ASEAN Guide on AI Governance and Ethics
ASEAN-AI-GUIDE-2024 · ASEAN
Non-binding voluntary guide for 10 ASEAN member states (Indonesia, Malaysia, Philippines, Singapore, Thailand, Vietnam, Myanmar, Cambodia, Laos, Brunei). Adopts a cross-cutting risk + values framework intentionally distinct from the EU AIA's prescriptive model — emphasises 'pragmatic + flexible' implementation reflecting member-state capacity diversity. Pairs with Singapore AI Verify Foundation's technical toolkit. Currency (2026-06-21): supplemented on 17 Jan 2025 by the non-binding Expanded ASEAN Guide on AI Governance and Ethics (Generative AI), and complemented by the ASEAN Responsible AI Roadmap (2025-2030) adopted 5 Mar 2025; the original 2024 Guide remains in force.
Background & scope
ASEAN Guide on AI Governance and Ethics addresses 2 contested AI-governance topics explicitly, 4 via general principles.
Provisions & coverage
- implicitFoundation Models / GPAIGuide §6 covers GenAI but with flexible implementation expectations[13]
- governsTransparency ObligationsASEAN Guide §4 (transparency + explainability principle)[13]
- implicitTechnological SovereigntyGuide framing emphasises ASEAN-bloc capacity-building over external dependency[13]
- implicitDevelopment-Rights FramingsGuide centres 'pragmatic + flexible' implementation reflecting member-state development trajectories[13]
- governsInternational CoordinationGuide explicitly designed to harmonise across ASEAN-10 member states + interoperate with OECD AI Principles + G7 Hiroshima[13]
- implicitEnvironmental Impact of AI TrainingGuide references sustainable AI principles; not operationalised[13]
What the Guide Commits Member States To
Adopted by the ASEAN Digital Ministers Meeting on 2 February 2024, the Guide is a non-binding instrument for all ten member states. It articulates seven cross-cutting principles — transparency and explainability, fairness and equity, security and safety, robustness and reliability, human-centricity, privacy and data governance, and accountability and integrity — rather than enforceable duties, framed for 'pragmatic and flexible' uptake reflecting member-state capacity diversity, the voluntary coordination Roberts, Hine, Taddeo and Floridi place at the centre of a deficient governance field 1. Its transparency principle asks deployers to disclose AI use and offer explanation, but sets no audit, registration or penalty machinery. The 17 January 2025 Expanded Guide adds a generative-AI chapter, and the Responsible AI Roadmap (2025-2030) supplies capacity-building — though such 'capacity development' framings can open Global South markets to external providers 2. The 2024 Guide remains in force; the later texts complement rather than supersede it, leaving a layered but uniformly voluntary edifice.
Standing Relative to Binding Regimes
The Guide occupies the opposite pole from the EU AI Act, Regulation (EU) 2024/1689, whose risk-tiered prohibitions and GPAI duties (Art. 50, 53) carry fines; ASEAN's text imposes none. It also contrasts with the Council of Europe's binding Framework Convention, CETS No. 225, which subjects signatories to legality, proportionality and accountability commitments 3. The Guide instead positions itself as interoperable soft law, explicitly aligned with OECD AI Principles and pursuing cross-jurisdiction interoperability across ASEAN-10. Roberts, Taddeo and Floridi argue such initiatives should be judged partly on whether they enable Global South participation in standard-setting 4 — a benchmark the Guide's flexibility serves but its lack of obligation strains. Robinson's case for an IAEA-style international agency 5 underscores how far voluntary regional guidance sits from enforceable global oversight.
Critiques and Operational Gaps
The Guide's flexibility is its central fault line: without thresholds or compliance machinery, transparency and explainability remain aspirational, and its generative-AI coverage — added only in the 2025 Expanded Guide — carries 'flexible implementation expectations'. Definitional drift compounds this: EU policymakers themselves struggled to stabilise terms like foundation model and general-purpose AI 6, and ASEAN's softer vocabulary inherits that instability without a legal text to anchor it. Substantive lacunae are stark on data protection, where generative models that memorise and leak training data resist anonymisation 7, and on environmental impact: the Guide gestures at sustainable AI but never operationalises it, despite evidence that training-scale water and energy footprints demand reporting 89. The result is a values vocabulary outrunning its instruments.
