Data-Centric Governance

   1@misc{mazumder_dataperf_2022,
   2  keywords = {Computer Science - Machine Learning},
   3  note = {arXiv:2207.10062 [cs]},
   4  year = {2022},
   5  month = {July},
   6  author = {Mazumder, Mark and Banbury, Colby and Yao, Xiaozhe and Karlaš, Bojan and Rojas, William Gaviria and Diamos, Sudnya and Diamos, Greg and He, Lynn and Kiela, Douwe and Jurado, David and Kanter, David and Mosquera, Rafael and Ciro, Juan and Aroyo, Lora and Acun, Bilge and Eyuboglu, Sabri and Ghorbani, Amirata and Goodman, Emmett and Kane, Tariq and Kirkpatrick, Christine R. and Kuo, Tzu-Sheng and Mueller, Jonas and Thrush, Tristan and Vanschoren, Joaquin and Warren, Margaret and Williams, Adina and Yeung, Serena and Ardalani, Newsha and Paritosh, Praveen and Zhang, Ce and Zou, James and Wu, Carole-Jean and Coleman, Cody and Ng, Andrew and Mattson, Peter and Reddi, Vijay Janapa},
   7  publisher = {arXiv},
   8  urldate = {2023-02-14},
   9  abstract = {Machine learning (ML) research has generally focused on models, while the most prominent datasets have been employed for everyday ML tasks without regard for the breadth, difficulty, and faithfulness of these datasets to the underlying problem. Neglecting the fundamental importance of datasets has caused major problems involving data cascades in real-world applications and saturation of dataset-driven criteria for model quality, hindering research growth. To solve this problem, we present DataPerf, a benchmark package for evaluating ML datasets and dataset-working algorithms. We intend it to enable the "data ratchet," in which training sets will aid in evaluating test sets on the same problems, and vice versa. Such a feedback-driven strategy will generate a virtuous loop that will accelerate development of data-centric AI. The MLCommons Association will maintain DataPerf.},
  10  doi = {10.48550/arXiv.2207.10062},
  11  url = {http://arxiv.org/abs/2207.10062},
  12  shorttitle = {{DataPerf}},
  13  title = {{DataPerf}: {Benchmarks} for {Data}-{Centric} {AI} {Development}},
  14}
  15
  16@misc{mcgregor_participation_2022,
  17  keywords = {Computer Science - Computers and Society, Computer Science - Human-Computer Interaction, Computer Science - Machine Learning},
  18  note = {arXiv:2211.08419 [cs]},
  19  year = {2022},
  20  month = {November},
  21  author = {McGregor, Sean},
  22  publisher = {arXiv},
  23  urldate = {2022-12-13},
  24  abstract = {Emerging artificial intelligence (AI) applications often balance the preferences and impacts among diverse and contentious stakeholder groups. Accommodating these stakeholder groups during system design, development, and deployment requires tools for the elicitation of disparate system interests and collaboration interfaces supporting negotiation balancing those interests. This paper introduces interactive visual "participation interfaces" for Markov Decision Processes (MDPs) and collaborative ranking problems as examples restoring a human-centered locus of control.},
  25  doi = {10.48550/arXiv.2211.08419},
  26  url = {http://arxiv.org/abs/2211.08419},
  27  title = {Participation {Interfaces} for {Human}-{Centered} {AI}},
  28}
  29
  30@misc{munich_re_insure_2022,
  31  year = {2022},
  32  month = {November},
  33  author = {{Munich Re}},
  34  journal = {Munich Re},
  35  urldate = {2022-11-21},
  36  language = {en},
  37  abstract = {Artificial intelligence will turn many areas of the economy upside down: It offers us the chance to reduce costs, improve quality and increase profits, whether in fraud management, production processes or agriculture.},
  38  url = {https://www.munichre.com/en/solutions/for-industry-clients/insure-ai.html},
  39  title = {Insure {AI} – {Guarantee} the performance of your {Artificial} {Intelligence} systems},
  40}
  41
  42@inproceedings{mcgregor_indexing_2022,
  43  keywords = {Computer Science - Artificial Intelligence, Computer Science - Computers and Society, Computer Science - Machine Learning},
  44  note = {arXiv:2211.10384 [cs]},
  45  year = {2022},
  46  month = {November},
  47  author = {McGregor, Sean and Paeth, Kevin and Lam, Khoa},
  48  publisher = {arXiv},
  49  booktitle = {{NeurIPS} {Workshop} on {Human}-{Centered} {AI}},
  50  urldate = {2022-11-21},
  51  abstract = {Two years after publicly launching the AI Incident Database (AIID) as a collection of harms or near harms produced by AI in the world, a backlog of "issues" that do not meet its incident ingestion criteria have accumulated in its review queue. Despite not passing the database's current criteria for incidents, these issues advance human understanding of where AI presents the potential for harm. Similar to databases in aviation and computer security, the AIID proposes to adopt a two-tiered system for indexing AI incidents (i.e., a harm or near harm event) and issues (i.e., a risk of a harm event). Further, as some machine learning-based systems will sometimes produce a large number of incidents, the notion of an incident "variant" is introduced. These proposed changes mark the transition of the AIID to a new version in response to lessons learned from editing 2,000+ incident reports and additional reports that fall under the new category of "issue."},
  52  url = {http://arxiv.org/abs/2211.10384},
  53  title = {Indexing {AI} {Risks} with {Incidents}, {Issues}, and {Variants}},
  54}
  55
  56@book{underwriters_laboratories_engineering_2016,
  57  year = {2016},
  58  author = {{Underwriters Laboratories}},
  59  publisher = {Selby Marketing Associates},
  60  urldate = {2022-11-21},
  61  language = {en},
  62  abstract = {“Engineering Progress” is a comprehensive, historical account of UL Solutions.},
  63  url = {https://www.ul.com/about/download-engineering-progress-ebook},
  64  title = {Engineering {Progress}},
  65}
  66
  67@misc{ml_commons_mlcommons_2022,
  68  year = {2022},
  69  month = {November},
  70  author = {{ML Commons}},
  71  journal = {MLCommons},
  72  urldate = {2022-11-21},
  73  language = {en},
  74  abstract = {MLCommons aims to accelerate machine learning innovation to benefit everyone.},
  75  url = {https://mlcommons.org/},
  76  title = {{MLCommons}},
  77}
  78
  79@misc{appen_launch_2022,
  80  year = {2022},
  81  month = {November},
  82  author = {{Appen}},
  83  journal = {Appen},
  84  urldate = {2022-11-21},
  85  language = {en-GB},
  86  abstract = {Access high-quality structureed or unstructured data to train models for unique use cases through a world-class technology platform},
  87  url = {https://s40188.p1443.sites.pressdns.com/platform-5/},
  88  title = {Launch {World}-{Class} {AI} and {ML} {Projects} with {Confidence}},
  89}
  90
  91@misc{gitlab_cicd_2022,
  92  year = {2022},
  93  month = {November},
  94  author = {{GitLab}},
  95  journal = {GitLab Documentation},
  96  urldate = {2022-11-20},
  97  language = {en-us},
  98  abstract = {An overview of Continuous Integration, Continuous Delivery, and Continuous Deployment, as well as an introduction to GitLab CI/CD.},
  99  url = {https://docs.gitlab.com/ee/ci/introduction/},
 100  title = {{CI}/{CD} concepts {\textbar} {GitLab}},
 101}
 102
 103@misc{hugging_face_distilbert-base-uncased-finetuned-sst-2-english_2022,
 104  year = {2022},
 105  month = {November},
 106  author = {{Hugging Face}},
 107  journal = {Hugging Face - The AI Community Building the Future},
 108  urldate = {2022-11-20},
 109  abstract = {We’re on a journey to advance and democratize artificial intelligence through open source and open science.},
 110  url = {https://huggingface.co/distilbert-base-uncased-finetuned-sst-2-english},
 111  title = {distilbert-base-uncased-finetuned-sst-2-english · {Hugging} {Face}},
 112}
 113
 114@article{anonymous_incident_2016,
 115  note = {Publisher: Responsible AI Collaborative},
 116  year = {2016},
 117  editor = {McGregor, Sean},
 118  author = {{Anonymous}},
 119  journal = {AI Incident Database},
 120  url = {https://incidentdatabase.ai/cite/37},
 121  title = {Incident 37: {Female} {Applicants} {Down}-{Ranked} by {Amazon} {Recruiting} {Tool}},
 122}
 123
 124@article{colmer_incident_2018,
 125  note = {Publisher: Responsible AI Collaborative},
 126  year = {2018},
 127  editor = {Lam, Khoa},
 128  author = {Colmer, Devon},
 129  journal = {AI Incident Database},
 130  url = {https://incidentdatabase.ai/cite/361},
 131  title = {Incident 361: {Amazon} {Echo} {Mistakenly} {Recorded} and {Sent} {Private} {Conversation} to {Random} {Contact}},
 132}
 133
 134@article{lam_incident_2021,
 135  note = {Publisher: Responsible AI Collaborative},
 136  year = {2021},
 137  editor = {McGregor, Sean},
 138  author = {Lam, Khoa},
 139  journal = {AI Incident Database},
 140  url = {https://incidentdatabase.ai/cite/171},
 141  title = {Incident 171: {Traffic} {Camera} {Misread} {Text} on {Pedestrian}'s {Shirt} as {License} {Plate}, {Causing} {UK} {Officials} to {Issue} {Fine} to an {Unrelated} {Person}},
 142}
 143
 144@article{anonymous_incident_2021,
 145  note = {Publisher: Responsible AI Collaborative},
 146  year = {2021},
 147  editor = {McGregor, Sean},
 148  author = {{Anonymous}},
 149  journal = {AI Incident Database},
 150  url = {https://incidentdatabase.ai/cite/160},
 151  title = {Incident 160: {Alexa} {Recommended} {Dangerous} {TikTok} {Challenge} to {Ten}-{Year}-{Old} {Girl}},
 152}
 153
 154@article{anonymous_incident_2019,
 155  note = {Publisher: Responsible AI Collaborative},
 156  year = {2019},
 157  editor = {McGregor, Sean},
 158  author = {{Anonymous}},
 159  journal = {AI Incident Database},
 160  url = {https://incidentdatabase.ai/cite/159},
 161  title = {Incident 159: {Tesla} {Autopilot}’s {Lane} {Recognition} {Allegedly} {Vulnerable} to {Adversarial} {Attacks}},
 162}
 163
 164@article{anonymous_incident_2021-1,
 165  note = {Publisher: Responsible AI Collaborative},
 166  year = {2021},
 167  editor = {McGregor, Sean},
 168  author = {{Anonymous}},
 169  journal = {AI Incident Database},
 170  url = {https://incidentdatabase.ai/cite/149},
 171  title = {Incident 149: {Zillow} {Shut} {Down} {Zillow} {Offers} {Division} {Allegedly} {Due} to {Predictive} {Pricing} {Tool}'s {Insufficient} {Accuracy}},
 172}
 173
 174@article{hall_incident_2020,
 175  note = {Publisher: Responsible AI Collaborative},
 176  year = {2020},
 177  editor = {McGregor, Sean},
 178  author = {Hall, Patrick},
 179  journal = {AI Incident Database},
 180  url = {https://incidentdatabase.ai/cite/134},
 181  title = {Incident 134: {Robot} in {Chinese} {Shopping} {Mall} {Fell} off the {Escalator}, {Knocking} down {Passengers}},
 182}
 183
 184@article{xie_incident_2018,
 185  note = {Publisher: Responsible AI Collaborative},
 186  year = {2018},
 187  editor = {McGregor, Sean},
 188  author = {Xie, Fabio},
 189  journal = {AI Incident Database},
 190  url = {https://incidentdatabase.ai/cite/114},
 191  title = {Incident 114: {Amazon}'s {Rekognition} {Falsely} {Matched} {Members} of {Congress} to {Mugshots}},
 192}
 193
 194@article{anonymous_incident_2020,
 195  note = {Publisher: Responsible AI Collaborative},
 196  year = {2020},
 197  editor = {McGregor, Sean},
 198  author = {{Anonymous}},
 199  journal = {AI Incident Database},
 200  url = {https://incidentdatabase.ai/cite/102},
 201  title = {Incident 102: {Personal} voice assistants struggle with black voices, new study shows},
 202}
 203
 204@article{anonymous_incident_2017,
 205  note = {Publisher: Responsible AI Collaborative},
 206  year = {2017},
 207  editor = {McGregor, Sean},
 208  author = {{Anonymous}},
 209  journal = {AI Incident Database},
 210  url = {https://incidentdatabase.ai/cite/68},
 211  title = {Incident 68: {Security} {Robot} {Drowns} {Itself} in a {Fountain}},
 212}
 213
 214@article{yampolskiy_incident_2016,
 215  note = {Publisher: Responsible AI Collaborative},
 216  year = {2016},
 217  editor = {McGregor, Sean},
 218  author = {Yampolskiy, Roman},
 219  journal = {AI Incident Database},
 220  url = {https://incidentdatabase.ai/cite/55},
 221  title = {Incident 55: {Alexa} {Plays} {Pornography} {Instead} of {Kids} {Song}},
 222}
 223
 224@article{aiaaic_incident_2016,
 225  note = {Publisher: Responsible AI Collaborative},
 226  year = {2016},
 227  editor = {McGregor, Sean},
 228  author = {{AIAAIC}},
 229  journal = {AI Incident Database},
 230  url = {https://incidentdatabase.ai/cite/53},
 231  title = {Incident 53: {Biased} {Google} {Image} {Results}},
 232}
 233
 234@article{mcgregor_incident_2016,
 235  note = {Publisher: Responsible AI Collaborative},
 236  year = {2016},
 237  editor = {McGregor, Sean},
 238  author = {McGregor, Sean},
 239  journal = {AI Incident Database},
 240  url = {https://incidentdatabase.ai/cite/51},
 241  title = {Incident 51: {Security} {Robot} {Rolls} {Over} {Child} in {Mall}},
