Harm reporting in Artificial Intelligence (AI) currently lacks a structured process for disclosing and addressing algorithmic flaws, relying largely on an ad-hoc approach. This contrasts sharply with the well-established Coordinated Vulnerability Disclosure (CVD) ecosystem in software security. While global efforts to establish frameworks for AI transparency and collaboration are underway, the unique challenges presented by machine learning (ML) models demand a specialized approach. To address this gap, we propose implementing a Coordinated Flaw Disclosure (CFD) framework tailored to the complexities of ML and AI issues. This paper reviews the evolution of ML disclosure practices, from ad hoc reporting to emerging participatory auditing methods, and compares them with cybersecurity norms. Our framework introduces innovations such as extended model cards, dynamic scope expansion, an independent adjudication panel, and an automated verification process. We also outline a forthcoming real-world pilot of CFD. We argue that CFD could significantly enhance public trust in AI systems. By balancing organizational and community interests, CFD aims to improve AI accountability in a rapidly evolving technological landscape.

翻译：当前人工智能（AI）领域的危害报告缺乏结构化流程来披露和处理算法缺陷，主要依赖临时性应对方式。这与软件安全领域成熟的协调漏洞披露（CVD）生态系统形成鲜明对比。尽管全球正在努力建立AI透明度和协作框架，但机器学习（ML）模型带来的独特挑战需要专门化的应对方案。为填补这一空白，我们提出实施针对ML与AI问题复杂性设计的协调缺陷披露（CFD）框架。本文系统回顾了从临时报告到新兴参与式审计方法的ML披露实践演变历程，并将其与网络安全规范进行比较。本框架引入了扩展模型卡片、动态范围扩展、独立仲裁委员会及自动化验证流程等创新机制。同时，我们概述了即将开展的CFD现实场景试点计划。我们认为CFD能显著增强公众对AI系统的信任。通过平衡组织与社区利益，CFD致力于在快速演进的技术环境中提升人工智能的责任担当。