《香港特別行政區政府數字政策辦公室：2025香港生成式AI技術及應用指引報告（英文版）（46頁）.pdf》由會員分享，可在線閱讀，更多相關《香港特別行政區政府數字政策辦公室：2025香港生成式AI技術及應用指引報告（英文版）（46頁）.pdf（46頁珍藏版）》請在三個皮匠報告上搜索。

1、Hong Kong Generative Artificial Intelligence Technical and Application Guideline April 2025 The Government of the Hong Kong Special Administrative Region of the Peoples Republic of China Preamble The Digital Policy Office(DPO)of the Government of the Hong Kong Special Administrative Region(the HKSAR

2、 Government)has commissioned the Hong Kong Generative AI Research and Development Center(HKGAI),which was established under the funding support of InnoHK,to assist in research and formulation of the“Hong Kong Generative Artificial Intelligence Technical and Application Guideline”,so as to provide re

3、levant codes and practices on the technology and the use of generative artificial intelligence(AI)technologies for reference by various sectors.This Guideline documents the technical background and governance principles of generative AI,and provides a practical guide to Technology Developers,Service

4、 Providers and Service Users.The DPO will continue to review the latest technologies and application development related to generative AI and update the content of the guideline regularly.Through the collaborated efforts of Technology Developers,Service Providers,Service Users and other broad stakeh

5、olders,generative AI can better serve Hong Kongs society,bringing more convenience and welfare to the public.Note:In the event of any discrepancies between the Chinese and English versions of this document,please refer to the English version and notify the Digital Policy Office.Table of Contents Bac

6、kground.1 1.Brief Introduction to Generative AI.3 1.1 Overview of Generative AI.3 1.2 Main Principles of Generative AI Technology.3 1.3 Main Modalities of Content Generation.5 1.3.1 Introduction to Text Generation.5 1.3.2 Introduction to Image Generation.6 1.3.3 Introduction to Audio Generation.6 1.

7、3.4 Introduction to Video Generation.7 1.4 Main Service Areas of Generative AI.7 2.Governance of Generative AI.9 2.1 Technical Limitations and Service Risks of Generative AI.9 2.1.1 Technical Limitations.9 2.1.2 Service Risks.11 2.1.3 Model Lifecycle and Human Oversight.13 2.2 Five Dimensions of Gov

8、ernance.18 2.2.1 Personal Data Privacy.18 2.2.2 Intellectual Property.19 2.2.3 Crime Prevention.19 2.2.4 Reliability and Trustworthiness.19 2.2.5 System Security.20 2.3 Key Principles of Governance.21 2.3.1 Compliance with Laws and Regulations.21 2.3.2 Security and Transparency.21 2.3.3 Accuracy and

9、 Reliability.22 Table of Contents 2.3.4 Fairness and Objectivity.23 2.3.5 Practicality and Efficiency.23 3.Practical Guidelines for Technology Developers,Service Providers,and Service Users of Generative AI.24 3.1 Technology Developers:Build Comprehensive Teams and Adopt Proper Working Practices.24

10、3.2 Service Providers:Build Responsible Service Frameworks and Service Development Processes.27 3.2.1 Establish a Responsible Generative AI Service Framework.27 3.2.2 Responsible Service Development Processes.28 3.3 Service Users:Proactive Stewards of Benevolent AI.30 Acknowledgement.32 Appendix.33

11、1 Governance Requirements for Generative AI in Specific Countries and Regions.33 1.1 The Mainland.33 1.2 Other Major Countries and Regions.34 2 Key Governance Areas of Generative AI in Hong Kong.36 2.1 Hong Kong Governance Framework for Generative AI:Hong Kong Features.37 2.2 Hong Kongs Generative A

12、I Governance Policy Framework.38 1 Background Generative artificial intelligence(AI)is an important branch of modern AI represented by machine learning.By leveraging various machine learning algorithms,generative AI can automatically generate content information such as texts,images,audios,and video

13、s according to complex human intentions and instructions.In recent years,with the breakthroughs in generative AI technology,relevant products and services have been rapidly applied and promoted.Compared to other AI applications and traditional internet applications,their greatest advantage lies in t

14、heir more personalised and convenient content creation functions,marking an important milestone in the journey towards general-purpose AI.The wave of technological transformation driven by generative AI is sweeping the world,and it is expected to be widely applied in more fields in the future,exerti

15、ng a profound impact on economic and social development and the course of human civilisation.However,at the same time,this technology also faces complex challenges such as unpredictable security risks and ethical issues.The governance of AI has become a common issue faced by countries around the wor

16、ld.Only by ensuring that the development and application of generative AI technology always run on a safe track can we promote the steady and sustainable advancement of AI.The Government of the Hong Kong Special Administrative Region(HKSAR Government)is keenly aware that Hong Kong must keep up with

17、the technological development trends,formulate AI governance plans that are compatible with these trends,and actively promote the development of AI technology to contribute to the economic and social development of Hong Kong.To this end,the HKSAR Government actively draws on international best pract

18、ices and collaborates with experts in the local industry and the field of innovation and technology,committing itself to enhancing the resilience of the AI industry ecosystem in Hong Kong.The HKSAR Government has commissioned the Hong Kong Generative AI Research and Development Center(HKGAI),which s

19、pecialises in generative AI technology,to conduct research on appropriate guiding principles regarding credibility,accountability,ethical safety in the development and application of generative AI technology,and to propose recommendations accordingly.Commissioned by the HKSAR Government,the HKGAI ha

20、s formulated the“Hong Kong Generative Artificial Intelligence Technical and Application Guideline”(the Guideline),taking into account expert opinions from the industry and international best practices.The Guideline aims to encourage relevant stakeholders within the Hong Kong Special Administrative R

21、egion to engage in various generative AI-related business activities safely 2 and responsibly,strictly adhering to ethical standards,moral guidelines,and legal regulations.The Guideline also provides practical guidance for all stakeholders to effectively address the security issues and social risks

22、arising from generative AI technology.The Guideline aims to ensure the timely communication of regulatory developments and the sharing of best practices.It aims to balance innovation with social responsibility in the development of generative AI in Hong Kong,thereby maximising the benefits of techno

23、logical advancement and minimising associated risks.The establishment of this framework will pave the way for a robust governance structure for generative AI,which is essential for promoting the open application ecosystem and healthy development of generative AI across industries in Hong Kong.The Gu

24、ideline is specifically tailored for the following stakeholders:1.Technology developers and those who commission the development of technology or determine the use of technology(Technology Developers);2.Service providers,platform providers,and individuals who provide service with additional features

25、 and tools based on existing technology(Service Providers);3.Service users,content creators,and disseminators of generative content(Service Users).As generative AI technology services become increasingly prevalent,they bring about a multitude of security and social risks.To this end,this Guideline o

26、ffers practical guidance and recommendations.For Technology Developers,it is important to focus on technical risks such as data breaches,model biases,and errors.The Guideline provides best practices for secure development and design to ensure the reliability and stability of the technology.For Servi

27、ce Providers,they need to pay attention to the compliance and security of their services,especially when handling data from Service Users and generative content.The Guideline provides suggestions to ensure the secure operation of their services.Service Users need to understand the potential risks as

28、sociated with using generative AI services,avoid illegal and unethical behaviour during use,and learn how to protect personal privacy and data security.The Guideline offers advice on using technology services,as well as measures for identifying and addressing potential security threats.3 1.Brief Int

29、roduction to Generative AI 1.1 Overview of Generative AI Generative AI refers to the use of various machine learning algorithms to enable computer systems to automatically generate content information such as text,image,audio,video,code or other media,based on vast amounts of data,according to compl

30、ex human intentions and instructions.Compared with other AI applications and traditional Internet applications,generative AI has the ability of content generation and creation.The information content provided by this service is not the information already existing on the Internet,but the information

31、 content newly created and generated by the model algorithm based on the input instructions of the Service Users.Service Users can generate content or solutions that meet their expectations according to their own needs,so as to obtain a more personalised and customised service experience.Generative

32、AI technology is a branch of the modern AI field represented by machine learning,and it serves as the underlying algorithms,models,and architectures that support generative AI services.Generative AI services refer to the products,solutions,and services developed using generative AI technology.Throug

33、hout the entire lifecycle of generative AI technology,from its research and development to its application,there are three important roles:Technology Developers,Service Providers,and Service Users.1.2 Main Principles of Generative AI Technology Generative AI technology is based on generative models

34、within deep learning.Through various training strategies such as unsupervised or self-supervised learning,autoregression,and more,the models learn the distributional characteristics of a large amount of training data,thereby facilitating the generation of new content.The methods and strategies for g

35、eneration vary by model and can involve generating from random noise or initial inputs step by step,or compressing data to form a“Latent Space”,sampling within the“Latent Space”,and then decoding to generate data.Key technologies include latent space learning,probabilistic modelling,and generative s

36、trategies,working together to enable the creation of diverse content.Generative AI technology can produce multimodal content,including text,code,images,audio,and video.Currently,the mainstream models include Generative Adversarial Networks(GANs),Variational Autoencoders(VAEs),Autoregressive Models,D

37、iffusion Models,4 Transformer Models,etc.:GAN trains two neural networks in a competitive manner.The generator network generates data,and the discriminator network determines whether the data is real or not.Through continuous optimisation in adversarial training,the generator is able to generate inc

38、reasingly realistic data.VAE uses an encoding-decoding generation method.It maps the input data to the distribution in the latent space,usually a Gaussian distribution,and then samples from this distribution to generate new samples.Autoregressive model is based on the idea of step-by-step generation

