Experts Warn AI Regulations Fall Behind Rapid Technical Evolution
Why It Matters
The shift from model-centric to system-centric AI development renders many current and proposed legal frameworks ineffective for managing real-world risks. This gap could lead to both stifled innovation through over-regulation and failure to prevent actual harms.
Key Points
- Most AI gains now come from post-training and inference scaling, meaning frontier capabilities are no longer restricted to just the major labs.
- Safety mitigations like filters and oversight mechanisms are typically applied to the software scaffold rather than the model weights themselves.
- Horizontal, entity-based regulation like the EU AI Act may be ineffective for specific threats like cybersecurity or fraud that require domain expertise.
- Regulators should prioritize outcomes-based rules and verify if existing negligence laws are truly insufficient before passing new legislation.
- Transparency and model weight security remain valid focus areas at the base model level, even if broad risk mitigation should happen elsewhere.
Tech policy analyst Seb Krier has highlighted a growing disconnect between current AI legislative efforts and the reality of how AI systems are deployed. Krier argues that many draft laws are obsolete because they focus on base model capabilities rather than the 'scaffolding'—post-training, tool-use, and inference compute scaling—where most modern innovation and risk mitigation occur. Because safety features like filters and classifiers are often applied at the software level rather than baked into the models, requirements targeting model weights fail to address the actual threat vectors for cybersecurity or fraud. The analysis suggests that the industry requires a move toward outcomes-based, sector-specific regulation rather than the horizontal, entity-based approaches favored by the European Union. Furthermore, the critique emphasizes that the burden of proof should remain on regulators to demonstrate that existing negligence laws are insufficient before introducing new, broad interventions.
Think of an AI model like a car engine; current laws try to make the engine safe, but modern AI safety is more like the seatbelts, brakes, and lane-assist features added later. Expert Seb Krier argues that because the most important 'safety gear' is added after the model is built, laws that only look at the model itself are missing the point. We are currently building laws for yesterday's technology, assuming big labs are the only ones who can make AI dangerous. In reality, how a model is used in a specific app matters more than the model itself. We need flexible rules that focus on the end result rather than one-size-fits-all bans on the tech.
Sides
Critics
Argues that current AI bills are technically obsolete and advocates for outcomes-based, sector-specific regulation over horizontal mandates.
Defenders
Proponent of the horizontal, entity-based regulatory approach via the AI Act, which Krier critiques as failing to account for decentralized risk.
Noise Level
Forecast
Legislative bodies will likely face increasing pressure to amend 'horizontal' bills in favor of sector-specific guidelines as technical implementation continues to decouple from model training. Expect a rise in 'regulatory sandboxes' where outcomes-based approaches are tested before broader deployment.
Based on current signals. Events may develop differently.
Timeline
Policy Analyst Critiques Legislative Lag
Seb Krier publishes a detailed critique of the current state of AI regulation, citing the disconnect between law and post-training innovations.
Join the Discussion
Discuss this story
Community comments coming in a future update
Be the first to share your perspective. Subscribe to comment.