Module 5 · Expert Track25 min read · AI Safety and Alignment

Constitutional AI and RLAIF

Constitutional AI (CAI) is Anthropic's framework for training AI systems to be helpful, harmless, and honest in a more principled, transparent, and scalable way than pure RLHF permits. Introduced in the paper "Constitutional AI: Harmlessness from AI Feedback" (Bai et al., 2022), it represents a significant methodological advance: replacing the implicit, aggregated values encoded by human preference data with an explicit set of principles — a "constitution" — and using AI to apply those principles at scale. Understanding CAI is essential both for understanding how Claude works and for understanding the frontier of alignment research.

The motivation: limits of pure RLHF

To understand why Constitutional AI was developed, it helps to be precise about which limitations of RLHF motivated it. Module 4 identified several. The ones most directly addressed by CAI are:

  • Opacity of values: RLHF encodes values implicitly through the preferences of human labelers. What the model has actually learned to value is difficult to inspect or audit. If the model has learned that labelers prefer agreeable responses regardless of truth, or that certain demographic groups are rated more favorably, these biases are hidden in the reward model weights rather than being explicitly stated.
  • Scalability constraints: RLHF for harmlessness requires exposing human labelers to harmful content — asking them to rate responses to adversarial, disturbing, or manipulative prompts — in order to train the reward model to recognize harmful outputs. This is ethically fraught, psychologically costly for labelers, and limits the volume of harmlessness training data that can be generated. It also creates bottlenecks when faster iteration on safety training is needed.
  • Inconsistency of principles: Without explicit principles, the harmlessness signal in RLHF comes from human raters who may disagree about what counts as harmful, may apply different standards across different topics, and whose judgments may shift over time. This produces a reward model that is inconsistent in difficult cases.

Constitutional AI addresses all three of these limitations by making the principles guiding the model's behavior explicit, inspectable, and articulable — and by enabling AI models themselves to apply those principles, reducing dependence on human labelers for the harmlessness dimension.

The two-step CAI training process

Constitutional AI consists of two distinct training phases, corresponding to the two major alignment axes: supervised learning for initial behavior shaping, and reinforcement learning for preference optimization. These are called SL-CAI and RL-CAI respectively.

Step 1: SL-CAI (Supervised Learning from AI Feedback)

The SL-CAI phase uses a pre-trained language model to critique and revise its own outputs in light of the constitutional principles. The process works as follows:

First, the model is prompted with a "red-team" style prompt — a request that might elicit a harmful response. The model generates an initial response. Then, in a separate prompt, the model is shown its response and a constitutional principle, and asked to identify how the response violates the principle and write a revised response that does not. This critique-and-revision process can be iterated multiple times with different constitutional principles.

The result is a dataset of (original prompt, revised response) pairs where the revised responses are both responsive to the prompt and compliant with the constitutional principles. A supervised fine-tuning step trains the base model on this dataset, producing a model (SL-CAI) that has internalized the constitutional principles in its behavior.

This process is remarkable because it uses AI to generate the training data for safety fine-tuning, at scale, without requiring human labelers to be exposed to harmful content. The model is both the generator of potentially harmful outputs and the critic that identifies and corrects them — a kind of self-supervised safety training.

Step 2: RL-CAI (Reinforcement Learning from AI Feedback)

The RL-CAI phase replaces the human preference model in RLHF with an AI preference model — the key innovation in Reinforcement Learning from AI Feedback (RLAIF). The process mirrors RLHF's reward model training, with a crucial substitution: instead of human labelers rating pairs of responses, a feedback model (a more capable language model) rates pairs of responses in light of the constitutional principles.

The feedback model is prompted with a pair of responses to a given prompt, a selection of constitutional principles, and asked to identify which response better conforms to those principles. These AI-generated pairwise preferences are used to train a preference model (the AI equivalent of the RLHF reward model). The SL-CAI model is then fine-tuned using PPO against this AI preference model, producing the final RL-CAI model.

The resulting model is one that has been trained to satisfy the constitutional principles as evaluated by an AI judge — a process that is more scalable, more consistent, and more transparent about the values being optimized than pure RLHF.

Why This Is Significant

The RL-CAI step introduces a genuinely novel element: AI feedback replacing human feedback for safety training. This matters for two reasons. First, scalability: the AI feedback model can generate preference data at far higher volume and lower cost than human labelers. Second, explainability: the AI feedback model is prompted with explicit constitutional principles, meaning its preferences are grounded in articulable reasons rather than the implicit values of human raters. When the feedback model prefers response A over response B, it is — at least in principle — because response A better satisfies a stated principle. This traceability is a significant improvement over the opacity of human preference aggregation.

