Search papers, labs, and topics across Lattice.
This paper investigates the use of ML models in 173 open-source GitHub projects across 16 application domains to assess compliance with terms of use and potential regulatory violations. The study evaluates the extent to which models drive decision-making, the scope of those decisions, and the implementation of risk-mitigation strategies. Results reveal potential non-compliance with terms of use and a lack of post-processing measures, highlighting risks associated with autonomous ML-driven systems.
Open-source projects are quietly integrating ML models in ways that may violate terms of service and regulations, raising concerns about unchecked ML automation.
The increasing availability of Machine Learning (ML) models, particularly foundation models, enables their use across a range of downstream applications, from scenarios with missing data to safety-critical contexts. This, in principle, may contravene not only the models' terms of use, but also governmental principles and regulations. This paper presents a preliminary investigation into the use of ML models by 173 open-source projects on GitHub, spanning 16 application domains. We evaluate whether models are used to make decisions, the scope of these decisions, and whether any post-processing measures are taken to reduce the risks inherent in fully autonomous systems. Lastly, we investigate the models' compliance with established terms of use. This study lays the groundwork for defining guidelines for developers and creating analysis tools that automatically identify potential regulatory violations in the use of ML models in software systems.
