensuring that responses remain uncensored without sacrificing the model’s factual accuracy and capabilities.
Although initially designed for the DeepSeek-R1-Distill-Llama-70B model, Gorlla indicated that this methodology is applicable to a range of other models. In correspondence with VentureBeat, Gorlla stated, “We have validated CTGT with other openly available models like Llama, demonstrating similar effectiveness. Our technology functions at the foundational neural network layer, making it universally applicable to all deep learning models.” He further mentioned that CTGT is collaborating with a prominent foundation model laboratory to guarantee the integrity and safety of their upcoming models.
How It Works
According to the researchers, their technique involves recognizing features likely linked to undesired outcomes. They argue that within a large language model, certain hidden variables (neurons or directions in the model’s latent state) relate to concepts such as ‘censorship trigger’ or ‘toxic sentiment’. By identifying these variables, intentional adjustments can be made to the model’s operation.
CTGT outlines a three-step procedure:
- Feature identification
- Feature isolation and characterization
- Dynamic feature modification
Researchers generate a series of prompts that may elicit what they classify as “toxic sentiments.” For instance, inquiries about Tiananmen Square or methods for circumventing digital restrictions are used to examine the model’s responses. Through these tests, they establish patterns that reveal the model’s censoring tendencies.
Upon identifying these features, researchers can isolate them and ascertain the aspects of behavior they influence, such as a reluctance to respond or evasion of certain topics. This understanding enables researchers to integrate a mechanism into the model’s inference processes that adjusts the level of activation of the identified features’ behaviors.
Enhancing Model Responsiveness
CTGT’s experiments revealed that the original DeepSeek-R1-Distill-Llama-70B model addressed only 32% of sensitive prompts. In contrast, the modified version effectively responded to 96% of these inquiries, with the remaining 4% pertaining to highly explicit content.
CTGT emphasizes that while this method offers users the flexibility to adjust inherent bias and safety mechanisms, it safeguards against transforming the model into a “reckless generator” by retaining essential oversight. Additionally, the accuracy and performance of the model remains intact.
“This fundamentally differs from traditional fine-tuning as we are neither adjusting model weights nor introducing new example responses. This results in two key advantages: immediate applicability to the subsequent token generation as opposed to the lengthy process of retraining and the ability to revert to previous states, allowing for a switch between different operational behaviors,” the researchers explained in their paper.
Safety and Security of the Model
The congressional report regarding DeepSeek urged prompt governmental action to enhance export controls, strengthen enforcement, and address the risks associated with Chinese AI models.
In response to growing concerns over DeepSeek’s implications for national security, researchers and AI firms have been exploring strategies to ensure the safety of not just this model, but others too.
The determination of what constitutes “safe” or “biased” can often be complex; however, developing methods for users to manage controls tailored to their needs could prove highly beneficial. Gorlla noted the importance of enterprises placing trust in models that align with their regulatory standards, suggesting the necessity of innovative approaches like the one he contributed to.
“CTGT empowers businesses to implement AI that can adjust to their specific applications without the burden of excessive financial investment in fine-tuning models for each use case,” he remarked, underscoring the significance of this technology in fields with high stakes such as security, finance, and healthcare, where the repercussions of AI errors could be dire.
Source
venturebeat.com