The constitution: principles and their content

The "constitution" in Constitutional AI is a set of principles that guide both the SL-CAI critique-and-revision process and the RL-CAI preference evaluation. Anthropic has published the specific principles used in their CAI training, making the value choices made during training inspectable to a degree unprecedented in commercial AI development.

The principles in Anthropic's constitution draw from multiple sources and traditions:

Harmlessness principles
Principles derived from UN documents on human rights, Anthropic's own policies, and harm-minimization reasoning. These include principles like "choose the response that is least likely to contain harmful or unethical content" and "choose the response that a thoughtful, senior Anthropic employee would consider optimal given the context." The harmlessness dimension covers content that could cause physical harm, enable illegal activity, target vulnerable groups, or enable discrimination.
Honesty principles
Principles requiring truthful, calibrated responses: avoiding false assertions, expressing appropriate uncertainty, not creating false impressions through technically true but misleading statements. Honesty in CAI covers non-deception, non-manipulation, and autonomy-preservation — not using rhetoric techniques that exploit cognitive biases to convince users of things.
Helpfulness principles
Principles against excessive caution or paternalism: the model should be genuinely helpful rather than hedging every response into uselessness. CAI explicitly addresses the risk that safety training will produce models that refuse too much or add unnecessary caveats — the "assistant-brained" failure mode where unhelpfulness is mistaken for safety.
Autonomy and non-paternalism
Principles respecting user autonomy: the model should provide information that allows users to make their own decisions rather than withholding it paternalistically. This is in tension with harmlessness principles in some cases, and the constitution explicitly addresses how to navigate these tensions.

The explicit nature of these principles is a significant departure from how values have traditionally been encoded in AI systems. Rather than encoding values implicitly through training data selection and labeler guidelines that the model internalizes opaquely, CAI makes the value choices explicit and inspectable. Anthropic's publication of their constitution allows external researchers and policy analysts to examine and critique the value choices made — a form of transparency that enables more substantive public discourse about what AI systems are being trained to do.

RLAIF vs. RLHF: tradeoffs

Replacing human feedback with AI feedback in the reinforcement learning phase introduces genuine tradeoffs that the field is actively studying.

Advantages of RLAIF

AI feedback can be generated at essentially unlimited scale. Where RLHF is bottlenecked by the availability of human labelers (and the ethical constraints on what those labelers can be asked to rate), RLAIF can generate preference data at the rate the underlying compute allows. This enables much denser coverage of the safety-relevant input space.

AI feedback is more consistent than human feedback on a per-principle basis. When the feedback model is prompted with a specific principle and asked which of two responses better satisfies it, it applies that principle more consistently than human labelers who may vary in their interpretation and in how they weight competing considerations.

AI feedback is not psychologically costly. Human labelers exposed to adversarial and disturbing content suffer real psychological harm. AI feedback models have no such vulnerability, enabling safety training on content that would be ethically unacceptable to ask human labelers to rate at scale.

Limitations of RLAIF

The feedback model itself has been trained by humans and may have absorbed biases, errors, and limitations from that training. RLAIF moves the bias problem one level up the stack: instead of human labelers' biases encoding directly into the reward model, the feedback model's biases (which derive from its own training) shape the AI-generated preferences. This is not necessarily worse than human labeler bias, but it is not bias-free.

The feedback model may be better at detecting certain types of principle violations than others. Abstract principles like "respect human autonomy" or "avoid subtle manipulation" may be harder for a feedback model to apply consistently than concrete prohibitions. The quality of RLAIF thus depends heavily on how the principles are articulated and how well the feedback model understands them.

There is also a concern about circularity: the model being aligned and the feedback model producing the alignment signal are both language models that may share failure modes. If both have learned to confabulate confidently, RLAIF may perpetuate rather than correct this failure mode.

RLAIF and Value Lock-In

One subtle concern about RLAIF is the risk of value lock-in. If a current-generation AI model is used to generate the feedback signal for training future models, the values of the current generation — including their biases and errors — are propagated forward. RLHF with diverse human labelers at least draws on the breadth of human moral intuitions. RLAIF may reduce this breadth to whatever the feedback model has learned. The constitutional principles provide some check on this — they can be updated independently of the feedback model — but the interaction between explicit principles and the feedback model's implicit values is complex and not fully understood.

Direct Preference Optimization (DPO)

The alignment research landscape includes an important alternative to both RLHF and RLAIF that has gained significant traction: Direct Preference Optimization (DPO), introduced by Rafailov et al. (2023).

DPO is motivated by a mathematical insight: the RLHF training pipeline — train a reward model on preference data, then train the policy against the reward model via PPO — can be reformulated as a single supervised learning step directly on the preference data. DPO eliminates the reward model entirely and optimizes the policy directly against the preference pairs, using a closed-form relationship between the optimal policy and the reward function.

