Democratic Governance of Frontier AI: A Markup

Introduction

On June 2, 2026, OpenAI published “Democratic Governance of Frontier AI: A blueprint for a federal framework,” a proposal for how the United States should govern its most capable AI systems. The blueprint arrived the day after the White House’s executive order on Promoting Advanced Artificial Intelligence Innovation and Security, in the same week that Sam Altman met congressional leaders on the Hill, and alongside the bipartisan Great American AI Act draft from Representatives Obernolte and Trahan. In a moment when Washington was searching for a federal approach, a frontier developer offered a full framework. It proposes three things: 

1. A “reverse federalism” that codifies recent and pending state laws, including California’s SB 53, New York’s RAISE Act, and Illinois’s SB 315, and then preempts the states. 
2. A strengthened Center for AI Standards and Innovation (CAISI) as the government’s premier institution for evaluating frontier models and measuring recursive self-improvement
3. A whole-of-government resilience strategy across compute, biodefense, and cybersecurity

In much of the commentary featured in Politico, The Hill, Mashable, and others immediately following the release of the framework, most asked why OpenAI wrote this. Rather than retread that well-covered ground, I focused on the question: what would be required to make the framework work? There are three core challenges that policymakers would face were they try to implement the framework as it stands. 

First, the blueprint reads as a list of obligations but is really a sequence with unstated prerequisites. Its most important requirements—the severe-risk evaluations, comparable transparency reports, third-party audits, and the procurement gate—rely on methodologies and deliverables that do not yet exist. These include the evaluation methodologies, the metrics for recursive self-improvement and loss of control, and a certified assessor ecosystem. It compresses what will be a multi-year build into single sentences, which makes the real hazard a sequencing one. Enacting the fast structural pieces, particularly the federal preemption that displaces state AI laws, before the slow substantive ones exist risks a gap in which operative state law is gone and the federal regime cannot yet function.

Second, the framework relies on measurement and definitions that do not exist. Recursive self-improvement, loss of control, and even cyber, chemical, biological, radiological, and nuclear (CBRN) capability lack agreed evaluation methods, and the document’s own fix is to have CAISI develop them later, in conjunction with the firms being measured. As a result, key terms remain unclear. “Severe risk” carries the evaluation, whistleblower, and liability provisions without a definition. The phrase “critical safety incident” brings to mind issues with implementing the Cyber Incident Reporting for Critical Infrastructure Act of 2022: four years after passage, we have yet to reach a settled definition of a reportable “critical” incident. Pinning these terms down is what determines whether anything is enforceable.

Third, the framework’s binding force depends on choices it leaves to implementation. The centerpiece is a mandatory pre-release CAISI evaluation, but the evaluator cannot block deployment, and a deadline lets developers ship if CAISI does not finish in time. The gate therefore binds in proportion to CAISI’s capacity, so the agency would need the staffing and tooling to keep pace with every frontier release before the requirement carries real force.. A separate design choice is the question of who runs the assessments. The framework assumes a private assessor ecosystem stood up from scratch, though at the current scale of roughly five frontier labs a government-run assessment could be faster and more independent. Policymakers need to decide which route to build and fund. The hardest piece to pin down is the backstop. Liability for severe harms with no blanket safe harbor is what would give the other obligations consequences, yet the blueprint states it as a single principle, leaving the work of turning it into a workable standard as the thing that determines whether the rest of the regime has force.

This is among the first comprehensive frameworks any frontier developer has put before policymakers, and its main contribution may be to show the scale of the task it leaves to the government. The framework presents a set of obligations, but reads more like a sequence in which the faster structural elements, preemption above all, are specified far more fully than the measurement methods, threshold definitions, and assessor institutions on which everything else depends. Most of what would make the regime function has yet to be built, and much of that building falls to policymakers rather than to the company making the proposal. 

This markup is the first in a series examining how frontier developers propose to govern themselves. Eight days after the OpenAI document, Anthropic published its Advanced AI Framework alongside Dario Amodei’s essay Policy on the AI Exponential, proposing an Federal Aviation Administration (FAA)-style testing regime in which the government can block or reverse deployments that fail. That is a sharply different answer to the question this markup turns on, since OpenAI’s evaluator cannot block deployment, and it is the framework I will take up next.

What follows below is my provision-by-provision markup, from the preamble through the conclusion of OpenAI’s federal framework, testing each recommendation against what it would take to build and whether it would hold.