From Transparency to Accountability and Back

Abstract

Artificial intelligence (AI) is increasingly intervening in our lives, raising widespread concern about its unintended and undeclared side effects. These developments have brought attention to the problem of AI auditing: the systematic evaluation and analysis of an AI system, its development, and its behavior relative to a set of predetermined criteria. Auditing can take many forms, including pre-deployment risk assessments, ongoing monitoring, and compliance testing. It plays a critical role in providing assurances to various AI stakeholders, from developers to end users. Audits may, for instance, be used to verify that an algorithm complies with the law, is consistent with industry standards, and meets the developer’s claimed specifications. However, AI developers and companies will rarely grant auditors unfettered access to their systems. In this work, we examine a key consideration in AI auditing: what type of access to an AI system is needed to perform a meaningful audit? Addressing this question has direct policy relevance, as it can inform AI audit guidelines and requirements. We begin by discussing the factors that auditors balance when determining the appropriate type of access, and unpack the benefits and drawbacks of four types of access. We conclude that, at minimum, black-box access—providing query access to a model without exposing its internal implementation—should be granted to auditors. In particular, we argue that black-box access effectively balances concerns related to proprietary technology, data privacy, audit standardization, and audit efficiency. We then suggest a framework for determining how much further access (on top of black-box access) to provide to auditors. We show that auditing can be cast as a natural hypothesis test and argue that this framing provides clear and interpretable guidance on the implementation of AI audits. In particular, we draw parallels between aspects of hypothesis testing and those of legal procedure, such as legal presumption and burden of proof. As a result, hypothesis testing provides an approach to AI auditing that is both interpretable and effective, offering a potential path forward despite the challenges posed by AI’s opacity.