The following are the outputs of the captioning taken during an IGF intervention. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid, but should not be treated as an authoritative record.
***
Back to the agenda you would. Back one slide. All right. So just a real briefly I'll cover what we're going to do today. We only have 60 minutes, so for what could possibly be a three‑hour discussion, so and when I say discussion, I mean it, we want this to be as interactive as possible, we want to include everybody's comments, thoughts, questions, et cetera. So we're going to leave about half of our time for Q&A. What we're going to do is we're going to have some brief scene‑setting remarks from pan tas particular panels understanding the agent AI and challenges and financial considerations that come with the use of this technology.
Let me introduce you to the panelists on my left here in the room we have Will Carter who leads AI policy at Google where he focuses on advancing AI innovation at Google and Smart AI policy around the world.
He made his way from his home in New Mexico in the United States. Joining us online is Luciana Benotti who is the Head of Research at in AI at here goes my Spanish, Foundation ‑‑ innovates on participationry methods in AI in Latin America and joining from Argentina. Jayantha is Heritage partners in column bo Sri Lanka and member of the Task Force and he will be joining us in a few minutes I pleef, tracking him down is difficult to say the least.
He's always on the move.
And then finally tolt right we have Dominique Lezanski and negotiates for the UK government in the tao and fellow at University of Pittsburgh working on tech policy and consultant on wide variety of tech projects globally including Ukraine, splits time between London and just north of us here.
To get us started I'm going to ask Will and Dominique for a brief intro including a role standards can apply. Will do you want to get us going.
>> WILL: Thank you, Jim. Thank you for joining us today. Jim gave me the idea to try to identify agentic AI and set the stage which is probably one of the most fraught topics in AI policy at the moment. There is no consensus definition of what agentic AI is and we're only beginning to see the capablabilities of this technology emerge and I think a lot will come out over the years as more of these agentic solutions are rolled out around the world.
At the same time, we can identify certain attributes of agentic AI systems that are more unique, certain defining characteristics that differentiate agentic AI from previous generations of AI assistance. Really, I would point to two. The first is the ability to do more complex reasoning within the model and the ability to perform more complex tasks on behalf of the user, and really those two key characteristics, the ability to reason about more complex topics and take action are what differentiate emerging agentic from previous versions of AI capabilities. So what is this about? Would are we even doing this? Why are we pursuing these technologies? I think that, you know, for us at Google, agents are the next step on our mission from our foundation to really organize the world's information and make it universally accessible and useful to people.
Can you think of agents as the next step along a journey that started with what we call Pay Drapg the original Google Search over time we introduced machine learning into search in order to better understand context and provide more relevant answers to queries, introduced models like Burt and MUM early large language models that allowed us to use complex models and route users to more relevant results and now introduced AI overviews, AI mode, gem nie apps that leverage cutting edge large language models in order to answer users questions and direct them to actionage results and agents that are next step, that are going to get our users to more relevant responses, more relevant results, in fewer queries, and allow them to take action more efficiently. It's really about the next step in simplifying the user journey and really delivering better results for our users.
What does that look like ultimately? This is aspirational. It will take years for this technology to get to this point, but we'd like to see a world in which AI agents can pick up a lot of the day‑to‑day mental load of our day‑to‑day tasks, so I'm a parent, I imagine most of the parents in the room would love if they had a virtual assistant that could manage pick‑ups from after‑school activities, meal plan for your family based on eating preferences and needs, help to manage the family budget and with your permission pay your bills, and you know identify an SUV that can accommodate three carseats and fit into cramped urban parking spaces and find at a local dealership in your preferred color. All of these little things are things that I think agentic AI will hopefully be able to take off our plates allowing us to focus on more interesting and complex tasks and things most important to us.
That's the positive vision and really where we see the technology going. I'll pass it to Dominique to talk a little more about the implications.
>> DOMINIQUE LAZANSKY: Thank you. Actually, Will, you bring up the point that I think agentic AI started in the 90s can Search and human agents; right.
>> WILL: Absolutely.
>> DOMINIQUE LAZANSKY: Something I was thinking about reeptdly so thanks for bringing that up. I'm going to talk a little about AI standards because we've heard a lot about AI here, AI in governance, AI in regulation, AI as an issue for WSIS, and I just want to talk about the sort of bedrock for all of this work that Will is doing in Google or indeed at that we're experiencing bh we actually are using it.