39、.It takes the already generated content as context input and predicts the next element to generate new data,which is suitable for generating ordered data sequences.Diffusion model uses the generation method of diffusion and denoising.First,noise is gradually added to the original data,and then new d

40、ata is reconstructed from the noise by learning the inverse process.Transformer model is constructed based on the self-attention mechanism and feed-forward neural networks,adopting an encoder-decoder architecture.The generation process mainly relies on compressing a large amount of data with the enc

41、oder to form a language latent space.Then,the decoder uses the self-attention mechanism to process the context information and samples in an autoregressive manner to gradually generate new content.Today,the term Generative AI primarily refers to large foundation models based on the transformer archi

42、tecture,including Large Language Models(LLMs)and Vision-Language Models(VLMs).These models use self-attention mechanisms and feed-forward neural networks in an encoder-decoder architecture.The generation process compresses large amounts of data to form a latent space,then uses self-attention to proc

43、ess context and generate new content in an autoregressive manner.Transformer-based models excel at producing multimodal content including text,code,image,audio,and video.Even diffusion models,which generate images by gradually removing noise from random patterns,typically operate within VLMs to proc

44、ess textual prompts While earlier approaches like GANs,VAEs,and pure autoregressive models made important contributions to the field,modern generative AI is predominantly driven by transformer-based architectures that can process and generate across multiple modalities with unprecedented capabilitie

45、s.Model pre-training,fine-tuning,and inference are important stages in the lifecycle of generative AI technology,jointly forming a complete process from 5 construction to deployment.Pre-training refers to the process of initially training a model on a large scale of unannotated or weakly annotated d

46、ata,with the aim of allowing the model to learn general features and knowledge from the data.This stage typically employs unsupervised learning frameworks,such as self-supervised or autoregressive methods.Models trained through autoregressive methods can effectively learn the distributional regulari

47、ties of the data,thereby acquiring strong generalisation capabilities.The knowledge acquired can be easily transferred to specific tasks,thereby reducing the need for annotated data in specific domains.Fine-tuning is a crucial step to enhance the performance of a model in specific tasks or domains.A

48、fter the model has been pre-trained,it needs to be further trained on a small-scale labelled dataset that caters to specific requirements.The parameters of some or all layers of the model will be fine-tuned according to the data of the target task,enabling the model to master the knowledge of specif

49、ic domains.Fine-tuning optimises the model for specific application scenarios.Compared with training from scratch,fine-tuning on the existing pre-trained model can reduce the training time and computational costs,and significantly lower the usage threshold of large-scale parameter models.Common fine

50、-tuning techniques include instruction fine-tuning,Reinforcement Learning from Human Feedback(RLHF),Direct Preference Optimisation,Low-Rank Adaptation(LoRA),etc.Inference is the final link in the lifecycle of generative AI and also a crucial stage for the practical application of the model.In the in

51、ference stage,the already trained model will stop updating its own parameters and instead conduct real-time processing based on the input actual data to generate output results.In order for the trained model to handle the input from Service Users or the data in practical applications,it is necessary

52、 to deploy it in the form of a service and launch it into the production environment,so as to meet the needs in different scenarios.The speed,efficiency,and accuracy of inference are key indicators for evaluating the performance of the model.To improve the inference efficiency,technical measures suc

53、h as model compression and optimisation can be adopted.1.3 Main Modalities of Content Generation 1.3.1 Introduction to Text Generation Text generation refers to the automatic generation of natural language text from input data using natural language processing technology.It usually relies on natural

54、 language processing technology,and currently,large language models,which are the 6 most popular,are also one of the key technologies for text generation.By learning language patterns and rules from a large amount of text data,the model can generate coherent and grammatically correct text according

55、to the given input.There are two basic modes of text generation:In unimodal text generation,when generating text,only text is used as both input and output.Based on the given text prompts or context,it predicts and generates the subsequent text content.Multimodal generation is capable of processing

56、multiple types of data simultaneously,such as text,images,audios,videos,etc.,and establishing connections and interactions among these different modal data,so as to generate text.1.3.2 Introduction to Image Generation Image generation utilises generative technology to automatically generate brand-ne

57、w image content through the learning and analysis of a large amount of image data.Usually,generative adversarial networks or diffusion models in deep learning are used as the training methods for image generation.The modes of image generation are as follows:In the text-to-image mode,Service Users in

58、put text descriptions.The model parses the semantic information and converts it into a vector representation,and then generates and decodes it into an image in the latent space based on the learned knowledge.In the image-to-image mode,feature extraction and encoding are carried out on the input imag

59、e,and after operation and transformation in the latent space,it is reconstructed into a new image.1.3.3 Introduction to Audio Generation Audio generation refers to the process of using AI technology to synthesise the corresponding sound waveforms according to the input data,usually relying on deep n

60、eural networks to generate the spectrum of audio signals.The modes of audio generation are:Text-to-audio converts text input into audio output.By understanding the input text information,it generates audio that conforms to or is related to the text content(such as composing music for the input lyric

61、s).Audio-to-audio means generating new audio based on the existing audio.The generative model can learn the patterns and characteristics of the existing audio samples,and generate relevant new audio content based on 7 these patterns and characteristics(such as composing music by listening to the sou

62、nd).1.3.4 Introduction to Video Generation Video generation refers to the process of using AI technology to synthesise corresponding video content according to the input data(such as texts,images,video clips,etc.).It can learn the patterns and characteristics of videos from a large amount of data,an

63、d generate new video content based on these patterns and characteristics.Video generation is an extension and expansion of image generation.In video generation,not only does it need to generate high-quality images for each frame,but also deep learning models are required to understand and synthesise

64、 the image frames in the time sequence and the corresponding backgrounds,so as to generate a coherent video stream that conforms to the laws of the physical world.1.4 Main Service Areas of Generative AI Generative AI services can accept inputs such as texts,images,audios,videos,and codes,and generat

65、e new content in various forms.Currently,they have been widely applied in multiple industries,including the following typical service scenarios:Knowledge Q&A:Based on the knowledge and patterns in its training data,combined with an external knowledge base,generative AI can respond in real-time to th

66、e knowledge inquiries of Service Users,providing accurate and detailed information answers.It is widely used in scenarios such as intelligent customer service,internal corporate knowledge bases,academic research,and education.Role-playing:Generative AI can simulate interactions with specific charact

67、ers through a dialogue system,such as historical figures,fictional characters,customer service staff,etc.,providing Service Users with a virtual reality experience.It can be used in fields such as entertainment,education,and training.Writing Assistance:Generative AI can help Service Users with vario

68、us types of writing,such as article creation,story writing,thesis writing,copywriting planning,etc.It can provide functions such as creative inspiration,grammar correction,content polishing,and text translation,improving writing efficiency and quality.It is widely applied in fields such as daily off

69、ice work,8 media,advertising,and academia.Programming Assistance:Generative AI can assist programmers in writing codes,providing code suggestions,conducting code reviews,explaining code functions,etc.,helping to improve programming efficiency.It can be applied in fields such as software development

70、and data analysis.Mathematical Reasoning:Generative AI is capable of performing complex mathematical calculations and logical reasoning.It can be applied to solving mathematical problems,conducting mathematical proofs,providing ideas and methods for solving mathematical problems,and assisting in mat

71、hematical research.AI Agents:Generative AI has the ability to make judgments and decisions.It can perceive the environment,make decisions,take actions,and interact with other systems at the same time.It can usually be deployed in various complex application environments and is widely used in industr

72、ies such as industry,healthcare,and finance,for example,in autonomous driving vehicles,intelligent robots,intelligent investment,etc.AI Art:Generative AI is widely applied in the field of artistic creation.It can generate paintings with diverse styles according to user instructions or reference mate

73、rials,which are used in fields such as art and design to provide creative inspiration and assistance.It can understand music theory and melody structures,generate music of different styles and types,lower the threshold for music creation,and contribute to music composition and soundtrack production.

74、It can also generate various videos such as animations and short films,and is applied in fields such as film and television,and game development,reducing production costs and thresholds.Figure 1.Main Service Areas of Generative AI 9 2.Governance of Generative AI 2.1 Technical Limitations and Service

75、 Risks of Generative AI 2.1.1 Technical Limitations Generative AI models have made significant strides in accurately understanding complex semantics and generating high-quality content,meeting the general standards required for everyday life and production needs.However,generative AI models still ha

76、ve numerous technical limitations,referred to as inherent model issues.These inherent model issues can ultimately lead to the generation of harmful content.Therefore,the Guideline encourages Technology Developers,Service Providers,and Service Users to understand the following technical limitations o

77、f the models and their associated risks:Model Hallucination refers to the phenomenon where the information generated by a model does not align with the actual circumstances of the real world or contradicts the intentions of the Service Users.The root of the problem lies in the models own generative

78、mechanism.Models generate content based on the distribution and patterns learned from data through statistical learning rules of algorithms.During this process,the limitations of the data,the complexity of the algorithms,and the models limited semantic understanding are the main causes leading to th

79、e occurrence of model hallucinations.According to the current level of technological development,although various methods can be employed to suppress model hallucinations,it has not been possible to completely eliminate them.Taking the large text-to-text generation model as an example,model hallucin

80、ation can lead to outputs involving fabrication,piecing together,or grafting of information when answering questions or generating content,resulting in responses that deviate from the actual situation.Such issues not only severely affect the reliability and usability of the models output,but also po

81、se potential risks of misleading downstream decisions and applications.Model Bias refers to the specific preferences and tendencies that exist when a model generates content or makes decisions.This ethical issue leads to a lack of fairness and impartiality in content.Model bias permeates the entire