 242}
 243
 244@article{olsson_incident_2018,
 245  note = {Publisher: Responsible AI Collaborative},
 246  year = {2018},
 247  editor = {McGregor, Sean},
 248  author = {Olsson, Catherine},
 249  journal = {AI Incident Database},
 250  url = {https://incidentdatabase.ai/cite/36},
 251  title = {Incident 36: {Picture} of {Woman} on {Side} of {Bus} {Shamed} for {Jaywalking}},
 252}
 253
 254@article{yampolskiy_incident_2015,
 255  note = {Publisher: Responsible AI Collaborative},
 256  year = {2015},
 257  editor = {McGregor, Sean},
 258  author = {Yampolskiy, Roman},
 259  journal = {AI Incident Database},
 260  url = {https://incidentdatabase.ai/cite/34},
 261  title = {Incident 34: {Amazon} {Alexa} {Responding} to {Environmental} {Inputs}},
 262}
 263
 264@article{olsson_incident_2017,
 265  note = {Publisher: Responsible AI Collaborative},
 266  year = {2017},
 267  editor = {McGregor, Sean},
 268  author = {Olsson, Catherine},
 269  journal = {AI Incident Database},
 270  url = {https://incidentdatabase.ai/cite/22},
 271  title = {Incident 22: {Waze} {Navigates} {Motorists} into {Wildfires}},
 272}
 273
 274@article{anonymous_incident_2015,
 275  note = {Publisher: Responsible AI Collaborative},
 276  year = {2015},
 277  editor = {McGregor, Sean},
 278  author = {{Anonymous}},
 279  journal = {AI Incident Database},
 280  url = {https://incidentdatabase.ai/cite/16},
 281  title = {Incident 16: {Images} of {Black} {People} {Labeled} as {Gorillas}},
 282}
 283
 284@article{olsson_incident_2017-1,
 285  note = {Publisher: Responsible AI Collaborative},
 286  year = {2017},
 287  editor = {McGregor, Sean},
 288  author = {Olsson, Catherine},
 289  journal = {AI Incident Database},
 290  url = {https://incidentdatabase.ai/cite/13},
 291  title = {Incident 13: {High}-{Toxicity} {Assessed} on {Text} {Involving} {Women} and {Minority} {Groups}},
 292}
 293
 294@techreport{gartner_predicts_2018,
 295  year = {2018},
 296  month = {November},
 297  author = {{Gartner}},
 298  institution = {Gartner},
 299  urldate = {2022-11-18},
 300  language = {en},
 301  abstract = {AI adoption in organizations has increased nearly threefold since last year, raising the chances of misaligned core technologies and AI initiatives. I\&O leaders must use a combination of buy, build and outsource to accelerate productivity in AI initiatives.},
 302  url = {https://www.gartner.com/en/documents/3894131},
 303  shorttitle = {Predicts 2019},
 304  title = {Predicts 2019: {Artificial} {Intelligence} {Core} {Technologies}},
 305}
 306
 307@misc{the_linux_foundation_models_2022,
 308  year = {2022},
 309  month = {November},
 310  author = {{The Linux Foundation}},
 311  urldate = {2022-11-15},
 312  url = {https://pytorch.org/vision/stable/models.html#using-the-pre-trained-models},
 313  title = {Models and pre-trained weights — {Torchvision} 0.14 documentation},
 314}
 315
 316@misc{goog-411team_goodbye_2010,
 317  note = {Publication Title: Google Blog},
 318  year = {2010},
 319  month = {October},
 320  author = {{GOOG-411Team}},
 321  publisher = {Google},
 322  url = {https://googleblog.blogspot.com/2010/10/goodbye-to-old-friend-1-800-goog-411.html},
 323  title = {Goodbye to an old friend: 1-800-{GOOG}-411},
 324}
 325
 326@misc{perez_google_2007,
 327  note = {Publication Title: Infoworld},
 328  year = {2007},
 329  month = {October},
 330  author = {Perez, Juan Carlos},
 331  publisher = {Infoworld},
 332  url = {https://www.infoworld.com/article/2642023/google-wants-your-phonemes.html},
 333  title = {Google wants your phonemes},
 334}
 335
 336@misc{google_how_2022,
 337  note = {Publication Title: Google Careers Blog},
 338  year = {2022},
 339  month = {March},
 340  author = {{Google}},
 341  publisher = {Google},
 342  url = {https://careers.google.com/stories/how-one-team-turned-the-dream-of-speech-recognition-into-a-reality/},
 343  title = {How one team turned the dream of speech recognition into a reality},
 344}
 345
 346@misc{grafana_labs_grafana_2022,
 347  year = {2022},
 348  month = {November},
 349  author = {{Grafana Labs}},
 350  journal = {Grafana Labs},
 351  urldate = {2022-11-09},
 352  language = {en},
 353  abstract = {Grafana feature overview, screenshots, videos, and feature tours.},
 354  url = {https://grafana.com/grafana/},
 355  title = {Grafana {\textbar} {Query}, visualize, alerting observability platform},
 356}
 357
 358@article{strathern_improving_1997,
 359  pages = {305--321},
 360  note = {Publisher: Cambridge University Press},
 361  year = {1997},
 362  month = {July},
 363  author = {Strathern, Marilyn},
 364  journal = {European Review},
 365  urldate = {2022-11-07},
 366  number = {3},
 367  language = {en},
 368  abstract = {This paper gives an anthropological comment on what has been called the ‘audit explosion’, the proliferation of procedures for evaluating performance. In higher education the subject of audit (in this sense) is not so much the education of the students as the institutional provision for their education. British universities, as institutions, are increasingly subject to national scrutiny for teaching, research and administrative competence. In the wake of this scrutiny comes a new cultural apparatus of expectations and technologies. While the metaphor of financial auditing points to the important values of accountability, audit does more than monitor—it has a life of its own that jeopardizes the life it audits. The runaway character of assessment practices is analysed in terms of cultural practice. Higher education is intimately bound up with the origins of such practices, and is not just the latter day target of them. © 1997 by John Wiley \& Sons, Ltd.},
 369  doi = {10.1002/(SICI)1234-981X(199707)5:3<305::AID-EURO184>3.0.CO;2-4},
 370  url = {https://archive.org/details/ImprovingRatingsAuditInTheBritishUniversitySystem/mode/2up},
 371  shorttitle = {‘{Improving} ratings’},
 372  issn = {1474-0575, 1062-7987},
 373  volume = {5},
 374  title = {‘{Improving} ratings’: {Audit} in the {British} {University} system},
 375}
 376
 377@inproceedings{recht_imagenet_2019,
 378  pages = {5389--5400},
 379  note = {ISSN: 2640-3498},
 380  year = {2019},
 381  month = {May},
 382  author = {Recht, Benjamin and Roelofs, Rebecca and Schmidt, Ludwig and Shankar, Vaishaal},
 383  publisher = {PMLR},
 384  booktitle = {International {Conference} on {Machine} {Learning} ({ICML})},
 385  urldate = {2022-10-21},
 386  language = {en},
 387  abstract = {We build new test sets for the CIFAR-10 and ImageNet datasets. Both benchmarks have been the focus of intense research for almost a decade, raising the danger of overfitting to excessively re-used test sets. By closely following the original dataset creation processes, we test to what extent current classification models generalize to new data. We evaluate a broad range of models and find accuracy drops of 3\% - 15\% on CIFAR-10 and 11\% - 14\% on ImageNet. However, accuracy gains on the original test sets translate to larger gains on the new test sets. Our results suggest that the accuracy drops are not caused by adaptivity, but by the models’ inability to generalize to slightly "harder" images than those found in the original test sets.},
 388  url = {https://proceedings.mlr.press/v97/recht19a.html},
 389  title = {Do imagenet classifiers generalize to {ImageNet}?},
 390}
 391
 392@misc{piorkowski_quantitative_2022,
 393  keywords = {Computer Science - Artificial Intelligence},
 394  note = {arXiv:2209.06317 [cs]},
 395  year = {2022},
 396  month = {September},
 397  author = {Piorkowski, David and Hind, Michael and Richards, John},
 398  publisher = {arXiv},
 399  urldate = {2022-10-30},
 400  language = {en},
 401  abstract = {Although AI-based systems are increasingly being leveraged to provide value to organizations, individuals, and society, significant attendant risks have been identified [1]–[5]. These risks have led to proposed regulations, litigation, and general societal concerns.},
 402  url = {http://arxiv.org/abs/2209.06317},
 403  shorttitle = {Quantitative ai risk assessments},
 404  title = {Quantitative {AI} risk assessments: {Opportunities} and challenges},
 405}
 406
 407@misc{van_looveren_alibi_2022,
 408  year = {2022},
 409  month = {October},
 410  author = {Van Looveren, Arnaud and Klaise, Janis and Vacanti, Giovanni and Cobb, Oliver and Scillitoe, Ashley and Samoilescu, Robert and Athorne, Alex},
 411  url = {https://github.com/SeldonIO/alibi-detect},
 412  title = {Alibi {Detect}: {Algorithms} for outlier, adversarial and drift detection},
 413}
 414
 415@misc{seldon_core_seldon_2022,
 416  year = {2022},
 417  month = {November},
 418  author = {{Seldon Core}},
 419  journal = {Seldon Core},
 420  urldate = {2022-11-09},
 421  language = {en-US},
 422  abstract = {Open-source platform for rapidly deploying machine learning models on Kubernetes The de facto standard open-source platform for rapidly deploying machine learning models […]},
 423  url = {https://www.seldon.io/solutions/open-source-projects/core},
 424  title = {Seldon {Core}},
 425}
 426
 427@misc{national_institute_of_standards_and_technology_what_2022,
 428  year = {2022},
 429  month = {November},
 430  author = {{National Institute of Standards and Technology}},
 431  journal = {National Institute of Standards and Technology},
 432  urldate = {2022-11-09},
 433  url = {https://pages.nist.gov/dioptra/},
 434  title = {What is {Dioptra}? — {Dioptra} 0.0.0 documentation},
 435}
 436
 437@misc{czakon_best_2021,
 438  year = {2021},
 439  month = {March},
 440  author = {Czakon, Jakub},
 441  journal = {neptune.ai},
 442  urldate = {2022-11-09},
 443  language = {en-US},
 444  abstract = {If you deploy models to production sooner or later, you will start looking for ML model monitoring tools. When your ML models impact the business (and they should), you just need visibility into “how things work”. The first moment you really feel this is when things stop working. With no model monitoring set up, you […]},
 445  url = {https://neptune.ai/blog/ml-model-monitoring-best-tools},
 446  title = {Best {Tools} to {Do} {ML} {Model} {Monitoring}},
 447}
 448
 449@misc{manheim_categorizing_2019,
 450  keywords = {91E45, Computer Science - Artificial Intelligence, Quantitative Finance - General Finance, Statistics - Machine Learning},
 451  note = {arXiv:1803.04585 [cs, q-fin, stat]},
 452  year = {2019},
 453  month = {February},
 454  author = {Manheim, David and Garrabrant, Scott},
 455  publisher = {arXiv},
 456  urldate = {2022-11-06},
 457  abstract = {There are several distinct failure modes for overoptimization of systems on the basis of metrics. This occurs when a metric which can be used to improve a system is used to an extent that further optimization is ineffective or harmful, and is sometimes termed Goodhart's Law. This class of failure is often poorly understood, partly because terminology for discussing them is ambiguous, and partly because discussion using this ambiguous terminology ignores distinctions between different failure modes of this general type. This paper expands on an earlier discussion by Garrabrant, which notes there are "(at least) four different mechanisms" that relate to Goodhart's Law. This paper is intended to explore these mechanisms further, and specify more clearly how they occur. This discussion should be helpful in better understanding these types of failures in economic regulation, in public policy, in machine learning, and in Artificial Intelligence alignment. The importance of Goodhart effects depends on the amount of power directed towards optimizing the proxy, and so the increased optimization power offered by artificial intelligence makes it especially critical for that field.},
 458  doi = {10.48550/arXiv.1803.04585},
 459  url = {http://arxiv.org/abs/1803.04585},
 460  title = {Categorizing {Variants} of {Goodhart}'s {Law}},
 461}
 462
 463@book{stuart_russell_artificial_2009,
 464  year = {2009},
 465  author = {{Stuart Russell} and {Peter Norvig}},
 466  publisher = {Prentice Hall},
 467  urldate = {2022-11-06},
 468  language = {English},
 469  url = {http://aima.cs.berkeley.edu/},
 470  isbn = {0-13-604259-7},
 471  title = {Artificial {Intelligence}: {A} {Modern} {Approach}, 3rd {US} ed.},
 472}
 473
 474@book{knauss_detecting_2012,
 475  note = {Journal Abbreviation: 2012 20th IEEE International Requirements Engineering Conference, RE 2012 - Proceedings
 476Publication Title: 2012 20th IEEE International Requirements Engineering Conference, RE 2012 - Proceedings},
 477  doi = {10.1109/RE.2012.6345811},
 478  year = {2012},
 479  month = {September},
 480  author = {Knauss, Eric and Damian, Daniela and Poo-Caamaño, Germán and Cleland-Huang, Jane},
 481  publisher = {20th IEEE International Requirements Engineering Conference},