And as Will said because we keeps stealing my thunder, (Laughing), there ‑‑ setting definitions and terms is really, really key and there is a lot of proposals in this area, and again when I think of standards, I'm talking about technical standards. We also for agents as well, we have more standards that we're going to have to look at in the future regarding personal information, privacy, frameworks around deployment, an as you probably know, a lot of like the European Commission and a lot of other organizations globally are starting to think about that as well as not‑for‑profits and other think tanks as well and academic institutions like my own.
But so definition is one we're all kind of really struggling with because with we say AI agent it is could mean different things to different people depending on regulation or depending on where they're sitting quite frankly, so from a technical point of view, JTC‑21 within ISO is actually ‑‑ has set up a group for defining standards and they've started to produce documents and they're also talking a lot about agents as well within that.
So the thing is as we as AI progresses and as it becomes standardized, there is a few other things that will need to happen with respect to agents as well. One is defining the processes, test methodology which will be particularly important for engagement, metrics, reference points, risk analysis. But I think the most important thing as we go forward with this from a standards point of view and from a discussion point of view for all the different companies and the different organizations coming up with agents is going to be how there is going to be compatibility and interoperability. Without that, the different ideas and the different potential market solutions to things, whether it's on a travel site or whether it's you know food shopping or perhaps even medication won't be able to take place.
And standards provide stability as well, provide a bases is line and provide a foundation for everything going on as this continues to grow. I want to highlight from the UK perspective where I'm from and work, there is a great organization called the AI Standards Hub that just put on an AI Standards Summit and there is videos from the summit as well that are really good to dip into and gives you an idea of what the technical standards are, bha people are talking about GDPR and et cetera and all of that.
So, from that point of view, I think there needs to be some stability and some sort of common framework or multiple common frameworks from which we can jump off of, and I think that's what happened ‑‑ what's happening from that point of view. So I'm going to stop there. We can talk more about it.
>> JIM PENDERGAST: Sure. Thanks, Dominique. We're setting the stage and can certainly come back to some of the topics raised. Luciana, I'm going to turn to you next since we're still waiting on Fernando to join us. Why don't you go ahead and talk about some of the research you've done and some of the challenges that you've discovered along the way.
>> LUCIANA BENOTTI: Well, first of all, thank you very much for the invitation, Jim. Happy to be here. I hope next time I can join you guys there in person. I haven't been in the IGF in person myself. I think I need the slides to go on. Yeah. That's right. Those are my slides.
If I ‑‑ in fact nls, I wanted to share something and it's my first reference there, that is very related to one question that was just posted in the chat by someone from Nigeria on human workforce. I wanted to share a study from Stanford, I wish we had a similar study for Latin America and also Africa. 150 workers from 100 asking if they want automation with AI agents. The results show workers do want automation but in large proportion not the kind of automation that AI agents currently offer. In the survey almost half of the tasks offered by the AI agents that were described there that are offered now but AI agents were seen by workers as non‑desired for automation. Including for instance agenda setting. But other tasks, for example scheduling meeting times through a natural language conversation that has a high potential for automation according to the researchers that were also involved in the survey to see whether the tasks were actually feasible, but these tasks received little investment. So who is responsible for these misalignment between human needs and AI agents current capabilities? Not only companies deploying agents, as many of them rely on a few large language models that work well for some tasks and not for others behind AI agents. It's also important to note that this this misalignment occurs on an environmental burden and every hour and every task perform but by a misaligned agent and I'm not talking about training that agent, but contributes to unnecessary energy comes and carbon footprint not making most human life better according to the survey.
So there is another aspect. Once we decide on a task, if that task is aligned with the needs of humans, how do we choose one AI agent over another. Right. So there are also ethical considerations there. And in order to choose between one AI agent over another for a particular task, usually we use metrics. So for measuring, for instance, the energy consumption, and also metrics for deciding which agents make less errors. Some of the most used metrics in AI are not transparent. For example, F1 on accuracy, they treat all kinds of errors in the same way. Let me give you an complete example. Suppose the government is using an AI agent to decide which families receive an energy subsidy. A false‑positive here means giving a substee to someone, to a family that may not need it, so an inefficiency, but a false negative denying a subsidy to a family that depends on it can mean kids going out power to study or to store food, for instance. So F1 on accuracy that these are these metrics very common in machine learning do not distinguish between the error. In the paper here, the metrics obscure these risks. She argues that to select good modes, a researcher can't just hand off the risk consideration of different kinds of errors to policy implementers. These decisions, these metrics have to be built into model selection from the start, better metrics, metrics that consider different kinds of errors. This means involving domain experts in early stages of AI design to decide what kind of errors have different kinds of risks and costs, and not in the late stages as human oversight so I will leave the last reference there for later on to get the discussion going.