Adoption Trajectory and Sovereignty Stakes
Trajectory points toward institutional thickening without hardening: the 2025 Expanded Guide and the Responsible AI Roadmap (2025-2030) extend scope and add capacity-building, yet preserve the voluntary character throughout. The Guide pairs with Singapore's AI Verify Foundation toolkit, suggesting future uptake may flow through testing infrastructure rather than mandate (ASEAN 2024). Its implicit sovereignty framing — privileging ASEAN-bloc capacity over external dependency — resonates with warnings that AI infrastructure is fragmenting into techno-blocs via selective state-firm alliances 10, and with cautions that sovereignty initiatives can be quietly recaptured by dominant cloud providers 11. Because LLMs encode their creators' ideologies 12, the durability of ASEAN's home-grown ambitions will hinge on whether voluntary coordination matures into shared capability.
Enforcement & impact
Cross-jurisdiction comparison
How peer instruments treat the topics ASEAN Guide on AI Governance and Ethics governs.
| Topic | EU-AIA-2024 | US-EO-14110 | US-EO-14179 | UK-WHITEPAPER-2023 | CN-GENAI-2023 | G7-HIROSHIMA | OECD-AI-PRIN | COE-AI-CONV | UN-RES-2024 | NIST-AI-RMF | BLETCHLEY-2023 | SEOUL-2024 | NIST-AI-RMF-GENAI | CA-SB-1047 | IN-DPDP-2023 | BR-AIBILL-2024 | AU-AI-STRATEGY-2024 | ANTHROPIC-RSP-2024° | OPENAI-PREPAREDNESS-2023° | DEEPMIND-FSF-2024° | META-FRONTIER-2024° | UK-US-AISI-MOU-2024 | WH-VOLUNTARY-2023 | SG-MODEL-AI-2024 | JP-METI-AI-2024 | EU-GDPR-2016 | EU-GPAI-COP-2025 | OMB-M-24-10 | GSA-AI-GUIDE-2024 | DOD-RAI-2022 | FEDRAMP-AI-2024 | DFARS-252-204 | CA-SB-53 | CA-SB-243 | CA-SB-942 | EU-PLD-2024 | UNESCO-AI-ETHICS-2021 | EU-PWD-2024 | CN-DEEPSYN-2022 | NY-RAISE-2025 | US-TAKEITDOWN-2025 | IT-AILAW-2025 | JP-AIPROMO-2025 | UN-GDC-2024 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Transparency Obligations | governs | implicit | silent | implicit | conflicts | governs | governs | governs | implicit | governs | implicit | governs | governs | implicit | implicit | governs | silent | governs | implicit | implicit | governs | implicit | governs | governs | governs | governs | governs | governs | governs | governs | governs | silent | governs | governs | governs | implicit | governs | governs | governs | governs | silent | governs | governs | governs |
| International Coordination | silent | silent | silent | silent | silent | silent | silent | silent | silent | silent | governs | governs | silent | silent | silent | silent | governs | implicit | implicit | implicit | implicit | governs | implicit | governs | governs | silent | silent | silent | silent | silent | silent | silent | silent | silent | silent | silent | governs | silent | silent | silent | silent | implicit | governs | governs |
°= industry self-imposed voluntary framework. Comparing a voluntary code's "governs" tint with a binding regulation's "governs" tint flattens the legal-force distinction; use the instrument-page banner for the operative status of each.
See also
Per-audience views
- Provisions →Article-by-article obligation breakdown for procurement + RFP authors.
- Disclosure form →Vendor-disclosure questionnaire derived from this instrument's operative obligations.
- Harm narratives →Documented harms relevant to this instrument's topics, for civil-society advocacy.
- Briefing pack →Journalist-ready summary with quotes + dates + primary-source links.
Article tools — track changes, suggest an edit
View history — every captured revision of this article · What links here
Further reading
108 academic & grey-literature sources on the topics this instrument addresses (not commentary on the instrument itself) — catalogued metadata with a primary link; one-line findings are ✦ AI-generated summaries, labeled as such (charter §7.9). Browse the full literature index.
- European ambitions captured by American clouds: digital sovereignty through Gaia-X? Peer-reviewed✦ AIShows Gaia-X paradoxically incorporates dominant US cloud providers, undermining the very European digital sovereignty it was meant to advance.
- A Framework for Evaluating Global AI Governance Initiatives Peer-reviewed✦ AIOffers a framework to evaluate global AI governance initiatives, recommending capacity-building so Global South states can meaningfully participate in standard-setting.