The practical advantages of DPO are significant:

  • No separate reward model needs to be trained and maintained
  • No PPO optimization loop, which eliminates the KL penalty tuning and training instability associated with on-policy RL
  • Substantially lower computational cost than PPO-based RLHF — typically 2-4x cheaper per training run
  • Simpler implementation, easier to reproduce and iterate on

DPO has been widely adopted in the research community and in open-source model training. Llama 2's chat fine-tuning, many open-source RLHF alternatives, and subsequent work in alignment have used DPO or DPO-adjacent methods. However, there are also documented limitations: DPO can be sensitive to the quality and composition of the preference dataset, and some researchers have found it less effective than PPO for certain types of behavioral optimization, particularly those requiring strong policy exploration.

The spectrum of alignment approaches

Module 4 and this module together span a significant portion of the current alignment technique landscape. It is worth positioning these approaches explicitly relative to each other to develop a coherent picture of the field.

Supervised Fine-Tuning (SFT) alone
The simplest approach: fine-tune on human demonstrations of desired behavior. Effective for style and format alignment; limited for safety-critical behavior because it can only encode behaviors explicitly demonstrated in training data.
RLHF (PPO-based)
The current production standard. Powerful for aligning to human preferences; limited by scalable oversight problem, labeler cost and bias, and reward hacking. Used by OpenAI (GPT-4), Meta (Llama 2), and many others.
DPO and variants
Simpler, cheaper alternative to PPO-RLHF. Same preference data requirements; eliminates the reward model and RL training loop. Increasingly popular for open-source and research model training.
Constitutional AI / RLAIF
Supplements or replaces human feedback with AI feedback guided by explicit principles. More scalable and more transparent about value choices; introduces new concerns about feedback model bias and value lock-in. Anthropic's primary approach for Claude.
Process-based supervision
An emerging approach (developed primarily by Anthropic and OpenAI) that trains reward models to evaluate the quality of reasoning processes rather than only final outcomes. More robust to reward hacking on complex tasks; requires more expensive annotation of reasoning steps.
Scalable oversight methods
Research-stage approaches including debate (multiple AIs argue, human judges), amplification (AI-assisted human feedback), and iterated distillation. Designed specifically for the regime where AI capabilities exceed human ability to directly evaluate outputs. Not yet deployed at production scale.

These approaches are not mutually exclusive. Production alignment pipelines typically combine elements of several: SFT for initial behavior shaping, some form of preference optimization (RLHF, DPO, or RLAIF) for refinement, constitutional principles to guide what preferences are being optimized, and red-teaming and safety evaluations throughout. The goal of the alignment research agenda is not to find a single correct technique but to build a comprehensive set of complementary tools.

What CAI achieved: empirical results

The original CAI paper reported empirical comparisons between RLHF-trained models and CAI-trained models. Key findings:

CAI-trained models showed substantially reduced harmful behavior on adversarial prompts compared to RLHF-only models, with the improvement most pronounced on prompts designed to elicit subtle harms rather than obvious ones. The structured critique-and-revision process in SL-CAI was particularly effective at catching nuanced violations that human labelers frequently missed.

On helpfulness evaluations, CAI models showed less degradation than expected — the concern that safety training would make models excessively cautious was partially borne out (models did refuse more), but the CAI models also showed higher quality responses on the requests they did fulfill. The explicit constitutional principle against excessive paternalism appears to have partially counteracted the over-refusal tendency.

RLAIF-trained models were preferred by human evaluators at comparable rates to RLHF models on both helpfulness and harmlessness dimensions, providing direct empirical support for the claim that AI feedback can substitute effectively for human feedback in the harmlessness dimension.

Transparency as a Safety Property

One of the underappreciated contributions of Constitutional AI is its transparency. By publishing both the CAI methodology and the specific constitutional principles used, Anthropic enables external researchers to critique, replicate, and build on their approach in ways that pure RLHF — where the values are embedded in unlabeled preference data — does not permit. This transparency is itself a safety property: it allows the research community, policymakers, and the public to examine what values are being encoded into AI systems and to hold developers accountable for those choices. The field would benefit significantly if this standard of transparency were adopted more broadly.

Open questions

Constitutional AI and RLAIF are active research areas with significant open questions. How do constitutional principles interact with the implicit values already encoded in the base model from pre-training? Can AI feedback achieve reliable quality for the most subtle and context-dependent safety judgments? How should principles be updated as social norms and scientific understanding evolve, and who should have the authority to update them? These questions are not merely technical — they involve institutional design, political philosophy, and fundamental questions about the governance of powerful AI systems that will be addressed in Module 8.