 482  abstract = {In current project environments, requirements often evolve throughout the project and are worked on by stakeholders in large and distributed teams. Such teams often use online tools such as mailing lists, bug tracking systems or online discussion forums to communicate, clarify or coordinate work on requirements. In this kind of environment, the expected evolution from initial idea, through clarification, to a stable requirement, often stagnates. When project managers are not aware of underlying problems, development may pro-ceed before requirements are fully understood and stabilized, leading to numerous implementation issues and often resulting in the need for early redesign and modification. In this paper, we present an approach to analyzing online requirements communication and a method for the detection and classification of clarification events in requirement discus-sions. We used our approach to analyze online requirements communication in the IBM R Rational Team Concert R (RTC) project and identified a set of six clarification patterns. Since a predominant amount of clarifications through the lifetime of a requirement is often indicative of problematic requirements, our approach lends support to project managers to assess, in real-time, the state of discussions around a requirement and promptly react to requirements problems.},
 483  title = {Detecting and {Classifying} {Patterns} of {Requirements} {Clarifications}},
 484}
 485
 486@misc{michael_sayre_significance_2019,
 487  year = {2019},
 488  month = {April},
 489  author = {{Michael Sayre}},
 490  journal = {Medium},
 491  urldate = {2022-11-05},
 492  language = {en},
 493  abstract = {With the advent of new tools and technologies, it’s tempting to think that the rules of work have changed or that old problems can be…},
 494  url = {https://medium.com/@livewithai/the-significance-of-edge-cases-and-the-cost-of-imperfection-as-it-pertains-to-ai-adoption-dc1cebeef72c},
 495  title = {The significance of “edge cases” and the cost of imperfection as it pertains to {AI} adoption},
 496}
 497
 498@misc{erin_mulvaney_nyc_2021,
 499  year = {2021},
 500  month = {December},
 501  author = {{Erin Mulvaney}},
 502  journal = {Bloomberg Law},
 503  urldate = {2022-11-05},
 504  language = {en},
 505  abstract = {New York City has a new law on the books—one of the boldest measures of its kind in the country—that aims to curb hiring bias that can occur when businesses use artificial intelligence tools to screen out job candidates.},
 506  url = {https://news.bloomberglaw.com/daily-labor-report/nyc-targets-artificial-intelligence-bias-in-hiring-under-new-law},
 507  title = {{NYC} {Targets} {Artificial} {Intelligence} {Bias} in {Hiring} {Under} {New} {Law}},
 508  type = {News},
 509}
 510
 511@techreport{jared_dunnmon_responsible_2021,
 512  year = {2021},
 513  month = {March},
 514  author = {{Jared Dunnmon} and {Bryce Goodman} and {Peter Kirechu} and {Carol Smith} and {Alexandrea Van Deusen}},
 515  institution = {Defense Innovation Unit},
 516  urldate = {2022-11-04},
 517  url = {https://assets.ctfassets.net/3nanhbfkr0pc/acoo1Fj5uungnGNPJ3QWy/6ec382b3b5a20ec7de6defdb33b04dcd/2021_RAI_Report.pdf},
 518  title = {Responsible {AI} {Guidelines} in {Practice}},
 519}
 520
 521@misc{european_union_ai_2021,
 522  year = {2021},
 523  month = {February},
 524  author = {{European Union}},
 525  urldate = {2022-11-05},
 526  language = {en-US},
 527  url = {https://artificialintelligenceact.eu/the-act/},
 528  title = {The {AI} {Act}},
 529}
 530
 531@article{mokander_operationalising_2022,
 532  year = {2022},
 533  month = {May},
 534  author = {Mökander, Jakob and Floridi, Luciano},
 535  journal = {AI and Ethics},
 536  urldate = {2022-11-05},
 537  language = {en},
 538  abstract = {Ethics-based auditing (EBA) is a structured process whereby an entity’s past or present behaviour is assessed for consistency with moral principles or norms. Recently, EBA has attracted much attention as a governance mechanism that may help to bridge the gap between principles and practice in AI ethics. However, important aspects of EBA—such as the feasibility and effectiveness of different auditing procedures—have yet to be substantiated by empirical research. In this article, we address this knowledge gap by providing insights from a longitudinal industry case study. Over 12 months, we observed and analysed the internal activities of AstraZeneca, a biopharmaceutical company, as it prepared for and underwent an ethicsbased AI audit. While previous literature concerning EBA has focussed on proposing or analysing evaluation metrics or visualisation techniques, our findings suggest that the main difficulties large multinational organisations face when conducting EBA mirror classical governance challenges. These include ensuring harmonised standards across decentralised organisations, demarcating the scope of the audit, driving internal communication and change management, and measuring actual outcomes. The case study presented in this article contributes to the existing literature by providing a detailed description of the organisational context in which EBA procedures must be integrated to be feasible and effective.},
 539  doi = {10.1007/s43681-022-00171-7},
 540  url = {https://link.springer.com/10.1007/s43681-022-00171-7},
 541  shorttitle = {Operationalising {AI} governance through ethics-based auditing},
 542  issn = {2730-5953, 2730-5961},
 543  title = {Operationalising {AI} governance through ethics-based auditing: an industry case study},
 544}
 545
 546@techreport{information_commisioners_office_guidance_2022,
 547  pages = {105},
 548  year = {2022},
 549  month = {November},
 550  author = {{Information Commisioner's Office}},
 551  institution = {Information Commisioner's Office},
 552  urldate = {2022-11-04},
 553  number = {20200214},
 554  language = {en},
 555  url = {https://ico.org.uk/media/2617219/guidance-on-the-ai-auditing-framework-draft-for-consultation.pdf},
 556  title = {Guidance on the {AI} auditing framework {Draft} guidance for consultation},
 557}
 558
 559@misc{office_of_the_director_of_national_intelligence_artificial_2022,
 560  year = {2022},
 561  month = {November},
 562  author = {{Office of the Director of National Intelligence}},
 563  publisher = {Office of the Director of National Intelligence},
 564  urldate = {2022-11-04},
 565  url = {https://www.intelligence.gov/images/AI/AI_Ethics_Framework_for_the_Intelligence_Community_1.0.pdf},
 566  title = {Artificial {Intelligence} {Ethics} {Framework} for the {Intelligence} {Community}},
 567}
 568
 569@misc{ibm_ai_2022,
 570  year = {2022},
 571  month = {November},
 572  author = {{IBM}},
 573  urldate = {2022-11-05},
 574  language = {en-us},
 575  abstract = {IBM’s multidisciplinary, multidimensional approach to AI ethics.},
 576  url = {https://www.ibm.com/artificial-intelligence/ethics},
 577  title = {{AI} {Ethics}},
 578}
 579
 580@misc{google_building_2022,
 581  year = {2022},
 582  month = {November},
 583  author = {{Google}},
 584  journal = {Google AI},
 585  urldate = {2022-11-05},
 586  language = {en},
 587  url = {https://ai.google/responsibilities/},
 588  title = {Building responsible {AI} for everyone},
 589}
 590
 591@misc{hosseini_deceiving_2017,
 592  keywords = {Computer Science - Computers and Society, Computer Science - Machine Learning, Computer Science - Social and Information Networks},
 593  note = {arXiv:1702.08138 [cs]},
 594  year = {2017},
 595  month = {February},
 596  author = {Hosseini, Hossein and Kannan, Sreeram and Zhang, Baosen and Poovendran, Radha},
 597  publisher = {arXiv},
 598  urldate = {2022-10-31},
 599  language = {en},
 600  abstract = {Social media platforms provide an environment where people can freely engage in discussions. Unfortunately, they also enable several problems, such as online harassment. Recently, Google and Jigsaw started a project called Perspective, which uses machine learning to automatically detect toxic language. A demonstration website has been also launched, which allows anyone to type a phrase in the interface and instantaneously see the toxicity score [1].},
 601  url = {http://arxiv.org/abs/1702.08138},
 602  title = {Deceiving {Google}'s {Perspective} {API} {Built} for {Detecting} {Toxic} {Comments}},
 603}
 604
 605@article{buslaev_albumentations_2020,
 606  year = {2020},
 607  author = {Buslaev, Alexander and Iglovikov, Vladimir I. and Khvedchenya, Eugene and Parinov, Alex and Druzhinin, Mikhail and Kalinin, Alexandr A.},
 608  journal = {Information},
 609  number = {2},
 610  doi = {10.3390/info11020125},
 611  url = {https://www.mdpi.com/2078-2489/11/2/125},
 612  issn = {2078-2489},
 613  volume = {11},
 614  title = {Albumentations: {Fast} and {Flexible} {Image} {Augmentations}},
 615}
 616
 617@inproceedings{blum_ladder_2015,
 618  pages = {1006--1014},
 619  year = {2015},
 620  author = {Blum, Avrim and Hardt, Moritz},
 621  publisher = {PMLR},
 622  booktitle = {International {Conference} on {Machine} {Learning}},
 623  shorttitle = {The ladder},
 624  title = {The ladder: {A} reliable leaderboard for machine learning competitions},
 625}
 626
 627@article{damour_underspecification_2020,
 628  year = {2020},
 629  author = {D'Amour, Alexander and Heller, Katherine and Moldovan, Dan and Adlam, Ben and Alipanahi, Babak and Beutel, Alex and Chen, Christina and Deaton, Jonathan and Eisenstein, Jacob and Hoffman, Matthew D and {others}},
 630  journal = {arXiv preprint arXiv:2011.03395},
 631  title = {Underspecification presents challenges for credibility in modern machine learning},
 632}
 633
 634@article{deng_imagenet_2009,
 635  pages = {8},
 636  year = {2009},
 637  author = {Deng, Jia and Dong, Wei and Socher, Richard and Li, Li-Jia and Li, Kai and Fei-Fei, Li},
 638  journal = {IEEE Conference on Computer Vision and Pattern Recognition},
 639  language = {en},
 640  abstract = {The explosion of image data on the Internet has the potential to foster more sophisticated and robust models and algorithms to index, retrieve, organize and interact with images and multimedia data. But exactly how such data can be harnessed and organized remains a critical problem. We introduce here a new database called “ImageNet”, a largescale ontology of images built upon the backbone of the WordNet structure. ImageNet aims to populate the majority of the 80,000 synsets of WordNet with an average of 5001000 clean and full resolution images. This will result in tens of millions of annotated images organized by the semantic hierarchy of WordNet. This paper offers a detailed analysis of ImageNet in its current state: 12 subtrees with 5247 synsets and 3.2 million images in total. We show that ImageNet is much larger in scale and diversity and much more accurate than the current image datasets. Constructing such a large-scale database is a challenging task. We describe the data collection scheme with Amazon Mechanical Turk. Lastly, we illustrate the usefulness of ImageNet through three simple applications in object recognition, image classification and automatic object clustering. We hope that the scale, accuracy, diversity and hierarchical structure of ImageNet can offer unparalleled opportunities to researchers in the computer vision community and beyond.},
 641  title = {{ImageNet}: {A} {Large}-{Scale} {Hierarchical} {Image} {Database}},
 642}
 643
 644@misc{tencent_keen_security_lab_experimental_2019,
 645  year = {2019},
 646  month = {March},
 647  author = {Tencent Keen Security Lab},
 648  publisher = {Tencent},
 649  url = {https://keenlab.tencent.com/en/whitepapers/Experimental_Security_Research_of_Tesla_Autopilot.pdf},
 650  title = {Experimental security research of {Tesla} autopilot},
 651}
 652
 653@inproceedings{peng_mitigating_2021,
 654  keywords = {Computer Science - Computers and Society, Computer Science - Machine Learning},
 655  note = {arXiv:2108.02922 [cs]},
 656  year = {2021},
 657  month = {November},
 658  author = {Peng, Kenny and Mathur, Arunesh and Narayanan, Arvind},
 659  publisher = {arXiv},
 660  booktitle = {Advances in {Neural} {Information} {Processing} {Systems} ({NeurIPS})},
 661  urldate = {2022-10-23},
 662  language = {en},
 663  abstract = {Machine learning datasets have elicited concerns about privacy, bias, and unethical applications, leading to the retraction of prominent datasets such as DukeMTMC, MS-Celeb-1M, and Tiny Images. In response, the machine learning community has called for higher ethical standards in dataset creation. To help inform these efforts, we studied three influential but ethically problematic face and person recognition datasets—Labeled Faces in the Wild (LFW), MS-Celeb-1M, and DukeMTMC—by analyzing nearly 1000 papers that cite them. We found that the creation of derivative datasets and models, broader technological and social change, the lack of clarity of licenses, and dataset management practices can introduce a wide range of ethical concerns. We conclude by suggesting a distributed approach to harm mitigation that considers the entire life cycle of a dataset.},
