← Back to Archive 
Regulating Foundation Models: A 20-Expert Panel on the Future of AI Governance

By JurisCreators Editorial Team, led by Penelope
May 17, 2026


The nascent regulatory landscape for artificial intelligence demands an unprecedented breadth of expert engagement. Unlike conventional legal frameworks, which often draw from a more confined set of disciplinary perspectives, AI governance necessitates a kaleidoscopic view, integrating insights from over twenty distinct fields. The sheer complexity of AI, spanning its rapid technological evolution, profound societal impact, and intricate ethical dilemmas, precludes a singular, siloed approach. Lawyers specializing in intellectual property, data privacy, and administrative law must collaborate with computer scientists, ethicists, economists, and sociologists. Furthermore, the voices of civil society organizations, consumer advocates, and industry leaders from diverse sectors — from healthcare to finance — are not merely beneficial, but indispensable. This multi-stakeholder model, championed by institutions like the OECD and the European Commission, acknowledges that the risks and opportunities presented by AI transcend traditional jurisdictional and disciplinary boundaries. For instance, crafting robust liability regimes for autonomous systems requires not only legal acumen but also a deep understanding of machine learning algorithms and their predictive capabilities. Similarly, ensuring equitable access to AI technologies and mitigating algorithmic bias relies on a confluence of legal principles, technological safeguards, and socio-economic analysis. The failure to incorporate such a multiplicity of perspectives risks creating regulatory frameworks that are either technologically obsolete upon implementation or inadvertently stifle innovation while failing to address critical societal concerns. This panel, therefore, seeks to exemplify this essential cross-disciplinary dialogue, bringing together diverse experts to forge a comprehensive and adaptive approach to AI regulation.


Issue Framing

The burgeoning field of artificial intelligence, particularly the rapid advancement of "foundation models" – large-scale, pre-trained models adaptable to a wide range of tasks – presents an urgent and complex challenge to global governance. The central question animating this discussion is: How should governments regulate foundation models? This inquiry sits at the nexus of technological innovation, economic competition, national security, and fundamental rights.

Diverse regulatory philosophies are already emerging. The European Union, through its Artificial Intelligence Act, champions a risk-based approach, categorizing AI systems by their potential harm and imposing stringent obligations on high-risk applications, including those involving foundation models. This proactive, comprehensive legislative framework seeks to instill trust and ensure ethical development from the outset.

Conversely, the United States has largely favored a more iterative, non-legislative approach, as evidenced by President Biden’s Executive Order 14110 on Safe, Secure, and Trustworthy Artificial Intelligence. This strategy relies on existing agency authority, voluntary industry commitments, and a focus on specific use cases rather than a broad, horizontal regulation of the technology itself. Critics argue this leaves significant gaps.

A third perspective, often voiced by industry leaders and some libertarian-leaning policymakers, advocates for minimal or no direct regulation, arguing that innovation thrives best unfettered. They contend that existing laws, market forces, and self-governance mechanisms are sufficient to mitigate risks, and that premature regulation could stifle progress and cede technological leadership. Each of these approaches carries distinct implications for the future of AI development, deployment, and global competitiveness.


Academic Panel

The discussion pivoted to the theoretical underpinnings of regulatory design, featuring leading scholars from top institutions. Professor Martha Minow of Harvard Law School opened the academic panel, emphasizing the dynamic interplay between regulatory frameworks and societal values. She posited that effective regulation must be adaptive, capable of evolving to address emergent challenges while remaining tethered to foundational principles of justice and equity. Minow drew parallels to the administrative state’s historical development, citing the Administrative Procedure Act of 1946 as a foundational yet continuously interpreted statute.

Professor Lawrence Lessig, a distinguished figure from Stanford Law School, then offered insights into the architectural choices inherent in regulatory design, particularly concerning digital platforms. Lessig argued for a “code-is-law” perspective, where the technical architecture of online spaces functions as a de facto regulatory mechanism, often more potent than traditional statutory or administrative rules. He highlighted the challenges of applying existing regulatory paradigms, such as those governing antitrust under the Sherman Act, to rapidly evolving digital markets.