>> JIM PENDERGAST: Okay. Thank you very much. We are still waiting on Fernando to join us, so I guess you know as we previewed for you, we want to make this interactive, so what I'm going to do is sort of get the discussion going. I've got a couple of questions for our panelists, but so everybody knows, the rules of engagement here in the room, there are microphones on either side. For our remote participants, if you have a question, please type it into the chat. I know that's not ideal but from a technological standpoint that's the most efficient way to make it happen and I will read your question into the chat.
So let me ‑‑ you know, we touched on ‑‑ let me bring up some thoughts here.
So obviously safeguards is something that I think everybody in this room is concerned about, you know, you hear the potential horror stories of AI agents running amuck. What are some of the safeguards that we do need to protect privacy, safety, and autonomy in a world full of AI agents? Will I'm sure, you've given us quite a lot of thought.
>> WILL: This has been core to our mission at Google from the beginning, from the earliest days. I think agents in some ways take some of these risks and some of these questions to a new level, particularly the degree to autonomy with which they can operate. Really the tradeoff between autonomy and human oversight is I think is crucial to this. Really it's the center of our aproch which focuses on putting the user in control. You think about unique challenges that arise with agents because in many ways I want to emphasize, we don't need to reinvent the wheel. AI agents are AI systems that reflect a lot of the long‑standing challenges and concerns associated with AI if general, but they do have certain unique attributes that raise new challenges. One is the fact that AI agents are often made exponentially made more effective by greater access to sensitive data. You think for example of an agent that to Luciana's example earlier, wants to schedule meetings in your calendar, it needs access to your calendar, perhaps to your email in order to understand your schedule and what can be moved around, where there is availability for a meeting to be scheduled. So making sewer that the user is able to express granular preferences and control what data is accessible to their agents in order to perform the tasks that they want that agent to perform, also making sewer they're able to control what kea data is retained by the agent, they're able to delete old sessions, these are all other capabilities we build in to our agents that we think are going to be crucial.
Another form of user control is making sure we pass back from the agent to the user to make important decisions, particularly ones that have significant impacts or that are difficult to reverse. To give you a concrete example, let's say that you ask your agent to plan your dream Vai kaition. The agent can autonomously go, look at possible vacations on the web, identify ones that map to your particular travel preferences, maybe you're a beach person, maybe a mountain person, and plan a great vacation, but we want the agent to pass back to the user to con foirm before it goes ahead and makes bookings, spends money, makes commitments on behalf of you and your familiar. So that user control I think is really central. Another big concern with agents is that they're suspectable to what's called prompt injection, so the idea that third parties might try to manipulate the agent and get them, the agent, to take actions that are not in the interest of the user. Here, part of it is making sure we have robust security built into our systems and that agents are ‑‑ that the models themselves are trained to identify third‑party attacks and also to prioritize the users needs and instructions over those submitted by a third party.
The second piece is making sure that you have appropriate policies in place and that you have appropriate tools to enforce those policies so that if the agent does behave in ways that are unexpected or unintended that you're able to intervene and prevept the agent from taking actions that could be harmful to the user. And then the other piece is making sure that there is transparency that enables accountability for the user. You want to make sure that the user is able to understand what actions the agent is taking on their behalf and is able to intervene as needed to make sure that they remain aligned with that users interests.
The last thing I'll say is a big part of this as Dominique alluded to earlier is going to be about how we build the protocols and standards for the agentic web and I think it's really important to remember that agents interact with data in systems in a very different way than humans but right now we're building agents that are using user interfaces and online capables that were designed to interact with people. I think that's going to change as more and more agents are taking more actions on behalf of users on the web, and there is a very real possibility that we'll end up with what is in many ways a new layer of the Internet. We're already starting to see this develop, Google developed the agent‑to‑agent protocol to help agents to interact with each other in a gender agnostic and application agnostic way and anthropic developed the model context protocol to help agents understand and interact with data in safer and more intuitive ways, and this is ghg to continue to be an area of active research and I think it's going to be really important and then finally, there is the actual governance and regulation layer which is going to be critical. A lot of this is already stuff that we're putting in place. You look at landmark legislation like the EU AI act and as I said earlier it addresses many common concerns about artificial intelligence that apply to agents as well, but we will need to continue to look at the space going Ford and figure out where additional legislation specific to agents is needed and making sure we put good policies in place.