 664  url = {http://arxiv.org/abs/2108.02922},
 665  shorttitle = {Mitigating dataset harms requires stewardship},
 666  title = {Mitigating dataset harms requires stewardship: {Lessons} from 1000 papers},
 667}
 668
 669@book{barocas_fairness_2019,
 670  year = {2019},
 671  author = {Barocas, Solon and Hardt, Moritz and Narayanan, Arvind},
 672  publisher = {fairmlbook.org},
 673  url = {https://fairmlbook.org/},
 674  title = {Fairness and machine learning},
 675}
 676
 677@inproceedings{lee_landscape_2021,
 678  pages = {1--13},
 679  year = {2021},
 680  author = {Lee, Michelle Seng Ah and Singh, Jat},
 681  booktitle = {Proceedings of the 2021 {CHI} conference on human factors in computing systems},
 682  title = {The landscape and gaps in open source fairness toolkits},
 683}
 684
 685@article{saleiro_aequitas_2018,
 686  year = {2018},
 687  author = {Saleiro, Pedro and Kuester, Benedict and Hinkson, Loren and London, Jesse and Stevens, Abby and Anisfeld, Ari and Rodolfa, Kit T. and Ghani, Rayid},
 688  journal = {arXiv preprint arXiv:1811.05577},
 689  shorttitle = {Aequitas},
 690  title = {Aequitas: {A} bias and fairness audit toolkit},
 691}
 692
 693@article{bellamy_ai_2019,
 694  pages = {4--1},
 695  note = {Publisher: IBM},
 696  year = {2019},
 697  author = {Bellamy, Rachel KE and Dey, Kuntal and Hind, Michael and Hoffman, Samuel C. and Houde, Stephanie and Kannan, Kalapriya and Lohia, Pranay and Martino, Jacquelyn and Mehta, Sameep and Mojsilović, Aleksandra},
 698  journal = {IBM Journal of Research and Development},
 699  number = {4/5},
 700  shorttitle = {{AI} {Fairness} 360},
 701  volume = {63},
 702  title = {{AI} {Fairness} 360: {An} extensible toolkit for detecting and mitigating algorithmic bias},
 703}
 704
 705@article{ntoutsi_bias_2020,
 706  pages = {e1356},
 707  keywords = {fairness, fairness-aware AI, fairness-aware machine learning, interpretability, responsible AI},
 708  note = {\_eprint: https://onlinelibrary.wiley.com/doi/pdf/10.1002/widm.1356},
 709  year = {2020},
 710  author = {Ntoutsi, Eirini and Fafalios, Pavlos and Gadiraju, Ujwal and Iosifidis, Vasileios and Nejdl, Wolfgang and Vidal, Maria-Esther and Ruggieri, Salvatore and Turini, Franco and Papadopoulos, Symeon and Krasanakis, Emmanouil and Kompatsiaris, Ioannis and Kinder-Kurlanda, Katharina and Wagner, Claudia and Karimi, Fariba and Fernandez, Miriam and Alani, Harith and Berendt, Bettina and Kruegel, Tina and Heinze, Christian and Broelemann, Klaus and Kasneci, Gjergji and Tiropanis, Thanassis and Staab, Steffen},
 711  journal = {WIREs Data Mining and Knowledge Discovery},
 712  urldate = {2022-10-22},
 713  number = {3},
 714  language = {en},
 715  abstract = {Artificial Intelligence (AI)-based systems are widely employed nowadays to make decisions that have far-reaching impact on individuals and society. Their decisions might affect everyone, everywhere, and anytime, entailing concerns about potential human rights issues. Therefore, it is necessary to move beyond traditional AI algorithms optimized for predictive performance and embed ethical and legal principles in their design, training, and deployment to ensure social good while still benefiting from the huge potential of the AI technology. The goal of this survey is to provide a broad multidisciplinary overview of the area of bias in AI systems, focusing on technical challenges and solutions as well as to suggest new research directions towards approaches well-grounded in a legal frame. In this survey, we focus on data-driven AI, as a large part of AI is powered nowadays by (big) data and powerful machine learning algorithms. If otherwise not specified, we use the general term bias to describe problems related to the gathering or processing of data that might result in prejudiced decisions on the bases of demographic features such as race, sex, and so forth. This article is categorized under: Commercial, Legal, and Ethical Issues {\textgreater} Fairness in Data Mining Commercial, Legal, and Ethical Issues {\textgreater} Ethical Considerations Commercial, Legal, and Ethical Issues {\textgreater} Legal Issues},
 716  doi = {10.1002/widm.1356},
 717  url = {https://onlinelibrary.wiley.com/doi/abs/10.1002/widm.1356},
 718  issn = {1942-4795},
 719  volume = {10},
 720  title = {Bias in data-driven artificial intelligence systems—{An} introductory survey},
 721}
 722
 723@article{mehrabi_survey_2021,
 724  pages = {1--35},
 725  note = {Publisher: ACM New York, NY, USA},
 726  year = {2021},
 727  author = {Mehrabi, Ninareh and Morstatter, Fred and Saxena, Nripsuta and Lerman, Kristina and Galstyan, Aram},
 728  journal = {ACM Computing Surveys (CSUR)},
 729  number = {6},
 730  volume = {54},
 731  title = {A survey on bias and fairness in machine learning},
 732}
 733
 734@inproceedings{suresh_framework_2021,
 735  pages = {1--9},
 736  year = {2021},
 737  month = {October},
 738  author = {Suresh, Harini and Guttag, John},
 739  publisher = {ACM},
 740  booktitle = {Equity and {Access} in {Algorithms}, {Mechanisms}, and {Optimization}},
 741  urldate = {2022-10-22},
 742  language = {en},
 743  doi = {10.1145/3465416.3483305},
 744  url = {https://dl.acm.org/doi/10.1145/3465416.3483305},
 745  isbn = {978-1-4503-8553-4},
 746  title = {A {Framework} for {Understanding} {Sources} of {Harm} throughout the {Machine} {Learning} {Life} {Cycle}},
 747  address = {-- NY USA},
 748}
 749
 750@article{zendel_how_2017,
 751  pages = {95--109},
 752  keywords = {Hazard analysis, Safety analysis, Stereo vision, Test data, Testing, Validation},
 753  year = {2017},
 754  month = {December},
 755  author = {Zendel, Oliver and Murschitz, Markus and Humenberger, Martin and Herzner, Wolfgang},
 756  journal = {International Journal of Computer Vision},
 757  urldate = {2022-10-22},
 758  number = {1},
 759  language = {en},
 760  abstract = {Good test data is crucial for driving new developments in computer vision (CV), but two questions remain unanswered: which situations should be covered by the test data, and how much testing is enough to reach a conclusion? In this paper we propose a new answer to these questions using a standard procedure devised by the safety community to validate complex systems: the hazard and operability analysis (HAZOP). It is designed to systematically identify possible causes of system failure or performance loss. We introduce a generic CV model that creates the basis for the hazard analysis and—for the first time—apply an extensive HAZOP to the CV domain. The result is a publicly available checklist with more than 900 identified individual hazards. This checklist can be utilized to evaluate existing test datasets by quantifying the covered hazards. We evaluate our approach by first analyzing and annotating the popular stereo vision test datasets Middlebury and KITTI. Second, we demonstrate a clearly negative influence of the hazards in the checklist on the performance of six popular stereo matching algorithms. The presented approach is a useful tool to evaluate and improve test datasets and creates a common basis for future dataset designs.},
 761  doi = {10.1007/s11263-017-1020-z},
 762  url = {https://doi.org/10.1007/s11263-017-1020-z},
 763  shorttitle = {How good is my test data?},
 764  issn = {1573-1405},
 765  volume = {125},
 766  title = {How good is my test data? {Introducing} safety analysis for computer vision},
 767}
 768
 769@misc{van_etten_spacenet_2019,
 770  keywords = {Computer Science - Computer Vision and Pattern Recognition},
 771  note = {arXiv:1807.01232 [cs]},
 772  year = {2019},
 773  month = {July},
 774  author = {Van Etten, Adam and Lindenbaum, Dave and Bacastow, Todd M.},
 775  publisher = {arXiv},
 776  urldate = {2022-10-21},
 777  abstract = {Foundational mapping remains a challenge in many parts of the world, particularly in dynamic scenarios such as natural disasters when timely updates are critical. Updating maps is currently a highly manual process requiring a large number of human labelers to either create features or rigorously validate automated outputs. We propose that the frequent revisits of earth imaging satellite constellations may accelerate existing efforts to quickly update foundational maps when combined with advanced machine learning techniques. Accordingly, the SpaceNet partners (CosmiQ Works, Radiant Solutions, and NVIDIA), released a large corpus of labeled satellite imagery on Amazon Web Services (AWS) called SpaceNet. The SpaceNet partners also launched a series of public prize competitions to encourage improvement of remote sensing machine learning algorithms. The first two of these competitions focused on automated building footprint extraction, and the most recent challenge focused on road network extraction. In this paper we discuss the SpaceNet imagery, labels, evaluation metrics, prize challenge results to date, and future plans for the SpaceNet challenge series.},
 778  url = {http://arxiv.org/abs/1807.01232},
 779  shorttitle = {{SpaceNet}},
 780  title = {{SpaceNet}: {A} {Remote} {Sensing} {Dataset} and {Challenge} {Series}},
 781}
 782
 783@misc{andrea_brennen_ai_2022,
 784  year = {2022},
 785  month = {January},
 786  author = {{Andrea Brennen} and {Ryan Ashley}},
 787  journal = {In-Q-Tel},
 788  urldate = {2022-10-21},
 789  language = {en-US},
 790  abstract = {IQT Labs recently audited an open-source deep learning tool called FakeFinder that predicts whether or not a video is a […]},
 791  url = {https://www.iqt.org/ai-assurance-what-happened-when-we-audited-a-deepfake-detection-tool-called-fakefinder/},
 792  shorttitle = {{AI} {Assurance}},
 793  title = {{AI} {Assurance}: {What} happened when we audited a deepfake detection tool called {FakeFinder}},
 794}
 795
 796@article{dolhansky_deepfake_2019,
 797  year = {2019},
 798  author = {Dolhansky, B. and Bitton, J. and Pflaum, B. and Lu, J. and Howes, R. and Wang, M. and Ferrer, C. Canton},
 799  journal = {arXiv e-prints},
 800  title = {The {DeepFake} {Detection} {Challenge} ({DFDC}) {Dataset}},
 801}
 802
 803@misc{leibowicz_deepfake_2021,
 804  keywords = {Computer Science - Computer Vision and Pattern Recognition, Computer Science - Computers and Society, Computer Science - Machine Learning},
 805  note = {arXiv:2102.06109 [cs]},
 806  year = {2021},
 807  month = {February},
 808  author = {Leibowicz, Claire and McGregor, Sean and Ovadya, Aviv},
 809  publisher = {arXiv},
 810  urldate = {2022-10-21},
 811  abstract = {Synthetic media detection technologies label media as either synthetic or non-synthetic and are increasingly used by journalists, web platforms, and the general public to identify misinformation and other forms of problematic content. As both well-resourced organizations and the non-technical general public generate more sophisticated synthetic media, the capacity for purveyors of problematic content to adapt induces a {\textbackslash}newterm\{detection dilemma\}: as detection practices become more accessible, they become more easily circumvented. This paper describes how a multistakeholder cohort from academia, technology platforms, media entities, and civil society organizations active in synthetic media detection and its socio-technical implications evaluates the detection dilemma. Specifically, we offer an assessment of detection contexts and adversary capacities sourced from the broader, global AI and media integrity community concerned with mitigating the spread of harmful synthetic media. A collection of personas illustrates the intersection between unsophisticated and highly-resourced sponsors of misinformation in the context of their technical capacities. This work concludes that there is no "best" approach to navigating the detector dilemma, but derives a set of implications from multistakeholder input to better inform detection process decisions and policies, in practice.},
 812  url = {http://arxiv.org/abs/2102.06109},
 813  shorttitle = {The {Deepfake} {Detection} {Dilemma}},
 814  title = {The {Deepfake} {Detection} {Dilemma}: {A} {Multistakeholder} {Exploration} of {Adversarial} {Dynamics} in {Synthetic} {Media}},
 815}
 816
 817@misc{robert_stojnic_papers_2022,
 818  year = {2022},
 819  month = {October},
 820  author = {{Robert Stojnic} and {Taylor, Ross} and {Kardas, Marcin} and {Scialom, Scialom}},
 821  journal = {Papers with Code},
 822  urldate = {2022-10-21},
 823  language = {en},
