Policy Instrument
policy-instrument · Policy instrument
An identifiable technique of collective action — a binding regulation, an executive order, a voluntary code, a technical standard, a treaty, or similar — by which a public authority structures behaviour to address a policy problem. Instrument choice is itself a substantive policy decision, not a downstream implementation detail.
Definition & scope
The canonical public-policy literature treats a policy instrument as a discrete 'tool of government' deployed to organise collective action. Hood's seminal NATO typology (Hood 1983, The Tools of Government, ch. 1-2) groups instruments by the resource base they exploit — Nodality (information), Authority (legal command), Treasure (fiscal transfer), and Organisation (direct provision). Salamon (2002, The Tools of Government: A Guide to the New Governance, pp. 1-47) extends the frame to a 'third-party governance' world in which most instruments are distributed delivery mechanisms (grants, contracts, vouchers, tax expenditures, regulation), and Howlett (2011, Designing Public Policies, ch. 3-5) operationalises instrument choice as constrained by information, capability, and political variables. The political-sociology tradition (Lascoumes & Le Galès 2007, Governance 20(1): 1-21) goes further: instruments are not neutral techniques but 'a particular form of materialisation of state power' (pp. 4-5) that produce effects independently of their stated objectives — meaning instrument choice is policy substance. In AI governance, the patchwork of binding regulation (EU AIA), executive orders (US EO 14110), voluntary codes (G7 Hiroshima), technical standards (NIST AI RMF), international treaties (CoE AI Convention), and resolutions (UN A/RES/78/265) is best understood not as incoherence but as the predicted response to what Marchant et al. (2011, The Growing Gap Between Emerging Technologies and Legal-Ethical Oversight, ch. 1) call the 'pacing problem' — formal regulation lags capability development by years, so jurisdictions sequence soft-law (norm-setting, capability evaluation) ahead of hard-law (binding obligations). Anderljung et al. (2023, 'Frontier AI Regulation,' arXiv:2307.03718, §3) argue the multi-instrument mix is necessary under dual-use indeterminacy; critics argue it enables regulatory arbitrage. The seven InstrumentKind values in this wiki map onto Hood's NATO scheme as follows: binding_regulation + executive_order + international_treaty = Authority; technical_standard = Authority+Nodality hybrid; policy_statement + voluntary_code + resolution = Nodality/sermons. Market-based instruments (tradeable permits, Pigouvian taxes) and pure information instruments (registries, labels) are present in AI governance but not yet first-class categories in this catalog.
Locus of dispute: Does the AI-governance multi-instrument patchwork (binding / voluntary / standards / treaty) converge toward hard-law over time (Abbott & Snidal 2000, International Organization 54(3): 421-456) or stabilise as a permanent mixed equilibrium (Pauwelyn et al. 2014)? Related: is the mix a feature of jurisdictional experimentation (Anderljung et al. 2023) or a bug enabling regulatory arbitrage (Russell 2024)? Field consensus is forming but unsettled.
The Resource Typology and What It Distinguishes
A policy instrument is defined not by its label but by the governing resource it exploits. Hood (1983, ch. 1-2) groups instruments into the NATO scheme — Nodality (information), Authority (legal command), Treasure (fiscal transfer), and Organisation (direct provision) — so a registry, a binding rule, a subsidy, and a state laboratory are distinct techniques even when aimed at one problem, distinguishing instruments from objectives and from policy styles. Salamon (2002, pp. 1-47) sharpens the point for a 'third-party governance' world where most tools — grants, contracts, vouchers, tax expenditures, regulation — are distributed delivery mechanisms rather than direct command (Salamon 2002). The critical claim, following Lascoumes & Le Galès (2007, pp. 4-5), is that the chosen resource is itself substantive: in AI — a general-purpose technology Eloundou et al. 1 find could touch ~80% of the workforce — instrument selection structures who is empowered and reached, since Lehdonvirta et al. 2 map a 'Compute North'/'Compute South' divide deciding who can wield a compute-based tool at all.
How Instrument Choice Operates as Substance
Instrument choice is consequential because each resource base produces distinct distributive and informational effects independent of stated aims. Lascoumes & Le Galès (2007, pp. 4-5) characterise an instrument as 'a particular form of materialisation of state power' that generates its own logic once deployed. Howlett (2011, ch. 3-5) treats selection as constrained by information, capability, and political variables, so one goal yields different tools across jurisdictions. In AI governance this shows in compute-based levers: Sastry et al. 3 argue compute is uniquely governable because it is 'detectable, excludable, and quantifiable' and flows through 'an extremely concentrated supply chain', while Heim & Koessler 4 find training compute 'currently is the most suitable metric to identify GPAI models'. A compute threshold thus encodes a substantive bet about what is measurable and who is reached.