>> JIM PENDERGAST: Thanks, Will. Luciana, do you want to add to this.
>> LUCIANA BENOTTI: Sure. So apart from privacy that was already mentioned, I also wanted to talk about biases you cans and here I wanted to share a real case that happened ‑‑ that also I had the reference before in the slides on paper that we wrote with my team. This is a ral case that I want to share with you but like this, there are many similar ones because we did a teacher training on AI agents for 500 teachers in secondary school in Argentina from all different subjects at high school, and so for this we curated a methodology that is called Hesea that is a evaluation methodology, a critical evaluation methodology for agents constructed with language models.
So at the particular public school in Argentina high school teachers developed an agent for carrier guidance for students for choosing a degree to pursue at the university using a well‑known LLM API that we provided an interface for them to use it more easily. They covered that this agent tended to recommend degrees that usually have lower tuition fees so this was something recurrent, so it was recommending carriers with lower tuition fees to low‑income students; however, in Argentina, for the moment, most universities do not charge tuition fees, and so this kind of didn't make sense for the agent to recommend carriers that do not charge ‑‑ that do have a lower division fee, so this emerging bias can have long‑lasting effects on the student's lives and like this one we found many other cases. This is one of the points I wanted to raise, and the other one is a question more to the audience, right. To ask ourselves. So when we have AI agents to automate a task, who is going to gain the profits from that task being automated? I think that's just a very important discussion when we are talking about automation. Thank you.
>> JIM PENDERGAST: Great. Thanks. Thanks for posing a question to the audience. I'm looking at the audience because the microphones tonight have anybody standing there. Now is your chance. Do you want to add to this and I'll let everybody know that Jayantha is dialing in now.
>> DOMINIQUE LAZANSKY: I wanted to touch on things mentioned. One is securing a sure development environment, from technical point of view, a secure technical environment, iteration, testing, and all of that is something that's all going to be really, really key because the attack surveys is going to be quite large, and I think it will be ever more important to make sure that there is a shared practices among ‑‑ even among different companies about how they're doing that to the best that they could share that.
I think the other thing that I just wanted to mention that's off the back of Will's point about creating another layer of the Internet, so to speak, I think this AI and agents in particular are going to challenge all of to us think about education differently, so to think about how we are educating our kids, or how the schools, or any kind of environment that we're in changes how they describe how to use the Internet or how to get online or how to interact with different things, so there is definitely an education piece. That's a long‑term thing but it's something that's going to really be needed in light of all of this, in light of this huge step change as well in the economy.
>> JIM PENDERGAST: Okay. Great. Thanks Dominique. We do have Jayantha Fernando that joined us. It's kind of tough coming in 20 minutes into a discussion, but let me catch you up real briefly. I think a lot of what we touched on is talking about sort of misalignment, you know, some of the unpredictable behavior, some of the challenges that come with AI agents as well as some of the benefits that come, but Jayantha, you know, you were a former government official in Sri Lanka and now working with governments around the world talking about the issues, on the AI Task Force there. So maybe from a government perspective, if you can, you know how are you ‑‑ how are they thinking about looking at AI agents and what role do they want to play in the rollout of those.
>> JAYANTHA FERNANDO: Thank you, Jim. Can you guys hear me.
>> JIM PENDERGAST: We can. Yes.
>> JAYANTHA FERNANDO: Thanks. I'm sorry for coming late. Just in the middle of cybercrime and electronic evidence program ongoing here with the government authorities here in Malaysia. Just to inform directly to your question. I just want to emphasize that at a very early stage of adoption of AI‑based systems in private sector as well as some parts of government in some of our countries, mostly strategy centered around doing building blocks for basic AI governance kind of tools.