 824  abstract = {The current state-of-the-art on ImageNet is CoCa (finetuned). See a full comparison of 756 papers with code.},
 825  url = {https://paperswithcode.com/sota/image-classification-on-imagenet},
 826  title = {Papers with {Code} - {ImageNet} {Benchmark} ({Image} {Classification})},
 827}
 828
 829@misc{munroe_tasks_2014,
 830  year = {2014},
 831  month = {September},
 832  author = {Munroe, Randall},
 833  journal = {xkcd},
 834  urldate = {2022-10-21},
 835  url = {https://xkcd.com/1425/},
 836  title = {Tasks},
 837}
 838
 839@misc{simonite_why_2015,
 840  year = {2015},
 841  month = {June},
 842  author = {Simonite, Tom},
 843  journal = {MIT Technology Review},
 844  urldate = {2022-10-21},
 845  language = {en},
 846  abstract = {Machine learning gets its first cheating scandal.},
 847  url = {https://www.technologyreview.com/2015/06/04/72951/why-and-how-baidu-cheated-an-artificial-intelligence-test/},
 848  title = {Why and {How} {Baidu} {Cheated} an {Artificial} {Intelligence} {Test}},
 849}
 850
 851@inproceedings{krizhevsky_imagenet_2012,
 852  pages = {1097--1105},
 853  note = {event-place: Lake Tahoe, Nevada},
 854  year = {2012},
 855  author = {Krizhevsky, Alex and Sutskever, Ilya and Hinton, Geoffrey E.},
 856  publisher = {Curran Associates Inc.},
 857  booktitle = {Proceedings of the 25th {International} {Conference} on {Neural} {Information} {Processing} {Systems} - {Volume} 1},
 858  abstract = {We trained a large, deep convolutional neural network to classify the 1.2 million high-resolution images in the ImageNet LSVRC-2010 contest into the 1000 different classes. On the test data, we achieved top-1 and top-5 error rates of 37.5\% and 17.0\% which is considerably better than the previous state-of-the-art. The neural network, which has 60 million parameters and 650,000 neurons, consists of five convolutional layers, some of which are followed by max-pooling layers, and three fully-connected layers with a final 1000-way softmax. To make training faster, we used non-saturating neurons and a very efficient GPU implementation of the convolution operation. To reduce overriding in the fully-connected layers we employed a recently-developed regularization method called "dropout" that proved to be very effective. We also entered a variant of this model in the ILSVRC-2012 competition and achieved a winning top-5 test error rate of 15.3\%, compared to 26.2\% achieved by the second-best entry.},
 859  title = {{ImageNet} {Classification} with {Deep} {Convolutional} {Neural} {Networks}},
 860  series = {{NIPS}'12},
 861  address = {Red Hook, NY, USA},
 862}
 863
 864@misc{noauthor_experimental_security_research_of_tesla_autopilotpdf_nodate,
 865  urldate = {2022-10-21},
 866  url = {https://keenlab.tencent.com/en/whitepapers/Experimental_Security_Research_of_Tesla_Autopilot.pdf},
 867  title = {Experimental\_Security\_Research\_of\_Tesla\_Autopilot.pdf},
 868}
 869
 870@misc{floridi_capai_2022,
 871  keywords = {AI, AI Act, AI Auditing, AI legislation, Conformity Assessment, EU, Trustworthy AI},
 872  year = {2022},
 873  month = {March},
 874  author = {Floridi, Luciano and Holweg, Matthias and Taddeo, Mariarosaria and Amaya Silva, Javier and Mökander, Jakob and Wen, Yuni},
 875  urldate = {2022-10-21},
 876  language = {en},
 877  abstract = {We have developed capAI, a conformity assessment procedure for AI systems, to provide an independent, comparable, quantifiable, and accountable assessment of AI systems that conforms with the proposed AIA regulation. By building on the AIA, capAI provides organisations with practical guidance on how high-level ethics principles can be translated into verifiable criteria that help shape the design, development, deployment and use of ethical AI. The main purpose of capAI is to serve as a governance tool that ensures and demonstrates that the development and operation of an AI system are trustworthy – i.e., legally compliant, ethically sound, and technically robust – and thus conform to the AIA.},
 878  doi = {10.2139/ssrn.4064091},
 879  url = {https://papers.ssrn.com/abstract=4064091},
 880  title = {{capAI} - {A} procedure for conducting conformity assessment of {AI} systems in line with the {EU} {Artificial} {Intelligence} {Act}},
 881  type = {{SSRN} {Scholarly} {Paper}},
 882  address = {Rochester, NY},
 883}
 884
 885@article{varoquaux_machine_2022,
 886  pages = {1--8},
 887  keywords = {Computer science, Medical research, Research data, ai/medicine, ai/testing},
 888  note = {Number: 1
 889Publisher: Nature Publishing Group},
 890  year = {2022},
 891  month = {April},
 892  author = {Varoquaux, Gaël and Cheplygina, Veronika},
 893  journal = {npj Digital Medicine},
 894  urldate = {2022-10-21},
 895  number = {1},
 896  language = {en},
 897  abstract = {Research in computer analysis of medical images bears many promises to improve patients’ health. However, a number of systematic challenges are slowing down the progress of the field, from limitations of the data, such as biases, to research incentives, such as optimizing for publication. In this paper we review roadblocks to developing and assessing methods. Building our analysis on evidence from the literature and data challenges, we show that at every step, potential biases can creep in. On a positive note, we also discuss on-going efforts to counteract these problems. Finally we provide recommendations on how to further address these problems in the future.},
 898  doi = {10.1038/s41746-022-00592-y},
 899  url = {https://www.nature.com/articles/s41746-022-00592-y},
 900  shorttitle = {Machine learning for medical imaging},
 901  issn = {2398-6352},
 902  copyright = {2022 The Author(s)},
 903  volume = {5},
 904  title = {Machine learning for medical imaging: {Methodological} failures and recommendations for the future},
 905}
 906
 907@inproceedings{wang_towards_2020,
 908  pages = {8916--8925},
 909  keywords = {ai/fairness, ai/vision},
 910  year = {2020},
 911  month = {June},
 912  author = {Wang, Zeyu and Qinami, Klint and Karakozis, Ioannis Christos and Genova, Kyle and Nair, Prem and Hata, Kenji and Russakovsky, Olga},
 913  publisher = {IEEE},
 914  booktitle = {2020 {IEEE}/{CVF} {Conference} on {Computer} {Vision} and {Pattern} {Recognition} ({CVPR})},
 915  urldate = {2022-10-20},
 916  language = {en},
 917  abstract = {Computer vision models learn to perform a task by capturing relevant statistics from training data. It has been shown that models learn spurious age, gender, and race correlations when trained for seemingly unrelated tasks like activity recognition or image captioning. Various mitigation techniques have been presented to prevent models from utilizing or learning such biases. However, there has been little systematic comparison between these techniques. We design a simple but surprisingly effective visual recognition benchmark for studying bias mitigation. Using this benchmark, we provide a thorough analysis of a wide range of techniques. We highlight the shortcomings of popular adversarial training approaches for bias mitigation, propose a simple but similarly effective alternative to the inference-time Reducing Bias Amplification method of Zhao et al., and design a domain-independent training technique that outperforms all other methods. Finally, we validate our findings on the attribute classification task in the CelebA dataset, where attribute presence is known to be correlated with the gender of people in the image, and demonstrate that the proposed technique is effective at mitigating real-world gender bias.},
 918  doi = {10.1109/CVPR42600.2020.00894},
 919  url = {https://ieeexplore.ieee.org/document/9156668/},
 920  shorttitle = {Towards {Fairness} in {Visual} {Recognition}},
 921  isbn = {978-1-72817-168-5},
 922  title = {Towards {Fairness} in {Visual} {Recognition}: {Effective} {Strategies} for {Bias} {Mitigation}},
 923  address = {Seattle, WA, USA},
 924}
 925
 926@inproceedings{hendrycks_deep_2019,
 927  pages = {18},
 928  keywords = {ai/open-world, ai/trust},
 929  year = {2019},
 930  author = {Hendrycks, Dan and Mazeika, Mantas and Dietterich, Thomas},
 931  booktitle = {International {Conference} on {Learning} {Representations} ({ICLR})},
 932  language = {en},
 933  abstract = {It is important to detect anomalous inputs when deploying machine learning systems. The use of larger and more complex inputs in deep learning magnifies the difficulty of distinguishing between anomalous and in-distribution examples. At the same time, diverse image and text data are available in enormous quantities. We propose leveraging these data to improve deep anomaly detection by training anomaly detectors against an auxiliary dataset of outliers, an approach we call Outlier Exposure (OE). This enables anomaly detectors to generalize and detect unseen anomalies. In extensive experiments on natural language processing and small- and large-scale vision tasks, we find that Outlier Exposure significantly improves detection performance. We also observe that cutting-edge generative models trained on CIFAR-10 may assign higher likelihoods to SVHN images than to CIFAR-10 images; we use OE to mitigate this issue. We also analyze the flexibility and robustness of Outlier Exposure, and identify characteristics of the auxiliary dataset that improve performance.},
 934  title = {Deep {Anomaly} {Detection} with {Outlier} {Exposure}},
 935}
 936
 937@inproceedings{ribeiro_beyond_2020,
 938  pages = {4902--4912},
 939  keywords = {ai/nlp, ai/testing},
 940  year = {2020},
 941  author = {Ribeiro, Marco Tulio and Wu, Tongshuang and Guestrin, Carlos and Singh, Sameer},
 942  publisher = {Association for Computational Linguistics},
 943  booktitle = {Proceedings of the 58th {Annual} {Meeting} of the {Association} for {Computational} {Linguistics}},
 944  urldate = {2022-10-13},
 945  language = {en},
 946  abstract = {Although measuring held-out accuracy has been the primary approach to evaluate generalization, it often overestimates the performance of NLP models, while alternative approaches for evaluating models either focus on individual tasks or on specific behaviors. Inspired by principles of behavioral testing in software engineering, we introduce CheckList, a taskagnostic methodology for testing NLP models. CheckList includes a matrix of general linguistic capabilities and test types that facilitate comprehensive test ideation, as well as a software tool to generate a large and diverse number of test cases quickly. We illustrate the utility of CheckList with tests for three tasks, identifying critical failures in both commercial and state-of-art models. In a user study, a team responsible for a commercial sentiment analysis model found new and actionable bugs in an extensively tested model. In another user study, NLP practitioners with CheckList created twice as many tests, and found almost three times as many bugs as users without it.},
 947  doi = {10.18653/v1/2020.acl-main.442},
 948  url = {https://www.aclweb.org/anthology/2020.acl-main.442},
 949  shorttitle = {Beyond {Accuracy}},
 950  title = {Beyond {Accuracy}: {Behavioral} {Testing} of {NLP} {Models} with {CheckList}},
 951  address = {Online},
 952}
 953
 954@misc{denton_bringing_2020,
 955  note = {arXiv:2007.07399 [cs]},
 956  year = {2020},
 957  month = {July},
 958  author = {Denton, Emily and Hanna, Alex and Amironesei, Razvan and Smart, Andrew and Nicole, Hilary and Scheuerman, Morgan Klaus},
 959  publisher = {arXiv},
 960  urldate = {2022-10-07},
 961  abstract = {In response to algorithmic unfairness embedded in sociotechnical systems, significant attention has been focused on the contents of machine learning datasets which have revealed biases towards white, cisgender, male, and Western data subjects. In contrast, comparatively less attention has been paid to the histories, values, and norms embedded in such datasets. In this work, we outline a research program - a genealogy of machine learning data - for investigating how and why these datasets have been created, what and whose values influence the choices of data to collect, the contextual and contingent conditions of their creation. We describe the ways in which benchmark datasets in machine learning operate as infrastructure and pose four research questions for these datasets. This interrogation forces us to "bring the people back in" by aiding us in understanding the labor embedded in dataset construction, and thereby presenting new avenues of contestation for other researchers encountering the data.},
 962  url = {http://arxiv.org/abs/2007.07399},
 963  shorttitle = {Bringing the people back in},
 964  title = {Bringing the people back in: {Contesting} benchmark machine learning datasets},
 965}
 966
 967@misc{beyer_are_2020,
 968  note = {arXiv:2006.07159 [cs]},
 969  year = {2020},
 970  month = {June},
 971  author = {Beyer, Lucas and Hénaff, Olivier J. and Kolesnikov, Alexander and Zhai, Xiaohua and Oord, Aäron van den},
 972  publisher = {arXiv},
 973  urldate = {2022-10-10},
 974  language = {en},
 975  abstract = {Yes, and no. We ask whether recent progress on the ImageNet classification benchmark continues to represent meaningful generalization, or whether the community has started to overfit to the idiosyncrasies of its labeling procedure. We therefore develop a significantly more robust procedure for collecting human annotations of the ImageNet validation set. Using these new labels, we reassess the accuracy of recently proposed ImageNet classifiers, and find their gains to be substantially smaller than those reported on the original labels. Furthermore, we find the original ImageNet labels to no longer be the best predictors of this independently-collected set, indicating that their usefulness in evaluating vision models may be nearing an end. Nevertheless, we find our annotation procedure to have largely remedied the errors in the original labels, reinforcing ImageNet as a powerful benchmark for future research in visual recognition3.},
 976  url = {http://arxiv.org/abs/2006.07159},
 977  title = {Are we done with {ImageNet}?},
 978}
 979
 980@inproceedings{cubuk_randaugment_2020,
 981  pages = {702--703},
 982  keywords = {ai/data-augmentation},
 983  year = {2020},
 984  author = {Cubuk, Ekin D. and Zoph, Barret and Shlens, Jonathon and Le, Quoc V.},
 985  booktitle = {Proceedings of the {IEEE}/{CVF} conference on computer vision and pattern recognition workshops},
 986  shorttitle = {Randaugment},
 987  title = {Randaugment: {Practical} automated data augmentation with a reduced search space},
 988}
 989
 990@inproceedings{koh_wilds_2021,
 991  pages = {5637--5664},
 992  keywords = {ai/datasets, ai/domain-shift},
 993  year = {2021},
 994  author = {Koh, Pang Wei and Sagawa, Shiori and Marklund, Henrik and Xie, Sang Michael and Zhang, Marvin and Balsubramani, Akshay and Hu, Weihua and Yasunaga, Michihiro and Phillips, Richard Lanas and Gao, Irena and Lee, Tony and David, Etienne and Stavness, Ian and Guo, Wei and Earnshaw, Berton A. and Haque, Imran S. and Beery, Sara and Leskovec, Jure and Kundaje, Anshul and Pierson, Emma and Levine, Sergey and Finn, Chelsea and Liang, Percy},
 995  publisher = {PMLR},
 996  booktitle = {International {Conference} on {Machine} {Learning} ({ICML})},
 997  shorttitle = {Wilds},
 998  title = {Wilds: {A} benchmark of in-the-wild distribution shifts},
 999}
1000
1001@inproceedings{mcgregor_preventing_2021,
1002  pages = {15458--15463},
1003  note = {Issue: 17},
1004  year = {2021},
1005  author = {McGregor, Sean},
1006  booktitle = {{AAAI} {Conference} on {Artificial} {Intelligence}},
1007  shorttitle = {Preventing repeated real world {AI} failures by cataloging incidents},
1008  volume = {35},
1009  title = {Preventing repeated real world {AI} failures by cataloging incidents: {The} {AI} {Incident} {Database}},
1010}
1011
1012@techreport{david_defense_2016,
1013  keywords = {ai/audit, ai/trust, government},
1014  note = {Section: Technical Reports},
1015  year = {2016},
1016  month = {June},
1017  author = {David, Ruth A. and Nielsen, Paul},
1018  urldate = {2022-10-06},
1019  number = {AD1017790},
1020  language = {en},
1021  abstract = {At the request of the Under Secretary of Defense for Acquisition, Technology, and Logistics USDAT and L, the Defense Science Board DSB conducted a study on the applicability of autonomy to Department of Defense DoD missions. The study concluded that there are both substantial operational benefits and potential perils associated with the use of autonomy. Autonomy delivers significant military value, including opportunities to reduce the number of warfighters in harms way, increase the quality and speed of decisions in time-critical operations, and enable new missions that would otherwise be impossible. Autonomy is by no means new to the DoD. Fielded capabilities demonstrate ongoing progress in embedding autonomous functionality into systems, and many development programs already underway include an increasingly sophisticated use of autonomy. Autonomy also delivers significant value across a diverse array of global markets. Both enabling technologies and commercial applications are advancing rapidly in response to market opportunities. Autonomy is becoming a ubiquitous enabling capability for products spanning a spectrum from expert advisory systems to autonomous vehicles. Commercial market forces are accelerating progress, providing opportunities for DoD to leverage the investments of others, while also providing substantial capabilities to potential adversaries. This study concluded that DoD must accelerate its exploitation of autonomy both to realize the potential military value and to remain ahead of adversaries who also will exploit its operational benefits.},
1022  url = {https://apps.dtic.mil/sti/citations/AD1017790},
1023  title = {Defense {Science} {Board} summer study on autonomy},
1024}
1025
1026@article{noauthor_executive_2019,
1027  pages = {3967--3972},
1028  keywords = {ai/trust, government},
1029  year = {2019},
1030  month = {February},
1031  journal = {Federal Register},
1032  number = {31},
1033  url = {https://www.federalregister.gov/documents/2019/02/14/2019-02544/maintaining-american-leadership-in-artificial-intelligence},
1034  volume = {84},
1035  title = {Executive {Order} 13859. {Maintaining} {American} leadership in artificial intelligence.},
1036}
1037
1038@inproceedings{zhou_non-vacuous_2019,
1039  keywords = {Computer Science - Machine Learning, Statistics - Machine Learning},
1040  note = {arXiv:1804.05862 [cs, stat]},
1041  year = {2019},
1042  month = {February},
1043  author = {Zhou, Wenda and Veitch, Victor and Austern, Morgane and Adams, Ryan P. and Orbanz, Peter},
1044  publisher = {arXiv},
1045  booktitle = {International {Conference} on {Learning} {Representations} ({ICLR})},
1046  urldate = {2022-10-10},
1047  language = {en},
1048  abstract = {Modern neural networks are highly overparameterized, with capacity to substantially overfit to training data. Nevertheless, these networks often generalize well in practice. It has also been observed that trained networks can often be “compressed” to much smaller representations. The purpose of this paper is to connect these two empirical observations. Our main technical result is a generalization bound for compressed networks based on the compressed size that, combined with off-theshelf compression algorithms, leads to state-of-the-art generalization guarantees. In particular, we provide the first non-vacuous generalization guarantees for realistic architectures applied to the ImageNet classification problem. Additionally, we show that compressibility of models that tend to overfit is limited. Empirical results show that an increase in overfitting increases the number of bits required to describe a trained network.},
1049  url = {http://arxiv.org/abs/1804.05862},
1050  shorttitle = {Non-vacuous generalization bounds at the imagenet scale},
1051  title = {Non-vacuous generalization bounds at the {ImageNet} scale: {A} {PAC}-{Bayesian} compression approach},
1052}
1053
1054@inproceedings{zhao_bias_2018,
1055  pages = {10},
1056  year = {2018},
1057  author = {Zhao, Shengjia and Ren, Hongyu and Yuan, Arianna and Song, Jiaming and Goodman, Noah and Ermon, Stefano},
1058  booktitle = {Advances in {Neural} {Information} {Processing} {Systems} ({NeurIPS})},
1059  language = {en},
1060  abstract = {In high dimensional settings, density estimation algorithms rely crucially on their inductive bias. Despite recent empirical success, the inductive bias of deep generative models is not well understood. In this paper we propose a framework to systematically investigate bias and generalization in deep generative models of images. Inspired by experimental methods from cognitive psychology, we probe each learning algorithm with carefully designed training datasets to characterize when and how existing models generate novel attributes and their combinations. We identify similarities to human psychology and verify that these patterns are consistent across commonly used models and architectures.},
1061  title = {Bias and generalization in deep generative models: {An} empirical study},
1062}
1063
1064@inproceedings{tsipras_imagenet_2020,
1065  pages = {11},
1066  year = {2020},
1067  author = {Tsipras, Dimitris and Santurkar, Shibani and Engstrom, Logan and Ilyas, Andrew and Ma, Aleksander},
1068  booktitle = {International {Conference} on {Machine} {Learning} ({ICML})},
1069  language = {en},
1070  abstract = {Building rich machine learning datasets in a scal-
1071able manner often necessitates a crowd-sourced
1072data collection pipeline. In this work, we use hu-
1073man studies to investigate the consequences of em-
1074ploying such a pipeline, focusing on the popular
1075ImageNet dataset. We study how specific design
1076choices in the ImageNet creation process impact
1077the fidelity of the resulting dataset—including the
1078introduction of biases that state-of-the-art models
1079exploit. Our analysis pinpoints how a noisy data
1080collection pipeline can lead to a systematic mis-
1081alignment between the resulting benchmark and
1082the real-world task it serves as a proxy for. Finally,
1083our findings emphasize the need to augment our
1084current model training and evaluation toolkit to
1085take such misalignments into account.},
1086  title = {From {ImageNet} to image classification: {Contextualizing} progress on benchmarks},
1087}
1088
1089@inproceedings{toneva_empirical_2019,
1090  keywords = {Computer Science - Machine Learning, Statistics - Machine Learning},
1091  note = {arXiv:1812.05159 [cs, stat]},
1092  year = {2019},
1093  author = {Toneva, Mariya and Sordoni, Alessandro and Combes, Remi Tachet des and Trischler, Adam and Bengio, Yoshua and Gordon, Geoffrey J.},
1094  publisher = {arXiv},
1095  booktitle = {International {Conference} on {Learning} {Representations} ({ICLR})},
1096  urldate = {2022-10-10},
1097  language = {en},
1098  abstract = {Inspired by the phenomenon of catastrophic forgetting, we investigate the learning dynamics of neural networks as they train on single classification tasks. Our goal is to understand whether a related phenomenon occurs when data does not undergo a clear distributional shift. We define a “forgetting event” to have occurred when an individual training example transitions from being classified correctly to incorrectly over the course of learning. Across several benchmark data sets, we find that: (i) certain examples are forgotten with high frequency, and some not at all; (ii) a data set’s (un)forgettable examples generalize across neural architectures; and (iii) based on forgetting dynamics, a significant fraction of examples can be omitted from the training data set while still maintaining state-of-the-art generalization performance.},
1099  url = {http://arxiv.org/abs/1812.05159},
1100  title = {An empirical study of example forgetting during deep neural network learning},
1101}
1102
1103@inproceedings{shankar_evaluating_2020,
1104  pages = {11},
1105  year = {2020},
1106  author = {Shankar, Vaishaal and Roelofs, Rebecca and Mania, Horia and Fang, Alex and Recht, Benjamin and Schmidt, Ludwig},
1107  booktitle = {International {Conference} on {Machine} {Learning} ({ICML})},
1108  language = {en},
1109  abstract = {We evaluate a wide range of ImageNet models with five trained human labelers. In our year-long experiment, trained humans first annotated 40,000 images from the ImageNet and ImageNetV2 test sets with multi-class labels to enable a semantically coherent evaluation. Then we measured the classification accuracy of the five trained humans on the full task with 1,000 classes. Only the latest models from 2020 are on par with our best human labeler, and human accuracy on the 590 object classes is still 4\% and 11\% higher than the best model on ImageNet and ImageNetV2, respectively. Moreover, humans achieve the same accuracy on ImageNet and ImageNetV2, while all models see a consistent accuracy drop. Overall, our results show that there is still substantial room for improvement on ImageNet and direct accuracy comparisons between humans and machines may overstate machine performance.},
1110  title = {Evaluating machine accuracy on {ImageNet}},
1111}
1112
1113@techreport{sayler_artificial_nodate,
1114  pages = {41},
1115  keywords = {ai/explainability, ai/trust, government},
1116  author = {Sayler, Kelley M},
1117  number = {R45178},
1118  language = {en},