- Large language models reflect the ideology of their creators Peer-reviewed✦ AIEmpirically shows LLMs encode their creators' ideologies, supporting policy incentives for home-grown models reflecting local cultural views, especially in low-resource-language regions.
- AI, Climate, and Regulation: From Data Centers to the AI Act Peer-reviewed✦ AIAnalyses the legal levers (AI Act energy-reporting duties, Energy Efficiency Directive data-centre KPIs, sustainability reporting) for governing AI's climate footprint and their disclosure gaps.
- An interdisciplinary account of the terminological choices by EU policymakers ahead of the final agreement on the AI Act: AI system, general purpose AI system, foundation model, and generative AI Peer-reviewed✦ AITraces how the AI Act's legal text shifted across versions among the terms 'AI system, general purpose AI system, foundation model, and generative AI', exposing definitional instability in the regime.
- The EU model of AI governance: regulating artificial intelligence through law and policy Peer-reviewed✦ AIAnalyses how the AI Act's risk-based model handles general-purpose and foundation models whose 'autonomous content generation challenges legal categories of authorship, accountability, and control'.
- Generative AI and data protection Peer-reviewed✦ AIExamines friction between foundation-model training and the GDPR, noting models that 'memorize and leak pieces of training data' cannot be treated as anonymous.
- The establishment of an international AI agency: an applied solution to global AI governance Peer-reviewed✦ AIProposes a UN-backed International Artificial Intelligence Agency modelled on the IAEA, arguing 'only an IAIA can legitimately oversee a global AI governance framework involving all major powers.'
- Framework Convention on Artificial Intelligence and Human Rights, Democracy and the Rule of Law (Council Eur.) — with Introductory Note Peer-reviewed✦ AIReproduces and annotates the first legally binding international AI treaty, grounding cross-border AI governance in legality, proportionality, transparency, accountability and non-discrimination across the AI lifecycle.
- Digital Disintegration: Techno-Blocs and Strategic Sovereignty in the AI Era Peer-reviewed✦ AIArgues states increasingly assert 'strategic digital sovereignty...through selective alliances with firms and other governments,' fragmenting global AI infrastructure into techno-blocs rather than multilateral order.
- "We know what we are doing": the politics and trends in artificial intelligence policies in Africa Peer-reviewed✦ AIMaps the political drivers and trends of emerging African national AI policies, situating sovereignty and development framings against external dependency.
- Latin American critical data studies Peer-reviewed✦ AISurveys Latin American critical data studies, advancing concepts of statistical, epistemic and national sovereignty as decolonial framings for AI/data governance.
+ 96 more across this instrument's topics — see the literature index.
References
Sources cited inline in the analysis (linked from the superscript markers), then the primary instrument sources behind the classifications.
- Roberts, Hine, Taddeo & Floridi (2024) Global AI governance: barriers and pathways forward, International Affairs. 10.1093/ia/iiae073 — Diagnoses a global AI governance deficit and, weighing new centralized institutions against coordinating existing ones, recommends foregrounding the OECD as the centre for AI policy expertise. ↩
- Yoko Mochizuki, Eric Bruillard, Audrey Bryan (2025) The ethics of AI or techno-solutionism? UNESCO's policy guidance on AI in education, British Journal of Sociology of Education. 10.1080/01425692.2025.2502808 — Critiques UNESCO's AI-in-education guidance as techno-solutionism that can facilitate Big Tech access to Global South education under a 'capacity development' framing. ↩
- Council of Europe; Introductory Note by Marc Rotenberg (2025) Framework Convention on Artificial Intelligence and Human Rights, Democracy and the Rule of Law (Council Eur.) — with Introductory Note, International Legal Materials. 10.1017/ilm.2025.1 — Reproduces and annotates the first legally binding international AI treaty, grounding cross-border AI governance in legality, proportionality, transparency, accountability and non-discrimination across the AI lifecycle. ↩
- Huw Roberts, Mariarosaria Taddeo, Luciano Floridi (2026) A Framework for Evaluating Global AI Governance Initiatives, Global Policy. 10.1111/1758-5899.70164 — Offers a framework to evaluate global AI governance initiatives, recommending capacity-building so Global South states can meaningfully participate in standard-setting. ↩