82、lifecycle of the model:during the training and development phase,algorithmic design flaws lead to algorithmic bias,incomplete or unbalanced training data generates data bias,and unreasonable evaluation metrics and methods trigger evaluation bias.In the actual usage phase,models are influenced by pas

83、t data to produce historical bias,affected by cultural differences leading to cultural bias,unfair preconceptions about different groups result in group bias,insufficient 10 sensitivity to individual characteristics cause individual bias,and influenced by interaction factors leading to interaction b

84、ias(bias resulting from the complex interactions between different input variables that the model fails to accurately capture or interpret).In addition,model performance and data timeliness change over time,resulting in temporal bias.The Black Box Problem means that the internal working mechanism of

85、 the generative AI model is complex and opaque,making it difficult for Technology Developers,Service Users,and the audience to understand how the model generates output results.This opacity of the generation mechanism brings about many challenges in terms of technology,ethics,and practical applicati

86、ons.For example,there are technical challenges such as difficult debugging and limited optimisation;ethical and legal issues such as responsibility attribution,fairness,and bias;user trust issues such as lack of transparency and limited decision-making support;and security risks such as adversarial

87、attacks and abuse.Mathematical Reasoning refers to the capacity to engage with numerical and logical problems,a capability that generative AI has begun to demonstrate significant potential in.However,there is an ongoing debate within the academic community about whether generative AI is merely capab

88、le of imitation or has actually developed a certain level of scientific logical reasoning ability.In terms of performance,generative AI tends to perform less well on problems that require the application of mathematical logic,with even simple tasks such as counting being prone to errors.Researchers

89、are still exploring the mathematical capabilities of generative AI.Sensitivity to Input Variations refers to the scenario where generative AI models often demonstrate disproportionate sensitivity to minor input changes,where slight variations in prompts or queries can produce substantially different

90、 outputs,undermining consistency and reliability.Data Integrity is fundamental to trustworthy generative AI systems.Specific risks include data poisoning(deliberate injection of corrupted data),data drift(gradual divergence from training distribution),and unauthorised modifications due to inadequate

91、 security controls.To mitigate these risks,organisations should implement comprehensive data governance practices,including validation techniques,version control,and regular audits.Proper security controls and monitoring systems are essential for maintaining data integrity throughout the AI lifecycl

92、e.Organisations should provide appropriate transparency regarding data sources and processing methods while ensuring compliance with relevant regulations.Industries handling sensitive information should 11 consider additional safeguards such as enhanced auditing capabilities and technologies that pr

93、ovide immutable records where appropriate.2.1.2 Service Risks The proposed AI governance framework establishes a four-tiered risk classification system,creating a proportionate regulatory approach based on potential harm.At the highest level,Unacceptable Risk systems that pose existential threats su

94、ch as uses causing harm or affecting human safety or subliminal manipulation should be prohibited,where developers will need to bear legal liability.High Risk applications deployed in critical infrastructure contexts like healthcare diagnostics or autonomous vehicles require conformity assessments,h

95、uman oversight,and continuous monitoring.Systems with Limited Risk that have moderate societal impact,including recruitment tools or educational AI,must fulfil transparency obligations,provide user opt-out mechanisms,and undergo annual compliance audits.Finally,Low Risk applications such as spam fil

96、ters or creative tools face minimal regulatory burden,requiring only self-certification.This calibrated approach balances innovation with appropriate safeguards,ensuring regulatory intensity corresponds to the potential severity of harm across the AI ecosystem.Risk Tier Definition Regulatory Strateg

97、y Unacceptable Risk Systems posing existential threats(e.g.,uses causing harm or affecting human safety,subliminal manipulation)-Full prohibition-Legal liability for development/deployment High Risk Critical infrastructure systems(e.g.,healthcare diagnostics,autonomous vehicles)-Conformity assessmen

98、ts-Human-in-the-loop requirements-Real-time monitoring Limited Risk Systems with moderate societal impact(e.g.,recruitment tools,educational AI)-Transparency obligations-User opt-out mechanisms-Annual compliance audits Low Risk Minimal-risk applications(e.g.,spam filters,creative tools)-Self-certifi

99、cation Table 1:Risk Classification System In addition,generative AI models must be packaged as services or products to be brought to market.For example,OpenAIs ChatGPT is essentially a chat service based on large language models.It provides a front-end interactive interface for Service Users,while t

100、he back end can employ various models such as GPT-4o,o1,or o1-mini.12 Even at the service stage,generative AI can still introduce new safety risks.This Guideline refers to these as service-derived issues,such as:Content Safety is a critical issue for generative AI services.Such services pose risks o

101、f enabling users to create or disseminate harmful content,as well as exposing audiences to such content.For instance,users might exploit generative AI services to produce dangerous content involving pornography,violence,gore,terror,or child abuse.During interaction,generative AI services might also

102、propagate harmful values,disseminating hate speech,discriminatory remarks,or inflammatory statements,thereby making users passive recipients of harmful content.When such harmful content is created,processed further,and widely distributed,it can exert a subtle negative influence on audiences,particul

103、arly teenagers who lack discernment,potentially inducing them to engage in illegal activities,criminal behaviour,or self-harm.Fabrication of Rumours refers to the challenge wherein generative AI services can produce highly convincing text,images,audio,video,and other multimedia content.Due to their

104、low cost,ease of use,and speed,these services can be exploited by users to deliberately create and disseminate rumours at scale,thereby confusing the public and misleading audiences.The general public often struggles to distinguish such fabricated rumours,which can significantly impact personal deci

105、sion-making.As technology continues to advance,rumours generated using generative AI are expected to become even more realistic,posing severe challenges to the integrity of the societal information environment.Model Jailbreaking refers to the practice of bypassing the safety mechanisms that develope

106、rs have put in place to prevent generative AI services from being used for hazardous purposes and abuse.Under normal conditions,these models are designed to identify and reject unsafe requests that fall outside the established safety parameters.However,on the user side,attack methods targeting the s

107、afety perimeter continue to emerge,and these are referred to as model jailbreaks.For example,a user might input a carefully crafted sequence of commands as part of an attack,followed by an illicit request.If the model is successfully deceived by these commands,it may process requests that it should

108、have otherwise refused,potentially leading to severe security risks.Data Leaks refer to the challenge wherein generative AI services,particularly chat-based services,may collect user information in various forms.This includes information voluntarily provided by users,uploaded documents,and personal

109、data accessed through devices.During the transmission and 13 processing of this data,there is a risk of exposing private information belonging to individuals or enterprise users.Maintaining equilibrium between mitigating potential risks and preserving freedom of expression presents a persistent chal

110、lenge to law enforcement operations.While authorities remain committed to upholding speech rights protected by the Basic Law,clear demarcation of legal boundaries becomes necessary when AI technologies are exploited for illicit activities.Such prohibited applications may include:the dissemination of

111、 instructions facilitating violent conduct(such as explosive device fabrication or assault methodologies),the generation of obscene material,the production of synthetically manipulated media content or falsified information intended to facilitate fraudulent schemes or public disruption,or the creati

112、on of malicious computational code designed to compromise information systems.2.1.3 Model Lifecycle and Human Oversight The lifecycle of a generative AI model can be divided into the following stages:(1)Planning and Data Collection;(2)Model Development;(3)Deployment and Integration;and(4)Usage and M

113、aintenance.In light of the inherent risks associated with generative AI models,developers,organisations,and individuals should take into account the potential costs and risks while aiming for practicality and effectiveness,and thus adopt a responsible approach in the development and utilisation of g

114、enerative AI at every stage.Below will elucidate the risks present throughout the lifecycle of generative AI models and indicate the responsibilities that should be assumed by all involved parties.2.1.3.1 Planning and Data Collection Generative AI aims to create new content,such as text,images,audio

115、,and video.This requires the system to emulate human creativity and,to some extent,surpass existing methods of data collection and usage.Generative AI often employs self-supervised or unsupervised learning,typically requiring larger datasets than traditional AI,which increases data-related risks,suc

116、h as:Harmful Data Risk/Data Poisoning:During data collection,incorrect data,outliers,or specially crafted samples by attackers may distort the models understanding of data distribution or decision boundaries,leading to degraded performance,inappropriate outcomes or skewed model behaviour.Data Bias R

117、isk:Variations in data sources,collection methods,and collection times can result in a lack of objectivity and comprehensiveness in the dataset.This leads to biased models that often replicate and amplify biases present in the training data.14 Personal Data Privacy Risk:Developers may inadvertently

118、or intentionally handle sensitive personal data during collection,thereby violating individuals privacy rights.Intellectual Property Risk:The training of generative AI models and the utilisation of generated content entail potential intellectual property risks,as the inadvertent use of copyrighted m

119、aterials may lead to infringement claims,while the substantial resemblance of the output to existing protected work may increase the likelihood of legal challenges.Figure 2.Lifecycle of Generative AI Model To mitigate these risks,it is crucial to assess the source and quality of data during the plan

120、ning and collection phase.Measures should be taken to ensure the standardisation of data collection and cleaning.Specifically,data sources should adhere to a principle of diversification;data distribution should be analysed using automated or manual methods,filtering harmful content;and data collect

121、ion should secure proper authorisation from stakeholders to avoid infringing on personal privacy.Domain-specific fine-tuning is particularly valuable for high-stakes sectors such as legal,regulatory,government,and banking.Given the nuanced language,legal precision,and confidentiality often required

122、in these domains,generalised models may fall short.Targeted fine-tuning or training on curated,domain-relevant datasets such as legislative archives or regulatory frameworks can enhance accuracy,compliance,and trustworthiness.Generative AI with multimodal capabilities can significantly enhance the d

123、elivery of public services.For instance,integrating generative AI voice assistants into government-operated communication channels can help address manpower challenges by efficiently handling routine inquiries while enabling human agents to focus on complex or sensitive cases.With capabilities such

124、as speech recognition,sentiment analysis,and voice-to-text summarisation,these AI systems can convert large volumes of interaction data into actionable insights that inform real-time responses and support long-term policy development.15 2.1.3.2 Model Development Model development includes the design

125、 and selection of the models architecture,planning of training algorithms,and processes for design,implementation,and evaluation.First and foremost,it is crucial to assess whether generative AI models align with business objectives,with a clear clarification in mind of the basis for decision-making.

