Step #1 seems to be a problem. For a LLM to know what you need to obfuscate and are most vulnerable to, presumably you would need to be explicit. But now you have a written trace which will be stored in records, and especially in finance, this will be legally required to be retained indefinitely; your chats will no longer show up in Matt Levine's newsletter, but your T1 LLM prompts... And if you switch to something like voice input, regulators may just require you to record *that* - because they now can! (As Levine points out, the move from in-person or telephone calls to text-based chat and email has resulted in a staggering increase in legibility to prosecutors.) Nor would this be theoretical: as soon as the first T1 shows up and guarantees a loss in a high-profile trial or lawsuit, now *every* prosecutor or lawyer worth their salt will prioritize looking for T1s in discovery. The only really secure T1 remains in places where it would be impossible to demand: inside your head or in person discussions.
I agree that you wouldn't want to say things in archived T1s that you wouldn't want seen in discovery. But that still seems to leave a lot of value in this whole process, from the view of an org trying to control its messaging.
I'd think a paper trail could be eliminated because I think it doesn't need to be explicit. LLMs are largely opaque, so train it on examples of you doing obfuscation by hand, or use an LLM already fine-tuned for obfuscation of typical sensitive info (it will be named something else but everyone knows what it does).
This seems to miss the change in meaning that the practice of having LLMs edit the material will have. Ultimately, we are parsing these messages for evidence about the attitudes and thoughts of those that wrote them (for tone/branding...for legal concerns I mostly agree). And if T4 can decide a potentially bad (off brand or offensive) message in the the output of the sending LLM then I suspect ppl will treat that as if the sending organization had sad the bad thing.
Either people will just be able to say, "ohh we didn't mean that it was just bad LLM output" or they'll be a demand to see the input to the LLM to disavow supposed negative connotations.
So I tend to agree with everything up to T4. In other words I think this works only as long as the sending org produces output that the receiving org/person is willing to just take at face value.
I guess the shorter version of my point is: why won't the sender include their own summary which they can control? Not only does that benefit them but also the recipient (who avoids risk of missummary or highlighting the wrong parts).
Ahh, I see. I'm still skeptical that the recieving org will use a LLM to help read the text except for legal documents.
I'd guess there will be two different situations. The first is where the sending org expects the message to be read by actual people. In that case they optimize their LLM to produce text that best conveys their message to people so no summary generating LLM is desired or used (best to let the sender optimize the message they wish to send since they actually know what they want conveyed).
OTOH there is the case of generating legal contracts. There I agree that the situation will be roughly as you describe. Sending org writes it up in plaintext has it translated to legally clear conditions (compares the back translation) and the recieving org uses an automatic summary.
But I don't think we'll use summary generating machines just to allow the sending message to be more complicated so as to allow plausible deniability. Yes, sometimes we do things like that but usually only in ways that are themselves more deniable and less delibrate.
Most importantly, sending orgs will want to control how their message is perceived so I think the incentives favor them releasing messages that are already short and clear enough to make summarization more trouble than benefit.
But that standard use negates any plausible deniability. If the recipient knows the sender knows the message will be summarized as X and sent it anyway they can assume the sender intended X as the message.
So you gain no plausible deniability. I expect instead that (excepting legal docs) the sender will produce the summary themselves to control it (and the recipient will prefer that bc they can rely on the sender actually endorsing it).
But don't most buisnesses now choose to use relatively short and succinct messaging when talking to other buisnesses or the public? If they wanted to they could already use longer more deniable remarks. Sure, about a narrow collection of things like diversity etc they obfusciate but you could just translate all those things in your head to 'saying whatever is generically socially acceptable'.