So the way I see regulatory intervention in Sri Lanka is the objective of a developing regulatory roadmap, the AI Task Force has set up a working group entrusted with that task, it's expected that the roadmap or a draft for public comment and stakeholder feedback in or around mid‑july, so where at the very tail end of constructing something, but innovation through flexible government tools and interest, critical AI risk, including discrimination, trans patentor see, safety, cybersecurity, as well as accountability. And then to look at existing legal frameworks to see how best AI challenges or facilitation is provided, if existing legal frameworks are a barrier, there is expected timeline that is currently being developed to modify, amend, or develop new legal frameworks. And in doing new potential legal frameworks, the AI legal working group of the Task Force has identified both the risk‑based hard law approaches to soft law approaches.
And the tendency in our part of the world is to look at soft law primarily as approach being this plaps, perhaps this for Sri Lanka, given the landscape evolution that is expected, you mentioned about AI agents, exact scope and parameter and boundary and risk challenges associated with AI agents are being comammenned and there is not much flexibility on how the challenges can be ‑‑ well both before we even think of potential legal regulatory steps n s Sri Lanka we don't want legal regulatory steps to be an impediment towards innovation, and finally, I would like to simply say that the roadmap is focused on fostering public trust in the AI system and to aliep with international development of standards, and in that context, a lot of.expectation is in relation to global harmonization. We know that Japan has sort of very proactive forward‑thinking legal regulatory regime that seems to be more aligned to our thinking; however, the policymakers back home are even considering looking at NISTN, other stand‑setting bodies for guidance in this area. Thank you.
>> JIM PENDERGAST: Great. Thank you. So one of the things I picked up from what he was saying was, you know, the consultations that governments are undertaking. Will I'm sure you participated in plenty of those both in the U.S. and around the world, and I'm sure that Luciana as well and Dominique. I mean, what are some of the common themes that you're seeing as you're talking about governments about what questions do they have, what resources do they need, and what role can both the private sector, Civil Society, and technical community play to educate policymakers about the best way it approach this?
>> WILL: Sure, what are governments asking about agents, framgly the biggest question I ghot about agents from government officials right now is what are agents? I and I think that as I mentioned earlier, that is you know the hot topic of the day. I also get a lot of questions about, you know, what really is different about agents and what do we need to think about differently which I addressed earlier, but I do think that another kind of family of questions that we're getting from governments is what are the implications of this agentic evolution of AI systems for the broader ecosystem. You think about, for example, the implications for the broad world of cybersecurity, outside of AI cybersecurity or agentic cybersecurity itself. You know, one of the defining paradigms of modern cybersecurity practices is bots are bad. That's generally the assums and we prevept a lot of malicious ak if I have tee online by blocking identifiable bot activity.
As agents, which act like bots online, and look like bots to a lot of cybersecurity systems, how do we actually enable them to do their jobs while also making sure that bad bots continue to be prevepted from causing harm? This is a ‑‑ going to be a much broader question. There is a lot of really interesting academic research actually going on right now to understand how we differentiate between bad bot behavior online and good agent behavior online, how do we actually identify the two.
But then there is also a lot of work being done on how we authenticate agents, how they identify themselves to third parties, developing the standards that Dominique talked about earlier.
The other piece that I'll flag that we are hearing a lot from governments is they want to understand what is the vision for agents, what is the positive goal, what is it that we're trying to accomplish by rolling out this technology, and how does it actually work under the hood. I am really encouraged to hear this. I think it's a lesson learned from the last few years of AI policymaking that really having a robust understanding of the technology and how it works and what the problem is that we're trying to solve for users is important to making good policy, so to me it's really encouraging to see governments increasingly starting from that place and building that into their thinking about regulation.
>> JIM PENDERGAST: Great. Thanks. I see Luciana has a hand raised.
>> LUCIANA BENOTTI: Yeah. I just wanted to add since I'm also a computer science teacher, a professor at the university, one question I get a lot is how is this going to impact software engineering, right, because AI agents are being used more and more by software developers to to automate a large part of the software discussion. I think is a important because it has strong way to impact the work of software engineering and also for those countries that have workers ‑‑ have a lot of workers into this domain. So I think that's ‑‑ that's another topic that I wanted to raise.
>> JIM PENDERGAST: Thank you for raising that as the parent of a rising third‑year computer science major, it's definitely front and center in the house. These are discussions you need to have with a 20‑year‑old now days. It's really important.