126、During the planning phase,ensuring the success of generative AI projects hinges on understanding the datasets required for different models,selecting the appropriate learning algorithms,and clarifying limitations regarding scalability,storage,and development time.The model development process is non

127、linear.As new data arrives or business requirements change,models may need to be retrained or updated.During the development of generative AI models,the following risk issues may arise:Technical Risks:Depending on the model architecture and capabilities,models may fit the training data too closely(o

128、verfitting),making the generated content too similar to the training content,thereby losing its generalisability;or the model may not learn the patterns in the training data adequately(underfitting),leading to the models inability to output content that meets the instructions.Both of these technical

129、 risks can impact the overall accuracy and reliability of the model.Intellectual Property Risks:Model development may involve using third-party architectures or pre-trained weights.Violations of others intellectual property rights(e.g.,patents,copyright)or licensing requirements during this process

130、can lead to intellectual property disputes.Therefore,during the model development phase,developers should thoroughly understand the accuracy and reliability of the chosen model and design appropriate metrics to fully assess the technical risks associated with the model.If using open-source model arc

131、hitectures or weights,it is also necessary to comply with the requirements of the open-source licences.2.1.3.3 Deployment and Integration Deployment and integration represent the final stage before users interact with the AI model.Service Providers must prepare sufficient computational resources to

132、support the models operation and integrate an intuitive user interface to facilitate interaction.Key risks in this phase include:System Integration Risks:Combining multiple components into a cohesive system may lead to instability due to compatibility issues,component failures,or security vulnerabil

133、ities.16 Access Control Risks:Components developed by different developers or third parties may inherit permissions improperly.This can lead to unintended permission propagation,creating issues such as infringement of others intellectual property rights or data infringement.To address these risks,Se

134、rvice Providers should build redundant and highly available systems to ensure individual component failures do not compromise overall security;design comprehensive integration testing strategies;and clearly define access permissions for system components and implement strict access control policies

135、to restrict access to critical components and services.Organisations should evaluate deployment strategies that balance generative AI adoption with security considerations.Since AI prompts may contain sensitive business data or personal information,organisations should carefully assess risks when se

136、lecting service modelswhether cloud-based solutions,on-premise setups using open-source models,or on-device implementations.A hybrid approach where deployment choices are guided by the criticality of the use case and data protection requirements may be most appropriate for many scenarios.The adoptio

137、n of interoperability standards,such as open APIs and secure data-sharing protocols,between government platforms and private-sector AI solutions can facilitate smoother integration of generative AI into e-government services and other public infrastructure.By enabling structured collaboration and te

138、chnical compatibility,this approach can accelerate AI adoption,reduce duplication of efforts,and foster an open innovation ecosystem.Regulatory alignment with international frameworks enhances trust and enables cross-boundary AI collaboration.Harmonisation with widely recognised standards,such as th

139、ose established in other jurisdictions,offers predictability and confidence to global partners and investors.Clear delineation of how legal and regulatory mechanisms will function in the event of AI-related issuesincluding which authorities have jurisdiction over various AI-related matterscan streng

140、then institutional transparency and governance effectiveness.2.1.3.4 Usage and Maintenance Once generative AI services are officially launched,users interact with the model online or within a local network to receive desired outputs.When providing services to the public,the following risks require c

141、lose attention:Content Safety Risks:Generative AI may produce content that violates legal or ethical standards based on improper user inputs.Data Exposure Risks:When generating responses based on the prompts 17 provided by users,generative AI might inadvertently include the users personal data or ot

142、her confidential information,or it might access data used during the Retrieval-Augmented Generation(RAG)process.Copyright Risks:Determining the copyright ownership of content created by generative AI services,if any,is not always straightforward.The domestic law governing copyright subsistence and o

143、wnership of such content may vary from place to place,necessitating careful attention and consideration to address copyright issues covering copyright ownership of outputs of generative AI services,where applicable,and prevention of copyright infringement by such outputs.Credibility,Ethical,and Soci

144、al Risks:Generative AI can create realistic but false content,such as fake news or forged audiovisual material,which may contradict ethical and social values.This poses threats to social trust.Technology Developers have the responsibility to employ technical measures to filter the input content prov

145、ided by Service Users to prevent the generation of harmful content due to malicious intent.They should also take relevant measures to label the generated content to distinguish it from real content.Service Providers should provide clear operating instructions and technical documentation to explain t

146、o Service Users how to use the service correctly.They must declare the copyright ownership of the generated content to Service Users where practical,and only with the consent of the Service Users,may record their usage(logging)and store it without violating personal data regulations.Service Users sh

147、ould be fully aware of the potential for falsity in content generated by AI and should proactively verify the authenticity of the content.2.1.3.5 Human Oversight Appropriate human oversight is critical for ensuring the trust and accountability framework of generative AI systems.The degree of human o

148、versight should be based on the impact of different stages(e.g.,data collection,model training,and output generation).The greater the impact,the stronger the need for human oversight.Models can be categorised based on the level of human oversight:Collaborative Generative AI Models:For models used in

149、 less impactful decision-making scenarios,human judgment can complement AI.These systems typically require limited human oversight due to smaller data volumes.Human-Dominated Models:When collaborative models are insufficient,human-dominated models are used.These rely primarily on human decision-maki

150、ng and operations,with AI serving as an auxiliary tool.18 2.2 Five Dimensions of Governance To promote the effective and beneficial use of generative AI,this Guideline introduces a governance framework for generative AI based on five dimensions.Under this framework,stakeholders should clearly define

151、 the scope of their actions and accurately assess potential risks.The five dimensions are:Personal Data Privacy Intellectual Property Crime Prevention Reliability and Trustworthiness System Security 2.2.1 Personal Data Privacy The rapid growth of generative AI presents unprecedented challenges to pe

152、rsonal data privacy protection.At its core,the complexity of AI systems poses risks of personal data privacy and sensitive information leaks at all stages of development.From data collection and processing to model training,optimisation,and eventual application and service provision,even minor misst

153、eps can expose sensitive information to potential threats.For addressing personal data privacy concerns during the AI training phase,promising approaches like Federated Learning have emerged.This technique allows models to be trained across multiple decentralised devices or servers holding local dat

154、a samples,without exchanging the data itself.Instead,only model updates are shared,helping to minimise privacy exposure while still enabling effective model development.Regarding personal data privacy,the purpose and manner of personal data collection,accuracy and duration of personal data retention

155、,use of personal data,security of personal data,openness and transparency in relation to personal data policies and practices,and access to and correction of personal data are the key aspects in the lifecycle of generative AI development and service provision.Ensuring the security of personal privac

156、y and sensitive information throughout the entire lifecycle of generative AI development and service provision is thus critical.This is not only about protecting individual rights but also about maintaining public trust in generative AI technologies and fostering the healthy,sustainable development

157、of the industry.19 2.2.2 Intellectual Property The intellectual property system of each place provides a dedicated and balanced legal framework for protecting the legitimate rights of creators and inventors,and fostering a culture of creativity and innovation.However,the rapid development of generat

158、ive AI is posing unprecedented opportunities and challenges to the intellectual property regime,from aspects ranging from data collection and model training to content generation.In the phases of data collection and model training,the utilisation of materials protected by copyright for AI training h

159、as raised widespread concerns about potential infringement and the applicable scope of copyright exceptions.This has driven academia,industry,and legal communities to engage in vigorous discussions and to explore new provisions that explicitly provide for exceptions for model training purposes,in an

160、 effort to achieve a balance between fostering innovation and safeguarding the interests of creators.2.2.3 Crime Prevention The evolution of generative AI presents both opportunities and challenges for crime prevention and control.While AI integration significantly advances law enforcement capabilit

161、ies by transforming traditional methods into more sophisticated,data-driven approaches,its governance must extend beyond legal frameworks.A holistic approach must incorporate ethical considerations,social implications,public acceptance,and community response.The implementation of these technologies

162、requires transparency about their capabilities and limitations to maintain public trust and ensure their deployment aligns with societal values and expectations.Simultaneously,generative AI introduces serious governance challenges as criminals exploit these technologies.Deepfakes powered by generati

163、ve AI pose significant societal risks by creating incredibly realistic fake audio and visual content that mimics individuals appearances and voices.These deceptive materials are increasingly used to spread misinformation,manipulate public opinion,and impersonate individuals in communications and ele

164、ctronic transactions for fraudulent purposes,creating multifaceted threats to public safety,privacy,and trust in digital information.2.2.4 Reliability and Trustworthiness The credibility of generative AI refers to its ability to demonstrate stable and reliable performance,continuously and accurately

165、 outputting results that meet expectations and are trustworthy in various application scenarios.For the system of generative AI,authenticity and credibility are one of the core elements of the trustworthiness and accountability.This accountability involves the task of constructing a scientific,rigor

166、ous,and effective mechanism and framework to ensure that developers,operators,and 20 users of generative AI assume corresponding responsibilities for the logic of model operations,behavioural patterns,and their widespread impacts.Especially when the system generates information that is false,biased,

