AI Incident Tracker Harm Taxonomy

Summary

MIT's AI Incident Tracker Harm Taxonomy represents the most systematic effort to date for cataloging and categorizing real-world AI failures. Unlike theoretical risk frameworks, this dataset captures actual incidents that have already occurred, organizing them through a multi-dimensional lens that examines harm levels, threat characteristics (novelty, autonomy, imminence), and national security implications. The resource provides both a searchable incident database and a structured taxonomy that enables pattern recognition across time, geography, and AI application domains.

What makes this different

While most AI risk taxonomies focus on hypothetical scenarios or high-level categories, MIT's approach grounds risk assessment in documented reality. The taxonomy goes beyond simple harm categorization by introducing temporal analysis—tracking how incident patterns evolve over time—and incorporating national security impact assessments for each documented case. The three-dimensional threat characterization (novelty, autonomy, imminence) provides a nuanced framework that distinguishes between different types of AI risks, from novel but predictable failures to autonomous systems causing immediate harm.

The anatomy of the taxonomy

The classification system operates across multiple layers:

Harm Levels: Incidents are categorized by severity and scope of impact, from individual privacy violations to systemic societal harms.

Threat Characteristics: Each incident receives scores across three dimensions:

• Novelty: How unprecedented or surprising was this type of failure?
• Autonomy: To what degree did the AI system operate independently when the incident occurred?
• Imminence: How quickly did the harm manifest after deployment?

National Security Assessment: Every incident includes evaluation of potential implications for national security, infrastructure, or governance systems.

Temporal Tracking: The database maintains chronological records enabling analysis of how AI incident patterns change over time, revealing emerging threat vectors and evolving risk landscapes.

Who this resource is for

AI safety researchers will find the empirical foundation invaluable for validating theoretical risk models against real-world data. Policy makers and regulators can use the taxonomy to understand which types of AI harms are actually materializing and at what frequency. Risk management professionals in organizations deploying AI systems can benchmark their risk assessments against documented incident patterns. Insurance companies and auditors will find the categorization system useful for developing AI-specific risk evaluation methodologies. Academic researchers studying AI governance can leverage the dataset for longitudinal studies of AI safety trends.

Putting the taxonomy to work

Start by exploring incidents within your specific domain or use case to understand historical failure patterns. Use the three-dimensional threat scoring to calibrate your own risk assessment processes—incidents scoring high on autonomy and imminence deserve different mitigation strategies than those scoring high on novelty alone. The national security assessments can inform enterprise risk discussions, particularly for organizations in critical infrastructure sectors.

For policy applications, the temporal analysis features enable evidence-based discussions about regulatory priorities. Instead of debating theoretical AI risks, stakeholders can examine which harms are actually increasing in frequency or severity over time.

Limitations to keep in mind

The taxonomy captures only incidents that have been publicly reported and documented, creating potential bias toward high-profile failures while missing routine or unreported harms. The national security impact assessments reflect analysis at the time of documentation and may not account for evolving geopolitical contexts. Additionally, the three-dimensional threat scoring system, while systematic, involves subjective judgments that may not translate perfectly across different organizational contexts or regulatory frameworks.

The dataset's focus on documented incidents also means it cannot predict entirely novel categories of AI harm that haven't yet occurred, limiting its utility for forward-looking risk planning in rapidly evolving AI capabilities.