Governance Relevance: Mapping the AI Instrument Mix
The catalog's seven InstrumentKind values map onto Hood's scheme: binding_regulation, executive_order, and international_treaty exploit Authority; technical_standard is an Authority-Nodality hybrid; policy_statement, voluntary_code, and resolution operate as Nodality 'sermons'. This mix is best read, per Marchant et al. (2011, ch. 1), as a response to the 'pacing problem': regulation lags capability, so jurisdictions sequence soft-law ahead of hard-law. The CoE Framework Convention 5 is the first legally binding international AI treaty, grounding governance in legality, proportionality, transparency, accountability and non-discrimination. Yet scope is destabilised by drift: Fernández-Llorca et al. 6 trace how the AIA's text shifted across 'AI system, general purpose AI system, foundation model, and generative AI', so the chosen Authority instrument's reach is itself contested.
Debates and Open Questions
The central question is whether the multi-instrument patchwork converges toward hard-law (Abbott & Snidal 2000, International Organization 54(3): 421-456) or stabilises as a permanent mixed equilibrium (Pauwelyn et al. 2014). A related dispute frames it either as jurisdictional experimentation under dual-use indeterminacy 7 or as enabling regulatory arbitrage (Russell 2024). Pistillo & Villalobos 8 identify techniques that decrease training compute 'while preserving... model capabilities', so thresholds erode without maintenance. Weymouth 9 argues states assert 'strategic digital sovereignty' through selective alliances, fragmenting infrastructure into techno-blocs. Against that, Robinson 10 proposes an IAEA-modelled International AI Agency: 'only an IAIA can legitimately oversee... global AI governance involving all major powers'.
Use in governance
How instruments operationalise this concept
| Instrument | Jurisdiction | Status |
|---|---|---|
| EU AI Act | EU | in force |
| Executive Order 14110 on Safe, Secure, Trustworthy AI | US | partial |
| Executive Order 14179 — Removing Barriers to American Leadership in AI | US | in force |
| UK Pro-Innovation Approach to AI Regulation (White Paper) | UK | in force |
| Interim Measures for Generative AI Service Management | CN | in force |
| G7 Hiroshima AI Process Code of Conduct | G7 | in force |
| OECD AI Principles (Recommendation) | OECD | in force |
| Council of Europe Framework Convention on AI | council_of_europe | adopted not in force |
| UN GA Resolution on Safe, Secure, Trustworthy AI | UN | in force |
| NIST AI Risk Management Framework | US | in force |
| General Data Protection Regulation (GDPR) | EU | in force |
| EU General-Purpose AI Code of Practice | EU | in force |
Appears in topic articles
Editorial note
Foundational concept article for the policy_instrument domain — defines the category that every INSTRUMENTS entry instantiates. When citing 'policy instrument' in other wiki articles without further qualifier, default to the Hood / Salamon / Howlett synthesis; reserve Lascoumes & Le Galès when the article's argument turns on instruments-as-power rather than instruments-as-techniques. The seven InstrumentKind values do NOT yet include market-based or pure-information instruments; if a future AI-governance instrument falls outside the seven, expand InstrumentKind rather than forcing a mis-fit.
See also
Further reading
Sources on the broader topics this concept relates to — complementing, not standing in for, the primary sources cited inline above. 79 academic & grey-literature sources; catalogued metadata with a primary link; one-line findings are ✦ AI-generated summaries, labeled as such (charter §7.9). Browse the full literature index.
- An interdisciplinary account of the terminological choices by EU policymakers ahead of the final agreement on the AI Act: AI system, general purpose AI system, foundation model, and generative AI Peer-reviewed✦ AITraces how the AI Act's legal text shifted across versions among the terms 'AI system, general purpose AI system, foundation model, and generative AI', exposing definitional instability in the regime.
- The EU model of AI governance: regulating artificial intelligence through law and policy Peer-reviewed✦ AIAnalyses how the AI Act's risk-based model handles general-purpose and foundation models whose 'autonomous content generation challenges legal categories of authorship, accountability, and control'.
- Generative AI and data protection Peer-reviewed✦ AIExamines friction between foundation-model training and the GDPR, noting models that 'memorize and leak pieces of training data' cannot be treated as anonymous.
- Defending Compute Thresholds Against Legal Loopholes Preprint✦ AIIdentifies 'enhancement techniques that are capable of decreasing training compute usage while preserving... model capabilities', exposing loopholes in compute-reporting thresholds.