167、or misleading,it is possible to clearly and accurately allocate responsibilities among the relevant entities based on this mechanism and framework.Currently,the trustworthiness and accountability of AI-generated content are facing unprecedented and significant challenges.The technical architecture i

168、nherent in generative AI is highly complex,with a certain degree of opacity in its internal logic and algorithmic mechanisms,making the tracing and analysis of its decision-making process extremely difficult in practical applications.Issues known to affect the authenticity and credibility of generat

169、ive AI include defects in algorithm design,biases or noise in training data,and unexpected anomalies encountered during operation.Since it is difficult to precisely determine the source of erroneous information,it is impossible to quickly and accurately identify the responsible entities upon discove

170、ring problems,which seriously affects the credibility and application promotion of generative AI.2.2.5 System Security Under the governance framework of generative AI,system security is a core element,focusing on ensuring that the system itself and data are not accessed and compromised by unauthoris

171、ed individuals.However,the unique vulnerabilities that arise during the processing of sensitive information and the risks of reverse attacks faced by models are continuously increasing the security risks associated with generative AI.At the same time,data poisoning attacks are also a prominent issue

172、.Malicious attackers deliberately tamper with training data,interfering with the models learning process.Once data poisoning is successful,the model may make erroneous or biased decisions,which not only undermines the integrity of AI applications but also significantly diminishes user trust.To addre

173、ss these challenges,Technology Developers and Service Users need to establish sophisticated monitoring and updating mechanisms and strictly implement security measures to ensure the integrity and credibility of data.In terms of preventing data poisoning,strict data verification processes should be i

174、mplemented,utilising anomaly detection algorithms to identify and filter suspicious data entries,while ensuring that the training datasets are reliable and of high quality.Additionally,regularly auditing data sources and constructing secure data transmission channels can further reduce the risk of d

175、ata poisoning,providing a solid guarantee for the safe and stable operation of generative AI.21 2.3 Key Principles of Governance 2.3.1 Compliance with Laws and Regulations Throughout the entire lifecycle of generative AI technologyspanning research and development,service provision,and practical app

176、licationall relevant stakeholders must uphold a strong sense of legal compliance and adhere strictly to regulatory standards.In the context of Hong Kong,every stage of generative AI operation must fully align with the specific provisions and core principles of the regions existing legal framework,le

177、aving no room for deviation or unlawful practices.Specifically,Technology Developers must ensure that data collection for model training respects intellectual property rights and protects personal privacy,while generated content must not violate laws,public morality,intellectual property rights,or i

178、ndividual privacy.If the industries,regions,or countries covered by a generative AI service impose stricter requirements,Technology Developers,Service Providers,and Service Users should respect and comply with these higher standards.Additionally,Service Providers and Service Users must recognise the

179、ir social responsibilities and legal obligations,particularly in avoiding the dissemination of false or harmful information.2.3.2 Security and Transparency In the development of generative AI,it is essential to address and resolve both model-inherent and service-derived issues to reduce their insecu

180、rity and lack of transparency.At the model level,harmful content that is illegal,violates regulations,or goes against ethical standards should be eliminated through algorithm optimisation and data governance.At the service level,Service Providers must fully disclose risks to users and enhance model

181、security and transparency by employing technologies such as encryption and explainable AI,ensuring the reliable operation of the technology.Taking an open-source model in the market as an example,its reasoning technology imparts a clear logical context to content generation,vividly presenting the ke

182、y steps and logic in the content generation process.This makes content generation no longer a“black box”operation to some extent,allowing users to intuitively understand the basis of content generation,thereby greatly enhancing the transparency of generative AI and laying a solid foundation for the

183、safe and reliable application of generative AI technology.Open-source models typically offer greater transparency,allowing for public scrutiny of training methodologies,data sources,and algorithmic design.This transparency enables broader verification of safety measures and detection of potential bi

184、ases or vulnerabilities by the wider community.Proprietary models,while often featuring advanced capabilities,present inherent limitations in transparency due to commercial considerations,making independent verification more challenging.Such a 22 comparison would provide stakeholders with valuable i

185、nsights into the transparency trade-offs associated with different development approaches and their implications for governance frameworks.Figure 3.Key Principles of Governance 2.3.3 Accuracy and Reliability In the research,development,and application of generative AI,careful management is required

186、at both the model development and service stages to effectively address various risks.During model development,developers should leverage advanced technologies and scientific methodologies to minimise issues like model hallucinations that could impact future applications.For example,incorporating RA

187、G technology allows the model to accurately retrieve relevant information from extensive external knowledge sources during content generation and seamlessly integrate this information into the process.This approach enhances the models understanding and application of real-world knowledge,ensuring th

188、e accuracy and reliability of generated content while avoiding factual deviations caused by model hallucinations.Additionally,Service Providers should design and offer user-friendly,efficient fact-checking tools tailored to the specific service context,such as authoritative data retrieval interfaces

189、 or intelligent comparison tools,to assist users in manually verifying results.These measures significantly improve the reliability of generated outputs,ensuring the safety,stability,and compliance of generative AI services.This,in turn,supports the steady development of generative AI technologies a

190、long a controlled and trustworthy trajectory.23 2.3.4 Fairness and Objectivity Generative AI services must fully embrace the principles of diversity and universality,actively avoiding information imbalances and eliminating the risk of creating “information silos”caused by excessive concentration of

191、certain types of content.From the initial stage of data collection to each critical step of content generation,strict controls must be implemented to eliminate model biases.During data selection,diverse information sources should be included to ensure comprehensive representation of data from varyin

192、g fields and backgrounds.During model training and content generation,scientific algorithms and rigorous review mechanisms should be employed to prevent the generation of biased or discriminatory content targeting factors such as belief,political opinion,nationality,region,gender,age,ethnicity,skin

193、colour,industry,health status,income level,or lifestyle.By providing fair,objective,and inclusive content,generative AI can help promote information equity and foster societal harmony,allowing the technology to play a positive role in advancing these goals.2.3.5 Practicality and Efficiency As an inn

194、ovative and highly creative technology,generative AI is profoundly transforming operational models across various sectors.Developers and Service Providers bear the responsibility of continuously enhancing the utility of this technology to ensure that generative AI delivers precise,efficient,and high

195、-quality content that aligns with user intentions.On one hand,algorithm and model architecture optimisations should be pursued to improve the accuracy and relevance of generated content,avoiding irrelevant or biased information.On the other hand,the full potential of the technology should be harness

196、ed by exploring its applications across diverse tasks,complex scenarios,and multiple industries.By solving real-world problems and significantly improving work efficiency,generative AI can empower industrial upgrades and contribute to societal progress and the improvement of peoples lives.Through in

197、novative applications,generative AI can become a driving force for advancement at both the industry and societal levels.24 3.Practical Guidelines for Technology Developers,Service Providers,and Service Users of Generative AI Based on the above discussion,we offer the following recommendations for ge

198、nerative AI developers,Service Providers,and Service Users,aligned with their respective roles,rights,liabilities,and obligations as outlined in the stakeholder responsibility matrix.Stakeholder Definition Responsibilities Technology Developers Organisations and individuals who create,train,and main

199、tain the foundational models and algorithms that power generative AI systems.Ethical model development Technical safeguard implementation Ongoing oversight and monitoring Data rights management Service Providers Entities that deploy generative AI technologies as customer-facing applications or servi

200、ces,acting as intermediaries between developers and end users.Content governance Privacy protection Accountability measures User data processing End Users Individuals or organisations that utilise generative AI services for personal or professional purposes.Ethical usage Awareness and control Commun

201、ity protection Content verification Table 2:Role Definition Matrix 3.1 Technology Developers:Build Comprehensive Teams and Adopt Proper Working Practices A well-structured generative AI development team and sound working practices are essential for advancing technology while ensuring security and co

202、mpliance.Developers should adhere to principles that emphasise both intellectual property protection and broader considerations such as data integrity and neutrality.Establish a Data Team and Assign a Leader:A dedicated data team,led by an assigned leader,should ensure compliance with applicable law

203、s and regulations,avoiding any infringement or violations of all other prevailing applicable laws and regulations.In addition to managing data distribution and 25 maintaining balance to prevent discrimination,the team must align datasets with appropriate values and factual accuracy during fine-tunin

204、g.Robust quality control mechanisms should be established to uphold these standards.Furthermore,data acquisition,storage,processing,and transmission must comply with relevant laws and regulations,including those governing personal data privacy and cybersecurity.Stringent security measures are vital

205、to prevent data breaches and misuse.By following these practices,the data team can support responsible and ethical AI development.Establish an Algorithm Engineering Team:This team should prioritise security and trustworthiness in algorithm design and optimisation,ensuring safety during pre-training,

206、fine-tuning,and inference stages.They should promptly identify and fix vulnerabilities,enhance content explainability through inference techniques,and strengthen system-level guarantees for the reliability of generated outputs.Techniques such as RAG and knowledge bases should be employed to ensure t

207、he timeliness and accuracy of the generated content.Establish a Quality Control Team:Comprehensive testing is a key method to ensure that AI applications are safely deployed and function properly before deployment.Establishing formal testing requirements to verify the models vulnerability to securit

208、y threats,such as its ability to resist adversarial attacks and sensitivity to data breaches,is crucial.Involving Service Users in the testing process can help identify security issues from the perspective of the users.Standardised testing criteria facilitate effective comparison between candidate m

209、odels.To this end,the system must have concrete performance metrics.Developers should devise clear,measurable implementation paths based on performance metrics(such as precision,recall,and accuracy).Control measures or means for manual supervision and intervention in the models operation should be e

