The AI safety debate just crossed into new, and frankly unsettling, territory.
According to a May 4 New York Times report, the Trump administration is weighing an executive order that could create an AI working group made up of tech executives and government officials. One option under discussion: a formal government review process for new AI models before they are released to the public.
That is not a done deal, and it may never be. But the fact that it is on the table is concerning.
There is a major difference between voluntary pre-release security testing through agencies like CAISI and a formal White House review process that could determine whether models are released at all. The first can be a useful form of oversight. The second risks becoming permissioning.
And gatekeeping access to general-purpose AI may be one of the worst possible ways to respond to AI risk.
This Is Bigger Than “Safety”
Let’s get the obvious caveat out of the way: AI companies should not be trusted to regulate themselves forever.
They have incentives to hype capabilities, minimize risks, race competitors, please investors, and turn safety narratives into market positioning. The answer to that cannot always be “just let the labs decide.” Government absolutely has a role in AI.
But that role should be specific: privacy rules, liability standards, procurement requirements, antitrust enforcement, independent audits, cybersecurity coordination, incident reporting, and protections for researchers.
What government should not become is the final approval layer between a model and the public.
Once the White House is in the business of reviewing model releases, AI access risks becoming political. The question stops being “Is this system safe enough under clear standards?” and becomes “Who has the power to approve intelligence?”
That is a very different question.
It's not a question about any one party or politician, it's about the fact that making it political puts the individual at a significant disadvantage in the future.
Power Will Flow Upward
A release approval process would almost certainly concentrate AI power.
The biggest companies will still get through. They have the lawyers, lobbyists, compliance teams, national security relationships, and former officials required to navigate Washington. The same is true for defense contractors, intelligence agencies, and large enterprise partners.
Everyone else gets friction.
Startups get uncertainty. Open-source developers get chilled. Researchers get delayed. Small businesses get weaker tools. Ordinary users get whatever filtered version survives the process.
That would reverse one of the most important features of the AI boom so far: access.
For all their flaws, major AI companies have still put significant capability into the hands of regular people. Free tiers, low-cost subscriptions, APIs, open models, and developer tools have let students, freelancers, founders, educators, and small companies use systems that previously would have been locked inside elite labs.
That broad access is not a side benefit. It is the point.
AI is leverage. If the most powerful forms of that leverage become available first to government, incumbents, and approved institutions, then we are not making AI safer for the public. We are making the public wait while powerful actors move first.
Open Source Could Take the Biggest Hit
The open-source AI ecosystem would be especially vulnerable.
Open models are easy to portray as risky because they can be downloaded, modified, and run outside a company’s control. But that is also why they matter. Open source is one of the few real checks against a future where AI capability lives entirely inside corporate APIs and government-approved channels.
Open models let researchers audit behavior. They let startups build without begging for platform access. They let independent developers test safety claims. They give users an alternative when large labs change pricing, terms, refusals, or availability.
A government release process would almost certainly favor closed systems. Closed labs can promise monitoring, access controls, compliance procedures, and ongoing relationships with officials. Open-source projects cannot offer the same neat control story.
That means safety policy could become incumbent protection by another name.
And once that happens, the market gets narrower. The powerful players get safer from competition. The public becomes more distant from high capability.
Those are not the same thing.
The Global AI Race Won’t Wait for Washington
There is also the international problem.
If the U.S. slows public AI release through a White House approval process, that does not mean the rest of the world pauses. A U.S.-only release bottleneck would not automatically slow foreign labs, open-source communities abroad, or state-backed actors.
Slowing down will only impact the U.S. market and create a gap that will quietly be served by international tools.
A restrictive American process could leave U.S. startups, researchers, and users operating with weaker tools while less transparent competitors continue advancing elsewhere.
That is the failure mode AI governance should avoid: reduced access in democratic societies without a meaningful reduction in global risk.
