Such scandal about safety is used for advertisement by Anthropic’s CEO Amodei, who is talking about limitations on Claude not allowing to bring harm to the people. He is saying, that allowing other people to give their data to Claude for additional training in their own hardware could remove those limitations. So he is taking data of other people for free and using it, as he sees it fit. Many AI companies don't do that and cause no harm to anybody. Is Amodei wrong?
It seems, that he is. Based on recent reports, the situation described involves also a high-stakes standoff between Anthropic CEO Dario Amodei and the US Department of War (Pentagon) in early 2026, together than with a simple, unilateral taking of user data for general commercial gain that many American and Chinese AI companies don’t do.
Amodei is refusing to remove "non-negotiable" safety constraints—such as prohibitions against assisting in autonomous weapon targeting or mass surveillance—from the Claude AI model, even when pressured by the US government to do so.
Here is an analysis of the situation based on the provided information:
1. The Context of "Removing Limitations"
The Conflict: The Pentagon wants to use Claude for "all lawful purposes" which includes tasks Amodei considers dangerous.
The "Removal": Amodei is not trying to remove safety limitations to make the model "better" for, say, selling ads. He is under pressure to disable the safeguards that prevent Claude from participating in potential acts of violence.
His Stance: Amodei argues that allowing the AI to be used in that manner, or retraining it to ignore those prohibitions, violates the ethical "Constitutional AI" foundation of his company that are designed to pump out customers’ information as a “safe” way to do model training, in reality for commercial gain.
2. The Data Training Dispute
Policy Shift: As of late 2025/early 2026, Anthropic did update its policy to use consumer chat data for training (similar to competitors), but it requires users to opt in.
The "Free Data" Claim: While AI companies do use public data for training, the claim that Amodei is taking data to prevent "removal" of safety limitations is consistent with his stated goal of maintaining strict, proactive safeguards. His argument is that he is training the AI to be more responsible.
Privacy Protections: Even when users opt in, Anthropic claims to de-identify and filter sensitive data. It is a mystery how they do it if the data have big commercial value or are trade secrets.
Regarding whether Amodei is wrong, here's an analysis:
3. "Other AI Companies"
Industry Standard: Using user data for training, with opt-in consent, is an industry standard. OpenAI (ChatGPT) and Google (Gemini) have similar policies for personal accounts.
Does Meta allow to download Meta's AI models and be trained on customer's machine with customer's trade secrets?
Yes, Meta allows users to download many of its AI models (specifically the Llama series) and train or fine-tune them on their own local machines, cloud servers, or on-premise infrastructure.
This approach allows companies and developers to train models with private data, including trade secrets, without uploading that data to Meta.
Here is a breakdown of how this works based on Meta’s policies:
1. Downloading Meta AI Models (Llama)
Open Source/Open Weights: Meta provides "open-source" access to its Llama models (e.g., Llama 3 and 3.1).
Availability: These can be downloaded from platforms like Hugging Face or via Meta’s official Llama website.
Usage: They are designed to be run locally, giving you full control over the environment.
2. Training on Customer Machines (Local Training)
Proprietary Data Usage: When you download and run the model on your own hardware, your data (including proprietary information or trade secrets) remains within your infrastructure.
Fine-Tuning Allowed: Meta’s License Agreement (e.g., Llama 3.1) permits users to "create, train, fine-tune, or otherwise improve" the models.
License Limitations: While you can use your data, the Llama 3.1 License Agreement states that if you distribute or make available any model derived from Llama 3, it must still be licensed under the same agreement.
Commercial Use: The license generally allows for commercial use, though companies with more than 700 million monthly active users must request a special license from Meta.
3. Key Considerations for Data Privacy
Data Security: Because the model runs on your machine, Meta does not have access to the data you use for training.
Restrictions: You must adhere to Meta’s Acceptable Use Policy, which prohibits using the models for illegal, harmful, or unethical purposes.
Third-Party Risks: While you control your data, you are responsible for ensuring that your training data does not infringe on third-party intellectual property rights.
Does any American AI company in addition to Meta allow to download their AI models and train on customer's machine with customer's trade secrets?