210、stablished.Additionally,implementing an anomaly-based reporting system to highlight performance deviations and regular assessments to maintain the models accuracy and effectiveness are essential.Lastly,Technology Developers must regularly review test results to further ensure the accuracy of the tes

211、t results,guaranteeing the stability and reliability of the model and product,and ensuring they can operate normally in various application scenarios,outputting reliable results.Establish Operational Principles:Transparency and explainability are crucial,requiring developers to disclose training dat

212、a sources(where feasible),model architectures,and evaluation metrics.Organisations should establish policies on when to accept AI-generated content,such as requiring users to double-check AI-generated materials,verify references,and ensure correctness before usage.Data quality must be prioritised,wi

213、th training data that is high-quality,26 diverse,representative,and regularly updated.AI systems should provide transparent explanations for outputs and incorporate mechanisms for source verification,fact-checking,and validation.Continuous monitoring,including regular audits,is essential to identify

214、 and address errors,biases,or inaccuracies.User feedback should be actively encouraged to improve system reliability,while domain expertise is critical for developers and content creators.Accountability mechanisms must be established to address dissemination of misinformation,along with industry-wid

215、e standards for consistency and accuracy.Collaboration with academia and research institutions,both locally and internationally,is vital to stay updated on advancements and leverage expertise.Finally,industry leaders and regulatory bodies should work together to develop common guidelines covering da

216、ta quality,transparency,accountability,and bias mitigation.Establish a Compliance Team:Regular compliance reviews and assessments of the models and products developed are essential to prevent negative impacts on social order,public safety,and ethical standards.Establishing a comprehensive documentat

217、ion system encourages Technology Developers to adhere to the principle of transparency by disclosing the technical principles and usage rules,thereby allowing Service Users and regulatory agencies to understand and supervise the application of the technology,building trust,and reducing the risk of m

218、isuse.Technology Developers and Service Providers should follow higher standards.High-risk AI-generated content,such as deepfakes,ID document images,and financial materials,should include irremovable watermarks or embedded codes to ensure traceability and accountability.Transparency is crucialAI mod

219、els must be trained on verified,reliable sources,with Service Providers integrating trusted references and disclosing information sources.AI systems should alert users when outputs cannot be verified,preventing the spread of unverified or false content.Responsibility for accuracy must rest with deve

220、lopers and providers,not users.Independent evaluation mechanisms should apply not only to Service Providers but also to Technology Developers from the development stage.Developers should undergo audits covering risks like content accuracy,bias,harmful outputs,and privacy compliance.As major stakehol

221、ders,developers must bear greater responsibility for AI safety.Implementing these measures will enhance accountability,transparency,and the overall effectiveness of the Guideline in preventing AI misuse.27 3.2 Service Providers:Build Responsible Service Frameworks and Service Development Processes 3

222、.2.1 Establish a Responsible Generative AI Service Framework Generative AI Service Providers must identify specific business or opportunities that can bring significant value,and determine the priority of service provision based on service feasibility,alignment with strategic objectives,and potentia

223、l impact,establishing a responsible framework for generative AI services.We propose below aspects to consider when establishing such a framework:Ensure Service Compliance:Service Providers should select and use base models that comply with the relevant laws and regulations and social ethical standar

224、ds of Hong Kong.Service Providers are responsible for ensuring that their service systems do not output illegal,non-compliant,or inappropriate content.They should establish mechanisms to enhance the traceability and auditability of the system,effectively reducing the risk of inputting malicious data

225、;label content such as generated images and videos;and strengthen risk notification for content that is unsuitable for output or contains biases,as well as for services used by special groups such as minors.Ensure Data Security:Service Providers must comply with relevant data protection regulations

226、such as the Personal Data(Privacy)Ordinance(PDPO)(Cap.486)when collecting,processing,using,storing,retaining and deleting of user data including personal data.They must fully protect the privacy rights of Service Users,avoiding excessive collection,misuse,or disclosure of user data.At the same time,

227、they should strengthen the encryption and desensitisation of sensitive data to ensure the security and privacy of data during its transfer.When necessary,they should work closely with Technology Developers and conduct data security surveys among Service Users to promptly identify and fix security vu

228、lnerabilities.Service Providers must take specific measures to effectively manage personal data privacy.First,they should standardise cross-industry data protection agreements to ensure data integrity and enable international data flow cooperation.They may make reference to various guidelines,such a

229、s the“Guidance on Personal Data Protection in Cross-border Data Transfer”,published by the Office of the Privacy Commissioner for Personal Data(PCPD).Second,they must implement robust technical safeguards,such as advanced anonymisation techniques and enhanced encryption technologies,to protect data

230、and prevent re-identification(i.e.,removing or encrypting personally identifiable information from data sets).Third,compliance with local and 28 international data protection laws(such as the PDPO and European Union General Data Protection Regulation(GDPR),as appropriate,is essential,along with obta

231、ining explicit consent from Service Users and safeguarding their rights and interests.Finally,Service Providers should conduct continuous monitoring and evaluation to adapt to evolving data security threats,ensuring that their measures remain effective and up-to-date.Ensuring System Security:Service

232、 Providers must continuously monitor and assess the security of their systems,develop preventive measures and emergency response plans for potential system and data attacks;when there are significant changes in the systems functions or operation,a reassessment should be conducted to identify and mit

233、igate new risks.Ensuring System Credibility:Service Providers need to adhere to the principle of transparency by disclosing the technical principles behind their services,which allows Service Users and regulatory bodies to understand and supervise the services provided.They should offer detailed ser

234、vice descriptions and usage guides so that Service Users can correctly understand and utilise the services.Service Providers should establish a clear framework for trustworthiness and regular review cycles,engage in monitoring with stakeholders to foster a culture of compliance,and enhance the relia

235、bility of the services.Additionally,they should hire independent auditors to regularly audit the quality,safety,and compliance of the services;and engage ethics policy experts to strengthen the alignment of service standards with ethical norms and policies.3.2.2 Responsible Service Development Proce

236、sses Service Procurement:When Service Users procure generative AI services,economic and security factors are often key considerations.On the one hand,the price needs to be within the budget and offer reasonable cost-effectiveness;on the other hand,security indicators such as data security,privacy pr

237、otection,and system stability directly impact the quality and user experience of the services.Therefore,Service Providers should establish clear financial agreements and service security agreements to ensure the orderly conduct of services.Additionally,an independent evaluation mechanism and proper

238、documentation should be established.Independent evaluations can objectively and neutrally review services and uncover potential issues,while comprehensive documentation records every aspect of the services in detail,enhancing transparency and providing strong support for the construction of a trustw

239、orthiness and accountability framework.29 Risk Assessment:Service Providers of generative AI services should conduct comprehensive service risk assessments at various stages of service development.The assessment includes:at the data level,reviewing the quality of training data,identifying issues suc

240、h as missing data,incorrect annotations,and duplication,analysing data biases,ensuring data security,and preventing privacy breaches,tampering,and misuse.At the algorithm and model level,checking for logical and security vulnerabilities in algorithms,evaluating the interpretability of model decision

241、-making processes,and assessing stability under different input conditions.At the application scenario level,ensuring compliance with legal regulations and industry standards for each scenario,analysing service deficiencies such as misinformation and negative impacts on user experience,and consideri

242、ng social risks.At the operation and management level,assessing the infrastructure and operational capabilities of the service,focusing on personnel operation and ethical risks,and evaluating the reliability and stability of third-party suppliers.At the same time,ensuring the independence of the ass

243、essment and establishing a proper documentation mechanism are crucial.Independent assessments can objectively and neutrally review services and uncover potential issues,while comprehensive documentation ensures transparency throughout the entire service process,providing strong support for the const

244、ruction of a trustworthiness and accountability framework.Pilot Projects:Before rolling out services on a large scale,Service Providers should carry out small-scale pilot projects to verify the feasibility of the services in specific business scenarios under clear objectives and scope,consider the i

245、mpact on business efficiency and costs,and define business processes,user groups,and data boundaries.Such pilots select appropriate models based on objectives and data characteristics,assess performance,scalability,and costs,and fine-tune models.Service Maintenance:Service maintenance encompasses th

246、e continuous improvement of service quality,security,and user satisfaction.Service Providers must prioritise transparent communication with Technology Developers and Service Users to build trust and ensure compliance.This includes disclosing the rules,purposes,benefits,and limitations of generative

247、AI services,while respecting the rights of data subjects and users,and informing individuals about how their personal data is used.Service Providers should strive to enhance the transparency of generative AI services,provide insights into the decision-making process,and establish feedback channels t

248、o promote an inclusive and responsible generative AI service process using clear and understandable language,thereby improving the user experience.30 3.3 Service Users:Proactive Stewards of Benevolent AI Service Users of generative AI assume a critical role and bear significant responsibilities when

249、 utilising these services.It is essential to heighten awareness of the technological and service security risks to consciously contribute to a compliant and secure AI ecosystem.Here are our recommendations for Service Users of generative AI services:Legal and Regulated Use:Service Users should use g

250、enerative AI services in a manner consistent with the guidance and requirements provided by Service Providers and regulatory authorities(such as PCPD),refraining from using the services for any illegal,non-compliant,or inappropriate purposes.When generating content through generative AI services,use

251、rs should take into account the legal and regulatory framework of Hong Kong,including but not limited to laws relating to copyright,privacy,and anti-discrimination;should the generated content contain potential or obvious violations or inaccuracies,Service Users should promptly report to Service Pro

252、viders to remove the corresponding and prevent the dissemination of illegal,non-compliant,or inappropriate content,which is a fundamental aspect of proper generative AI usage.Maintain Independent Discretion:Generative AI serves as our tool and assistant,not a replacement for us.While the content gen

