Scoopfeeds — Intelligent news, curated.
On TEEs for Privacy-Preserving Monitoring in AI Governance
agentic-ai

On TEEs for Privacy-Preserving Monitoring in AI Governance

LessWrong · Jun 23, 2026, 3:54 AM

This project was conducted as part of MIRI Technical Governance Fellowship. Thank you to Aaron Scher for guidance. It does not necessarily reflect the views of the organization. Overview Trusted Execution Environments (TEEs) spark excitement and skepticism in the realm of AI governance verification. TEEs could be a robust way to restrict and monitor AI deployments, replacing human trust with verifiable constraints and preserving user privacy… but it is not clear if the security assumptions are acceptable.Three scenarios in which you will wish you read this post:Someone interested in AI safety has jumped to the conclusion that privacy and misuse prevention are mutually exclusive. They think private AI products should be banned. They express sadness in sacrificing personal privacy, but see it as a necessary “freedom tax” to pay for safety.Someone in charge of security for a human extinction-level threat – ASI, for example – is overly excited about TEEs, treating them like a panacea for all trust problems. You grumble a bit about side-channel attacks and hardware vendor trust, but you struggle to provide a clear checklist of problems to solve. Most of the resources you can find are vendor-specific or outdated, so it’s hard to build a consistent mental model.People are poo-pooing TEEs for AI governance because of its many problems; they can’t possibly work in an international treaty scenario! You think TEEs would be amazing, but you aren’t sure how to argue for them and don’t want to seem naive about security. So you repeat the mantra “SGX is broken; you can’t trust Intel” and wonder what SGX even stands for.This post first walks through the motivations for TEE-based approaches: they are compelling, I promise. It then builds an understanding of how TEEs work, what problems they solve (and which ones they don’t), and how commercial products map to governance scenarios. The second half of the post is less generous and more pragmatic, discussing the gaps in what can be achi

Article preview — originally published by LessWrong. Full story at the source.
Read full story on LessWrong → More top stories

More in agentic-ai

LessWrong
Is Claude Mythos the most Dishonest or Does the System Card Have Errors
LessWrong
An ancient Yudkowsky fragment: "Against the Adversarial Attitude"
LessWrong
The High Valley
LessWrong
Model Size Scaling in 2023-2031
LessWrong
LLM-Driven Feature Discovery
Aggregated and edited by the Scoop newsroom. We surface news from LessWrong alongside other reporting so you can compare coverage in one place. Editorial policy · Corrections · About Scoop