Google has disclosed that its Gemini language model was targeted by over 100,000 attempted attacks via targeted prompts. The attackers' goal appears to be extracting knowledge from the model to train cloned versions at lower costs.

Model extraction and intellectual property

Google defines this illicit activity as "model extraction" and considers it a violation of intellectual property. This position, however, is complex, considering that large language models (LLMs) like Gemini are often trained using data extracted from the web without permission.

Controversial precedents

This is not the first time Google has been at the center of controversy regarding the training of its models. In 2023, the company was accused of using outputs generated by ChatGPT to improve Bard's performance. A Google researcher, Jacob Devlin, resigned following these accusations, contesting the use of data from ShareGPT, a public platform where users share conversations with chatbots. Google denied the charges but stopped using the data in question.

For those evaluating on-premise deployments, there are trade-offs to consider. AI-RADAR offers analytical frameworks on /llm-onpremise to evaluate these aspects.