Why Generative AI Demands Distinct Treatment
The ethics frameworks developed for predictive AI (described in earlier articles in this module) remain applicable to generative AI but are insufficient on three dimensions.
Training data ethics. Predictive AI is trained on data the deploying organization typically has custody of, with documented provenance. Generative AI is typically trained on internet-scale corpora that include copyrighted works, personal communications, and content posted under terms of service that did not anticipate model training. The relationship between the model and the people whose work shaped it is fundamentally different.
Output ethics. Predictive AI outputs are decisions or scores. Generative AI outputs are content — text, images, code, video — that may be presented to humans as authored work, used in commercial products, or distributed at scale. The output ethics question is more like publishing than like classification.
Misuse ethics. Predictive AI can be misused, but generally only by the operator. Generative AI can be misused by anyone with access, at scale, with low marginal cost. A single open-source image generator can produce millions of synthetic images, and the deploying organization can no longer control the downstream applications of its technology.
The OECD AI Principles, the EU HLEG Trustworthy AI requirements, and the UNESCO Recommendation on the Ethics of AI all predate the explosion of foundation model deployment and have been updated or supplemented to address generative AI specifically. See https://oecd.ai/en/ai-principles, https://digital-strategy.ec.europa.eu/en/library/ethics-guidelines-trustworthy-ai, and https://www.unesco.org/en/artificial-intelligence/recommendation-ethics.
Authorship and Consent
The training data question is unresolved at the level of law and contested at the level of ethics. Several lawsuits filed since 2022 — by visual artists against Stability AI and Midjourney, by authors against OpenAI, by news organizations against major LLM providers — will eventually produce judicial guidance, but the ethical question is independent of the legal one.
Three positions are coherent in the current debate.
Position 1: Open training is a fair use. Training on publicly available text and images does not reproduce the original works in a way that competes with them; the model learns patterns rather than copying. Under this view, the training is analogous to a person reading widely and writing in their own voice afterward — no consent or compensation is required.
Position 2: Open training requires consent or compensation when at scale. Even if individual training is analogous to learning, the aggregate effect of training a system that competes commercially with the work it was trained on is qualitatively different. Under this view, opt-out mechanisms, opt-in defaults, or licensing payments are ethically required.
Position 3: Open training is acceptable for non-commercial use only. Models trained on internet-scale corpora may be acceptable for research and personal use but should not be deployed commercially without explicit licensing of the training data.
Most major commercial deployers are converging on a hybrid: opt-out mechanisms for content owners (Google’s robots.txt-style provisions, OpenAI’s content control mechanisms), licensing agreements with major content publishers, and increasingly, contractual indemnification of customers against copyright claims arising from outputs.
The Asilomar AI Principles call for “responsibility” in the development of AI; see https://futureoflife.org/open-letter/ai-principles/. The Partnership on AI’s Synthetic Media Framework provides operational guidance on the related question of how to disclose AI involvement in produced content; see https://partnershiponai.org/.
Output Authorship and Accountability
When a generative AI system produces an output, three questions of attribution arise: who is the author, who owns the output, and who is responsible if the output causes harm.
Authorship. Most jurisdictions currently treat AI-generated outputs as not having a human author and therefore not eligible for copyright in the conventional sense. The US Copyright Office has issued guidance to this effect (2023). The practical implication for organizations is that purely AI-generated content typically cannot be protected as copyrighted work and should not be presented as authored work without disclosure.
Ownership. Even where copyright does not attach, ownership of generated outputs is governed by the terms of service of the generating system and any contracts between the user and the deployer. Standard practice for commercial generative AI services grants the user the rights to use the outputs commercially while retaining the model itself and the underlying training data.
Accountability. When a generated output causes harm — through factual inaccuracy, defamation, infringement, or other downstream effect — the question of who is responsible is contested. Most existing legal regimes hold the human user accountable for what they choose to publish or use. The ethical practice for deployers is to make this clear at the point of generation, to provide tools (watermarking, disclosure prompts, accuracy indicators) that help users assess outputs before downstream use, and to refuse generation in the highest-risk categories.
Synthetic Media and Disclosure
The proliferation of generated images, audio, and video has created novel categories of harm: non-consensual intimate imagery, voice impersonation for fraud, fabricated news content, and political manipulation. The ethical response combines technical and procedural measures.
Watermarking and provenance. Several technical standards (notably C2PA, the Coalition for Content Provenance and Authenticity) define cryptographic provenance markers that can be attached to generated content and verified downstream. Major image and video generators including those from Adobe, Microsoft, and Google have begun adopting these standards. The watermarks are not foolproof — sophisticated adversaries can strip them — but they raise the cost of malicious use and provide signal for downstream detection.
