This page is still being polished. If you have thoughts, please share them via the feedback form.
Data on this page is preliminary and may change. Please do not share or cite these figures publicly.
Laws, mandates, and enforcement mechanisms requiring state authority to create or enforce.
Also in Ecosystem
As new technologies advance, they require legal and regulatory compliance frameworks to ensure ethical use, privacy, and security.
Reasoning
Establishes legal and regulatory compliance frameworks requiring state authority and enforcement mechanisms.
Domestic regulation
Nations need to establish clear ethical guidelines and standards to govern the development and use of AI. These guidelines should address various concerns, including privacy, transparency, bias, and accountability.
3.1.1 Legislation & PolicyInternational regulation
Establishing global standards for AI, like the Paris Agreement for climate change, is the next step in ensuring AI is safe and ethical use. These standards should address issues such as the AI arms race, autonomous weapons, and global surveillance systems.
3.1.3 International AgreementsEnsuring compliance in AI and ML systems
Creating AI governance committees and conducting regular system audits can help ensure accuracy, mitigate bias, and guarantee ethical alignment. Organisations must also comply with data privacy laws when implementing AI/ML systems. Regular assessments should be conducted to reduce potential risks associated with AI/ML systems, and plans should be implemented to address any potential risks
2.2 Risk & AssuranceAI supply chain security and risk propagation
To manage these risks, regulatory frameworks must incorporate AI security standards that enforce stringent vetting of AI models, continuous adversarial robustness assessments, and secure model distribution policies. AI security capacity-building efforts should prioritise defensive mechanisms such as adversarial training, differential privacy, homomorphic encryption, and federated trust frameworks to prevent risk propagation across AI-driven supply chains.
3.1.1 Legislation & PolicyGDPR compliance in AI
The GDPR (2018) is a crucial piece of legislation in the European Union and the United Kingdom (ICO, 2018) that focuses on data protection and privacy.
3.1.1 Legislation & PolicyHomomorphic encryption in governance
Homomorphic Encryption (HE) is a method which allows calculations to be carried out on encrypted data (Nita and Mihailescu, 2023), producing an encrypted output that mirrors the result of operations performed on the original unencrypted data. This feature of HE makes it an incredibly valuable tool for conducting privacy preserving computations in regulatory compliance.
1.2.4 Security InfrastructureHomomorphic encryption in governance > AI cryptography and National Security Risks
AI governance must therefore balance the benefits of cryptographic security with the risks of unchecked anonymity. One potential solution is the implementation of multi-tiered encryption policies, where regulatory bodies retain conditional oversight over AI systems handling sensitive national security data. Additionally, international cooperation is required to establish ethical AI cryptographic norms that prevent adversarial exploitation while safeguarding individual privacy rights. National security-driven AI regulations should integrate threat intelligence mechanisms that proactively monitor AI-driven cyber risks while ensuring that encryption standards do not enable undetectable AI misuse.
3.1.1 Legislation & PolicyHomomorphic encryption in governance > Partially Homomorphic Encryption
Partially Homomorphic Encryption (PHE) supports a single type of operation, such as only addition or multiplication, on encrypted data.
1.2.4 Security InfrastructureFrontier AI regulation: what form should it take?
Radanliev, Petar (2025)
Frontier AI systems, including large-scale machine learning models and autonomous decision-making technologies, are deployed across critical sectors such as finance, healthcare, and national security. These present new cyber-risks, including adversarial exploitation, data integrity threats, and legal ambiguities in accountability. The absence of a unified regulatory framework has led to inconsistencies in oversight, creating vulnerabilities that can be exploited at scale. By integrating perspectives from cybersecurity, legal studies, and computational risk assessment, this research evaluates regulatory strategies for addressing AI-specific threats, such as model inversion attacks, data poisoning, and adversarial manipulations that undermine system reliability. The methodology involves a comparative analysis of domestic and international AI policies, assessing their effectiveness in managing emerging threats. Additionally, the study explores the role of cryptographic techniques, such as homomorphic encryption and zero-knowledge proofs, in enhancing compliance, protecting sensitive data, and ensuring algorithmic accountability. Findings indicate that current regulatory efforts are fragmented and reactive, lacking the necessary provisions to address the evolving risks associated with frontier AI. The study advocates for a structured regulatory framework that integrates security-first governance models, proactive compliance mechanisms, and coordinated global oversight to mitigate AI-driven threats. The investigation considers that we do not live in a world where most countries seem to be wishing to follow European Union ideals, and in the wake of this particular trend, this research presents a regulatory blueprint that balances technological advancement with decentralised security enforcement. Copyright © 2025 Radanliev.
Other (outside lifecycle)
Outside the standard AI system lifecycle
Governance Actor
Regulator, standards body, or oversight entity shaping AI policy
Govern
Policies, processes, and accountability structures for AI risk management