- Mark Robinson (2025) The establishment of an international AI agency: an applied solution to global AI governance, International Affairs. 10.1093/ia/iiaf105 — Proposes a UN-backed International Artificial Intelligence Agency modelled on the IAEA, arguing 'only an IAIA can legitimately oversee a global AI governance framework involving all major powers.' ↩
- David Fernández-Llorca, Emilia Gómez, Ignacio Sánchez, Gabriele Mazzini (2025) An interdisciplinary account of the terminological choices by EU policymakers ahead of the final agreement on the AI Act: AI system, general purpose AI system, foundation model, and generative AI, Artificial Intelligence and Law. 10.1007/s10506-024-09412-y — Traces how the AI Act's legal text shifted across versions among the terms 'AI system, general purpose AI system, foundation model, and generative AI', exposing definitional instability in the regime. ↩
- Hannah Ruschemeier (2025) Generative AI and data protection, Cambridge Forum on AI: Law and Governance. 10.1017/cfl.2024.2 — Examines friction between foundation-model training and the GDPR, noting models that 'memorize and leak pieces of training data' cannot be treated as anonymous. ↩
- Pengfei Li, Jianyi Yang, Mohammad A. Islam, Shaolei Ren (2025) Making AI Less 'Thirsty': Uncovering and Addressing the Secret Water Footprint of AI Models, Communications of the ACM. 10.1145/3724499 — Estimates training GPT-3 in US data centres can evaporate ~5.4 million litres of water and projects 4.2-6.6 billion m3 of AI water withdrawal by 2027, arguing water use needs reporting and scheduling. ↩
- André Ebert, Joseph Alder, Ralf Herbrich, Philipp Hacker (2026) AI, Climate, and Regulation: From Data Centers to the AI Act, Computer Law & Security Review. 10.1016/j.clsr.2026.106326 — Analyses the legal levers (AI Act energy-reporting duties, Energy Efficiency Directive data-centre KPIs, sustainability reporting) for governing AI's climate footprint and their disclosure gaps. ↩
- Stephen Weymouth (2025) Digital Disintegration: Techno-Blocs and Strategic Sovereignty in the AI Era, International Organization. 10.1017/S0020818325101070 — Argues states increasingly assert 'strategic digital sovereignty...through selective alliances with firms and other governments,' fragmenting global AI infrastructure into techno-blocs rather than multilateral order. ↩
- Andreas Baur (2026) European ambitions captured by American clouds: digital sovereignty through Gaia-X?, Information, Communication & Society. 10.1080/1369118X.2025.2516545 — Shows Gaia-X paradoxically incorporates dominant US cloud providers, undermining the very European digital sovereignty it was meant to advance. ↩
- Maarten Buyl, Alexander Rogiers, Sander Noels, et al. (2026) Large language models reflect the ideology of their creators, npj Artificial Intelligence. 10.1038/s44387-025-00048-0 — Empirically shows LLMs encode their creators' ideologies, supporting policy incentives for home-grown models reflecting local cultural views, especially in low-resource-language regions. ↩
- ASEAN Digital Ministers Meeting (DGMIN), Feb 2024
- Guide §6 covers GenAI but with flexible implementation expectations
- ASEAN Guide §4 (transparency + explainability principle)
- Guide framing emphasises ASEAN-bloc capacity-building over external dependency
- Guide centres 'pragmatic + flexible' implementation reflecting member-state development trajectories
- Guide explicitly designed to harmonise across ASEAN-10 member states + interoperate with OECD AI Principles + G7 Hiroshima
- Guide references sustainable AI principles; not operationalised
How to cite this article
Cite this article 8 formats · BibTeX, RIS, APA, Chicago, … · 1-click copy
Persistent identifier: https://policywindow.org/wiki/asean-ai-guide — committed-stable URL with content-versioning via ?asOf= (rollout pending per methodology §7). DOIs via Zenodo are on the roadmap.
Does this instrument’s approach work? — the social-science evidence
Aggregated over the 6 topics this instrument governs: whether each harm is empirically real, and whether the peer-reviewed evidence shows governance reduces it. The badge is the epistemic status of the evidence— “thin”/“absent” efficacy evidence is itself a finding (the “second silence”). Each epistemic-status label is Policy Window's editorial assessment of the cited evidence base (a structured classification), not a verdict any single source issues.
Of the 6 governed topics with a social-science evidence review, evidence that governance reduces the harm is established for 0, contested for 0, thin for 0, and absent for 6 — for most, no replicated study yet shows this instrument's approach works (the "second silence").