>> DOMINIQUE LAZANSKY: One of the things I wanted to point out also is that the regulatory frameworks are still emerging but as very different; right, so in the UK, there is a push and AI strategy there more generally is to focus on adoption and use and innovation and the AI act in Europe has really specific requirements in terms of like risk analysis, practices that are presented, and in particular one of the prohibited practices that's named in the AI act if the EU is behavior manipulation so that's going to be something that is going to actually be quite challenging and how to alean that, for example, with what's going on with north and South America, other country, other regions, and we've heard from what's going on in Asia‑Pacific more generally. So I think there is ‑‑ there is going to still have to be some alignment and agreement about how agents are going to act internationally. And again best practices and of courses are going to be key here but just keep in mind that like different countries and different regions are probably going to react differently to agents, and also from a cultural point of view as well, so that's something that I wanted to bring up.
>> JIM PENDERGAST: Great. Mico, thank you for being the first to come to the microphone. Introduce yourself and fire away.
>> Thank you so much. Thank you to the fantastic panelists. My name is Nico, the chair at ICANN the governmental advisory committee. I have a question for the experts here regarding the influence or the effect that now days ‑‑ I'm sorry, I'm having trouble with my headphones. You can hear me, right.
>> JIM PENDERGAST: We can hear you. Maybe it off and it's easier for you.
>> Okay.S that better. My question is regarding ‑‑ run you know, regarding machine learning, let's say machine learning in general, we have a supervised machine learning and unsupervised and then reinforced, and supervised being a classification, for example, you know, the way banks and credit cards and everything use classification systems, clustering for unsupervised learning, and then we have reinforced learning, LLMs, you know, and ChatGPT and deep‑seek and Gemini and many others. My specific dwe is how are agents, you know, having ‑‑ or what kind of influence do agents have as to regarding supervised and unsupervised learning. For example, classification, you know, just to give an example, or clustering as regarding unsupervised learning. I'm sorry, I think it's a very simple question. I'm not overly complicating things, but if you can give us you know some the latest news in that regard, I would greatly appreciate it.
>> WILL: So it's an interesting question. I don't think that as far as I'm aware agents are not used in overseeing training. At least that I've seen up to this point.
Generally agents are trained ‑‑ are derived from the largest and most complex models because those models are able to conduct the multi‑step reasoning and take more complex actions as I mentioned earlier. So that means that they're omp trained using unsupervised learning, and that being said, there is a lot more that goes into training those models than just the really large pre‑training runs that people think of. Often there is additional supervised training and fine tuning that's done on those models. They're often retrained using user feedback or based on actual user journeys, sometimes with what people tend to think of as reinforcement learning which is more realtime but often in batches and using curated datasets, and so I think that you see a mix of all of these things. An additional piece is when we use agents, we're also using a variety of other systems, many of which are ML based around those systems ‑‑ around those systems, for example, classifiers in order to oversee and manage agent behavior and enforce our policies, so all of these systems are working together, all of these methods are working together to make sewer that as we've been talking about agents remain aligned with the users goals and kind of with broader societal values, and that they're doing what the user needs.
>> DOMINIQUE LAZANSKY: These really interesting because it's a real come plx system. As humans we think of really linear, very sort of one to one. I think it's actually more complex than that so it's really interesting to hear from you about that.
>> JIM PENDERGAST: Luciana.
>> LUCIANA BENOTTI: Yeah, I just wanted to add that while all machine learning algorithms and agents and supervised learning, everything is developed also by people; right, and that these people are programmers, machine learning engineers, so on and these people are using dwrai agents as I mentioned before to help them program. So in a way, it's influencing also bha they do, and something that is important in these, if these people that are doing these jobs with are pressured in their work to maybe hand in their work before they have actually time to read it, that's also a risk. Right. Because there could be code inside what they are building that is not as well d but that maybe they don't even understand. Right. So we don't know what the implications of that are going to be when that software gets deployed.
>> JIM PENDERGAST: Great. Thank you. I notice we have a question to the left. Just introduce yourself and let us know.
>> Great. Thank you. My name is Richard Wingfield I work for a sustainability consultancy in the tech and human rights team. I want to ask a question which touches upon a couple of points that Dominique and Will made which I think is around how agentic AI will change the way we use Internet and technology. I think the example you gave at the start, Will, the use cases, things like managing your budget, doing shopping, buying a car, you sort of said we can do less of that and do more porch things. I actually I think you can reframe that and saying things like financial manage am, thinking about your child's health and well‑being and critically assess is important things we do as humans. My question primarily for Will is if we're thinking about the way agentic AI may affect humans to make decisions, analyze and that kind of thing and policy is not going to be able to catch up with that for a while, how are companies like Google think being that as responsible AI development and maybe to extend the question to Luciana and Dominique, what do you think should be the technical or policy interventions that might be needed to complement companies' own considerations on that aspect of responsible AI.
