The CEOs of several major artificial intelligence companies are urging members of Congress to adopt new laws that would make it harder for bad actors to develop biological weapons using their technology.
Google DeepMind’s Demis Hassabis, OpenAI’s Sam Altman, Anthropic’s Dario Amodei, and Microsoft AI’s Mustafa Suleyman are among the signatories on a public letter calling for laws requiring companies that sell synthetic DNA and RNA to screen customers and orders to prevent the misuse of genetic material.
Organized by the nonpartisan Institute for Progress and the right-leaning Foundation for American Innovation, the letter acknowledges that given the pace of AI development, “there is a real possibility that the knowledge barriers which have historically prevented bad actors from obtaining biological weapons will meaningfully erode.”
Scientist Arthur Kornberg was the first to successfully synthesize DNA in the 1950s. Now, the process is automated, with dozens of companies around the world using commercial synthesizers to “print” and sell custom genetic sequences that are used for scientific research, drug development, and diagnostics. Many providers sell only to qualified researchers, biotech companies, and educational institutions, but not all of them vet customers or the gene sequences they order.
In 2017, Canadian researchers raised alarm when they used $100,000 worth of mail-order DNA to reconstitute the extinct horsepox virus. Critics said the same methodology could be used to construct smallpox, a closely related and deadly virus. Gene synthesis has only gotten cheaper since then.
Combined with advances in AI, it’s now feasible to design dangerous new toxins and pathogens using large language models, although some biology training would likely still be needed to make a functional virus from scratch. While bioterror attacks have been rare, they have the potential to cause mass casualties, public panic, and economic loss. A major concern is that an AI-designed pathogen could intentionally or unintentionally spark a global pandemic.
“AI tools enable a user to very quickly identify where to turn to order sequences that will not be subject to screening,” says David Relman, a microbiologist and biosecurity expert at Stanford University, who signed the letter. “If prompted appropriately, they can also tell you how to change the nature of your order, so that even those that are screening may be much less able to detect what it is you’re trying to make.”
The signers include other scientists, national security experts, and executives from gene synthesis companies Twist Bioscience and Ansa Biotechnologies. These firms are members of the International Gene Synthesis Consortium, which formed in 2009 to implement voluntary screening practices. Many companies already use software to screen orders for “sequences of concern” that can contribute to an organism’s toxicity or ability to cause disease.
“If you have technology that is capable of synthesizing DNA, then you should ensure that it’s used responsibly, and part of that is making sure that you understand what you’re making and who you’re making it for,” says James Diggans, vice president of policy and biosecurity at Twist Bioscience. The company has supported implementing formal rules for years.
Federal guidelines introduced during the Biden administration required scientists and companies that receive federal funding to order synthetic gene sequences from providers that screen purchases. A bipartisan bill introduced earlier this year in the Senate would require all gene synthesis providers operating in the US to screen orders and customers for bad actors or dangerous pathogens.
But screening tools are not perfect. Last year, Microsoft researchers published a study showing that AI protein design tools were able to generate potentially dangerous gene sequences that slipped past companies’ screening software. The models suggested new protein sequences with similar structures of ones that are known to be dangerous.
Geoff Ralston, former president of Y Combinator and a partner at the Safe AI Fund, thinks AI labs with biology models should do their own screening of users.
“It should be very difficult, if not impossible, to ask a model to help you do something imminently dangerous,” says Ralston, who also signed the letter.
Relman agrees that regulations around screening procedures is only part of the solution. “Given that the screening may fail in some cases, we must then have other points of control,” he says. “That’s where the AI companies are going to have to step up.”