Development-Rights Framings
Development-rights framing is a normative/doctrinal frame, so its empirical status splits: the underlying North-South asymmetry it responds to is real and documented, but the claim that a development-rights diagnosis is the correct one is contested doctrine, not a settled finding. The strongest empirical anchor is the exploitative-data-labour evidence — Miceli & Posada's (2022) multi-method qualitative study of Latin American annotation work (Foucauldian dispositif analysis of 210 instruction documents, 55 interviews, plus participant observation) found workers paid cents-per-task with strict surveillance and whose worldviews are subordinated to requesters' — which substantiates the extraction the frame names, building on the data-colonialism thesis (Couldry & Mejias 2019), and extended by comparative political-economy work on AI annotation 'data empires' (Wu, Muldoon & Xia 2025). Honest caveat: whether 'digital self-determination' or 'Global-South sovereignty' is the right operational response (and whether it conflicts with the EU AIA's rights-based design) is a conceptual/legal question with essentially no empirical evidence base — the frame is established as a critique, thin as a tested governance prescription.
Sources: Miceli & Posada 2022, 'The Data-Production Dispositif' (Proc. ACM Hum.-Comput. Interact. 6, CSCW2, Art. 460:1-37); Couldry & Mejias 2019, 'Data Colonialism' (Television & New Media 20(4):336-349); Wu, Muldoon & Xia 2025, 'Global data empires' (Big Data & Society 12(2))
There is no rigorous impact evaluation showing that development-rights / digital-self-determination / sovereignty governance achieves its stated developmental or self-determination aims — the evidence that the frame 'works' as policy is itself missing, largely because the frame is recent, heterogeneous, and rarely instantiated in a single measurable instrument. The closest empirical literature studies one common operational proxy (data localization) and measures economic cost rather than the frame's goals: Ferracane, Kren & van der Marel's (2020) firm/industry productivity analysis finds data-policy restrictiveness associated with lower TFP in data-intensive downstream sectors, Ferracane & van der Marel's (2021) gravity analysis finds data restrictions inhibit trade in digital services, and Bauer, Lee-Makiyama, van der Marel & Verschelde's (2014) GTAP general-equilibrium estimates project GDP losses from localization across seven jurisdictions including Brazil and India. None tests whether sovereignty framing reduces extractive asymmetry or advances local AI capability — so claims on both the benefit and cost sides rest on weak or indirect evidence.
Sources: Ferracane, Kren & van der Marel 2020, 'Do data policy restrictions impact the productivity performance of firms and industries?' (Review of International Economics 28(3):676-722); Ferracane & van der Marel 2021, 'Do data policy restrictions inhibit trade in services?' (Review of World Economics 157(4):727-776); Bauer, Lee-Makiyama, van der Marel & Verschelde 2014, 'The Costs of Data Localisation: Friendly Fire on Economic Recovery' (ECIPE Occasional Paper 3/2014)
Environmental Impact of AI Training
The resource demands of AI compute are empirically documented at the model level: Strubell et al. (2019) quantified large-NLP training energy/carbon, Luccioni et al. (2023) estimated BLOOM's training at ~24.7 tCO2eq (dynamic power) rising to ~50.5 tCO2eq with manufacturing and deployment, Li et al. (2023) estimated GPT-3-scale training in US datacenters can evaporate on the order of hundreds of thousands of litres of freshwater (their central figure ~700,000 L), and Luccioni, Jernite & Strubell (2024) showed generative inference is markedly more energy-intensive per query than task-specific models; at the macro scale the IEA (2024) and de Vries (2023) document rapidly rising datacenter electricity demand. Honest caveat: absolute estimates vary by up to orders of magnitude with grid carbon intensity, hardware, utilisation and accounting boundaries, and cleanly attributing the AI-specific increment (versus general datacenter and crypto growth) remains genuinely contested — the IEA itself bundles AI with datacenters and crypto — so the existence of the footprint is established while its magnitude and trajectory are not.
Sources: Strubell, Ganesh & McCallum 2019 (ACL Anthology P19-1355; 'Energy and Policy Considerations for Deep Learning in NLP'); Luccioni, Viguier & Ligozat 2023 (JMLR 24; BLOOM 176B carbon footprint, 24.7/50.5 tCO2eq; arXiv:2211.02001); Li, Yang, Islam & Ren 2023 (arXiv:2304.03271, 'Making AI Less Thirsty', later Comm. ACM 2025); Luccioni, Jernite & Strubell 2024 (ACM FAccT '24, 'Power Hungry Processing', DOI 10.1145/3630106.3658542); de Vries 2023 (Joule 7(10):2191-2194, DOI 10.1016/j.joule.2023.09.004); IEA 2024 (Electricity 2024)
There is no impact evaluation showing that any AI-specific environmental-governance instrument reduces energy, water or carbon use, because every named instrument is voluntary or non-binding and very recent: EU AI Act Art. 95 codes of conduct are explicitly optional with no sanctions, and NIST AI 600-1 and the G7 Hiroshima Code are guidance, not enforceable caps. The closest analogue evaluation literature is divided in a way that disfavours the voluntary form chosen here: rigorous reviews find voluntary environmental programs generally fail to produce significant abatement beyond business-as-usual (Koehler 2007; Morgenstern & Pizer 2007), whereas the one form with credible positive evidence is mandatory disclosure (Downar et al. 2021 found a UK carbon-reporting mandate cut emissions ~8% versus a control group) which the AI instruments do not yet impose, leaving the proposition that AI environmental governance works essentially untested.
Sources: EU AI Act Art. 95 / Recital 142 (Reg. (EU) 2024/1689); NIST AI 600-1 (2024, GenAI Profile); G7 Hiroshima Process International Code of Conduct (30 Oct 2023); Koehler 2007 (Policy Studies Journal 35(4):689-722); Morgenstern & Pizer (eds.) 2007 (Reality Check, RFF Press); Downar, Ernstberger, Reichelstein, Schwenen & Zaklan 2021 (Review of Accounting Studies 26(3):1137-1175)
Foundation Models / GPAI
Whether the foundation-model category maps to a coherent capability/risk tier is genuinely contested. The original case rests on scale-driven 'emergent abilities' that appear unpredictably above a size threshold (Wei et al. 2022; Ganguli et al. 2022 documented capabilities that are smoothly predictable in aggregate loss yet locally surprising), but Schaeffer, Miranda & Koyejo (2023, a NeurIPS Outstanding Paper) showed many 'emergent' jumps are artefacts of discontinuous metrics and dissolve under linear/continuous scoring — implying capability scales more smoothly than a sharp tier would suggest. Honest caveat: this is a live empirical disagreement about measurement, not a settled finding either way, and compute (the regulatory proxy) is an imperfect stand-in for capability or risk regardless of which side is right.
Sources: Wei et al. 2022 (Emergent Abilities of Large Language Models, TMLR; arXiv:2206.07682); Schaeffer, Miranda & Koyejo 2023 (Are Emergent Abilities of Large Language Models a Mirage?, NeurIPS 2023, Outstanding Paper; arXiv:2304.15004); Ganguli et al. 2022 (Predictability and Surprise in Large Generative Models, ACM FAccT; DOI 10.1145/3531146.3533229)
There is no impact evaluation showing that GPAI/foundation-model governance reduces harm — the rules are too new (EU AI Act GPAI obligations and the 10^25-FLOP systemic-risk presumption only began binding on 2 August 2025) and the central regulatory lever is itself contested: Hooker (2024) argues compute thresholds are a shortsighted proxy because compute does not reliably track capability or risk, and the thresholds already diverge across jurisdictions (EU 10^25 vs. the now-rescinded US EO 14110's 10^26 operations, rescinded 20 January 2025). The mandated mitigation methods also lack validated efficacy: model evaluation and red-teaming face well-documented coverage limits and an 'audit gap' in the survey/position literature (behavioural testing cannot establish the absence of untested failure modes), and adversarial red-teaming repeatedly defeats deployed safeguards — the UK AI Safety Institute reports finding universal jailbreaks for every frontier system it has tested, and a large public agent-injection competition elicited policy violations across all 22 frontier models tested from ~1.8M attacks (Zou et al. 2025). Even compliant evaluation therefore cannot yet certify the safety the rules demand. (Caveat: this is an absence-of-evidence claim — no efficacy study has been done — not evidence the rules are ineffective.)
Sources: Hooker 2024 (On the Limitations of Compute Thresholds as a Governance Strategy, arXiv:2407.05694); EU AI Act Arts. 51 & 55 (GPAI systemic-risk presumption, 10^25 FLOP; binding 2 Aug 2025); US EO 14110 (10^26-operation reporting threshold, rescinded 20 Jan 2025 by EO 14148); Zou et al. 2025 (Security Challenges in AI Agent Deployment: Insights from a Large Scale Public Competition / Gray Swan Arena, arXiv:2507.20526 — 22 frontier agents, ~1.8M attacks); UK AI Safety/Security Institute, Frontier AI Trends Report (universal jailbreaks for every system tested); METR, Common Elements of Frontier AI Safety Policies (2024)
International Coordination
The DESCRIPTIVE premise is well-established: IR scholarship now treats global AI governance as a fragmented 'regime complex' of partially overlapping G7/G20/OECD/GPAI/UN/standards-body arrangements with no central hierarchy (Tallberg et al. 2023 — verified verbatim: 'the emerging governance architecture for AI can be described as a regime complex'; Cihon, Maas & Kemp 2020). But the implied HARM — that forum-shopping and regulatory arbitrage cause a measurable race-to-the-bottom or relocate AI development to lax jurisdictions — is largely theorized/anticipated rather than empirically demonstrated for AI; Tallberg et al. explicitly flag forum-shopping as a dynamic whose presence in the AI regime complex is an open empirical question ('Establishing whether these patterns and dynamics are key features also of the AI regime complex stand out as important priorities in future research'). Honest caveat: the strongest empirical arbitrage evidence comes from analogue footloose digital markets (e.g., ICO reallocation after US securities enforcement) — itself a mixed/contested literature — not from AI firms, so the magnitude of coordination-failure harm in AI specifically remains contested and under-measured.
Sources: Tallberg, Erman, Furendal, Geith, Klamberg & Lundgren 2023 (International Studies Review 25(3): viad040); Cihon, Maas & Kemp 2020 (Should AI Governance be Centralised?, AIES '20: 228-234); Lancieri, Edelson & Bechtold 2025 (AI Regulation: Competition, Arbitrage & Regulatory Capture, Theoretical Inquiries in Law 26(1): 239-262)
There are essentially no impact evaluations showing that the negotiated-coordination mode (AI Safety Institute network MoUs, forum-shifting, multilateral declarations) actually produces regulatory convergence or reduces arbitrage — the AISI Network began only as a statement of intent at the Seoul Summit (Seoul Statement of Intent, 21 May 2024) and held its first operational meeting in November 2024, with no defined metrics or outcome studies, so these soft-law instruments are too new to have measurable effects. The closest analogue evidence is mixed and works through DIFFERENT mechanisms than this topic describes: Bradford's Brussels Effect documents de-facto convergence driven by market access rather than negotiated coordination, and the FATF transgovernmental-network literature shows peer-review mutual evaluation can drive AML convergence — but neither evaluates voluntary AI MoU networks, and FATF's effects come with well-documented unintended consequences (de-risking, financial exclusion). The plain finding: the evidence that AI-governance coordination 'works' is itself missing.
Sources: Bradford 2020 (The Brussels Effect: How the European Union Rules the World, Oxford University Press); Nance 2018 (The regime that FATF built: an introduction to the Financial Action Task Force, Crime, Law and Social Change 69(2): 109-129; cf. Slaughter 2004, A New World Order, Princeton University Press); International Network of AI Safety Institutes — Seoul Statement of Intent toward International Cooperation on AI Safety Science (21 May 2024; network's first meeting San Francisco, Nov 2024)
Technological Sovereignty
The structural fact that compute capacity is geographically concentrated is well-measured: Lehdonvirta, Wú & Hawkins find only ~33 countries host facilities with AI-accelerator hardware and roughly 24 have the capacity to train full-scale foundation models, the Stanford AI Index 2026 reports low-income countries collectively hold ~0.1% of global data-centre compute (the US hosting >10x any other nation), and Cottier et al. document amortized frontier-training cost rising 2.4x/year (95% CI 2.0-3.1x) toward $1B+ models by 2027. But this is a political-economy FRAME, not a documented harm, and the core contested claim of the topic, that the cost curve locks mid-sized economies OUT of capability, is empirically cut both ways: a feasibility study of Brazil and Mexico (Malagon et al. 2025) estimates usable (non-frontier) 10-trillion-token sovereign models are fiscally viable at roughly $8-14M on H100 hardware, and DeepSeek-style efficiency gains (V3 trained for ~$5.5M, ~11x less compute than Llama 3 405B) show frontier-adjacent performance at a fraction of prior compute, so whether domestic frontier-tier capability is foreclosed for middle powers remains genuinely unsettled.