Disclosure mandates. Several jurisdictions are introducing requirements that AI-generated content be disclosed as such. The EU AI Act requires disclosure for AI-generated content that resembles real persons or events. Several US states have introduced laws regulating deepfakes in election contexts and non-consensual contexts.
Refusal categories. Responsible deployers refuse to generate certain categories of content regardless of user request: child sexual abuse material, non-consensual intimate imagery of real people, content designed to facilitate self-harm, and instructions for weapons of mass destruction. The refusal categories are typically implemented as a combination of training-time filtering and inference-time policy enforcement.
Deepfake detection and reporting infrastructure. Beyond per-system measures, the ecosystem requires infrastructure for detecting and reporting harmful synthetic media. Organizations such as the Content Authenticity Initiative and various national CSIRT-equivalent bodies are building this infrastructure, and responsible deployers contribute to it through reporting and through participation in industry working groups.
Misuse Prevention
The general framework for misuse prevention is “defense in depth” — multiple overlapping measures that collectively raise the cost of malicious use even though no single measure is foolproof.
The measures include: training-time filtering of harmful content from training data; constitutional AI techniques that train models to refuse certain requests; runtime input filtering that blocks prompts matching known abuse patterns; runtime output filtering that catches generated content matching abuse patterns even when the input was benign; rate limiting and account-level controls that prevent industrial-scale abuse; abuse reporting channels; and active monitoring for emergent abuse patterns followed by rapid policy updates.
Each measure individually has known failure modes. Training-time filtering misses emerging abuse categories. Constitutional approaches can be jailbroken by adversarial prompts. Runtime filters produce both false positives and false negatives. The defense-in-depth principle is that the combination is much harder to defeat than any single layer, and that the system should fail safely (refusing unknown inputs) rather than producing harm by default.
The NIST AI Risk Management Framework includes specific guidance for generative AI in its July 2024 generative AI profile; see https://www.nist.gov/itl/ai-risk-management-framework. The Singapore IMDA Model AI Governance Framework includes generative-specific guidance in its 2024 update; see https://www.pdpc.gov.sg/help-and-resources/2020/01/model-ai-governance-framework. The proposed Algorithmic Accountability Act in the US includes provisions applicable to generative systems; see https://www.congress.gov/bill/118th-congress/house-bill/5628.
Hallucination and Fabrication
A specific generative AI failure mode — confidently producing factually incorrect outputs — has both technical and ethical dimensions. Technically, hallucination is a property of the underlying probabilistic generation process and cannot be fully eliminated with current architectures. Ethically, it creates obligations on deployers to communicate the limitation, to refuse use cases where hallucination would cause material harm without adequate verification, and to design downstream workflows that catch fabrication before it produces consequence.
Best practice combines: documentation that explicitly acknowledges hallucination as a known property; product design that surfaces sources and confidence indicators where they exist; refusal to deploy in safety-critical applications without external verification (medical advice, legal advice, financial advice); and training of users in the limitations of the system.
Maturity Indicators
- Level 1: Generative AI is deployed without distinct ethical analysis; outputs are treated as if they were any other software output.
- Level 2: Generative AI policies exist but are inconsistently enforced; some refusal categories are implemented.
- Level 3: Defense-in-depth misuse prevention is implemented; watermarking and provenance are deployed for generated media; documentation and disclosure are standard.
- Level 4: Continuous monitoring of misuse patterns informs policy updates; training data provenance is documented; consent and licensing arrangements with content owners are established.
- Level 5: The organization participates in industry standards (C2PA, Partnership on AI Synthetic Media Framework); its generative AI program is publicly transparent; it has refused or retired use cases that could not be made adequately safe.
Practical Application
Three first actions for an organization deploying generative AI. First, publish a clear policy on what the organization will and will not generate, with named refusal categories and a process for adding new categories as misuse patterns emerge. Second, implement watermarking or provenance markers for any generated media that may circulate beyond direct user control; the C2PA specification is a good starting point. Third, establish a disclosure standard for outputs produced or substantially shaped by generative AI, both to internal users and to external recipients, and integrate the disclosure into product UX so that compliance is the path of least resistance.
Looking Ahead
Article 13 broadens the lens from the (mostly Western) ethical assumptions implicit in much of this module to the cultural and geographic differences that shape AI ethics differently in different parts of the world.
© FlowRidge.io — COMPEL AI Transformation Methodology. All rights reserved.