- The establishment of an international AI agency: an applied solution to global AI governance Peer-reviewed✦ AIProposes a UN-backed International Artificial Intelligence Agency modelled on the IAEA, arguing 'only an IAIA can legitimately oversee a global AI governance framework involving all major powers.'
- Framework Convention on Artificial Intelligence and Human Rights, Democracy and the Rule of Law (Council Eur.) — with Introductory Note Peer-reviewed✦ AIReproduces and annotates the first legally binding international AI treaty, grounding cross-border AI governance in legality, proportionality, transparency, accountability and non-discrimination across the AI lifecycle.
- Digital Disintegration: Techno-Blocs and Strategic Sovereignty in the AI Era Peer-reviewed✦ AIArgues states increasingly assert 'strategic digital sovereignty...through selective alliances with firms and other governments,' fragmenting global AI infrastructure into techno-blocs rather than multilateral order.
- GPTs are GPTs: Labor market impact potential of LLMs Peer-reviewed✦ AIFinds around 80% of the U.S. workforce "could have at least 10% of their work tasks affected" by LLMs, which exhibit "traits of general-purpose technologies".
- Computing Power and the Governance of Artificial Intelligence Preprint✦ AIArgues compute is a uniquely governable lever because it is "detectable, excludable, and quantifiable, and is produced via an extremely concentrated supply chain".
- Training Compute Thresholds: Features and Functions in AI Regulation Preprint✦ AIFinds "training compute currently is the most suitable metric to identify GPAI models", but thresholds should only trigger further scrutiny, not determine risk measures alone.
- Compute North vs. Compute South: The Uneven Possibilities of Compute-based AI Governance Around the Globe Peer-reviewed✦ AICensus of hyperscale cloud regions shows a divide between "Compute North" states hosting training-relevant compute and a Compute South, shaping who can wield compute-based governance.
- Generative AI in EU law: Liability, privacy, intellectual property, and cybersecurity Peer-reviewed✦ AIExamines how the EU AI Act, liability regimes, GDPR, copyright and cybersecurity rules apply to generative AI, identifying gaps and proposing targeted regulatory refinements.
+ 67 more across this concept's topics — see the literature index.
References
Sources cited inline in the analysis (linked from the superscript markers), then the primary instrument sources behind the classifications.
- Eloundou, Manning, Mishkin, Rock (2024) GPTs are GPTs: Labor market impact potential of LLMs, Science. 10.1126/science.adj0998 — Finds around 80% of the U.S. workforce "could have at least 10% of their work tasks affected" by LLMs, which exhibit "traits of general-purpose technologies". ↩
- Lehdonvirta, Wú & Hawkins (2024) Compute North vs. Compute South: The Uneven Possibilities of Compute-based AI Governance Around the Globe, AIES Proceedings. 10.1609/aies.v7i1.31683 — Census of hyperscale cloud regions shows a divide between "Compute North" states hosting training-relevant compute and a Compute South, shaping who can wield compute-based governance. ↩
- Sastry, Heim, Belfield, Anderljung, Brundage, et al. (2024) Computing Power and the Governance of Artificial Intelligence, arXiv. arXiv:2402.08797 — Argues compute is a uniquely governable lever because it is "detectable, excludable, and quantifiable, and is produced via an extremely concentrated supply chain". ↩
- Heim & Koessler (2024) Training Compute Thresholds: Features and Functions in AI Regulation, arXiv. arXiv:2405.10799 — Finds "training compute currently is the most suitable metric to identify GPAI models", but thresholds should only trigger further scrutiny, not determine risk measures alone. ↩
- Council of Europe; Introductory Note by Marc Rotenberg (2025) Framework Convention on Artificial Intelligence and Human Rights, Democracy and the Rule of Law (Council Eur.) — with Introductory Note, International Legal Materials. 10.1017/ilm.2025.1 — Reproduces and annotates the first legally binding international AI treaty, grounding cross-border AI governance in legality, proportionality, transparency, accountability and non-discrimination across the AI lifecycle. ↩
- David Fernández-Llorca, Emilia Gómez, Ignacio Sánchez, Gabriele Mazzini (2025) An interdisciplinary account of the terminological choices by EU policymakers ahead of the final agreement on the AI Act: AI system, general purpose AI system, foundation model, and generative AI, Artificial Intelligence and Law. 10.1007/s10506-024-09412-y — Traces how the AI Act's legal text shifted across versions among the terms 'AI system, general purpose AI system, foundation model, and generative AI', exposing definitional instability in the regime. ↩