Sources: Lehdonvirta, Wú & Hawkins 2024 (Compute North vs. Compute South, Proceedings of the 2024 AAAI/ACM Conference on AI, Ethics & Society 7:828-838); Cottier, Rahman, Fattorini, Maslej & Owen 2024 (The Rising Costs of Training Frontier AI Models, arXiv:2405.21015); Stanford AI Index 2026 (Maslej et al., Stanford HAI); Malagon, Ulloa Ruiz, Sandoval Plaza, Rosario Bolívar, García Mesa & Alvarado Morales 2025 (The Feasibility of Training Sovereign Language Models in the Global South: A Study of Brazil and Mexico, arXiv:2510.19801)
There is no rigorous impact evaluation showing that technological-sovereignty policies (on-shore compute mandates, national foundation-model champions, talent-retention schemes such as EuroHPC AI Factories or India's IndiaAI Mission) actually deliver sustained domestic capability or strategic autonomy; these programs are recent, utilization and cost-per-GPU-hour are largely unpublished, and no counterfactual study exists. The closest analogue evidence base, the industrial-policy literature synthesized by Juhász, Lane & Rodrik, finds that properly-identified studies are more favorable than older correlational work suggested but that outcomes depend heavily on instrument design and structural context, and the older national-champion record warns of subsidized 'zombie' firms and government capture, so the closest analogue is mixed and the direct evidence that the sovereignty rule works is simply missing.
Sources: Juhász, Lane & Rodrik 2024 (The New Economics of Industrial Policy, Annual Review of Economics 16:213-242); Ahmed & Wahed 2020 (The De-democratization of AI: Deep Learning and the Compute Divide in Artificial Intelligence Research, arXiv:2010.15581); IndiaAI Mission (Indian Cabinet, March 2024); EuroHPC Joint Undertaking AI Factories (2024 regulation amendment; no published impact evaluation)
Transparency Obligations
Documentation artifacts (model cards, datasheets) are well-specified as proposals and are genuinely adopted, but the empirical premise that mandated disclosure produces meaningful transparency is contested. Selbst & Barocas (2018) argue inscrutability and non-intuitiveness are distinct problems and that disclosing rules does not resolve the latter, and large-scale audits find documentation is sparsely and unevenly completed: a systematic analysis of 32,111 Hugging Face model cards (Liang et al. 2024) found environmental-impact, limitations and evaluation sections least often filled, and Bhat et al. (2023, 45 practitioners) found a substantial gap between the documentation proposal and actual practice. Honest caveat: the documentation frameworks themselves are real and adopted, so the dispute is about whether disclosure conveys decision-relevant information, not whether the artifacts exist.
Sources: Selbst & Barocas 2018 (Fordham Law Review 87:1085-1139); Liang et al. 2024 (Nature Machine Intelligence, s42256-024-00857-z, 'Systematic analysis of 32,111 AI model cards'); Bhat et al. 2023 (CHI '23, 'Aspirations and Practice of ML Model Documentation', DOI 10.1145/3544548.3581518); Mitchell et al. 2019 (FAccT, Model Cards for Model Reporting); Gebru et al. 2021 (CACM 64(12):86-92, Datasheets for Datasets)
There is no rigorous impact evaluation showing that AI transparency mandates (model cards, training-data summaries) measurably reduce bias, misuse or accidents — the central regulatory assumption is empirically untested, partly because flagship mandates like EU AI Act Art. 53(1)(d) GPAI training-data summaries are only subject to AI Office enforcement/verification from 2 August 2026 (the obligation itself began 2 August 2025 for new models). The closest analogue, mandated consumer disclosure, shows small and context-dependent effects: Bollinger, Leslie & Sorensen (2011) found mandatory calorie posting cut average calories per transaction by about 6%, while Loewenstein, Sunstein & Golman (2014) review evidence that disclosure effects are frequently diminished or even reversed by limited attention and often change provider rather than recipient behavior. These are analogues, not AI studies; no study demonstrates that AI transparency disclosure achieves its stated downstream safety aims.
Sources: Bollinger, Leslie & Sorensen 2011 (AEJ: Economic Policy 3(1):91-128); Loewenstein, Sunstein & Golman 2014 (Annual Review of Economics 6:391-419, 'Disclosure: Psychology Changes Everything'); EU AI Act Art. 53(1)(d) GPAI training-data summary (obligation from 2 Aug 2025; AI Office enforcement from 2 Aug 2026)