>> WILL chin that is a great question and first off I say I'll completely agree with thinking about your family's finances, about your children's health is absolutely critical. Like I said, I'm a parent, I think about this stuff all the time. I think the idea here is yacht that I don't think about this those but that I can spend hor time thinking about, for example, the kinds of foods that I want my child to be exposed to early in their life, understanding you know the many competing opinions about exposure to allergens and all of those things. I can spend my time really understanding those issues and making informed decisions about what I want my child to eat as opposed to spending my teem writing out the actual grocery list itself. Now that doesn't mean I don't want to make sure that the groceries that my hypothetical future agent is buying for the family and making sure that they actually reflect my values and my preferences, but it's just a lot of that kind of very medial basic day‑to‑day load that is embedded in those activities is stuff that I think can be taken off our plates. The human doesn't dp away. The human needs to be is he center of the processes but it allows us to be a little more strategic and takes some of the pure kind of mental weight that we feel out of the day.
I will say that for us as Google making sure the user has the opportunity to express their user preference, not just in the user journey but how they set up agents and accounts is really important. That's why in your Google account, you have the aiment to determine what types of data are available to AI systems and agents that you interact with, which ones you want it choose to use, types of use cases that you want to choose to really empowering the user and putting them in the driver's seat is the most important piece of this for us.
>> DOMINIQUE LAZANSKY: Also a just quick point, that is thanks Richard, always great questions, we could probably talk about this for hours to be honest.
>> JIM PENDERGAST: We have 10 minutes left.
>> DOMINIQUE LAZANSKY: 10 minutes and 25 seconds. I think there is going to have to be a bigger piece for education in policymakers in government. They don't even know how the Internet runs. I'm not saying that about Niko because clearly, but no on a more serious level, I think there needs to be more engagement and interaction because these systems as well as really eloquently said are so complex, right. That's what's going to have to happen. There is going to have to be more relationship building in the area with all stakeholder, not private sector only but Civil Society too, and that's going to be key in order to develop the right kind of interventions and see what happens.
>> JIM PENDERGAST: Luciana, did you want to come in?
>> LUCIANA BENOTTI: I think it's another that has the hand up.
>> JIM PENDERGAST: Okay. I'm not sure. It keeps coming and disappearing. I'm for the sure. There was a hand raised and now it's gone. But there is a sort of related ‑‑ there is a question in here and I'm going to paraphrase it, essentially, you know, when dealing with things like healthcare, really sensitive personal information needs to be super secure, how secure are these AI agents that are dealing in this particular space? And can they be trusted not to compromise your personal information one way or another?
>> DOMINIQUE LAZANSKY: That's a great question. It's not just about the technical aspects and risks and all the potential DDOS attacks and attack service and everything like that. It's also about ensuring and the AI act in Europe does this where they have a risk analysis and framework and risk reporting that actually has to describe the risk that is available or potential risk that's available. But as any issues, any breaches, any attacks, and I'm afraid we'll probably see quite a few of them, but so far I think with the baked if security of Internet protocols and other evolving security developments on different layers of the Internet so far that a things are moving in the right direction, but I guarantee there is going to be some issues.
>> JIM PENDERGAST: Luciana?
>> LUCIANA BENOTTI: Well, I completely agree there that we will see some issues, so as a researcher, I we know that large language models when they use private information for training, they can repeat that information at any point, even if there is no particular attack to ebbing tract that information, so there is no way to ensure from the technological point of view that that information is not disclosed. To someone that it shouldn't be disclosed to. Unless that information is not used for training. The problem is that since there is a lack of enough data for training systems, especially in domains that are sensitive like healthcare is tempting, let's say, to use information not broor for training purpose. The proper is in the information is in natural language, it's in fact impossible to completely anonymize it because we can identify names and addresses and personal identification numbers. Can't do those. But there can be private information that is not express in any of these formats or that combines with other information makes a person identifiable. From a technical appointment of view, this is a problem that at the moment has no solution.
>> Can I come in on that.
>> JIM PENDERGAST: Sure, please.