253、erated can inform our work and daily life,it should not be adopted without human verification and judgment.Service Users should be aware that AI-generated content may include misleading,false,or inaccurate information.Responsible users should possess a multifaceted awareness and knowledge capability

254、 in law,ethics,and risk management,so as to validate and review generated content and make independent information judgments.Understand Responsibilities and Obligations:Before engaging with any generative AI services,Service Users should thoroughly read and familiarise themselves with the terms of u

255、se of the relevant platforms or software to understand their responsibilities and obligations.These terms often encompass themes such as privacy,security,ethical standards,and legal compliance.For instance,it is explicitly stipulated that Service Users may not instruct AI to generate content that co

256、ntains hate speech,discrimination,defamation,or other immoral and illegal content,as well as protections for users rights,such as restrictions on the sharing of personal data to prevent Service Providers from recording and disseminating users personal information beyond the scope of consent.Citation

257、 and Attribution:To ensure transparency,accountability,and safety,31 Service Users should explicitly indicate whether generative AI has been involved in content generation or decision-making,and must bear the responsibility for its ethical and legal implications.Privacy Protection:Service Users shou

258、ld familiarise themselves with the privacy policies of generative AI services to understand their specific practices regarding data collection,use and sharing.It is recommended to choose services that do not use shared data for training generative AI and to avoid transmitting sensitive personal info

259、rmation,while adopting pseudonymisation or anonymisation methods to protect privacy.Regularly reviewing and deleting data within generative AI services,and submitting correction or deletion requests if inaccuracies are found in the generated content,is also important.Prudent Dissemination:Any conten

260、t generated by generative AI systems and further disseminated,which may impact society,economy,or culture,ultimately holds the content disseminator responsible.This means that Service Users need to assess and take responsibility for the potential misdirection or negative consequences of the content.

261、Service Users should proactively verify the authenticity,legality,and appropriateness of generated content and seek professional advice or conduct secondary reviews when necessary to reduce potential risks.Additionally,if Service Users intend to publish AI-generated content,they should disclose its

262、source when making it public.Disclosure of the source is especially important when the content involves commercial use or mass dissemination.This level of transparency not only helps to increase public trust in generative AI but also ensures the legality of ones own content creation and disseminatio

263、n.Respect for Intellectual Property Rights:To maintain the generative AI ecosystem and encourage legal creation by Service Users,it is essential to consciously respect intellectual property rights.This includes applying the necessary technical measures and solutions to avoid generating content that

264、constitutes the whole or substantial copying of copyright works so as to prevent copyright disputes.Specific practices may include searching and assessing whether the generated content constitutes infringement of copyright,trade mark or patent rights.If the generated content is found to have infring

265、ed others intellectual property rights,it should be deleted or modified in a timely manner according to the administrative and/or legal measures(e.g.,terms of use,take-down notice and/or court order,where applicable).32 Acknowledgement Institution:The Hong Kong University of Science and Technology H

266、ong Kong Generative AI Research and Development Center Lead Authors:Sirui Han,Yike Guo,Hongying Huang Professor Sirui Han is an Assistant Professor at The Hong Kong University of Science and Technology(HKUST)and an RGC-Fulbright Research Scholar,as well as the Head of Research Division at the Hong K

267、ong Generative AI Research and Development Center(HKGAI).Professor Yike Guo is the Provost and Chair Professor at HKUST,as well as the Director of the HKGAI.Dr Hongying Huang is a Special Advisor at HKUST and the Chief Operating Officer of the HKGAI.33 Appendix With the advancement of generative AI

268、technology,countries and industries have begun to enhance governance and oversight to ensure the legality and compliance of the technology.In addition to providing specific action guidelines for Technology Developers,Service Providers,and Service Users,the Guideline compiles the relevant requirement

269、s for the governance of generative AI from various countries and industries,offering relevant policy information to help them conduct generative AI activities more safely and compliantly on a global scale.Furthermore,the governance of the AI industry in Hong Kong has distinct characteristics.This Gu

270、ideline summarises the principles of trustworthy generative AI industry applications in Hong Kong to provide a reference for relevant parties,which can be found in the appendix.1 Governance Requirements for Generative AI in Specific Countries and Regions 1.1 The Mainland The Mainland has made signif

271、icant strides in the field of generative AI,emerging as a pivotal player in the global AI development landscape.Recognising AI governance as a matter of global significance that affects the destiny of all humanity,the Mainland has issued the“Global AI Governance Initiative”.This initiative calls on

272、nations to uphold a collective,comprehensive,cooperative,and sustainable security perspective.It emphasises the importance of balancing development with security,fostering consensus through dialogue and cooperation,and establishing an open,fair,and effective governance mechanism.The aim is to harnes

273、s AI technology for the betterment of humanity and to advance the building of a community with a shared future for mankind.The Mainland has been consistently advancing the governance and regulation of AI.It has previously set targeted management requirements for technologies such as recommendation a

274、lgorithms and deep synthesis services.In the realm of generative AI,the Cyberspace Administration of China,in collaboration with relevant departments,has promulgated the“Interim Measures for the Management of Generative AI Services”(“the Measures”)under the legal framework of the“Cybersecurity Law”,

275、“Data Security Law”and“Personal Information Protection Law”.The Measures,which officially came into effect in August 2023,serve as the core regulatory document for the governance of generative AI in the Mainland at present.The Measures underscore the nations commitment to a principle that prioritise

276、s development and security,encourages innovation,and integrates law-based governance.Effective measures are taken to 34 stimulate the innovative development of generative AI and to implement inclusive,prudent,and classified supervision over generative AI services.1.2 Other Major Countries and Region

277、s Currently,major countries around the world are actively developing generative AI,but there are differences in understanding of AI safety,governance concepts,and legal and regulatory requirements.Service Users or Service Providers planning to expand into overseas markets should consider understandi

278、ng the local governance principles and specific requirements for AI,such as:United States:The United States has been actively using means such as export controls to solidify its leading position in this transformative technology field.In terms of AI governance,the United States adopts a policy guida

279、nce and corporate self-regulation approach,with key AI companies committing to self-regulation of AI systems.The United States exhibits a decentralised and localised characteristic in AI governance through legislative means;there is currently no unified federal law for the AI field,nor is there a un

280、ified regulatory agency.Some industries such as finance and healthcare,along with relevant regulatory departments,have introduced their own self-regulation standards and regulations.State-level AI legislation also shows significant differences,with states like California and New York,which are more

281、active in AI research and application,having passed their own AI bills with different focuses.To comply with United States AI laws and regulations,it is essential to first clarify specific industry and state background information and further understand the requirements in those areas.European Union

282、:The European Union(EU)has one of the most significant AI markets globally and primarily ensures the regulated application and development of AI technology services through legislation,ethical frameworks,and technical standards.The EU has issued a series of normative documents,including the“Ethics G

283、uidelines for Trustworthy AI”,the“General Data Protection Regulation”(GDPR),and the“Artificial Intelligence Act”(“the Act”).The Act,which directly targets AI systems,officially came into effect in August 2024.The Act aims to improve the functioning of the internal market,promote human-centric,trustw

284、orthy AI applications,and prevent AI systems from posing risks to health,safety,fundamental rights,including democracy,the rule of law,and environmental protection.The Act mainly adopts a risk-based and role-based regulatory approach,classifying AI systems into unacceptable risk,high risk,limited ri

285、sk,and low risk.It requires the prohibition of AI systems with unacceptable risks,strict regulation of AI systems with high risks,appropriate relaxation for AI systems with limited risks,and no regulation for AI systems with 35 low risks.The Act also defines six AI system participant roles,including

286、 providers,deployers,distributors,importers,authorised representatives,and product manufacturers,and specifies the obligations each must undertake.It is important to note that the Act has a broad scope of application;in addition to applying to businesses and individuals within the EU,it also applies

287、 to AI technology service providers outside the EU that provide services to users within the EU.United Kingdom:The United Kingdom(UK)closely monitors the development and safety of AI and has established the worlds first AI safety research institute.In terms of AI governance,the UK has adopted a more

288、 flexible approach,with AI regulation not introducing new specialised legislation but mainly relying on existing regulatory bodies to issue guidance and application standards within their functional scope.To enhance businesses and the publics confidence in using AI,in March 2023,the UK Department fo

289、r Business,Energy&Industrial Strategy published the white paper“A Pro-Innovation Approach for AI Regulation”,proposing its AI governance approach based on five principles of safety,security,robustness,appropriate transparency,and explainability,providing clearer and more consistent regulatory guidel

290、ines for the industry.Singapore:Singapore believes that AI has significant transformative potential but also comes with risks.In terms of AI governance,Singapore mainly adopts the method of incorporating the regulation of AI into various industry regulatory departments,implementing governance by iss

291、uing non-binding guidelines and recommendations.Among them,the Infocomm Media Development Authority(IMDA),responsible for regulating the communications industry,and the Personal Data Protection Commission(PDPC),responsible for personal data protection,are the two most active departments in AI govern

292、ance,releasing the first and second versions of the“AI Governance Framework”in 2019 and 2020,respectively.To address the challenges brought by the rapid development of generative AI,IMDA released the“Generative AI Governance Framework”,aiming to propose a systematic and balanced approach to solve ge

293、nerative AI issues while promoting innovation,considering nine aspects including responsibility,data,trustworthy development and deployment,incident reporting,testing and assurance,security,content source,safety-aligned research and development,and AI for public good,to comprehensively consider buil

