Open problem 6
The Verification Without Leviathan Problem
- frontier AI
- AGI
How can governments or international institutions verify claims about training runs, compute use, model weights, security, evaluations, and deployment restrictions without excessive surveillance, centralisation, or abuse?
Why it’s foundational
Governance without verification is aspirational. Verification without safeguards can become a tool of state control, industrial concentration, or geopolitical coercion.
Why it’s difficult
Frontier AI activity is partly visible through compute infrastructure but partly hidden in algorithms, data, post-training, private deployments, and internal lab use. Compute governance is attractive because AI-relevant compute is relatively detectable, excludable, quantifiable, and concentrated, but the same literature warns that poorly scoped compute governance could create privacy, economic, and power-centralisation risks.
Hidden assumptions
The hidden assumption is that “more visibility” is always good. It is not. Visibility can empower regulators, but also intelligence agencies, dominant cloud providers, authoritarian states, or incumbent firms.
Competing positions
- Compute registries
- Cloud-provider duties
- Chip-level controls
- Cryptographic attestation
- Export controls
- Third-party audits
- Treaty verification
- Privacy-preserving monitoring
- Anti-surveillance scepticism
What could make progress
Pilots for privacy-preserving compute monitoring; chip attestation research; secure auditor access protocols; cloud KYC experiments; international verification exercises; red-team studies of evasion.
What it would change
It would determine whether AI governance can move from voluntary commitments to enforceable domestic and international obligations.
Sub-agenda
- What claims about frontier development are technically verifiable?
- Which verification mechanisms are compatible with privacy and civil liberties?
- Can international compute monitoring avoid becoming a cartel?
- How can auditors inspect sensitive systems without leaking model weights?
- What forms of non-compliance are realistically detectable?
Priority (editor scoring)
Enforceability is impossible without verification; bad verification is dangerous.
- Importance
- 5/5
- Neglected
- 4/5
- Difficulty
- 5/5
- Actionable
- 5/5
- Robust
- 4/5
- Nat’l+int’l
- 5/5
Where the catalog bears on this
No current catalog instrument resolves this puzzle — which is the point: it is a foundational question the existing rules leave open. Browse the coverage catalog for what the instruments do and don’t say.
Editorial content — a human-authored agenda question, rendered verbatim. No part of this analysis is AI-generated (see the charter).