Recent progress in large language models (LLMs) has led to their widespread adoption in various domains. However, these advancements have also introduced additional safety risks and raised concerns regarding their detrimental impact on already marginalized populations. Despite growing mitigation efforts to develop safety safeguards, such as supervised safety-oriented fine-tuning and leveraging safe reinforcement learning from human feedback, multiple concerns regarding the safety and ingrained biases in these models remain. Furthermore, previous work has demonstrated that models optimized for safety often display exaggerated safety behaviors, such as a tendency to refrain from responding to certain requests as a precautionary measure. As such, a clear trade-off between the helpfulness and safety of these models has been documented in the literature. In this paper, we further investigate the effectiveness of safety measures by evaluating models on already mitigated biases. Using the case of Llama 2 as an example, we illustrate how LLMs' safety responses can still encode harmful assumptions. To do so, we create a set of non-toxic prompts, which we then use to evaluate Llama models. Through our new taxonomy of LLMs responses to users, we observe that the safety/helpfulness trade-offs are more pronounced for certain demographic groups which can lead to quality-of-service harms for marginalized populations.

翻译：近年来，大型语言模型（LLMs）的进展促使其在各领域得到广泛应用。然而，这些进步也带来了额外的安全风险，并引发了对已边缘化群体可能遭受不利影响的担忧。尽管学界日益重视通过开发安全防护机制来缓解此类问题——例如采用基于安全导向的监督微调以及利用来自人类反馈的安全强化学习——但关于这些模型的安全性及其内在偏见的诸多担忧依然存在。此外，先前研究已证明，为安全而优化的模型常表现出过度谨慎的安全行为，例如倾向于以防万一而拒绝回应某些请求。因此，文献中已明确记载了这些模型在有用性与安全性之间存在的权衡关系。本文通过评估模型在已缓解偏见上的表现，进一步探究安全措施的有效性。以Llama 2为例，我们阐释了LLMs的安全响应如何仍可能隐含有害假设。为此，我们构建了一组非毒性提示词，并以此评估Llama系列模型。通过我们提出的LLMs对用户响应的新分类体系，我们观察到安全性与有用性之间的权衡在某些人口统计学群体中更为显著，这可能导致对边缘化群体的服务质量危害。