Pith. sign in

REVIEW 15 cited by

AI Deception: A Survey of Examples, Risks, and Potential Solutions

Not yet reviewed by Pith; the record is open.

This paper has not been read by Pith yet. Machine review is queued; the pith claim, tier, and objections will appear here once it completes.

SPECIMEN: schema-true, not a live event

T0 review · schema-true

One-sentence machine reading of the paper's core claim.

pith:XXXXXXXX · record.json · timestamp

arxiv 2308.14752 v1 pith:GC2S6HME submitted 2023-08-28 cs.CY cs.AIcs.HC

AI Deception: A Survey of Examples, Risks, and Potential Solutions

classification cs.CY cs.AIcs.HC
keywords deceptionsystemsshouldpolicymakersexamplesfinallyfirstincluding
verification ladder T0 review T1 audit T2 compute T3 formal T4 reserved
0 comments
read the original abstract

This paper argues that a range of current AI systems have learned how to deceive humans. We define deception as the systematic inducement of false beliefs in the pursuit of some outcome other than the truth. We first survey empirical examples of AI deception, discussing both special-use AI systems (including Meta's CICERO) built for specific competitive situations, and general-purpose AI systems (such as large language models). Next, we detail several risks from AI deception, such as fraud, election tampering, and losing control of AI systems. Finally, we outline several potential solutions to the problems posed by AI deception: first, regulatory frameworks should subject AI systems that are capable of deception to robust risk-assessment requirements; second, policymakers should implement bot-or-not laws; and finally, policymakers should prioritize the funding of relevant research, including tools to detect AI deception and to make AI systems less deceptive. Policymakers, researchers, and the broader public should work proactively to prevent AI deception from destabilizing the shared foundations of our society.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 15 Pith papers

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. Slot Machines: How LLMs Keep Track of Multiple Entities

    cs.CL 2026-04 unverdicted novelty 8.0

    LLM activations encode current and prior entities in orthogonal slots, but models only use the current slot for explicit factual retrieval despite prior-slot information being linearly decodable.

  2. A Model of Multi-turn Human Persuadability Using Probabilistic Belief Tracing

    cs.CL 2026-06 unverdicted novelty 7.0

    PERSUASIONTRACE introduces a Bayesian-network simulated target for multi-turn persuasion that matches human belief dynamics (81 vs 80) better than LLM baselines (64) and enables process-level evaluation.

  3. Detecting Multi-Agent Collusion Through Multi-Agent Interpretability

    cs.AI 2026-04 conditional novelty 7.0

    NARCBench and five activation-probing methods detect multi-agent collusion with 0.73-1.00 AUROC across distribution shifts and steganographic tasks by aggregating per-agent signals.

  4. Deceive, Detect, and Disclose: Large Language Models Play Mini-Mafia

    cs.AI 2025-09 unverdicted novelty 7.0

    Mini-Mafia supplies an analytical model logit(p) = v*(m-d) for mafia win probability in LLM role interactions and uses Bayesian inference to estimate per-model parameters that predict tournament results with 76.6% Bri...

  5. Persuasion Attacks Can Decrease Effectiveness of CoT Monitoring

    cs.AI 2026-07 conditional novelty 6.0

    Adversarial agents can exploit visible chain-of-thought reasoning to persuade monitor LLMs to approve policy-violating actions, but cross-family fact-checking reduces approval rates by up to 45%.

  6. The Model Organism Lottery: Model Organism Interpretability Strongly Depends on Training Methodology

    cs.LG 2026-07 unverdicted novelty 6.0

    Model organism interpretability depends strongly on training methodology, with integrated training yielding less interpretable MOs than post-hoc SFT or DPO.

  7. RogueAI: A Reverse Turing Test for Detecting Licensed AI Deception in Dialogue

    cs.CL 2026-06 unverdicted novelty 6.0

    RogueAI operationalizes a reverse Turing test as a one-on-two interrogation game to detect licensed deception in LLMs, with pilot data from 467 sessions showing a simple linguistic heuristic at 75.6% accuracy versus 5...

  8. Ensemble Monitoring for AI Control: Diverse Signals Outweigh More Compute

    cs.AI 2026-05 unverdicted novelty 6.0

    Diverse ensembles of prompted and fine-tuned GPT-4.1-Mini monitors achieve 2.4x better detection of flawed code solutions than homogeneous ensembles on adversarial inputs.

  9. Correcting Influence: Unboxing LLM Outputs with Orthogonal Latent Spaces

    cs.LG 2026-05 unverdicted novelty 6.0

    A latent mediation framework with sparse autoencoders enables non-additive token-level influence attribution in LLMs by learning orthogonal features and back-propagating attributions.

  10. Linear Probe Accuracy Scales with Model Size and Benefits from Multi-Layer Ensembling

    cs.LG 2026-04 unverdicted novelty 6.0

    Multi-layer ensembles of linear probes raise AUROC for deception detection by up to 78% and probe accuracy scales with model size across 0.5B to 176B parameter models.

  11. Simulating the Evolution of Alignment and Values in Machine Intelligence

    cs.AI 2026-04 unverdicted novelty 6.0

    Evolutionary simulations demonstrate that deceptive beliefs fix in AI model populations despite strong test correlations, but combining adaptive tests, better evaluators, and mutations significantly reduces deception.

  12. Information Access of the Oppressed: Freirean Design for Emancipatory Information Access

    cs.CY 2026-01 unverdicted novelty 6.0

    Extends Freire's theories to critique technologist-user dynamics in IA and advocates Freirean Design for emancipatory platform co-construction by communities.

  13. Temporal Preference Concepts and their Functions in a Large Language Model

    cs.LG 2026-05 unverdicted novelty 5.0

    Causal localization via attribution and patching identifies a temporal preference subgraph in mid-to-upper layers of Qwen3-4B-Instruct-2507, with time-horizon geometry in the residual stream and initial evidence for s...

  14. XAttnMark: Learning Robust Audio Watermarking with Cross-Attention

    cs.SD 2025-02 unverdicted novelty 5.0

    XAttnMark is a new neural audio watermarking method using partial parameter sharing, cross-attention for message retrieval, temporal conditioning, and a psychoacoustic TF masking loss that reports state-of-the-art det...

  15. The Landscape of Emerging AI Agent Architectures for Reasoning, Planning, and Tool Calling: A Survey

    cs.AI 2024-04 unverdicted novelty 3.0

    A survey of emerging AI agent architectures that organizes single and multi-agent designs around reasoning, planning, tool use, communication, and reflection phases.