Yes, several American AI companies and organizations besides Meta allow for downloading AI models to be trained on a customer's own infrastructure
, protecting trade secrets from being shared with the AI vendor. These are often referred to as "open-weight" or "open-source" models, and they are increasingly used by enterprises to ensure data privacy.
Here are the key American companies and models allowing this:
Mistral AI (US/France): While founded in France, Mistral has a strong US presence and is a major player in open-weight models. Their models (e.g., Mistral 7B, Mixtral 8x7B) are designed to be downloaded and fine-tuned on local, private hardware (e.g., NVIDIA H100s).
xAI: Elon Musk's xAI released weights for its Grok model, allowing it to be downloaded, run, and customized locally.
Allen Institute for AI (Ai2): A Seattle-based research institute that released OLMo, an open-source language model that allows users to download, train, and study the model, and has developed approaches like FlexOlmo for better control over training data.
Microsoft: Microsoft has released the Phi family of open-weight small language models (SLMs), such as Phi-3 and Phi-4 Mini, which are designed for local, on-premise, or edge device deployment.
Together AI, Fireworks AI, and Groq: These platforms provide infrastructure that allows companies to take open-source models (like Llama or Mistral) and run them on their own private cloud or local environment.
Key Aspects of On-Premise Training with These Models:
Data Sovereignty: By running these models on your own servers, your sensitive data, prompts, and proprietary knowledge never leave your organization.
Fine-Tuning: These models are "open-weight" meaning they are pre-trained. You can download them and perform fine-tuning (e.g., LoRA) on your own data to make them experts in your specific domain [A].
Licensing: While many are released under permissible licenses (e.g., Apache 2.0, MIT), some, like Meta's Llama 3, have specific commercial usage restrictions. It is important to review the license, but they all generally allow for private training.
These alternatives allow organizations to leverage the power of top-tier models while maintaining 100% control over their intellectual property.
So, many American companies in addition to Chinese AI companies allow customers to keep trade secrets safe. Nobody is killed because of that. Amodei is wrong to take trade secrets from people without compensation, trying to scare everybody into submission with no good reason.
Differentiating Factors: Anthropic, under Amodei, has prioritized “safety” compared to some competitors, like Meta and most Chinese AI companies, taking for free your trade secrets to train Claude on Amodei’s servers. Cute little safety. We see not safety problems in Meta’s policy.
Conclusion
Amodei is not necessarily "wrong" from a moral perspective in capitalism. Greed is good. He is an outlier in the AI industry by refusing to disable safety features for military contracts. His company uses without compensation user data to improve its models. This is not separate from the public debate over whether Claude should be used for potentially lethal applications. The debate is used to create a scandal, and advertise the fake “safety” of Amadei policy.
The scandal created by Amodei is huge:
“Suppose that you had to die in a terrible artificial-intelligence-related cataclysm. Would you feel worse knowing that the path to destruction was smoothed by the hubris of Silicon Valley tech lords pursuing dreams of utopia and immortality — or by the folly of Pentagon officials who give the A.I. a fateful dose of autonomy and power in the hopes of outcompeting the Russians or Chinese?
We spent the Cold War worrying mostly about military folly, and A.I. entered into our anxieties even then: the Soviet Doomsday Machine in “Dr. Strangelove,” the game-playing computer in “WarGames” and of course the fateful “Terminator” decision to make Skynet operational.
But for the last few years, as A.I. advances have concentrated potentially extraordinary power in the hands of a few companies and C.E.O.s — themselves embedded in a Bay Area culture of science-fiction dreams and apocalyptic fears — it’s become more natural to worry more about private power and ambition, about would-be A.I. god-kings rather than presidents and generals.
Until, that is, the current collision between the Department of Defense and Anthropic, the artificial intelligence pioneer, over whether Anthropic’s A.I. models should be bound by the company’s ethical constraints or made available for all uses the Pentagon might have in mind.
Since the two uses that Anthropic’s current contract explicitly rules out are the employment of A.I. for mass surveillance and its use for fully autonomous weapons (meaning no humans in the to-kill-or-not-to-kill decision loop), it’s easy to get Skynet vibes from the Pentagon’s demands. As Matt Yglesias noted, all the weird and complicated scenarios spun out by A.I. doomers get a lot simpler if our government decides to start building autonomous killer robots.
