Legal Zero-Days

Background

In this paper, we introduce the concept of "Legal Zero-Days" - previously undiscovered vulnerabilities in legal frameworks that AI systems could exploit to cause immediate disruption to governmental functions.

Key implications:

AI could systematically identify flaws in legislation and regulations
Current AI models already demonstrate 10% success rates on our evaluation
Unlike cybersecurity patches, legal fixes require lengthy legislative processes
Single discoveries could disrupt agency operations for extended periods

Australia's 2017 dual citizenship crisis illustrated that one constitutional oversight could paralyse parliamentary operations for 18 months, invalidate numerous administrative decisions and require by-elections to resolve.

"A sufficiently capable AI could accumulate such vulnerabilities as resources to bypass regulatory safeguards, disrupt responses to AI accidents, or systematically weaken the institutional frameworks designed to govern AI development and deployment."

As AI systems advance, their ability to discover legal vulnerabilities will likely improve substantially. This research extends AI risk assessment beyond traditional vectors to encompass the legal and regulatory infrastructure that underpins effective governance.

Key resources

📄 Legal Zero-Days: A Novel Risk Vector for Advanced AI Systems