中华人民共和国国家标准：网络安全技术-生成的基本安全要求人工智能服务（反馈草案）

Core Viewpoints - The draft national standard aims to enhance the security of generative AI services by addressing cybersecurity issues, with a primary focus on preventing AI systems from generating content deemed offensive by the Communist Party, such as pornography, bullying, hate speech, defamation, copyright infringement, and criticism of the Party's monopoly on power [1][12] - The standard provides comprehensive security requirements for generative AI services, covering training data security, model security, and security measures, and is applicable to service providers conducting security assessments and relevant regulatory authorities [38][39] Scope and Overview - The document outlines the basic security requirements for generative AI services, including training data security, model security, and security measures, and provides security assessment requirements [38] - It aims to help service providers establish a cybersecurity baseline for generative AI services and improve service security levels by addressing key issues such as cybersecurity, data security, and personal information protection throughout the service lifecycle [46] Training Data Security Requirements - Data source security: Service providers must conduct security assessments of data sources before collection and verify data after collection, rejecting sources with over 5% illegal or unhealthy information [48][49] - Data content security: Training data must be filtered for illegal and unhealthy information before use, and intellectual property rights must be managed to avoid infringement risks [62][63] - Data annotation security: Annotators must undergo internal security training, and annotation rules must be detailed to ensure data accuracy and safety [68][71] Model Security Requirements - Model training: The safety of generated content should be a primary evaluation metric during training, and regular security audits of development frameworks and code are required [75][76] - Model output: Technical measures should be implemented to improve the accuracy and reliability of generated content, and models should refuse to answer questions that induce illegal or unhealthy information [78][79] - Model monitoring: Continuous monitoring of model inputs is necessary to prevent malicious attacks, and a standardized monitoring and evaluation system should be established [81] Security Measures Requirements - Service applicability: The necessity, applicability, and safety of generative AI services in various fields must be fully demonstrated, with additional security measures for critical scenarios such as medical and financial services [87] - Service transparency: Information about service applicability, scenarios, and purposes should be disclosed prominently, and user input collection for training purposes should be optional and easy to disable [88][91] - Public and user complaints: Service providers must provide channels for public and user complaints and establish rules and timelines for handling them [93] Appendices - Appendix A lists major security risks related to training data and generated content, including violations of socialist core values, discriminatory content, commercial violations, and infringement of legal rights [99][100][102][104] - Appendix B provides key points for security evaluation, including the construction of keyword libraries, test question banks for generated content, and classification models for filtering and evaluating security risks [108][109][114]