> Blaming the tool only avoids the harder truth: we were never debating cleanly to begin with.
Yes, the problem is we humans are susceptible, but that doesn't mean a tool used to scale up the ability to create this harm is not problematic. There's a huge difference between a single person manipulating one other person and a single person manipulating millions. Scale matters and we, especially as the builders of such tools, should be cautious about how our creations can be abused. It's easy to look away, but this is why ethics is so important in engineering.
In this discourse it is often forgotten that we have consumer protection laws for a reason. And that consumer protection has been a pillar of labor struggle for a long time (and consequently undermined by conservative policies).
Scary effective ad campaigns which target cognitive biases in order to persuade consumers to behave against their own interest is usually banned by consumer laws in most countries. Using LLMs to affect consumer (or worse, election) behavior is no different and ought to be equally banned with consumer protection laws.
The existing tools at any given time do very much shape which consumer protection laws are created, and how they are created, as they should. A good policy maker does indeed blame a tool for a bad behavior, and does create legislation to limit how this tool is used, or otherwise the availability of that tool on the open market.
It is also forgotten that we as engineers are accountable as well. Mistakes will happen, and no one is expecting perfection, but effort must be made. Even if we create legal frameworks, individual accountability is critical to maintaining social protection. And with individual accountability we provide protection to novel harms. Legal frameworks are reactive, where the personal accountability is preventative. The legal framework can't prevent things happening (other than through disincentivization), it can only react to what has happened.
By "individual accountability" I do not mean jailing engineers, I mean you acting on your own ethical code. You hold yourself and your peers accountable. In general, this is the same way it is done in traditional engineering. The exception is the principle engineer, who has legal responsibility. But it is also highly stressed through engineering classes that "just following orders" is not an excuse. There can be "blood on your hands" (not literal) even if you are not the one who directly did the harm. You enabled it. The question is if you made attempts to prevent harm or not. Adversaries are clever, and will find means of abuse that you never thought of, but you need to try. And in the case here of LLMs, the potential harm has been well known and well discussed for decades.
What does that look like in practice, assuming an engineer doesn’t believe that the LLM genie can be put back into the toothpaste tube?
“Summarize the best arguments for and against the following proposition: <topic here />. Label the pro/for arguments with a <pro> tag and the con/against a with a <con> tag” seems like it’s going to be a valid prompt and any system that can only give one side is bound to lose to a system that can give both sides. And any system that can give those answers can be pretty easily used to make arguments of varying truthfulness.
In action it looks like
It doesn't matter what your job is, you should always be doing that. As engineers the potential for harm is greater.
But importantly, as engineers IT IS YOUR JOB. It is your job to find issues, and solve them. You have to think how people will abuse the tools you build. You have to think about how your things will fail. You have to think about what sucks. And most importantly, your job is to then resolve those things. That's what an engineer does. Don't dismiss it because "there's no value". The job of an engineer isn't to determine monetary value, that's the business people (obviously you do to some extent, but it isn't the primary focus). I'm really just asking that people do their jobs and not throw their hands up in the air or just pass on blame or kick the can down the road.
[0] I can't express how many times I've seen these people shut down and then passed over for promotion. It creates yes men. But yes men are bad for the business too! You and your actions matter: https://talyarkoni.org/blog/2018/10/02/no-its-not-the-incent...
> I mean you acting on your own ethical code. You hold yourself and your peers accountable
Industry wide self regulation is a poor substitute for actual regulation, especially in this capitalistic environment which rewards profitable behavior regardless of morality or ethics. In this environment the best an engineer can do is resign in protest (and I applaud any engineer which does that in fact), however that won’t stop the company from hiring new engineers who value their salary more than their ethical behavior—or have different ethical standards.
> And in the case here of LLMs, the potential harm has been well known and well discussed for decades.
The harms posed by LLMs are the very same which are caused by any company in the pursue of profits without regulation. In the past the only proven methods to force company to behave ethically has be industry wide regulation, especially consumer protection regulations.
Substitute? No. But you need both. Sorry, it's not the incentives, it is you[0]. As I said before, regulation is reactionary. This is why you need both. No one is saying no regulation, but I (and [0]) is saying things only happen because people do them. I know this is a wild claim, but it is an indisputable fact.
I expect every programmer and HN user to be familiar with scale. Please stop making this argument. You might as well be saying a nuclear bomb is the same as a Pop-Its. The dangers that LLMs pose is still unknown but if we're unwilling to acknowledge that there's any unique harm then there's zero chance of solving them.
Stop passing the buck.
[0] https://talyarkoni.org/blog/2018/10/02/no-its-not-the-incent...
I‘m sorry, but I’m not buying it. Other industries have had the technology for a long time to mass produce low quality products which harms their customers, or worse, bystanders. And in many of those cases the harmful production was never allowed on the market because the regulator was proactive and prevented the technology to be sold to consumers. I know those stories aren’t as prominent as the story of leaded gasoline, because stories of harm spread much further than stories of prevented harm. But they do exist, and are numerous.
I also fail to see why we need both regulation and moral behavior from developers. If the regulation exists, and the regulator is willing to enforce it, any company which goes against the regulation will be breaking the law, and stopped by the regulator. We only need the regulation in this case.
And how has that been working so far?
What's your argument here? What is the cost of having both? You sticking your neck out and saying when something's wrong that wrong? You having to uphold your moral convictions?
If regulation works perfectly, you'll never have to do anything, right? But if it doesn't, then you provide a line of defense. So I don't see your argument. You can't expect anything to work 100%, so what then?
Let's be honest here if you believe in things but don't stand up for them when it's not easy to then you really don't believe in those things. I believe in you, I just hope you can believe in yourself.
It won’t matter what I do personally if the company can just hire new engineers (or even outsource the work[1]). Let me repeat what I said above:
> however that won’t stop the company from hiring new engineers who value their salary more than their ethical behavior—or have different ethical standards.
Just because the state of consumer protection is abysmal in our current state of capitalism, that doesn’t mean it has to stay that way, and just because the regulators are unwilling to enforce the few remaining consumer protection laws it doesn’t mean they will never. Before Reagan consumer protection laws were passed all the time, and they used to be enforced, they can so again.
1: https://restofworld.org/2025/big-tech-ai-labor-supply-chain-...
You understand this costs money, right?
Yes, it doesn't matter if you're the only one that does it, but it does matter if you're not the only one that does. Frankly, many people won't even apply to jobs they find unethical. So yes, they can "hire somebody else" but it becomes expensive for them. Don't act like this (or most things) is a binary outcome. Don't let perfection get in the way of doing better.
And how the fuck do you expect things to change if you will not make change yourself? You just expect everyone to do it for you? Hand you a better life on a golden platter? I'm sorry to tell you, it ain't free. You need to put in work. Just like with everything else in life. And you shouldn't put all your eggs in one basket.
Remember, I'm not arguing against regulation. So it is useless to talk about how regulation can solve problems. We agree on that, there's no discussion there. It seems the only aspect we disagree on that part is if regulation works 100% of the time or not. Considering the existence of lawsuits, I know we both know that's not true. I know we both know time exists as well and the laws don't account for everything, requiring them to be reactionary. Remember, laws can only be made after harm has been done. You need to show a victim. SO how do we provide another layer of protection? It comes down to you.
You will not be able to convince me we don't need both unless: 1) you can show regulation works 100% of the time or 2) you can provide another safety net (note you are likely to be able to get me to agree to another safety net but it's probably going to be difficult to convince me that this should be a replacement and not an addition. All our eggs in one basket, right?). Stop doing gymnastics, and get some balls.
I think our disagreement stems from this belief:
> Remember, laws can only be made after harm has been done.
This simply isn’t true. Plenty of regulation is done proactively. You just don’t hear about it as often because, harm prevented is not as good of a story as harm stopped.
For example we have no stories of exporting encryption algorithms to different countries causing harm, yet it is heavily regulated under the belief it will cause harm to national security. Similarly there is no stories of swearing on the radio causing harm, yet foul language is regulated by the FCC. A more meaningful examples are in the regulatory framework in the field of medicine, and if you want scale, the intellectual property of fashion design.
But even so, it can be argued that LLMs are already causing harm, it is mass producing and distributing bad information and stolen art. Consumers are harmed by the bad information, and artists are harmed by their art being stolen. A regulation—even if only reactionary—is still apt at this point.
The series of law-suits you mention only proves my point. We expect companies that break the law to be punished for their action, although I would argue that the regulator is generally far too lazy in pursuing legal actions against companies that break the law.
I'll concede. You're right. But this also is not the norm, despite my best wishes that it was.
But I still think there's a critical element you are ignoring and I'm trying to stress over and over and over. YOU NEED TO ADDRESS THIS FOR A CONVERSATION TO BE HAD
This concept is littered all throughout every single one of my comments and you have blatantly ignored it. I'm sorry, if you cannot even acknowledge the very foundation of my concern, I don't know how you can expect me to believe you are acting in good faith. This is at the root of my agitation.
No it doesn't, because you are ignoring my point. I am not arguing against regulation. I am not arguing that regulation doesn't provide incentives.
My claim of lawsuits existing was to evidence the claim
Again, this is the point you are ignoring and why no conversation is actually taking place.
Great! So you agree that regulation isn't enough and that regulation fails. You've tried very hard to avoid taking the next step. "WHAT DO YOU DO WHEN REGULATION FAILS?" Seriously, are you even reading my comments? At this point I can't figure out if I'm talking to a wall or an LLM. But either way, no conversation will continue unless you are unwilling to address this. You need to stop and ask yourself "what is godelski trying to communicate" and "why is godelski constantly insisting I am misunderstanding their argument?" So far your interpretations have no resolved the issue, maybe try something different.
> WHAT DO YOU DO WHEN REGULATION FAILS?
I expect better regulations and/or enforcement.
I am speaking around it because it seems obvious. If we have good regulation and enforcement of these regulations there is no need for self-regulation. While we don‘t have good regulation, or a regulator unwilling to enforce existing regulation, the go-to action is not to amass self-regulation (because it will not work) but to demand better regulation, and to demand the regulator does their job. That is at least how you would expect things to work in a democracy.
If I look around in information technology and not only, ethics seems to be long lost on the way. Of course there are exceptions, but...
Every day you make a choice. It's never too late to make this change