- Anderljung, Barnhart, Korinek, et al. (2023) Frontier AI Regulation: Managing Emerging Risks to Public Safety, arXiv. arXiv:2307.03718 — Argues "industry self-regulation is an important first step" but "government intervention will be needed", proposing safety standards, registration and reporting, and compliance mechanisms. ↩
- Matteo Pistillo, Pablo Villalobos (2025) Defending Compute Thresholds Against Legal Loopholes, arXiv (cs.CY). arXiv:2502.00003 — Identifies 'enhancement techniques that are capable of decreasing training compute usage while preserving... model capabilities', exposing loopholes in compute-reporting thresholds. ↩
- Stephen Weymouth (2025) Digital Disintegration: Techno-Blocs and Strategic Sovereignty in the AI Era, International Organization. 10.1017/S0020818325101070 — Argues states increasingly assert 'strategic digital sovereignty...through selective alliances with firms and other governments,' fragmenting global AI infrastructure into techno-blocs rather than multilateral order. ↩
- Mark Robinson (2025) The establishment of an international AI agency: an applied solution to global AI governance, International Affairs. 10.1093/ia/iiaf105 — Proposes a UN-backed International Artificial Intelligence Agency modelled on the IAEA, arguing 'only an IAIA can legitimately oversee a global AI governance framework involving all major powers.' ↩
- Lascoumes, P. & Le Galès, P. (2007). Introduction: Understanding Public Policy through Its Instruments — From the Nature of Instruments to the Sociology of Public Policy Instrumentation. Governance 20(1): 1-21. See also Hood (1983) The Tools of Government, ch. 1-2; Salamon (2002) The Tools of Government: A Guide to the New Governance, pp. 1-47; Howlett (2011) Designing Public Policies, ch. 3-5.
Cite this article 8 formats · BibTeX, RIS, APA, Chicago, … · 1-click copy
Persistent identifier: https://policywindow.org/wiki/policy-instrument — committed-stable URL with content-versioning via ?asOf= (rollout pending per methodology §7). DOIs via Zenodo are on the roadmap.
Article tools — track changes, suggest an edit
View history — every captured revision of this article · What links here
Social-science evidence — the “so-what”
What the peer-reviewed social science shows: whether the harm this concept addresses is empirically real, and whether governance of it works. The badge is the epistemic status of the evidence(not the policy debate) — “thin” or “absent” efficacy evidence is itself a finding (the “second silence”). Each epistemic-status label is Policy Window's editorial assessment of the cited evidence base (a structured classification), not a verdict any single source issues.
The policy-instrument category is real and coherently defined — the concept's wording tracks Salamon's classic definition of a tool as an identifiable method by which collective action is structured (Salamon ed. 2002), and the canonical NATO typology classifies instruments by nodality, authority, treasure and organization (Hood 1983/1986). The AI-governance multi-instrument patchwork is empirically documented: Jobin, Ienca & Vayena 2019 mapped 84 ethics guidelines, and the Gutierrez & Marchant 2021 ASU database catalogued 634 AI soft-law programs. Contested element: whether this patchwork CONVERGES toward hard law is unestablished. Specific hardening is observable (the OECD AI Principles 2019 fed the EU AI Act's system definition and risk-based framing), but the comparative literature finds BOTH convergence and divergence — typically 'terminological convergence coupled with operational fragmentation' — so there is no rigorous longitudinal evidence that the field is converging rather than simultaneously proliferating and fragmenting.
Sources: Salamon (ed.) 2002 (The Tools of Government: A Guide to the New Governance, Oxford University Press); Jobin, Ienca & Vayena 2019 (The Global Landscape of AI Ethics Guidelines, Nature Machine Intelligence 1:389-399); Gutierrez & Marchant 2021 (A Global Perspective of Soft Law Programs for the Governance of AI, SSRN 3855171; 634 programs)
There is no rigorous causal evidence that the choice or hardening of policy instruments measurably reduces AI harm, and the closest controlled test points the other way: McNamara, Smith & Murphy-Hill 2018 found that explicitly instructing software practitioners to consider the ACM code of ethics had no observed effect on their decisions in a randomized vignette experiment, while Mittelstadt 2019 and Hagendorff 2020 argue that principle-based soft instruments largely fail to translate into practice. No impact evaluation demonstrates that any instrument type achieves its stated governance aim; the evidence that the instrument lever works is thin.
Sources: McNamara, Smith & Murphy-Hill 2018 (Does ACM's Code of Ethics Change Ethical Decision Making in Software Development?, ESEC/FSE 2018, pp. 729-733); Mittelstadt 2019 (Principles Alone Cannot Guarantee Ethical AI, Nature Machine Intelligence 1:501-507); Hagendorff 2020 (The Ethics of AI Ethics: An Evaluation of Guidelines, Minds and Machines 30:99-120)