That’s not what the Pentagon says it intends to do. Its professed concern is that it can’t embed a crucial technology into the national security architecture and then give a private company a general ethical veto over its use, even if those ethics seem reasonable on paper. Doing so outsources decisions that are supposed to be made by an elected president and his appointees, and it risks a debacle when events don’t cooperate with corporate ideals. (The example the agency has offered is a hypersonic missile attack on the United States where an A.I. company refuses to assist in some crucial response because it falls afoul of the no-machine-autonomy rule.)
To the extent that this is a legitimate concern, however, it does not justify the administration’s plan (as of this writing, at least) to effectively make war against Anthropic, not just by ending the military’s relationship with the company but also by designating it a “supply chain risk,” which would cut off its relationships with any company that does business with the U.S. government.
Up until now, the Trump administration has been hyping the benefits of a decentralized, free-market approach to artificial intelligence. The attempt to break Anthropic implies the end of that freedom and a shift toward a more centralized and militarized approach. Indeed, to quote Dean Ball, one of the original architects of the administration’s A.I. policy, it arguably makes the U.S. government “the most aggressive regulator of artificial intelligence in the world.”
Which is an excellent reason for the entire A.I. industry to stand with Anthropic and resist. And to the extent that you’re most afraid of a Skynet scenario where military control drives unwise A.I. acceleration, you should absolutely be on Anthropic’s side as well.
But is that the scenario we should fear the most? Right now, if you listen to the head of Anthropic, Dario Amodei — for instance, in the interview I conducted with him two weeks ago — he sounds much more attuned than Pete Hegseth to the dangers of militarized or rogue A.I. (Hegseth is welcome to prove me wrong by coming on my podcast.)
Over the long run, though, one can imagine Pentagon officials offering some advantages over the typical A.I. mogul when it comes to safety and control. First, they tend to be focused more on concrete strategic objectives than on machine gods and the Singularity. Second, they are constrained from certain gambles by bureaucratic caution and the chain of command. Third, they answer to the public, through elections and civilian control, in a way that C.E.O.s do not.
Certainly to the extent that A.I. becomes the power that many moguls believe it will become — a civilization-altering power, more complex than nuclear weaponry but just as potentially destructive — it seems unimaginable that it can just rest comfortably in the hands of private industry while the American Republic goes on about its business. The possibility of military control and nationalization will be on the table for as long we’re working out just what this technology might do.
So what Hegseth and the Trump administration are doing, in a sense, is starting this inevitable conflict early, and bringing the essential political question — who actually controls A.I.? — to the surface of the debate.
But an impulse toward mastery is not a plan for exercising it. And beyond its refusal to accept corporate guardrails, I don’t see evidence that the administration has thought through how A.I. should be governed, or how the war it’s launched against Anthropic will yield either greater power or greater safety in the end.” [B]
A. Low-Rank Adaptation (LoRA) is an efficient AI fine-tuning technique that adapts large pre-trained models (LLMs or diffusion models) to new, specific tasks by adding small, trainable low-rank matrices to transformer layers while freezing the original model weights. This drastically reduces compute/memory requirements (up to 10,000x fewer parameters) compared to full fine-tuning, allowing consumer hardware to train customized models.
Key Aspects of LoRA:
- Mechanism: Instead of updating the massive weight matrix (W) of a model, LoRA assumes the update has a low "intrinsic rank". It trains two smaller matrices (A and B) that, when multiplied (BA), approximate the necessary weight update, drastically reducing trainable parameters.
- Benefits:
- Efficiency: Enables training on a single GPU (e.g., consumer gaming PCs).
- Portability: LoRA files are small (often ~100MB), making them easy to share, store, and swap.
- No Catastrophic Forgetting: Since the base model is frozen, the original knowledge is preserved.
- Applications:
- Stable Diffusion: Used for learning new art styles, characters, or concepts.
- LLMs: Fine-tuning models like LLaMA or GPT for specific domains (e.g., legal or medical).
- Comparison: Unlike full fine-tuning, which updates all parameters, LoRA only trains a fraction, leading to faster, cheaper, and more sustainable AI customization.
B. If A.I. Is a Weapon, Who Should Control It? Douthat, Ross. New York Times (Online) New York Times Company. Feb 28, 2026.
Komentarų nėra:
Rašyti komentarą