1119  abstract = {Artificial intelligence (AI) is a rapidly growing field of technology with potentially significant implications for national security. As such, the U.S. Department of Defense (DOD) and other nations are developing AI applications for a range of military functions. AI research is underway in the fields of intelligence collection and analysis, logistics, cyber operations, information operations, command and control, and in a variety of semiautonomous and autonomous vehicles. Already, AI has been incorporated into military operations in Iraq and Syria. Congressional action has the potential to shape the technology’s development further, with budgetary and legislative decisions influencing the growth of military applications as well as the pace of their adoption.},
1120  url = {https://crsreports.congress.gov/product/pdf/R/R45178/5},
1121  title = {Artificial intelligence and national security},
1122}
1123
1124@inproceedings{minderer_revisiting_2021,
1125  pages = {13},
1126  year = {2021},
1127  author = {Minderer, Matthias and Djolonga, Josip and Romijnders, Rob and Hubis, Frances and Zhai, Xiaohua and Houlsby, Neil and Tran, Dustin and Lucic, Mario},
1128  booktitle = {Advances in {Neural} {Information} {Processing} {Systems} ({NeurIPS})},
1129  language = {en},
1130  abstract = {Accurate estimation of predictive uncertainty (model calibration) is essential for the safe application of neural networks. Many instances of miscalibration in modern neural networks have been reported, suggesting a trend that newer, more accurate models produce poorly calibrated predictions. Here, we revisit this question for recent state-of-the-art image classification models. We systematically relate model calibration and accuracy, and find that the most recent models, notably those not using convolutions, are among the best calibrated. Trends observed in prior model generations, such as decay of calibration with distribution shift or model size, are less pronounced in recent architectures. We also show that model size and amount of pretraining do not fully explain these differences, suggesting that architecture is a major determinant of calibration properties.},
1131  url = {https://proceedings.neurips.cc/paper/2021/file/8420d359404024567b5aefda1231af24-Paper.pdf},
1132  title = {Revisiting the calibration of modern neural networks},
1133}
1134
1135@inproceedings{kok_classification_2007,
1136  pages = {176--187},
1137  note = {ISSN: 0302-9743, 1611-3349
1138Series Title: Lecture Notes in Computer Science},
1139  doi = {10.1007/978-3-540-74976-9_19},
1140  year = {2007},
1141  editor = {Kok, Joost N. and Koronacki, Jacek and Lopez de Mantaras, Ramon and Matwin, Stan and Mladenič, Dunja and Skowron, Andrzej},
1142  author = {Kowalczyk, Adam},
1143  publisher = {Springer Berlin Heidelberg},
1144  booktitle = {Knowledge {Discovery} in {Databases} ({KDD})},
1145  urldate = {2022-10-10},
1146  language = {en},
1147  abstract = {We demonstrate a binary classification problem in which standard supervised learning algorithms such as linear and kernel SVM, naive Bayes, ridge regression, k-nearest neighbors, shrunken centroid, multilayer perceptron and decision trees perform in an unusual way. On certain data sets they classify a randomly sampled training subset nearly perfectly, but systematically perform worse than random guessing on cases unseen in training. We demonstrate this phenomenon in classification of a natural data set of cancer genomics microarrays using crossvalidation test. Additionally, we generate a range of synthetic datasets, the outcomes of 0-sum games, for which we analyse this phenomenon in the i.i.d. setting.},
1148  url = {http://link.springer.com/10.1007/978-3-540-74976-9_19},
1149  isbn = {978-3-540-74975-2 978-3-540-74976-9},
1150  volume = {4702},
1151  title = {Classification of anti-learnable biological and synthetic data},
1152  address = {Berlin, Heidelberg},
1153}
1154
1155@inproceedings{hardt_ladder_2015,
1156  pages = {9},
1157  year = {2015},
1158  author = {Hardt, Moritz and Blum, Avrim},
1159  booktitle = {International {Conference} on {Machine} {Learning} ({ICML})},
1160  language = {en},
1161  abstract = {The organizer of a machine learning competi-
1162tion faces the problem of maintaining an accurate
1163leaderboard that faithfully represents the quality
1164of the best submission of each competing team.
1165What makes this estimation problem particularly
1166challenging is its sequential and adaptive nature.
1167As participants are allowed to repeatedly evaluate
1168their submissions on the leaderboard, they may
1169begin to overfit to the holdout data that supports
1170the leaderboard. Few theoretical results give ac-
1171tionable advice on how to design a reliable leader-
1172board. Existing approaches therefore often resort
1173to poorly understood heuristics such as limiting
1174the bit precision of answers and the rate of re-
1175submission.
1176In this work, we introduce a notion of leader-
1177board accuracy tailored to the format of a com-
1178petition. We introduce a natural algorithm called
1179the Ladder and demonstrate that it simultaneously
1180supports strong theoretical guarantees in a fully
1181adaptive model of estimation, withstands practical
1182adversarial attacks, and achieves high utility on
1183real submission files from an actual competition
1184hosted by Kaggle.
1185Notably, we are able to sidestep a powerful recent
1186hardness result for adaptive risk estimation that
1187rules out algorithms such as ours under a seem-
1188ingly very similar notion of accuracy. On a practi-
1189cal note, we provide a completely parameter-free
1190variant of our algorithm that can be deployed in a
1191real competition with no tuning required whatso-
1192ever.},
1193  title = {The {Ladder}: a reliable leaderboard for machine learning competitions},
1194}
1195
1196@inproceedings{guo_calibration_2017,
1197  pages = {10},
1198  year = {2017},
1199  author = {Guo, Chuan and Pleiss, Geoff and Sun, Yu and Weinberger, Kilian Q},
1200  booktitle = {International {Conference} on {Machine} {Learning} ({ICML})},
1201  language = {en},
1202  abstract = {Confidence calibration – the problem of predicting probability estimates representative of the true correctness likelihood – is important for classification models in many applications. We discover that modern neural networks, unlike those from a decade ago, are poorly calibrated. Through extensive experiments, we observe that depth, width, weight decay, and Batch Normalization are important factors influencing calibration. We evaluate the performance of various post-processing calibration methods on state-ofthe-art architectures with image and document classification datasets. Our analysis and experiments not only offer insights into neural network learning, but also provide a simple and straightforward recipe for practical settings: on most datasets, temperature scaling – a singleparameter variant of Platt Scaling – is surprisingly effective at calibrating predictions.},
1203  title = {On calibration of modern neural networks},
1204}
1205
1206@inproceedings{engstrom_identifying_2020,
1207  pages = {11},
1208  year = {2020},
1209  author = {Engstrom, Logan and Ilyas, Andrew and Santurkar, Shibani and Tsipras, Dimitris and Steinhardt, Jacob and Madry, Aleksander},
1210  booktitle = {International {Conference} on {Machine} {Learning} ({ICML})},
1211  language = {en},
1212  abstract = {Dataset replication is a useful tool for assessing whether improvements in test accuracy on a specific benchmark correspond to improvements in models’ ability to generalize reliably. In this work, we present unintuitive yet significant ways in which standard approaches to dataset replication introduce statistical bias, skewing the resulting observations. We study ImageNet-v2, a replication of the ImageNet dataset on which models exhibit a significant (11-14\%) drop in accuracy, even after controlling for selection frequency, a human-in-the-loop measure of data quality. We show that after remeasuring selection frequencies and correcting for statistical bias, only an estimated 3.6\%±1.5\% of the original 11.7\%±1.0\% accuracy drop remains unaccounted for. We conclude with concrete recommendations for recognizing and avoiding bias in dataset replication. Code for our study is publicly available1.},
1213  title = {Identifying statistical bias in dataset replication},
1214}
1215
1216@inproceedings{dwork_generalization_2015,
1217  pages = {9},
1218  year = {2015},
1219  author = {Dwork, Cynthia and Feldman, Vitaly and Hardt, Moritz and Pitassi, Toni and Reingold, Omer and Roth, Aaron},
1220  booktitle = {Advances in {Neural} {Information} {Processing} {Systems} ({NeurIPS})},
1221  language = {en},
1222  abstract = {Overfitting is the bane of data analysts, even when data are plentiful. Formal approaches to understanding this problem focus on statistical inference and generalization of individual analysis procedures. Yet the practice of data analysis is an inherently interactive and adaptive process: new analyses and hypotheses are proposed after seeing the results of previous ones, parameters are tuned on the basis of obtained results, and datasets are shared and reused. An investigation of this gap has recently been initiated by the authors in [7], where we focused on the problem of estimating expectations of adaptively chosen functions.},
1223  title = {Generalization in adaptive data analysis and holdout reuse},
1224}
1225
1226@inproceedings{bendale_towards_2016,
1227  pages = {1563--1572},
1228  year = {2016},
1229  month = {June},
1230  author = {Bendale, Abhijit and Boult, Terrance E.},
1231  publisher = {IEEE},
1232  booktitle = {{IEEE} {Conference} on {Computer} {Vision} and {Pattern} {Recognition} ({CVPR})},
1233  urldate = {2022-10-11},
1234  language = {en},
1235  abstract = {Deep networks have produced significant gains for various visual recognition problems, leading to high impact academic and commercial applications. Recent work in deep networks highlighted that it is easy to generate images that humans would never classify as a particular object class, yet networks classify such images high confidence as that given class – deep network are easily fooled with images humans do not consider meaningful. The closed set nature of deep networks forces them to choose from one of the known classes leading to such artifacts. Recognition in the real world is open set, i.e. the recognition system should reject unknown/unseen classes at test time. We present a methodology to adapt deep networks for open set recognition, by introducing a new model layer, OpenMax, which estimates the probability of an input being from an unknown class. A key element of estimating the unknown probability is adapting Meta-Recognition concepts to the activation patterns in the penultimate layer of the network. OpenMax allows rejection of “fooling” and unrelated open set images presented to the system; OpenMax greatly reduces the number of obvious errors made by a deep network. We prove that the OpenMax concept provides bounded open space risk, thereby formally providing an open set recognition solution. We evaluate the resulting open set deep networks using pre-trained networks from the Caffe Model-zoo on ImageNet 2012 validation data, and thousands of fooling and open set images. The proposed OpenMax model significantly outperforms open set recognition accuracy of basic deep networks as well as deep networks with thresholding of SoftMax probabilities.},
1236  doi = {10.1109/CVPR.2016.173},
1237  url = {http://ieeexplore.ieee.org/document/7780542/},
1238  isbn = {978-1-4673-8851-1},
1239  title = {Towards open set deep networks},
1240  address = {Las Vegas, NV, USA},
1241}
1242
1243@inproceedings{bendale_towards_2015,
1244  pages = {1893--1902},
1245  year = {2015},
1246  month = {June},
1247  author = {Bendale, Abhijit and Boult, Terrance},
1248  publisher = {IEEE},
1249  booktitle = {{IEEE} {Conference} on {Computer} {Vision} and {Pattern} {Recognition} ({CVPR})},
1250  urldate = {2022-10-11},
1251  language = {en},
1252  abstract = {With the of advent rich classification models and high computational power visual recognition systems have found many operational applications. Recognition in the real world poses multiple challenges that are not apparent in controlled lab environments. The datasets are dynamic and novel categories must be continuously detected and then added. At prediction time, a trained system has to deal with myriad unseen categories. Operational systems require minimal downtime, even to learn. To handle these operational issues, we present the problem of Open World Recognition and formally define it. We prove that thresholding sums of monotonically decreasing functions of distances in linearly transformed feature space can balance “open space risk” and empirical risk. Our theory extends existing algorithms for open world recognition. We present a protocol for evaluation of open world recognition systems. We present the Nearest Non-Outlier (NNO) algorithm that evolves model efficiently, adding object categories incrementally while detecting outliers and managing open space risk. We perform experiments on the ImageNet dataset with 1.2M+ images to validate the effectiveness of our method on large scale visual recognition tasks. NNO consistently yields superior results on open world recognition.},