If the goal is national competitiveness, concentrating frontier access inside government-approved channels may backfire. The American AI advantage has not only come from big labs. It has come from the surrounding ecosystem: developers, startups, researchers, open-source projects, universities, security experts, and users discovering what these tools can actually do.
You do not strengthen that ecosystem by making it ask permission.
Now for the Elephant in the Room: Politics
Even if the first version of this process is narrow, technical, and focused on national security, it will not stay that way forever.
Any government approval process for AI releases would become a political pressure point. Future administrations could reinterpret it. Agencies could expand it. Congress could pressure it. Campaigns could weaponize it.
One faction will want models restricted over cybersecurity. Another over misinformation. Another over copyright. Another over labor displacement. Another over bias. Another because the model is not biased in the direction they prefer.
That does not require corruption or conspiracy. It only requires normal politics.
The moment government controls the release gate, every political actor has a reason to fight over the gate.
That is why this proposal is so different from ordinary safety testing. A standard can be debated, measured, revised, and applied across the market. A release approval process creates a chokepoint.
And chokepoints attract power.
Anthropic and Mythos Helped Create This Mess
The New York Times reports that the administration’s shift began after Anthropic introduced Mythos, a powerful AI model that sparked concern because of its apparent cybersecurity capabilities.
That is important.
Anthropic may have built a genuinely great model. Mythos may represent a real step forward. It may also be hard to serve broadly, safely, or affordably. Those are legitimate operational problems.
But the public framing around Mythos has been combustible, and was in my opinion, irresponsible. “Too dangerous to release” is the kind of phrase that escapes the lab, lands in Washington, and starts writing policy by itself. When risk is framed so broadly, policymakers are more likely to reach for blunt permissioning systems instead of narrower accountability tools.
If Anthropic used fear to cover for the fact that it could not, or did not want to, serve Mythos broadly, that may cost everyone. Not because every powerful model should be dumped online without safeguards. But because fear is a terrible architect for public policy.
It encourages closed-door control mechanisms to masquerade as responsibility.
The better framing would have been narrower: here is what the model can do, here are the risks, here are the deployment constraints, here are the mitigations, and here is what independent experts can verify. Even a plan to withhold any public release for 30-60 days would have made sense.
Instead, the Mythos story helped normalize the idea that the public itself may be in danger.
Once policymakers absorb that lesson, the obvious next step is toward some level of government permissioning. For many months prior, cybersecurity concerns have been shared and access given to affected vendors by companies creating models, including Anthropic. The threat itself was not "new," even if it is more capable that others.
OpenAI spent the past 15 months building and honing a responsible approach to this exact issue. Read them here, here, here and here.
With that out of the way, let's talk about responsible governance of the AI space.
There Are Better Ways to Govern AI
The alternative is not laissez-faire chaos.
Government can require independent evaluations for frontier systems. It can mandate incident reporting. It can enforce privacy and consumer protection law. It can fund public-interest AI testing. It can support defensive cybersecurity use. It can protect researchers who identify model failures. It can enforce antitrust law against companies that use safety as a moat.
Those are real governance tools.
But they regulate behavior, ensure consumers are protected, and regulate harm caused by AI. They do not turn model release itself into a political decision.
That distinction matters. The government should be a referee with clear rules, not the person holding the product launch button.
The Real Risk
AI risk is real. Government testing is valid. But mandatory political approval of model releases would create a concentrated-power failure mode that may be worse than the problem it aims to solve.
A powerful model can be misused. A government approval regime can also be misused. And unlike a single model release, a political gatekeeping structure tends to persist, expand, and become harder to unwind.
The companies should not decide the future alone.
But neither should the White House decide alone when the future is safe enough for everyone else.
If advanced AI is going to shape work, security, education, science, media, and politics, then access to it cannot be negotiated only between frontier labs and the state. The public has a stake here too.
The danger is not that the government wants to understand powerful AI before it spreads. The danger is that “understanding” becomes “approval,” approval becomes leverage, and leverage becomes control.
That is not AI safety.
That is AI permissioning.
