For Policy’s Sake: Why We Must Distinguish AI Safety from AI Security in Regulatory Governance
2Katalina Hernandez
5Knight Lee
2Katalina Hernandez
2Knight Lee
2Katalina Hernandez
1Knight Lee
2Katalina Hernandez
1Knight Lee
3winstonBosan
3Katalina Hernandez
2Katalina Hernandez
New Comment
People on LessWrong aren't driven by motivation to do useful work, but the craving to read something amusing or say something smart and witty.
You are asking them to do useful work by giving you important advice, which requires more self control than people here have.
Maybe instead of asking for feedback on your entire framework, it will be motivationally easier for them if you divide it into smaller bite sized Question Posts, and ask one every few days?
You can always hide background information and context in collapsible sections.
You can use multiple collapsible sections, one for each background info topic, so people can skip the ones which they already know about and which bore them.
Anything you say outside a collapsible section should not refer to anything inside a collapsible section, which forces people to read the collapsible section and defeats the purpose.
An alternative to collapsible sections is linking to you previous posts, but that only works if your previous posts fit well with your current post.
Typo
"What AI Safety Seeks to Prevent: Human well-being, societal values, fundamental rights, and environmental integrity."
Maybe change "prevent" to "protect." Grumpy old users discriminate against new users, and a mere typo near the start can "confirm their suspicions" this is another low quality post.
Writing like a lawyer
Lawyers and successful bloggers/authors have the opposite instincts: lawyers try to be as thorough as possible while successful bloggers try to convey a message in as few words as possible.
1Thank you! This helps me a lot. I will hide the bits about the AI Act in collapsible sections, and I will correct this typo.
One thing I've noticed though: most "successful" posts in LW are quite long and detailed, almost paper-length. I thought that by making my post shorter, I may lose nuance.
People's attention spans vary dramatically when the topic is something cool and amusing, but I my vague opinion is that important policy work is necessarily a little less cool.
I could be completely wrong. I haven't succeeded in writing good posts either. So please don't take my advice too seriously! I forgot to give this disclaimer last time.
Random note: LessWrong has its internal jargon, where they talk about "AI Notkilleveryoneism."
The reason is that the words "AI safety" and "AI alignment" has been heavily abused by organizations doing Safetywashing. See some of the discussion here.[1]
- ^
I'm not saying you should adopt the term "AI Notkilleveryoneism," since policymakers might laugh at it. But it doesn't hurt to learn about this drama.
1Policy work is 100% less cool XD. But it should be concerning for us all that a vast majority of policy makers I've talked to did not even know that such thing as "mechanistic interpretability" exists, and think that alignment is some sort of security ideal...
So what I am doing here may be a necessary evil.
1Hmm! If you talk to policymakers face to face, that is something you can leverage to get LessWrong folks interested in you!
How many have you talked to, and how many will you talk to, and on what level are they on?
You might make a short Question Post highlighting that you're a lawyer talking to some policymakers. Even if it's a small number and they are low level, a little bit is far better than nothing.
Then you might ask an open-ended question, "what should I say to them?"
And you can include what you are currently saying to them in a collapsed sections or link to previous posts. Maybe summaries of past conversations can be put in collapsed sections too.
I'm not sure. I'm definitely not an expert in good LW posts, but my intuition is this one might get a better response.
My feeling is a ton of people on LessWrong are dying to make their message known to policymakers but they are falling on deaf ears. (Arguably, I am one of them, I once wrote this, and got ignored when I cold-emailed policymakers)
Someone who actually talks to policymakers (albeit European ones... haha) would be the most welcome.
1"Albeit European ones" I laughed so much hahaha. Sorry to dissapoint XD. Yes, mainly EU and UK based. Members of the European Commission's expert panel (I am a member too but I only joined very recently) and influential "think tanks" here in europe that provide feedback on regulatory initiatives, like the GPAI Codes of Practice
I will read your post, btw! I am sick of shallow AI Risk statements based on product safety legislations that do not account for the evolving, unpredictable nature of AI risk. Oh well.
I will gather more ideas and will post a Quick take as you've advised, that was a great idea, thank you!
:) that's great.
I think you are very modest, and have a tendency to undersell the influence you have. Don't do that in your quick take or post, make it clear from the beginning what positions you are in, and who you get to interact with :D
1I will bite.
First of all, I appreciate the effort of trying to communicate better and hammering down the neat borders of word and how they used across domains - especially for words that are often used interchangeably and carelessly.
TLDR: Sometimes posts just get unlucky! And your style is on the verbose side and I am still somewhat confused about your value props.
It seems like your frustration is from a lack of responses - often, a lack of response might just be luck based and how the LW algorithm works (exponential time decay). Maybe you posted at a time that most forum users are asleep, and/or you are running against the headwind of literally one of the most popular article of all time. Sometimes, you just get unlucky! Twice even!
However, I can also say that the content is not written very legibly. It took me a long time to get the actual punch line and understand what you really want - "Can someone technical say something about how you want these terms to be used?".
In addition, the post is written very verbosely. It takes a long time to get to the point, it is not clear about what it wants until the very end. It doesn't say how you are going to this, or that if it is even worth engaging with you because it is not clear how you'd help to delineate the word boundary from your position. I am still unsure about the exact value proposition on how better delineating these words would lead to reduced p(doom).
Keep trying!
Thanks so much for the thoughtful feedback! You're absolutely right about the verbosity (part of the lawyer curse, I’m afraid) but that's exactly why I'm here.
I really value input from people working closer to the technical foundations, and I’ll absolutely work on tightening the structure and making my core ask more legible.
You actually nailed the question I was trying to pose:
“Can someone technical clarify how they believe these terms should be used?”
As for why I’m asking: I work in AI Governance for a multinational, and I also contribute feedback to regulatory initiatives adjacent to the European Commission (as part of independent policy research).
One challenge I’ve repeatedly encountered is that regulators often lump safety and security into one conceptual bucket. This creates risks of misclassification, like treating adversarial testing purely as a security concern, when the intent may be safety-critical (e.g., avoiding human harm).
So, my goal here was to open a conversation that helps bridge technical intuitions from the AI safety community into actionable regulatory framing.
I don’t want to just map these concepts onto compliance checklists, I want to understand how to reflect technical nuance in policy language without oversimplifying or misleading.
I’ll revise the post to be more concise and frontload the value proposition. And if you’re open to it, I’d love your thoughts on how I could improve specific parts.
Thanks again, this kind of feedback is exactly what I was hoping for!
I’m aware this “safety vs. security” distinction isn’t clean in real-world ML work (e.g., I understand that adversarial robustness spans both).
But it’s proven useful for communicating with policy teams who are trying to assign accountability across domains.
I’m not arguing against existential AI Safety framing, just using the regulatory lens where “safety” often maps to preventing tangible human harms, and “security” refers to model integrity and defense against malicious actors.
If you’ve found better framings or language that have worked across engineering/policy interfaces, I’d love to hear them.
Especially if you think interpretability or control work gets misclassified in governance discourse.
Grateful for your thoughts, please tell me where this falls short of your technical experience.
Curated and popular this week