There have been a lot of calls for Congress to regulate AI (Artificial Intelligence). Congress by itself can never achieve such a goal, though I thank Ted Lieu for trying. What Congress can do is make all things AI fall under the purview of the FDA (Food and Drug Administration) just like any other medical device.
Featured image is courtesy of tonybates.ca
Case for Medical Device Classification
“But, but, but, . . . it’s just a search engine” you and Big Tech stammer. No, it is very much practicing medicine without a license and just happens to allow you to look other things up.
“Alexa, I have this rash on my groin, how do I get rid of it?”
“Siri, how do I cure COVID-19?”
Every day there are tens of thousands of medical queries to these unregulated septic tanks of scams that offer up advertisements from the highest bidder without any vetting of merit. Google has already been massively fined for offering up its own. The company motto has changed from “Do no harm” to “Don’t get caught.”
On a library computer that doesn’t have any of your personal information, or in a completely anonymous browser, why don’t you try searching for “How do I cure cancer?” You can even use specific cancer areas like breast, liver, skin, etc. If you do it on your regular computer with your regular browser you will find your Bing and other search bars will pump ads for cancer cures and services for many months to come. Don’t be surprised if your health insurance company bought that data and now wants to either drop you or jack up your rates.
What is important is to take a look at all of the un-proven snake oil still being peddled. All of you should have learned this during the early days of the COVID-19 pandemic. It got even worse when Donald Trump suggested injecting people with bleach.
Admit it, you’ve looked up diagnosis and treatment
Roughly 8-10% (don’t remember the current stat) of the American population is diabetic. The first thing you did when you got that diagnosis was search for treatment options. Did you vet the items in the search list so that you only looked at peer reviewed studies by the NIH (National Institutes of Health), CDC (Center for Disease Control), or their EU counterparts or were your eyes instantly drawn to the “Cure diabetes in a month with this diet” unproven scams.
Sadly most medical professionals reach instantly for insulin when you get diagnosed as a diabetic. It’s been around the longest and they know the most about it. All of those oral meds are too difficult for them to keep track up. If you watch regular television with advertisements you will see every few months there is a new diabetes drug with a multi-million dollar ad campaign. You cannot fault them for wanting to stick with tried and true, especially if your first A1C score is double digits.
Admit it, when a doctor prescribes you some kind of medication, you do a search on it to find out any complications. If you don’t then you are a fool. People don’t tell doctors about all of the “natural supplements” they are taking and many of them conflict with prescription medications in one way or another.
AARP is continually telling members to research their medications. They do so with good reason. If you are north of 50 with one or more chronic conditions you probably have five different doctors. They don’t always know all of the drug interactions when they prescribe you something they have come to trust.
Putting AI under 510(k) will reign in the insanity
I’ve been a software developer for over 30 years. The past decade I’ve spent in the embedded systems world, mostly making medical devices. The 510(k) process requires you create a full SDLC specification up front. There is none of this “just wing it” shit that Big Tech loves. You have to identify completely up front what it is you are about to do. Everything you are about to do.
Your written documentation is then handed off to a QA team that has zero interaction with developers. They develop a complete test plan based on your SDLC. What you produce has to do only what is in the SDLC, nothing else. It also has to do what is in the SDLC exactly as the SDLC states.
Those who think that is too rigid need to consider being the patient on a table with a surgical robot working on their heart. Blue Screen of Death has a literal meaning there. This rigid process exists to save your life.
FDA must ban the use of Agile
Under 510(k) development, when your software does something unexpected it isn’t a “discovery,” it’s a failure. Agile is just the latest in a long string of names to legitimize hacking on the fly. I’ve even written a book about it. Regular readers of this blog have read articles about Agile and the 737 Max falling out of the sky; the 2020 Iowa Caucus mega-failure; and Too Big to Agile just to name a few.
Currently there are far too many companies (one is too many) trying to use Agile in an FDA regulated world. That’s how you end up with dead patients and recalls like this one. I don’t work for Baxter, but I know they use Agile. I’m regularly badgered by the non-English speaking recruiters about taking a gig up at Round Lake Illinois (where these things are typically made) to work on-site using Agile for no money. Gee, wonder why seasoned professionals don’t jump at that?
In a proper SDLC 501(k) development process you have a System Architect and an Application Architect that both helped write the SDLC and ride roughshod over the developers. This is to ensure they aren’t surfing the Web for stuff they would like to have on their resume (or just find neat) then adding it to the project. What you deliver is fully bounded by what you wrote in the SDLC. No more, no less.
You’ll stifle innovation!
Ah, the age old cry of Big Tech and its identity theft juggernaut. AI password cracking even has Web sites now keeping track of how long it takes the AI to crack passwords. Keep in mind most of these stats are theoretical and based on use of a single processor. When you have a BOT-NET of 50K computers, what takes a single CPU 2K years doesn’t take a BOT-NET very long. You just need an AI that can distribute the work and record the results properly.
Hell yes we want to stifle innovation!
You have tracked us, sold our information, created crypto currencies that stole our money while funding North Korea’s nuclear program. The human race cannot survive anymore of your innovation.
How all Agile projects end
A massive failure with everyone running around congratulating each other on their fine success.
We, the human species, cannot tolerate another Theranos.
We, the human species, cannot trust you, Big Tech, (or even the wanna-be techs) to do AI right. You just be FDA 510(k) regulated.