>> JAYANTHA FERNANDO: Jim, I think on the particular area that the panelist touched on, I just want to give some perspective. While I tend to agree with both of them, my view is that generally most of the data protection laws tend to cover the use of personal data and processing them in an agentic AI environment, and constitute or trigger perhaps various regimes regulating or processing personal data, and in the context of maybe health ‑‑ which would definitely come within the category of special categories of personal data, protection in most countries, same it true when it comes to Sri Lanka, for example, we have a data protection law founded on the OECD privacy guidelines as with some principles containing GDPR, but the enforcement regime is not based on GDPR. The ep forcement framework is primarily based on some of the back primary framework principles with options to do corrections more moving to regulatory finding kind of regime, so I think both in terms of regulatory intervention, one has to be careful not to stifle innovation while we need agent AI growth, that should not be hindered by regulatory frameworks such as privacy laws provide should provide the platform for course correction, for interest of the grievance of those individuals who rights are victim, and more so in area personal data related to health. So clear boundaries, so that's where I believe a light touch regulatory soft law approach with some kind of policy guidance if this realm may be more appropriate, but we still do for the standardized international response in this area. Thank you.
>> JIM PENDERGAST: Thank you. And this always happens. We have three minutes and 20 seconds left and we have two people at the microphone so what I'm going to ask you to do is both ask the question, we'll try to answer it, but they've told me they'll cut us off at 12:30, so I'm not sure who was first but go ahead and we'll try to answer quick.
>> Thanks. Mile here on behalf of myself. Will touched on human in the loop of with agents. With the introduction of agentic AI and role and responsibility service providers change and as companies start offering agentic AI solutions how do you think the dynamic between the user and service provider will change and how do we establish a conscious and informed approach to the responsibilities and accountability in this new dynamic.
>> JIM PENDERGAST: We'll take the question to the left.
>> Thank you. McComik, EY. I'm interested in the policy not just being regulation. One of the key things are park forces, about you market forces by themselves are slow. We're seeing in the space of AI something which is demand by board members as well as actually developers which is third party verification, third party assessments, tiered party assurance, third party audits to be made public and meaningful. I think this is something to look at as a tool, a voluntary tool, but a tool with specific parameters to be applied to agentic, it supports adoption, it supports trust and forces disclosure and learning throughout the ecosystem. We're about to publish something on this if he cans week online, happy looking at weighs happening across the world, happy to share, look it up on EY website, but are existing tools that are flexible. Thank you very much.
>> JIM PENDERGAST: Great. Thank you. 15 seconds per panelist, respond and wrap up and give us a final parting thought.
>> DOMINIQUE LAZANSKY: Great so I'll go just to say that like kite marking or assurance assess am has a long history in telecom and physical devices, so there is a lot to as you were saying, there is a lot to base like a sort of kite marker and assurance mark on so that's great, actually, that we have like a history of that.
I don't know. I think I'm going to go off the grid.
>> JIM PENDERGAST: Or pass. Will?
>> WILL: I completely agree that there is a long history there and I think that building assurance and validation frameworks and having third parties helping us to build trust in these AI systems and agentic systems is going to be critically important. Coming up with good metrics and evals to support that is a continuing area of research and we're really investing in that on the Google side and excited to build partnerships to do more of that. To the other question I would say as I mentioned before, being really thoughtful about pass backs and how we loop the user back in in ways that are useful and beneficial to the user, is really the critical piece, but as as we learn over time from user feedback what they like and don't like what does enable them to trust the system, that's going to allow us to continue to improve.
>> JIM PENDERGAST: Luciana.
>> LUCIANA BENOTTI: I completely agree with the assessment. It's crucial. I leave the audience with a question, how can we critically work towards a future where this third party is built by the most ‑‑ made up by the most effective, the workers, the teachers, the students, these are the most effective, the times that we are seeing in Latin America, and when they are meaningful co‑designers of the AI agents that affect them, and that are involved also in analyzing the environmental impacts with metrics that they can understand and not just use them as data providers, that's my question for you. If you're there? Person, finally rntion reach out to Beatrice there in the room.
>> JIM PENDERGAST: I'm sorry, our polite Norwegian tech team is giving me the look. We have to wrap up. Will and Dominique are still here, any questions I'm sure they can talk to you afterwards, thanks to Luciani and Jayantha joining us remotely and thanks to everybody participating in person.
(Applause).
