Google has expanded its Vulnerability Rewards Program (VRP) to focus on AI-specific attacks and malicious opportunities. The company released updated guidelines to determine which discoveries qualify for rewards. For instance, discoveries related to the extraction of training data that leaks private, sensitive information are eligible for rewards.
The unique security challenges presented by AI, including model manipulation and unfair bias, necessitate new guidance for the VRP. This expansion is aimed at incentivizing research around AI safety and security, ultimately making AI safer for everyone.
This initiative aligns with the tech industry’s growing awareness of AI vulnerabilities and the need to address them to ensure the safety and security of AI systems.