Step #1 seems to be a problem. For a LLM to know what you need to obfuscate and are most vulnerable to, presumably you would need to be explicit. But now you have a written trace which will be stored in records, and especially in finance, this will be legally required to be retained indefinitely; your chats will no longer show up in Matt Levine's newsletter, but your T1 LLM prompts... And if you switch to something like voice input, regulators may just require you to record *that* - because they now can! (As Levine points out, the move from in-person or telephone calls to text-based chat and email has resulted in a staggering increase in legibility to prosecutors.) Nor would this be theoretical: as soon as the first T1 shows up and guarantees a loss in a high-profile trial or lawsuit, now *every* prosecutor or lawyer worth their salt will prioritize looking for T1s in discovery. The only really secure T1 remains in places where it would be impossible to demand: inside your head or in person discussions.
I agree that you wouldn't want to say things in archived T1s that you wouldn't want seen in discovery. But that still seems to leave a lot of value in this whole process, from the view of an org trying to control its messaging.
I'd think a paper trail could be eliminated because I think it doesn't need to be explicit. LLMs are largely opaque, so train it on examples of you doing obfuscation by hand, or use an LLM already fine-tuned for obfuscation of typical sensitive info (it will be named something else but everyone knows what it does).
Whoa, wait a minute. Are we entering a golden age of plausible deniability?
Will lawyers as a bloc allow this to happen?
Lawyers as a block gain greatly from the existence of legal loopholes, which is the main reason we hire them.
I think that spin will be one of the last careers to be swallowed by AI. Small children and robots aren't good at telling and detecting lies.
This seems to miss the change in meaning that the practice of having LLMs edit the material will have. Ultimately, we are parsing these messages for evidence about the attitudes and thoughts of those that wrote them (for tone/branding...for legal concerns I mostly agree). And if T4 can decide a potentially bad (off brand or offensive) message in the the output of the sending LLM then I suspect ppl will treat that as if the sending organization had sad the bad thing.
Either people will just be able to say, "ohh we didn't mean that it was just bad LLM output" or they'll be a demand to see the input to the LLM to disavow supposed negative connotations.
So I tend to agree with everything up to T4. In other words I think this works only as long as the sending org produces output that the receiving org/person is willing to just take at face value.
I didn't mean to imply that the face value of T4 and would T2 differ. I just meant that T4 would be shorter and easier to read.
I guess the shorter version of my point is: why won't the sender include their own summary which they can control? Not only does that benefit them but also the recipient (who avoids risk of missummary or highlighting the wrong parts).
Ahh, I see. I'm still skeptical that the recieving org will use a LLM to help read the text except for legal documents.
I'd guess there will be two different situations. The first is where the sending org expects the message to be read by actual people. In that case they optimize their LLM to produce text that best conveys their message to people so no summary generating LLM is desired or used (best to let the sender optimize the message they wish to send since they actually know what they want conveyed).
OTOH there is the case of generating legal contracts. There I agree that the situation will be roughly as you describe. Sending org writes it up in plaintext has it translated to legally clear conditions (compares the back translation) and the recieving org uses an automatic summary.
But I don't think we'll use summary generating machines just to allow the sending message to be more complicated so as to allow plausible deniability. Yes, sometimes we do things like that but usually only in ways that are themselves more deniable and less delibrate.
Most importantly, sending orgs will want to control how their message is perceived so I think the incentives favor them releasing messages that are already short and clear enough to make summarization more trouble than benefit.
But that standard use negates any plausible deniability. If the recipient knows the sender knows the message will be summarized as X and sent it anyway they can assume the sender intended X as the message.
So you gain no plausible deniability. I expect instead that (excepting legal docs) the sender will produce the summary themselves to control it (and the recipient will prefer that bc they can rely on the sender actually endorsing it).
I don't understand what org Y gains from transforming T2 into T4 in step 5.
T4 will likely be much shorter and easier to understand.
But don't most buisnesses now choose to use relatively short and succinct messaging when talking to other buisnesses or the public? If they wanted to they could already use longer more deniable remarks. Sure, about a narrow collection of things like diversity etc they obfusciate but you could just translate all those things in your head to 'saying whatever is generically socially acceptable'.
Let the LLM also produce T1, now we're cooking. Can't wait for the age of corporations entirely managed by a series of LLMs feeding into each other.