294、ding a trustworthy ecosystem.36 2 Key Governance Areas of Generative AI in Hong Kong After reviewing global AI governance frameworks,it has been observed that many jurisdictions employ non-binding frameworks to guide the development and use of AI systems.By issuing practical guidelines under such fr

295、ameworks,governments can promote the responsible use of AI without imposing strict regulations that might hinder innovation.For instance,Singapores“Model AI Governance Framework”provides detailed guidelines on how to ensure the ethical use of AI,focusing on internal governance,risk management,and be

296、st operational practices.Similarly,the European Commissions“Ethics Guidelines for Trustworthy AI”emphasises principles such as agency,technical robustness,and system trustworthiness.Japans“Social Principles of Human-Centric AI”prioritise human rights,data protection,and social acceptance,encouraging

297、 stakeholder collaboration to mitigate risks while harnessing the potential of AI.These global frameworks demonstrate that non-binding guidelines can effectively guide the ethical development and deployment of AI technology,while allowing for flexibility and innovation.As for the case of Hong Kong,t

298、he HKSAR Government always recognises the importance of addressing ethical considerations in the implementation of AI projects and services.The HKSAR Government formulated the“Ethical Artificial Intelligence Framework”(“the Framework”)in 2021 to provide a set of practical guidance when implementing

299、projects that involve the use of AI technology.Since then,the HKSAR Government has been keeping on updating the Framework with reference to the latest AI development.Moreover,in response to the needs of various industries,the HKSAR Government has formulated corresponding policy statements.For instan

300、ce,in October 2024,the Financial Services and the Treasury Bureau(FSTB)issued the“Policy Statement on Responsible Application of Artificial Intelligence in the Financial Market”to set out the HKSAR Governments policy stance and approach towards the responsible application of AI in the financial mark

301、et.Hong Kong places significant emphasis on safeguarding personal data privacy in the application of AI technology.PCPD published in 2021 the“Guidance on the Ethical Development and Use of Artificial Intelligence”and“Artificial Intelligence:Model Personal Data Protection Framework”in June 2024,with

302、an aim to help organisations understand and comply with the relevant personal data privacy protection requirements under the Personal Data(Privacy)Ordinance(PDPO)(Cap.486)when developing,customising and using AI.PCPD published in March 2025 the“Checklist on Guidelines 37 for the Use of Generative AI

303、 by Employees”to assist organisations in developing internal policies or guidelines on the use of generative AI by employees at work while complying with the requirements of the PDPO.In addition,to enhance the intellectual property regime,the HKSAR Government launched a public consultation on 8 July

304、 2024 on the enhancement of the Copyright Ordinance(Cap.528)regarding the protection for AI technology development.A number of regulatory authorities and public bodies also published several sector-specific guidelines.These regulatory authorities and public bodies oversee various industries,applying

305、 specific regulations,guidelines,and codes of conduct to regulate and govern various sectors.Several principles and guidelines by these regulatory authorities and public bodies have been established to facilitate AI governance in specific areas,balancing innovation with risk management and ethical c

306、onsiderations.For example,the Hong Kong Monetary Authority(HKMA)has published several key documents,including“High-level Principles on Artificial Intelligence”,“Consumer Protection in respect of Use of Generative Artificial Intelligence”and“Use of Artificial Intelligence for Monitoring of Suspicious

307、 Activities”.The HKMA and the Hong Kong Cyberport Management Company Limited collaborated to launch the GenAI Sandbox.This initiative provides banks with a risk-controlled environment to develop and test AI solutions tailored to real-world banking scenarios,driving innovation in the banking sector.T

308、he Hong Kong Judiciary also issued the“Guidelines on the Use of Generative Artificial Intelligence for Judges and Judicial Officers and Support Staff of the Hong Kong Judiciary”.2.1 Hong Kong Governance Framework for Generative AI:Hong Kong Features When formulating or adjusting regulatory measures

309、for generative AI,Hong Kong should adhere to a pragmatic balance strategy.It is essential to address the risks and concerns associated with technology in areas such as personal data,security,and fairness,while also avoiding excessive hindrance to innovation.Hong Kong has long had a rigorous and comp

310、rehensive legal system,which lays a solid foundation for the governance of emerging technologies,including generative AI.Under the existing framework for AI governance,some core regulatory issues are already covered by current laws,such as the Personal Data(Privacy)Ordinance(Cap.486),which is suffic

311、ient to address privacy disputes that may arise from the use of personal data in AI systems.Further to the consultation regarding the enhancement of the Copyright Ordinance(Cap.528)for the protection for AI technology development,it proposed specific text and data mining(TDM)exception to allow reaso

312、nable use of copyright works for computational data analysis and processing.38 However,some AI applications,although posing potential risks,can practically be assessed and tested through industry self-regulation or phased regulatory sandboxes;as long as necessary privacy protection and security stan

313、dards are observed,excessive regulation is not necessarily required.This gradual institutional arrangement can more effectively maintain Hong Kongs attractiveness to international investment and innovation and consolidate its position as a regional technology hub.2.2 Hong Kongs Generative AI Governa

314、nce Policy Framework The rise of Generative AI has brought unprecedented synergistic effects to Hong Kongs innovation and technology ecosystem,spawning various new opportunities in finance,healthcare,education,smart city domains,etc.However,as AI systems become increasingly prevalent in social and e

315、conomic activities,concerns over personal data privacy,intellectual property rights,cybersecurity,and AI biases and ethical risks are also escalating.To maintain a consistent emphasis on personal data,security,and fairness while encouraging innovative development,Hong Kong must maintain a flexible a

316、nd adaptive policy framework,fostering an environment that supports innovation and compliance in a balanced manner.The Guideline references widely recognised international AI governance models and incorporates Hong Kongs legal and industrial characteristics,continuously optimising regulatory strateg

317、ies with the principles of“application-oriented”and“risk-based”approaches.This practice corresponds with non-binding guidelines in jurisdictions like Singapore and the European Union,emphasising that governments and industries should retain sufficient flexibility and provide necessary guidance when

318、facing rapidly evolving technologies.This framework focuses on:2.2.1 Application-Oriented Principles of Trustworthy AI in Hong Kong To implement principles related to transparency and explainability in trustworthy AI,clear guidelines for AI system documentation should be established,enabling Technol

319、ogy Developers,Service Users,and regulatory authorities including relevant Hong Kong Government agencies,international regulators,and industry associations to fully understand system design,decision-making processes,data sources,and intended uses.Additionally,promoting the application of explainable

320、 AI technologies can effectively assist the citizens of Hong Kong and stakeholders without a technical background in better understanding the basis and logic behind AI outputs.This includes selecting or developing technical tools that can explain AI decisions in a user-friendly manner,aiming to make

321、 the general public more comfortable in accepting and using these emerging technologies.At the same time,in the face of the increasingly severe threats posed by deepfakes 39 and the misuse of AI-generated content,Hong Kong is actively formulating comprehensive governance strategies.These strategies

322、aim to promote responsible AI innovation while protecting individual rights and public trust.Specific measures include:Promoting the ethical development of AI,emphasising transparency and accountability,and mandating clear labelling and traceability of AI-generated content to further support this ob

323、jective.Raising public awareness by educating the public on identifying and understanding risks including deepfakes,combating false information to maintain social safety,and participating in international cooperation to address the cross-boundary nature of such challenges.By implementing the aforeme

324、ntioned measures,Hong Kong can continue to promote AI innovation on a foundation of trustworthiness,reliability,and compliance,maintaining a competitive edge in the global market.By raising awareness of threats such as data poisoning and implementing preventive measures,Hong Kong aims to create a se

325、cure and reliable AI environment that supports innovation while mitigating potential risks.2.2.2 Industry-Oriented Trustworthy AI Principles in Hong Kong In the process of promoting the development and application of AI,various industries in Hong Kong must balance ethical norms with industry-specifi

326、c characteristics to achieve the goal of fostering innovation while ensuring effective governance.Some ethical principles are non-negotiable,such as ensuring personal safety,protecting personal data,and maintaining system reliability.However,other principles can adopt an application-driven approach,

327、allowing for flexible management based on industry-specific needs.For example,the financial services sector should emphasise system transparency to maintain fairness and user trust;the healthcare sector should prioritise patient privacy protection;autonomous vehicles need to ensure the establishment

328、 of trust and model safety;and the education technology(EdTech)sector should ensure equitable access,preventing learning outcomes from being affected by algorithmic bias.Hong Kong has a well-established and mature industry regulatory framework and public institutions,with specific laws,guidelines,an

329、d codes of conduct for different industries.As AI adoption becomes more prevalent,industries must establish additional requirements and guidelines based on their specific services and risk points.In particular,when applying generative AI,strict compliance with the Personal Data(Privacy)Ordinance(PDP

330、O)(Cap.486)and relevant data security and protection measures must be ensured,while integrating industry-specific needs to facilitate stable development.PCPD has published an information pamphlet on 10 Tips for Users of AI Chatbots in 40 September 2023 to promote safe and responsible use of AI chatb

331、ots,which applies across all industries and sectors.Below are key recommendations for various industries when using generative AI:Finance:The financial sector should strengthen fairness in the use of generative AI.When providing recommendation or decision-support services,all potential candidates sh

332、ould have an equal opportunity to be recommended,and necessary mechanisms should be in place to prevent human manipulation.Where possible,the financial sector should consider restricting interference with recommendation weights through manual settings,model training interventions,or other means.Wher

333、e applicable,financial institutions like banks may need to customise models to align with specific user requirements.The financial sector should consider disclosure of information as much as practical and user choice should be provided to help users understand the working mechanisms,effects,and potential negative impacts of generative AI.If possible,users should be able to opt into using generativ