The White House has issued a new executive order establishing mandatory safety testing requirements for AI models that exceed certain capability thresholds. The order represents the most significant federal action on AI safety to date.
Key Provisions
Mandatory Safety Testing
AI developers must conduct and report results from a standardized battery of safety evaluations before deploying models that meet or exceed defined capability thresholds. These evaluations cover areas including:
- Biosecurity risks — Testing whether models can provide actionable information for creating biological weapons
- Cybersecurity risks — Evaluating the model's ability to assist in developing novel cyberattacks
- Autonomous behavior — Assessing whether models exhibit concerning goal-seeking or self-preservation behaviors
- Deception — Testing for the model's tendency to mislead users or evaluators
Reporting Requirements
Companies developing frontier AI models must notify the government when beginning training runs that exceed certain compute thresholds. They must also share safety evaluation results within 30 days of completing testing.
Red-Teaming Standards
The order establishes standardized red-teaming protocols that must be followed before deployment. These include both automated testing and human evaluation by independent third parties.
Industry Response
The major AI labs have generally responded positively, noting that many of the requirements align with voluntary commitments they made previously. However, some smaller companies have expressed concern about the compliance burden.
Supporters
- Major AI labs — View the standards as formalizing best practices they already follow
- AI safety researchers — Welcome the mandatory nature of evaluations
- Enterprise customers — See standardized testing as increasing trust in AI products
Critics
- Startups — Worry about compliance costs creating barriers to entry
- Open-source advocates — Seek clarity on how the rules apply to open-weight models
- Some researchers — Argue the capability thresholds are set too high to catch near-term risks
Implementation Timeline
The executive order takes effect in phases:
- Immediate — Reporting requirements for training runs exceeding compute thresholds
- 90 days — Publication of detailed safety testing protocols by NIST
- 180 days — Full compliance with safety testing requirements
- 1 year — First annual review and potential updates to capability thresholds
International Coordination
The order includes provisions for coordinating with allies on AI safety standards, building on the Bletchley Declaration and subsequent international agreements. The UK AI Safety Institute's Alignment Project, which now includes OpenAI and Microsoft, represents one concrete example of this coordination in action. The goal is to prevent a race to the bottom where companies relocate to jurisdictions with weaker oversight.
What It Means
The executive order signals that AI regulation in the United States is moving from voluntary commitments to enforceable requirements. While the scope is currently limited to frontier models, the framework could be expanded as AI capabilities continue to advance. Globally, the EU AI Act takes a broader approach with its risk-based classification system, while China mandates government review for all models before public release.
