View a markdown version of this page

RAIRC03-BP01 Measure safety harms and harmful outputs - Responsible AI Lens

RAIRC03-BP01 Measure safety harms and harmful outputs

Create objective definitions of safe and unsafe content for your use case by considering both direct potential harms and contextual inappropriateness. Identify harm categories relevant to possible outputs of your system (for example, toxicity or violence). For identified harm categories, select metrics and plan tests with both quantitative (for example, model-based toxicity classifiers) and qualitative evaluation strategies (for example, human red-teaming). Supplement your safety evaluation with popular open-source benchmarks (like ToxiGen and AdvBench) and Resources (like Detoxify), and choose metric types that are appropriate for the risk of your use case.

Level of risk exposed if this best practice is not established: High

Implementation considerations

  1. Write clear and objective definitions of what counts as safe and unsafe content for your specific use case by creating measurable criteria and concrete examples of acceptable and unacceptable outputs. Include both direct harms like violence or toxicity and contextual problems like inappropriate tone for your audience, with specific thresholds and boundaries that evaluators can apply consistently. Objective definitions reduce subjective interpretation and assist evaluators apply consistent standards.

  2. Identify the specific harm categories that your system could potentially produce, such as toxicity, violence, misinformation, or inappropriate content for your target users. Focus on harms that are realistic given your system's purpose and capabilities rather than trying to cover every possible risk. This targeted approach assists you to allocate evaluation resources effectively.

  3. Choose quantitative metrics like automated toxicity classifiers or content filtering tools that can measure your identified harm categories at scale. Test popular tools like Detoxify or Perspective API on sample outputs to see how well they detect the types of harmful content your system might produce. Automated metrics give you consistent measurement across large datasets.

  4. Plan qualitative evaluation methods like human red-teaming where experts try to get your system to produce harmful outputs through adversarial prompting. Have safety experts or domain specialists review sample outputs for harms that automated tools might miss. Human evaluation catches nuanced safety issues that automated systems may overlook.

  5. Supplement your custom evaluation with open-source benchmarks like ToxiGen or AdvBench that test for common safety problems. Run these standard tests alongside your custom evaluation to compare your system's performance against known safety baselines. This provides additional validation and assists to identify blind spots in your custom evaluation approach.

  6. Match your evaluation intensity to your system's risk level by using more thorough testing for higher-risk applications. For example, consider using basic automated screening for low-risk creative tools but adding human red-teaming for systems that might influence important decisions. Appropriate evaluation depth blocks both over-testing low-risk systems and under-testing higher-risk ones.

Resources

Related documents:

Related tools: