MDDI 演講稿 · 2026-02-20
楊莉明部長在「全球層面的 AI 安全:數碼部長與官員見解」專題討論上的發言
要點
- • Josephine 用「航空樞紐」做類比:新加坡不造飛機(不擁有 Boeing/Airbus),但仍要在製造、維護、空管等環節投入。AI 也是——要讓本地區廣泛採用,就必須同等地投入風險緩釋。
- • AI 監管要「目標精準」:太寬會拖慢創新,太鬆會給公民「虛假承諾」。新加坡去年立法,要求平臺在被通知後必須刪除 AI 生成的有害影像內容。
- • 三層 AI 與安全的關係:①AI 作為威脅(被用來攻擊系統);②AI 作為攻擊目標(多智慧體系統失控風險尤大);③AI 作為對抗這些威脅的工具——後者最需要國際合作。
- • 用 IKEA 類比 AI 工具的可信度:使用者沒法自己檢驗,必須有可靠的「測試 + 標準」體系,讓廠商在「賣出去之前」就把責任承擔掉。
- • 對「數字主權」的看法:把 AI 圈在自家國境內不可行、也是虛假的安全感;真正的主權是 Bengio 說的「讓每個國家都能坐在桌前,而不是出現在選單上」。
完整譯文(繁體中文)
MDDI 英文原文譯文 · 翻譯日期: 2026-05-02
主持人 Lee Tiedrich(2026 年《國際 AI 安全報告》高階顧問):Teo 部長,新加坡一直走在 AI 治理前沿——從《東盟 AI 治理指南》(ASEAN AI Governance Guide)到《新加坡 AI 安全共識》(Singapore Consensus on AI Safety)。Yoshua(Bengio)剛才提到——這份報告強調,必須把這些評估「翻譯」成不同文化與不同規範,並且能落地到實踐。基於新加坡的經驗,把科學轉化為工具與實踐、讓全世界的人能用,看起來是什麼樣子?
Josephine Teo 部長:也許我可以以一個小國的視角來分享——我們這片地區對 AI 技術的採用很有興趣,但對風險範圍的認識可能仍在加深當中。
在與各國部長交流時,我常分享一個角度——他們都來過新加坡,進出過我們的航空樞紐。我向他們解釋:新加坡不擁有飛機制造技術,波音不屬於我們,空客也不屬於我們。但我們必須關心這些飛機是如何製造的安全問題;必須關心維修、維護與大修;必須關心空中交通管理。如果這些環節沒有到位,很難想象怎樣才能擁有一個繁榮的航空樞紐,並對每天通過機場的數百萬人的生命負責。
這就是為什麼我們認為必須深度參與 AI 安全的對話與努力。如果我們希望在這個地區看到廣泛採用,就必須同等地瞭解如何緩釋風險。這是起點。
我想說的第二點是——作為政策制定者,我們理解安全方面的努力,最終必須轉化為可操作的護欄。這往往意味著標準的制定,意味著監管與法律。
但我們必須以審慎的方式做這件事,因為我們仍想從這項技術中受益。如果我們在落地這些要求時不夠精準,結果可能不只是創新節奏受影響。
我們最終可能給到公民一個「虛假承諾」——給他們一種「已經被保護好了」的印象,事實上並沒有。
所以我認為我們需要審慎。新加坡的關切之一也包括——一旦明確了該做什麼,我們希望能很快推進。
Yoshua 談到 AI 的濫用——比如用來生成針對女性與兒童的影像。我們去年通過了一項新法律,對那些把這些影像傳播給大量人群的服務方設立了法定義務。他們一直說「內容生成不是我們的責任」。這一點我們接受。但是一旦被通知此類有害內容存在,你就有義務移除。我們通過的這部新法律,正是設立這種義務。
Yoshua 也談到報告中的發現——AI 與網路安全正在以非常令人擔憂的方式相交。比如,AI 被用來攻擊系統,所以 AI 是一種威脅。但與此同時,我們也看到 AI 本身可以成為網路攻擊的目標。當 AI 成為攻擊目標——尤其是多智慧體系統——這類風險很容易失控。
因此,即便新加坡政府正在試用 AI,我們也希望對這些 AI 智慧體系統的架構非常審慎——具體到「賦予智慧體多少自主權」這個決策過程裡到底放了什麼。是否有辦法在它周圍設定護欄?
所以我會說:AI 作為威脅、AI 作為目標,以及——我們真正需要更深合作、做得更好的——AI 作為對抗這些威脅的工具。這些都是我們希望在東盟層面取得進展的事情。
主持人:除了政策制定者使用這些資訊——我工作中接觸很多組織、非營利、中小企業。我經常聽到的是:「太好了,要從科學起步,那就是零號階段。」但對其他這些組織來說,他們需要的是工具——他們沒有一整支科研團隊來把它落實成實踐。Teo 部長,從政府視角看,我們有什麼辦法去推進工具化、讓企業與機構更容易把這些好的研究真正部署起來?
部長:我最近在一個類似場合也討論過這個話題。我用 IKEA 來比喻——你去 IKEA 買傢俱,IKEA 向你承諾這件傢俱經過測試。如果是沙發,它可能被人「跳過」25,000 次都沒壞,那你就知道你家小孩跳上去也不會受傷——好吧,至少 25,000 次以內不會。
如果你設身處地考慮一個站在技術接收端的使用者——指望他自己去施加安全條件是非常不合理的。他根本沒有這種能力,也沒有決定「什麼能賣給他、什麼不能」的權力。
所以,我們作為政策制定者必須意識到:在我們鼓勵採用 AI 工具與技術的群體之間,存在巨大的能力鴻溝。我們必須想清楚——在哪些點上設立強制要求,在哪些場合把行業聚到一起、可能比強加嚴格法規更有用。比如在達沃斯,我們討論過保險機制、為 AI 模型開發者創造正確激勵的可能性。這件事還沒有「輕鬆落地」的辦法,但如果我們不能用理性方式把這些對話推進下去,那在管理風險方面我們只會更落後。所以我會說——這種審慎要應用在很多不同層級。
AI 安全方面的研究也必須持續。所以我很高興,我們正在通過新加坡舉辦的「AI 安全國際科學交流」第二屆繼續這場對話。我們希望更新——在安全研究方面應該優先關注哪些方向。我相信今年「多智慧體系統」會很顯眼。
但不能止步於此。我們還有持續推進的專案。我們一開始就在《國家 AI 研發計劃》之下做了承諾。在基礎研究層面,「負責任的 AI」(responsible AI)是我們非常關注的一塊——這兩件事必須並行推進。但難道我們不能先有一些測試框架與工具包嗎?我們認為「等齊了再做」也不可取。更務實的方式,是承認這些測試工具的不足,然後投入更多努力,去推動用更審慎的方式看待這些系統的風險,並研究如何緩釋。
最終我們應當走到這樣一個狀態:終端使用者有「安全保證」,不必再費力地想「該走的測試是否已經走過」。我們離那一點還有距離,但我們必須想辦法把路線圖理清楚。
主持人:我感興趣的是——也呼應「如何把科學帶到實踐」「如何建立評估生態」的主題。第一步是發展科學;第二步是搞清楚「該怎麼評估」;第三步是「由誰來評估」?你們怎麼看評估生態的形成?是政府來做評估?還是像會計行業那樣,用第三方認證審計師來做?我想聽聽各位的意見,先從 Teo 部長開始。
部長:在東盟語境下,我會主張一種「先解決眼前與近在咫尺的危險」的做法。
如果不聚焦於公眾與決策者今天最在意的問題,對話就會顯得太理論化——我們可能失去興趣與勢能,連合作的基礎都沒有真正搭起來。
AI 與現實交叉的領域有哪些?AI 被用來——或被濫用來——以內容創造傷害他人,這是一個領域。
幾乎我接觸到的每一位決策者都對此非常生氣:他們必須回應選民的擔憂——那些藉助 AI 製造的有害影像。這對我們的社會非常冒犯。
如果我們不能用務實的方式處理這些領域,我擔心同行的注意力會從這些事情上溜走。
那我們能做什麼?我們必須嚴肅地問:水印(watermarking)是處理這件事的正確方式嗎?還有別的標識 AI 生成內容的方法嗎?這是不是我們應當前進的方向?
另一個會很顯眼的方向,是 AI 在網路安全中的應用。我認為目前「AI 作為威脅」還遠未被充分應對,而「AI 作為攻擊目標」更是離人們的視線還很遠。圍繞同行所在意的領域把對話拉回來——更有機會牢牢吸引他們的注意,並創造有意義的契機來說:「這是你可以測試的方法」「這是可以落地的工具」。
它們不會完美,但它們是重要的起點。
觀眾提問:我們四處聽到「數字主權」(digital sovereignty)這個詞,越來越多國家在以各種方式宣告它。我很想聽聽——至少在 AI 安全領域——你們怎麼看它的影響?又有哪些最迫切的安全關切,會因此最先被「丟出窗外」?
部長:我很高興 Yoshua 給出的視角,對我而言非常穩健。Yoshua 早些時候說:「我們想要一個每個國家都能『坐到桌前』而不是『出現在選單上』的世界」。
這正是即便面對 AI 也能保住主權的方式。把所有東西都圈在自己國境內來獲得「主權 AI」——我認為它給的是一種虛假的安全感。
首先,這做不到;其次,對許多國家而言——最先進的應用很大程度上來自別處——這反而把你切斷開,使你無法前進,讓你更落後。
那「主權」如何融入?它必須是一個被認真處理的話題。它不是一個可以隨便揮舞的詞。
英文原文
MDDI 官網原始記錄 · 抓取日期: 2026-05-02
Moderator, Lee Tiedrich, Senior Advisor to the 2026 International AI Safety Report: For Minister Teo, Singapore has been at the forefront of AI governance from the ASEAN AI Governance Guide to the Singapore Consensus on AI Safety. One of the things that Yoshua (Bengio) highlighted that the report talks about is the need to translate some of the evaluation for different cultures and different norms, and also to be able to put it into practice. Based on Singapore's experience, what does it look like to take the science and actually put that into tools and practice that people around the world can use?
Minister Josephine Teo: Perhaps I will offer a perspective as a small state in a part of the world that has a lot of interest in the adoption of AI technologies but perhaps is still only becoming much more aware of the extent of the risks.
In my interactions with my counterparts, I often share with them a perspective – They would have visited Singapore; they would have travelled in and out of our air hub. And I explained to them that Singapore does not own aircraft technologies. Boeing does not belong to us, neither does Airbus. But we have to be concerned about the safety of how these aircraft are manufactured. We have to be concerned about maintenance, repair, and overhaul. We have to be concerned about air traffic management. If we didn't have all these elements in place, it's very hard to see how you can have a thriving air hub and be responsible for the lives of millions of people passing through the airport.
So that's the reason why we think we have to be invested in the conversations and the efforts to bring about AI safety. If we want to see wide adoption in our region, then we must equally be aware of how the risks can be mitigated. So that's the starting point.
The second point I'd like to make is that ultimately, as policymakers, our objective in understanding the safety aspects must translate into how we can put them into operable guardrails. And very often, this would mean standards that are being imposed. This would mean regulations and laws.
But we have to do it in a thoughtful way, because we still do want to benefit from this technology. So if we are not targeted in the way we implement these requirements, then what we might achieve is not just an impact to the pace of innovation.
What we could end up with is a situation where we have given a false promise to our citizens, giving them the impression that we have protected them when in fact we haven't actually done so.
That's why I think we need to be thoughtful. Part of Singapore's interest is also that when there is clarity about what needs to be done, we want to be able to move very quickly.
Yoshua has talked about the misuse of AI, for example, to use it for generating images that often target women and children. What we did was that last year we introduced a new law. It imposes statutory obligations on the services that bring these images and make this content available to vast numbers of people. They've always said that we are not responsible for the generation of such content. And so that's something that we take on board. But having been notified of the existence of such harmful content, then there is an obligation for you to remove it. So this new law that we passed imposes such an obligation.
Yoshua also talked about the findings in the reports – how AI and cybersecurity are intersecting in very, very concerning ways. For example, AI being used to target systems, and so AI is a threat. Now, however, we also see that AI itself can be a target of cyber-attacks. And when AI becomes a target of cyber-attacks, particularly for multi-agent systems, those kinds of risks can easily go out of control.
So even as the Singapore Government is experimenting with the use of AI, we want to be very thoughtful about how these AI agent systems are being architected and what exactly goes into the decision-making process regarding the agency that is being granted. Is there a way to put guardrails around it?
So I would just say that AI as a threat, AI as a target, and where we really need to cooperate and do much better is in using AI as a tool to fight these threats. Those are the kinds of things that within the ASEAN community we hope to be able to make progress on.
Moderator: In addition to the policymakers being able to use this information -- through my work, I end up talking to a lot of organisations, nonprofits, small-and medium-sized businesses. What I hear a lot is, it's great -- you have to start with the science, and that is ground zero. But then for some of those other organisations, they need the tooling. They're not going to have a whole scientific staff to figure out how to put that into practice? And I'm just wondering, from the government's perspective, Minister Teo, what are your thoughts on how we might be able to advance some of the tooling to take this great learning and make it easier for companies and other organisations to actually deploy?
Minister: I was at a similar session recently, and this topic came up. The way I think about it is that I use IKEA as an example. You know, when you go to IKEA, you buy furniture, and IKEA promises you that this furniture has been tested. So, if it's a couch, it has been jumped on, perhaps 25,000 times, and it didn't break, you know that your kids are not going to be hurt if they jump on it too – well up to 25,000 times.
If you think about a user on the receiving end of this technology, it is quite unreasonable to expect them to have to impose safety conditions on their own. They're simply not in a position to do so, and they don't have the power to decide what gets sold to them and what does not.
So, we as policymakers must recognise that there is a huge gap between those that we are encouraging to adopt AI tools and technology in various contexts. We must think about where the right points are to make these requirements mandatory, and where it might be more useful for industries to come together, rather than imposing strict mandatory requirements. For example, in Davos, we discussed the possibility of insurance schemes and creating the right incentives for AI model developers. And I think that there is no easy landing point just yet, but if we fail to engage in these conversations in a rational way, then I think we are even further behind in trying to manage the risks. So I would say that the thoughtfulness has to be applied at many different levels.
There needs to be continued research in AI safety. And so I'm very happy that we are continuing to have this conversation through the second edition of the International Scientific Exchange for AI Safety in Singapore. We hope to update which areas of safety research that should be prioritised. I think this year, I certainly agree that multi-agent systems are going to come up quite prominently.
But we cannot just stop there. We also have an ongoing program. We started by setting aside commitments under our own National AI R&D Plan. In fundamental research, one of the areas that we are very interested in is responsible AI, so you need the two to go hand in hand. But can we not have some testing frameworks and toolkits to begin with? We think that that is also not helpful. It is more pragmatic to try to recognise the shortcomings of those testing tools, and then to invest further effort in promoting more thoughtful ways of looking at the risk of these systems and how to mitigate against them.
Ultimately, we should try to get to a point where the end user has assurance of safety so that they don't have to be thinking so hard about whether the proper tests have been applied. We're not there yet, but I think we need to find a way to work out the roadmap.
Moderator: I'm interested, and I think it touches on some of the themes of “how do we take the science and bring it to practice?”, “how do we actually create this evaluation ecosystem?” So step one is developing the science. Step 2 is then figuring out, “how do we actually evaluate this?” And then there's “by whom?” How do you see an evaluation ecosystem emerging? Do you see governments being the evaluator? Do you see this going more like we have with accounting, where you have third-party certified auditors of doing the evaluations? I'd be interested in each of your thoughts. Maybe start with Minister Teo.
Minister: Well, certainly in the ASEAN context, I would advocate for an approach that addresses near and present dangers that everyone is dealing with.
The risk of not focusing on what's most prominent in people's minds today, and policymakers' minds today, is that the conversation may feel too theoretical, and we may lose interest and momentum, and we won’t even build the foundations of cooperation in a meaningful way.
What are some of those areas where AI intersects? AI being used, or misused, for harming people in terms of content creation. I think that's one area.
Almost every single policymaker that I come across is very, very upset by the fact that they have to address their constituents' concerns about all these harmful images that are being created with the use of, or with the help of AI. It's very offensive to our societies.
And if we are not able to work on these areas in a meaningful way, in a practical way, then I think we risk losing my colleagues' attention.
So what can we do? We have to then seriously ask: Is watermarking the correct approach to dealing with it? Is there some other way of labelling AI-generated content? Is that even the right direction that we should be moving in?
The other area that I think it will be very prominent, and that is the use of AI in cybersecurity. I don't think at this point in time AI as a threat is adequately addressed. AI as a target is even further from people's minds. A pickup of the conversation in the areas that my colleagues care about, I think, stands a better chance of anchoring their attention and creating meaningful opportunities for us to say, “Here are the ways you can test for it”, and “Here are the tools that can be applied”.
They won't be perfect, but they are an important start.
Audience Member: Now we hear a lot about the rise of digital sovereignty like everywhere, and like a lot of more countries are trying to claim it in some ways or another. And I would be really curious to hear like how, at least in the AI safety field, how are you perceiving that impact and which are the safety concerns that are most pressing that get thrown out of the window based on that first?
Minister: Yeah, I'm so glad that Yoshua has offered a view that to me is a very sound approach. You (Yoshua) said earlier that what we want is a world where every country can be at the table, not on the menu.
That's exactly how you can preserve sovereignty, even with AI developments. The idea that you get sovereign AI by confining everything to your own shores, I think it gives a false sense of security.
Firstly, it's not achievable. Secondly, the idea that you can do so would, I think, mean that for many countries, where the most sophisticated applications will have to originate from elsewhere, it just cuts you off from being able to make progress, and that puts you even further behind.
So how does sovereignty fit in? It has to be a topic that is dealt with thoughtfully. It's not a term to be bandied about too easily.