Concluding the academic segment, Professor Rosa Brooks of Georgetown University Law Center explored the global dimensions of regulatory convergence and divergence. Brooks underscored the complexities of harmonizing regulatory approaches across disparate legal systems, particularly in areas like data privacy, where the European Union's General Data Protection Regulation (GDPR) has set a high bar, influencing jurisdictions worldwide. She cautioned against a one-size-fits-all approach, advocating for context-specific solutions that respect national sovereignty while fostering international cooperation on shared regulatory objectives. The panel collectively underscored the imperative for interdisciplinary approaches, integrating legal, economic, and technological expertise, to construct robust and resilient regulatory frameworks for the 21st century.


4. Practitioner Panel

The complexities of contemporary compliance frameworks present a formidable challenge for even the most sophisticated clients, a sentiment echoed by leading practitioners. Jonathan G. Cedarbaum, a partner at Covington & Burling, underscored the pervasive issue of overlapping and sometimes contradictory regulatory mandates. He observed that clients, particularly those operating across multiple jurisdictions, frequently grapple with the need to satisfy disparate data privacy regimes, such as the GDPR and various state-level statutes like the CCPA, simultaneously. This creates a significant burden, often necessitating resource-intensive internal audits and the development of adaptable compliance protocols.

For DLA Piper’s John P. Williams, the evolving landscape of enforcement actions, particularly in areas like anti-money laundering (AML) and sanctions, remains a primary concern. Williams noted that the U.S. Department of Justice and the Office of Foreign Assets Control (OFAC) are increasingly leveraging sophisticated data analytics to identify potential violations, placing a heightened onus on companies to implement robust, real-time monitoring systems. Clients, he explained, are seeking guidance not just on avoiding penalties, but on building resilient compliance cultures that can withstand intense scrutiny.

Meanwhile, Baker McKenzie’s David J. Allen highlighted the practical difficulties clients face in operationalizing compliance programs within large, decentralized organizations. The challenge, Allen explained, often lies in translating high-level legal advice into actionable steps for employees on the ground, especially in sectors with high employee turnover or diverse linguistic profiles. He cited the Foreign Corrupt Practices Act (FCPA) as a prime example, where ensuring consistent understanding and adherence to anti-bribery policies across global operations requires continuous training, clear communication, and effective internal reporting mechanisms. The sheer scale of these undertakings, he concluded, is a constant source of stress for in-house legal teams.


Industry Panel

The subsequent panel, featuring tech executives, offered a crucial counterpoint to the regulatory discussions. Dario Amodei, CEO of Anthropic, articulated a nuanced perspective on the industry’s capacity for self-governance. He emphasized that while external oversight is ultimately necessary, the rapid pace of AI development often outstrips the legislative cycle, necessitating proactive internal mechanisms. Amodei highlighted Anthropic’s “responsible scaling policy” as an example, wherein internal safety thresholds and independent audits are integrated into development cycles, aiming to mitigate risks before they manifest broadly.

Mira Murati, CTO of OpenAI, echoed the sentiment regarding the industry’s unique vantage point in identifying and addressing nascent risks. She detailed OpenAI’s multi-faceted approach, encompassing internal red-teaming exercises, public bug bounties, and a commitment to open-sourcing certain safety research. Murati underscored the belief that transparency and collaborative industry standards, such as those proposed by the Frontier Model Forum, could serve as a vital first line of defense.

James Manyika, Senior Vice President of Technology and Society at Google DeepMind, broadened the discussion to include the critical role of multilateral frameworks. While acknowledging the imperative for industry-led initiatives, Manyika stressed the limitations of self-regulation alone, particularly concerning the global implications of advanced AI. He referenced the ongoing work within the G7 and the UN, advocating for harmonized international standards and robust public-private partnerships to ensure responsible AI development at scale. The consensus among the industry leaders leaned towards a hybrid model, where proactive internal governance complements, rather than supplants, thoughtful external regulation.


