Cross-corpus research synthesis
Foundation Models / GPAI
Obligations specific to general-purpose / foundation models above certain capability thresholds.
Synthesised deterministically from 64 articles that engage this theme. Empirical consensus: contested · contested: Does the foundation-model category map to a coherent capability tier, or is it a regulatory convenience? Compute-threshold vs behavioural-threshold debate is unresolved across EU/US/China.. Full theme article: /wiki/foundation-models. Machine-readable: /wiki/synthesis.json.
Cross-jurisdiction stances (22 govern, 34 engage)
| Instrument | Verdict | Provision excerpt / citation |
|---|---|---|
| EU AI Act | governs | “A general-purpose AI model shall be classified as a general-purpose AI model with systemic risk if it meets any of the following conditions: (a) it has high impact capabilities…” Arts. 51-55 (general-purpose AI + systemic risk) |
| Executive Order 14110 on Safe, Secure, Trustworthy AI | governs | §4.2(a) — Defense Production Act reporting |
| UK Pro-Innovation Approach to AI Regulation (White Paper) | implicit | Cross-cutting principles; sector regulators apply |
| Interim Measures for Generative AI Service Management | governs | Art. 2 (applies to GenAI services regardless of size) |
| G7 Hiroshima AI Process Code of Conduct | governs | Code applies to advanced AI |
| OECD AI Principles (Recommendation) | implicit | 2024 update clarifies GPAI scope |
| Council of Europe Framework Convention on AI | implicit | Applies to AI throughout lifecycle (Art. 3) |
| NIST AI Risk Management Framework | governs | “Intended purposes, potentially beneficial uses, context-specific laws, norms and expectations, and prospective settings in which the AI system will be deployed are understood and documented.” GenAI Profile (NIST AI 600-1, 2024) |
| Bletchley Declaration on AI Safety | governs | Declaration §1-2 (frontier AI defined as the subject) |
| Seoul Declaration on Safe, Innovative and Inclusive AI | governs | Declaration + accompanying Frontier AI Safety Commitments (16 signatory companies) |
| NIST AI RMF Generative AI Profile | governs | Entire NIST AI 600-1 scope is GPAI / GenAI |
| California SB-1047: Safe and Secure Innovation for Frontier AI Models Act | governs | Cal. SB-1047 §22602 — 'covered model' = trained with >10^26 operations AND >$100M cost (or fine-tuning >$10M); vetoed 29 Sep 2024 |
| India Digital Personal Data Protection Act + AI Advisory (MEITY) | implicit | MEITY Apr-2024 advisory walked back the Mar-2024 pre-deployment-approval requirement; current approach is post-deployment incident reporting |
| Brazil AI Bill (PL 2338/2023) | governs | PL 2338/2023 Arts. 17-19 (general-purpose AI systemic-risk obligations) |
| ASEAN Guide on AI Governance and Ethics | implicit | Guide §6 covers GenAI but with flexible implementation expectations |
| Anthropic Responsible Scaling Policy (RSP) v2 | governs | RSP v2 §2 — ASL framework applies to frontier model releases |
| OpenAI Preparedness Framework | governs | Preparedness Framework §1-2 — applies to all OpenAI frontier-model releases |
| Google DeepMind Frontier Safety Framework | governs | FSF applies to Google DeepMind frontier-model releases |
| Meta Frontier AI Framework | governs | Framework applies to Meta frontier-model releases (Llama family) |
| UK-US AI Safety Institute Memorandum of Understanding | governs | MoU scope is frontier AI evaluation |
| White House Voluntary AI Commitments | governs | Commitments §1-2 — internal + external security testing of frontier models |
| Singapore Model AI Governance Framework for Generative AI | governs | Framework Dimension 3 (Trusted Development + Deployment) explicitly covers GenAI models |
| Japan METI AI Guidelines for Business | governs | Guidelines Part 3 — covers AI providers including foundation-model developers |
| EU General-Purpose AI Code of Practice | governs | Chapter 3 (Safety & Security) operationalises Art. 55 systemic-risk-tier obligations for GPAI providers |
| OMB Memorandum M-24-10 (Advancing Governance, Innovation, and Risk Management for Agency Use of AI) | implicit | Before agencies use new or existing safety-impacting or rights-impacting AI, they must implement the minimum practices in this section; if they cannot, they must cease using the AI until compliance is achieved. (paraphrase) §5 + Attachment 1 — minimum practices apply to safety- + rights-impacting AI regardless of foundation-model classification; no compute-threshold trigger |
| GSA Generative AI and Specialized Computing Infrastructure Acquisition Resource Guide | governs | Faithful summary: the guide treats generative-AI and foundation-model acquisition as a discrete category, posing due-diligence questions for evaluating model provenance, capabilities, and vendor documentation. (paraphrase) Sections posing generative-AI vendor-evaluation + model-provenance due-diligence questions for contracting officers |