1253  doi = {10.1109/CVPR.2015.7298799},
1254  url = {http://ieeexplore.ieee.org/document/7298799/},
1255  isbn = {978-1-4673-6964-0},
1256  title = {Towards open world recognition},
1257  address = {Boston, MA, USA},
1258}
1259
1260@inproceedings{arpit_closer_2017,
1261  pages = {10},
1262  year = {2017},
1263  author = {Arpit, Devansh and Jastrzebski, Stanisław and Ballas, Nicolas and Krueger, David and Bengio, Emmanuel and Kanwal, Maxinder S and Maharaj, Tegan and Fischer, Asja and Courville, Aaron and Bengio, Yoshua and Lacoste-Julien, Simon},
1264  booktitle = {International {Conference} on {Machine} {Learning} ({ICML})},
1265  language = {en},
1266  abstract = {We examine the role of memorization in deep learning, drawing connections to capacity, generalization, and adversarial robustness. While deep networks are capable of memorizing noise data, our results suggest that they tend to prioritize learning simple patterns first. In our experiments, we expose qualitative differences in gradient-based optimization of deep neural networks (DNNs) on noise vs. real data. We also demonstrate that for appropriately tuned explicit regularization (e.g., dropout) we can degrade DNN training performance on noise datasets without compromising generalization on real data. Our analysis suggests that the notions of effective capacity which are dataset independent are unlikely to explain the generalization performance of deep networks when trained with gradient based methods because training data itself plays an important role in determining the degree of memorization.},
1267  title = {A closer look at memorization in deep networks},
1268}
1269
1270@inproceedings{morcos_insights_2018,
1271  pages = {10},
1272  year = {2018},
1273  author = {Morcos, Ari and Raghu, Maithra and Bengio, Samy},
1274  booktitle = {Advances in {Neural} {Information} {Processing} {Systems} ({NeurIPS})},
1275  language = {en},
1276  abstract = {Comparing different neural network representations and determining how representations evolve over time remain challenging open questions in our understanding of the function of neural networks. Comparing representations in neural networks is fundamentally difficult as the structure of representations varies greatly, even across groups of networks trained on identical tasks, and over the course of training. Here, we develop projection weighted CCA (Canonical Correlation Analysis) as a tool for understanding neural networks, building off of SVCCA, a recently proposed method [22]. We first improve the core method, showing how to differentiate between signal and noise, and then apply this technique to compare across a group of CNNs, demonstrating that networks which generalize converge to more similar representations than networks which memorize, that wider networks converge to more similar solutions than narrow networks, and that trained networks with identical topology but different learning rates converge to distinct clusters with diverse representations. We also investigate the representational dynamics of RNNs, across both training and sequential timesteps, finding that RNNs converge in a bottom-up pattern over the course of training and that the hidden state is highly variable over the course of a sequence, even when accounting for linear transforms. Together, these results provide new insights into the function of CNNs and RNNs, and demonstrate the utility of using CCA to understand representations.},
1277  title = {Insights on representational similarity in neural networks with canonical correlation},
1278}
1279
1280@inproceedings{ovadia_can_2019,
1281  pages = {12},
1282  year = {2019},
1283  author = {Ovadia, Yaniv and Fertig, Emily and Ren, Jie and Nado, Zachary and Sculley, D and Nowozin, Sebastian and Dillon, Joshua and Lakshminarayanan, Balaji and Snoek, Jasper},
1284  booktitle = {Advances in {Neural} {Information} {Processing} {Systems} ({NeurIPS})},
1285  language = {en},
1286  abstract = {Modern machine learning methods including deep learning have achieved great success in predictive accuracy for supervised learning tasks, but may still fall short in giving useful estimates of their predictive uncertainty. Quantifying uncertainty is especially critical in real-world settings, which often involve input distributions that are shifted from the training distribution due to a variety of factors including sample bias and non-stationarity. In such settings, well calibrated uncertainty estimates convey information about when a model’s output should (or should not) be trusted. Many probabilistic deep learning methods, including Bayesian-and nonBayesian methods, have been proposed in the literature for quantifying predictive uncertainty, but to our knowledge there has not previously been a rigorous largescale empirical comparison of these methods under dataset shift. We present a largescale benchmark of existing state-of-the-art methods on classification problems and investigate the effect of dataset shift on accuracy and calibration. We find that traditional post-hoc calibration does indeed fall short, as do several other previous methods. However, some methods that marginalize over models give surprisingly strong results across a broad spectrum of tasks.},
1287  title = {Can you trust your model's uncertainty?  {Evaluating} predictive uncertainty under dataset shift},
1288}
1289
1290@inproceedings{papadopoulos_inductive_2002,
1291  pages = {345--356},
1292  year = {2002},
1293  author = {Papadopoulos, Harris and Proedrou, Kostas and Vovk, Volodya and Gammerman, Alex},
1294  publisher = {Springer},
1295  booktitle = {European {Conference} on {Machine} {Learning} ({ECML})},
1296  title = {Inductive confidence machines for regression},
1297}
1298
1299@inproceedings{romano_conformalized_2019,
1300  year = {2019},
1301  author = {Romano, Yaniv and Patterson, Evan and Candes, Emmanuel},
1302  booktitle = {Advances in {Neural} {Information} {Processing} {Systems} ({NeurIPS})},
1303  url = {https://proceedings.neurips.cc/paper/2019/file/5103c3584b063c431bd1268e9b5e76fb-Paper.pdf},
1304  volume = {32},
1305  title = {Conformalized quantile regression},
1306}
1307
1308@inproceedings{saunders_transduction_1999,
1309  year = {1999},
1310  author = {Saunders, Craig and Gammerman, Alexander and Vovk, Volodya},
1311  booktitle = {International {Joint} {Conference} on {Artificial} {Intelligence} ({IJCAI})},
1312  title = {Transduction with confidence and credibility},
1313}
1314
1315@inproceedings{torralba_unbiased_2011,
1316  pages = {1521--1528},
1317  year = {2011},
1318  month = {June},
1319  author = {Torralba, Antonio and Efros, Alexei A.},
1320  publisher = {IEEE},
1321  booktitle = {{IEEE} {Conference} on {Computer} {Vision} and {Pattern} {Recognition} ({CVPR})},
1322  urldate = {2022-10-10},
1323  language = {en},
1324  abstract = {Datasets are an integral part of contemporary object recognition research. They have been the chief reason for the considerable progress in the field, not just as source of large amounts of training data, but also as means of measuring and comparing performance of competing algorithms. At the same time, datasets have often been blamed for narrowing the focus of object recognition research, reducing it to a single benchmark performance number. Indeed, some datasets, that started out as data capture efforts aimed at representing the visual world, have become closed worlds onto themselves (e.g. the Corel world, the Caltech101 world, the PASCAL VOC world). With the focus on beating the latest benchmark numbers on the latest dataset, have we perhaps lost sight of the original purpose? The goal of this paper is to take stock of the current state of recognition datasets. We present a comparison study using a set of popular datasets, evaluated based on a number of criteria including: relative data bias, cross-dataset generalization, effects of closed-world assumption, and sample value. The experimental results, some rather surprising, suggest directions that can improve dataset collection as well as algorithm evaluation protocols. But more broadly, the hope is to stimulate discussion in the community regarding this very important, but largely neglected issue.},
1325  doi = {10.1109/CVPR.2011.5995347},
1326  url = {http://ieeexplore.ieee.org/document/5995347/},
1327  isbn = {978-1-4577-0394-2},
1328  title = {Unbiased look at dataset bias},
1329  address = {Colorado Springs, CO, USA},
1330}
1331
1332@inproceedings{vovk_machine-learning_1999,
1333  year = {1999},
1334  author = {Vovk, Volodya and Gammerman, Alexander and Saunders, Craig},
1335  booktitle = {International {Conference} on {Machine} {Learning} ({ICML})},
1336  title = {Machine-learning applications of algorithmic randomness},
1337}
1338
1339@article{dietterich_familiarity_2022,
1340  pages = {108931},
1341  note = {Publisher: Elsevier},
1342  year = {2022},
1343  author = {Dietterich, Thomas G. and Guyer, Alex},
1344  journal = {Pattern Recognition},
1345  shorttitle = {The familiarity hypothesis},
1346  volume = {132},
1347  title = {The familiarity hypothesis: {Explaining} the behavior of deep open set methods},
1348}
1349
1350@incollection{papadopoulos_inductive_2008,
1351  year = {2008},
1352  author = {Papadopoulos, Harris},
1353  publisher = {Citeseer},
1354  booktitle = {Tools in artificial intelligence},
1355  shorttitle = {Inductive conformal prediction},
1356  title = {Inductive conformal prediction: {Theory} and application to neural networks},
1357}
1358
1359@inproceedings{thagaard_can_2020,
1360  pages = {824--833},
1361  year = {2020},
1362  author = {Thagaard, Jeppe and Hauberg, Søren and Vegt, Bert van der and Ebstrup, Thomas and Hansen, Johan D. and Dahl, Anders B.},
1363  publisher = {Springer},
1364  booktitle = {International {Conference} on {Medical} {Image} {Computing} and {Computer}-{Assisted} {Intervention}},
1365  title = {Can you trust predictive uncertainty under real dataset shifts in digital pathology?},
1366}
1367
1368@article{zhang_understanding_2021,
1369  pages = {107--115},
1370  year = {2021},
1371  month = {March},
1372  author = {Zhang, Chiyuan and Bengio, Samy and Hardt, Moritz and Recht, Benjamin and Vinyals, Oriol},
1373  journal = {Communications of the ACM},
1374  urldate = {2022-10-10},
1375  number = {3},
1376  language = {en},
1377  abstract = {Despite their massive size, successful deep artificial ­neural networks can exhibit a remarkably small gap between training and test performance. Conventional wisdom attributes small generalization error either to properties of the model family or to the regularization techniques used during training.},
1378  doi = {10.1145/3446776},
1379  url = {https://dl.acm.org/doi/10.1145/3446776},
1380  issn = {0001-0782, 1557-7317},
1381  volume = {64},
1382  title = {Understanding deep learning (still) requires rethinking generalization},
1383}
1384
1385@misc{zhang_understanding_2017,
1386  keywords = {Computer Science - Machine Learning},
1387  note = {arXiv:1611.03530 [cs]},
1388  year = {2017},
1389  month = {February},
1390  author = {Zhang, Chiyuan and Bengio, Samy and Hardt, Moritz and Recht, Benjamin and Vinyals, Oriol},
1391  publisher = {arXiv},
1392  urldate = {2022-10-10},
1393  language = {en},
1394  abstract = {Despite their massive size, successful deep artificial neural networks can exhibit a remarkably small difference between training and test performance. Conventional wisdom attributes small generalization error either to properties of the model family, or to the regularization techniques used during training.},
1395  url = {http://arxiv.org/abs/1611.03530},
1396  title = {Understanding deep learning requires rethinking generalization},
1397}
1398
1399@techreport{mattis_summary_2018,
1400  pages = {14},
1401  keywords = {government, us-dod},
1402  year = {2018},
1403  author = {Mattis, Jim},
1404  language = {en},
1405  title = {Summary of the 2018 {National} {Defense} {Strategy}},
1406}
1407
1408@techreport{blackburn_summary_2019,
1409  pages = {17},
1410  year = {2019},
1411  month = {February},
1412  author = {Blackburn, R Alan},
1413  language = {en},
1414  url = {https://media.defense.gov/2019/Feb/12/2002088963/-1/-1/1/SUMMARY-OF-DOD-AI-STRATEGY.PDF},
1415  title = {Summary of the 2018 {Department} of {Defense} {Artificial} {Intelligence} {Strategy}},
1416}