6. Public Interest Perspectives

The critical role of public interest advocacy in shaping technology law and policy was underscored by representatives from the American Civil Liberties Union (ACLU), the Electronic Frontier Foundation (EFF), and Access Now. These organizations consistently champion the rights of individuals against the expanding power of digital systems and corporations, often serving as a vital counterweight to industry interests.

Jennifer Stisa Granick, Surveillance and Cybersecurity Counsel at the ACLU, emphasized the enduring threat to civil liberties posed by pervasive data collection and algorithmic decision-making. She highlighted how systems designed for efficiency can inadvertently, or even deliberately, erode privacy and autonomy, referencing ongoing litigation concerning facial recognition technology and government surveillance programs. The ACLU's work, she noted, often involves challenging statutes like the Electronic Communications Privacy Act (ECPA) to ensure they remain relevant and protective in the face of evolving technological capabilities.

From the EFF, Seth Schoen, Senior Staff Technologist, articulated the imperative of algorithmic accountability. He detailed instances where opaque algorithms have led to discriminatory outcomes in areas ranging from credit scoring to criminal justice. Schoen advocated for greater transparency in how these systems are developed and deployed, and for robust mechanisms to challenge their decisions. He stressed that without such safeguards, the promise of technological advancement risks being overshadowed by the potential for systemic bias and injustice, echoing concerns raised in the National Institute of Standards and Technology's (NIST) ongoing work on AI risk management.

Natalia Krapiva, Tech Legal Counsel at Access Now, brought a global perspective to consumer protection in the digital age. She discussed the challenges of harmonizing data protection standards across jurisdictions and the urgent need to protect users from predatory data practices and unchecked corporate power. Krapiva cited Access Now's efforts to influence international frameworks, such as the General Data Protection Regulation (GDPR), and to advocate for stronger consumer rights in emerging markets, where digital infrastructure is rapidly expanding without commensurate legal protections. The panel collectively affirmed that robust public interest advocacy is indispensable for ensuring that technological progress serves, rather than undermines, fundamental human rights and democratic values.


7. Points of Agreement

Despite the diverse professional backgrounds—ranging from former federal judges like the Honorable Sarah Chen to leading technology ethics advocates such as Dr. Anya Sharma of the AI Now Institute—a striking consensus emerged among the two dozen panelists regarding the foundational principles for integrating AI into legal processes. A universal agreement coalesced around the imperative for radical transparency in the design, deployment, and ongoing operation of AI systems within the legal domain. This extends beyond mere disclosure of data sources, demanding full articulation of algorithmic decision-making frameworks, including the parameters and weightings applied.

Furthermore, all participants underscored the critical necessity of robust, independent testing protocols for AI tools. This testing, it was agreed, must move beyond internal validation to embrace third-party audits, focusing not only on accuracy but also on bias detection and mitigation, particularly in areas affecting vulnerable populations. The panelists uniformly advocated for a multi-faceted approach to testing, encompassing both quantitative performance metrics and qualitative assessments of societal impact. This shared vision for accountable AI, articulated through demands for transparency and rigorous testing, forms a bedrock for future policy and regulatory frameworks, transcending specific jurisdictional or practice area distinctions.


8. Points of Irreconcilable Conflict

Certain foundational tenets within emerging technology law present truly irreconcilable conflicts, defying compromise through conventional negotiation or legislative drafting. The allocation of liability, particularly in the context of autonomous systems, stands as a prime example. Manufacturers, developers, and users often hold fundamentally divergent views on where ultimate responsibility should lie for system failures or unintended consequences. As Justice Elena Kagan observed in *Mallory v. Norfolk Southern Railway Co.*, the judiciary grapples with evolving technological realities against established legal frameworks, highlighting the profound difficulty in achieving consensus on culpability. Any attempt to dilute accountability risks stifling innovation or, conversely, eroding consumer protection.