| DoD Responsible AI Strategy and Implementation Pathway | implicit | Tenet 3 (AI Product and Acquisition Lifecycle) + Tenet 5 (Responsible AI Ecosystem) — RAI integration applies regardless of model architecture; foundation-model-specific obligations flow through CDAO RAI Toolkit guidance |
| FedRAMP AI Cloud Procurement Guidance | implicit | GenAI-specific control tailoring guidance addresses model-specific risks (training-data exposure, prompt-injection, output disclosure) within SSP + NIST SP 800-53 control overlay selection |
| DFARS Subpart 252.204 (Safeguarding Covered Defense Information and Cyber Incident Reporting) | implicit | 252.204-7012 — AI-system source code, model weights, training data fall within Covered Defense Information scope when the underlying contract designates these as CDI; foundation-model artefacts are CDI through the standard contract designation pathway |
| California SB-53: Transparency in Frontier Artificial Intelligence Act (TFAIA) | governs | “'Frontier model' means a foundation model that was trained using a quantity of computing power greater than 10^26 integer or floating-point operations, including the computing power used in subsequent fine-tuning or modifications.” Bus. & Prof. Code § 22757.11 — defines 'foundation model' + 'frontier model' (>10^26 FLOP) as the regulated class |
| California SB 942: AI Transparency Act | implicit | No operative provision regulates foundation models as a class; the regulated party ('covered provider', § 22757.1) is defined by an output/scale hook — a producer of a publicly-accessible GenAI system with over 1,000,000 monthly users — so a foundation-model producer is reached only incidentally via the § 22757.2–.3 output-disclosure duties, not by any model-level obligation |
| New York RAISE Act: Responsible AI Safety and Education Act | governs | 'Frontier model' means an AI model trained using greater than 10^26 computational operations, the compute cost of which exceeds one hundred million dollars (or a model knowledge-distilled from such a model). (paraphrase) N.Y. Gen. Bus. Law § 1420(6) defines 'frontier model' (>10^26 FLOP, >$100M compute) + § 1421 imposes operative pre-deployment duties on large frontier-model developers |
| Japan AI Promotion Act (Act on the Promotion of Research, Development and Utilization of AI-Related Technologies) | implicit | "AI-related technology" means technology ... that ... substitute[s] for intellectual abilities involved in human cognition, reasoning, and judgment ... (paraphrase) Act No. 53 of 2025, Arts. 2 & 12 |
| UN Global Digital Compact | implicit | “open artificial intelligence models and systems ... evidence-based impact, risk and opportunity assessments.” GDC Objective 5 (A/RES/79/1, Annex I) |
Evidence convergence
Sources the corpus cites for this theme across multiple articles — a scientometric consensus signal computed from inline prose citations (the more articles independently cite a source, the more load-bearing it is for this theme). 72 sources are cited by ≥2 articles.
- 44×An interdisciplinary account of the terminological choices by EU policymakers ahead of the final agreement on the AI Act: AI system, general purpose AI system, foundation model, and generative AI — cited by 44 articles
- 34×The EU model of AI governance: regulating artificial intelligence through law and policy — cited by 34 articles
- 25×Defending Compute Thresholds Against Legal Loopholes — cited by 25 articles
- 22×Generative AI and data protection — cited by 22 articles
- 16×Artificial intelligence and synthetic biology: biosecurity risks, dual-use concerns, and governance pathways — cited by 16 articles
- 15×Evaluating Frontier Models for Dangerous Capabilities — cited by 15 articles
- 15×Identifying Algorithmic Decision Subjects' Needs for Meaningful Contestability — cited by 15 articles
- 14×Training Compute Thresholds: Features and Functions in AI Regulation — cited by 14 articles
- 14×Computing Power and the Governance of Artificial Intelligence — cited by 14 articles
- 13×Two types of AI existential risk: decisive and accumulative — cited by 13 articles
- 13×Missing the Mark: Adoption of Watermarking for Generative AI Systems in Practice and Implications Under the New EU AI Act — cited by 13 articles
- 13×GPTs are GPTs: Labor market impact potential of LLMs — cited by 13 articles
- 12×Governing AI Agents — cited by 12 articles
- 11×arxiv:2504.18236 — cited by 11 articles
- 11×Multi-Agent Risks from Advanced AI — cited by 11 articles
- 11×Generative AI in EU law: Liability, privacy, intellectual property, and cybersecurity — cited by 11 articles
- 10×Infrastructure for AI Agents — cited by 10 articles
- 10×Frontier AI Regulation: Managing Emerging Risks to Public Safety — cited by 10 articles
- 9×Open Foundation Models and TDM Exceptions to Copyright – Building Blocks for an AI Ecosystem — cited by 9 articles
- 9×International Agreements on AI Safety: Review and Recommendations for a Conditional AI Safety Treaty — cited by 9 articles