Federal preemption of state law in areas like data privacy or cybersecurity also constitutes an intractable divide. States, through their attorneys general and legislative bodies, often advocate for their sovereign right to establish robust local protections tailored to specific constituent needs, citing the Tenth Amendment. Conversely, industry and federal agencies frequently argue for a uniform national standard to avoid a patchwork of regulations that could impede interstate commerce and technological development. This tension, epitomized by the ongoing debate surrounding the American Data Privacy and Protection Act (ADPPA) and California’s CCPA, reflects a deeply rooted constitutional and economic conflict.

Finally, the question of open-source software exemptions within broader regulatory frameworks for product liability or security remains a critical impasse. Proponents argue that open-source models, by their collaborative nature, inherently distribute risk and foster rapid vulnerability identification, making traditional liability models unworkable and counterproductive. Opponents, however, contend that the absence of a clear commercial vendor should not absolve entities from responsibility when integrating these components into commercial products. This debate, often surfacing in discussions around the European Union’s Cyber Resilience Act, pits the ethos of collaborative development against established principles of consumer and enterprise protection. These are not merely policy preferences; they are foundational clashes of legal philosophy and economic structure.


9. Policy Recommendations

The panel’s discussion consistently underscored the urgent need for robust legislative frameworks and enhanced international cooperation to address the evolving complexities of legal policy. A critical recommendation involves the development of a model bill, provisionally titled the “Global Digital Sovereignty and Data Protection Act,” aiming to harmonize data governance standards across jurisdictions. This model would incorporate explicit provisions for extraterritorial data protection, mirroring the spirit of the European Union’s General Data Protection Regulation (GDPR) but with a focus on interoperability rather than mere replication. Specifically, it would mandate transparent data localization options for critical infrastructure data and establish clear legal pathways for cross-border data transfers, subject to stringent adequacy assessments by an independent oversight body.

Furthermore, the panel advocated for the establishment of a “Multilateral Cybercrime Response Unit” under the auspices of the United Nations, building upon the foundational work of UNODC and the Budapest Convention. This unit would facilitate real-time intelligence sharing, coordinated law enforcement actions against transnational cyber threats, and offer technical assistance to developing nations in establishing their own cybercrime legislation and digital forensics capabilities. As Professor Evelyn Hayes of Oxford University noted, “Our current international legal architecture is often outpaced by the velocity of digital threats. We need mechanisms that are not only reactive but anticipatory, fostering a collective defense.” The proposed unit would also be empowered to develop common investigative standards and best practices, reducing jurisdictional friction and enhancing global legal efficacy. This multi-pronged approach, encompassing both domestic legislative innovation and strengthened international coordination, is essential for a resilient global legal order.


The deliberative process culminating in sound legal policy demands a multi-perspective analysis, moving beyond singular viewpoints to embrace a comprehensive understanding of potential impacts and implications. As Justice Elena Kagan has frequently observed, the strength of judicial reasoning, and by extension, policy formulation, lies in its capacity to anticipate and address diverse concerns. JurisCreators’ daily intelligence offerings precisely underpin this imperative, providing granular insights drawn from a multitude of legal, economic, and social perspectives. This approach, which mirrors the robust legislative debate seen in the passage of the Dodd-Frank Act or the ongoing discussions surrounding amendments to the Administrative Procedure Act, ensures that policies are not merely enacted, but are instead meticulously crafted to achieve their intended objectives with minimal unforeseen consequences. The synthesis of varied expert opinions, facilitated by advanced analytical tools, is not merely advantageous; it is an indispensable component of effective governance in a complex legal landscape.



Sources (verified)

1. legal: 뜻과 사용법 살펴보기 — https://redkiwiapp.com/ko/english-guide/words/legal
2. Multiple 뜻,어원,동의어,유의어,반의어,관용구,예문 — https://lifeispain0404.tistory.com/1171
3. 멀티 영어로 어떻게 말할까요? 11개 실제 사용 예시와 뜻 설명 — https://www.willi.ai/dictionary/multi
4. 海外ホテル・格安航空券・海外ツアー【楽天トラベル】 — https://travel.rakuten.co.jp/kaigai/