scan.json (23082B)
1 { 2 "paper": { 3 "title": "Anti-Regulatory AI: How \"AI Safety\" is Leveraged Against Regulatory Oversight", 4 "authors": ["Rui-Jie Yew", "Brian Judge"], 5 "year": 2025, 6 "venue": "EAAMO '25", 7 "doi": "10.1145/3757887.3763017" 8 }, 9 "checklist": { 10 "artifacts": { 11 "code_released": { 12 "applies": false, 13 "answer": false, 14 "justification": "This is a theoretical/legal analysis paper with no code or computational experiments. There is no code to release." 15 }, 16 "data_released": { 17 "applies": false, 18 "answer": false, 19 "justification": "This is a theoretical/legal analysis paper. There is no dataset; the paper analyzes publicly available corporate statements, regulatory documents, and prior scholarship qualitatively." 20 }, 21 "environment_specified": { 22 "applies": false, 23 "answer": false, 24 "justification": "No computational experiments are performed. There is no software environment to specify." 25 }, 26 "reproduction_instructions": { 27 "applies": false, 28 "answer": false, 29 "justification": "No computational experiments are performed. The arguments are based on legal/policy analysis of cited sources, which are all publicly referenced." 30 } 31 }, 32 "statistical_methodology": { 33 "confidence_intervals_or_error_bars": { 34 "applies": false, 35 "answer": false, 36 "justification": "No quantitative analysis is performed. The paper is a qualitative legal/policy analysis." 37 }, 38 "significance_tests": { 39 "applies": false, 40 "answer": false, 41 "justification": "No statistical comparisons are made. The paper makes no quantitative claims." 42 }, 43 "effect_sizes_reported": { 44 "applies": false, 45 "answer": false, 46 "justification": "No quantitative effects are measured. The paper is entirely qualitative." 47 }, 48 "sample_size_justified": { 49 "applies": false, 50 "answer": false, 51 "justification": "No sample is collected. This is a theoretical analysis paper." 52 }, 53 "variance_reported": { 54 "applies": false, 55 "answer": false, 56 "justification": "No experiments with repeated runs are performed." 57 } 58 }, 59 "evaluation_design": { 60 "baselines_included": { 61 "applies": false, 62 "answer": false, 63 "justification": "This is a theoretical/legal analysis paper, not an empirical study. There is no system or method to compare against baselines." 64 }, 65 "baselines_contemporary": { 66 "applies": false, 67 "answer": false, 68 "justification": "No baselines are applicable to this type of legal/policy analysis paper." 69 }, 70 "ablation_study": { 71 "applies": false, 72 "answer": false, 73 "justification": "No system or method with components to ablate. This is a theoretical analysis." 74 }, 75 "multiple_metrics": { 76 "applies": false, 77 "answer": false, 78 "justification": "No empirical evaluation is performed. No metrics are applicable." 79 }, 80 "human_evaluation": { 81 "applies": false, 82 "answer": false, 83 "justification": "No system outputs to evaluate. The paper is a legal/policy analysis framework." 84 }, 85 "held_out_test_set": { 86 "applies": false, 87 "answer": false, 88 "justification": "No data splits or test sets are used in this theoretical analysis." 89 }, 90 "per_category_breakdown": { 91 "applies": true, 92 "answer": true, 93 "justification": "The paper provides a structured breakdown of anti-regulatory mechanisms by category: avoidance mechanisms (encryption, decentralized technologies, synthetic data) and change mechanisms (open-source models, AI evaluations, alignment techniques), each analyzed individually in dedicated subsections (Sections 3 and 4) and summarized in Tables 1 and 2." 94 }, 95 "failure_cases_discussed": { 96 "applies": true, 97 "answer": true, 98 "justification": "The paper explicitly states: 'We do not argue that these technologies are necessarily ineffective at achieving their protective purposes, or that they are necessarily misaligned with their rhetorical frames' (Section 1), acknowledging that the framework does not apply universally and that some technologies may genuinely serve their stated protective purpose." 99 }, 100 "negative_results_reported": { 101 "applies": false, 102 "answer": false, 103 "justification": "No experiments are performed from which negative results could emerge. This is a theoretical framework paper." 104 } 105 }, 106 "claims_and_evidence": { 107 "abstract_claims_supported": { 108 "applies": true, 109 "answer": true, 110 "justification": "The abstract claims the paper examines how privacy-enhancing technologies and AI safety practices can function as anti-regulatory mechanisms. Sections 3 (avoidance) and 4 (change) systematically provide evidence for each claim through analysis of corporate statements, regulatory documents, and legal scholarship." 111 }, 112 "causal_claims_justified": { 113 "applies": true, 114 "answer": false, 115 "justification": "The paper uses causal language such as 'can operate as mechanisms of avoidance', 'function as anti-regulatory mechanisms', and 'shapes the terms of regulatory oversight'. While the framework identifies potential mechanisms, the paper does not provide evidence that these technologies were deployed *because of* their anti-regulatory function versus their stated purposes. The evidence is circumstantial — corporate statements could support multiple interpretations." 116 }, 117 "generalization_bounded": { 118 "applies": true, 119 "answer": true, 120 "justification": "The paper is careful to bound its claims. It states: 'We do not argue that these technologies are necessarily ineffective at achieving their protective purposes' and that the framing 'may, in fact, constitute a pretextual argument' or 'may not'. The use of 'can' rather than 'does' throughout appropriately hedges the generalizability of the claims." 121 }, 122 "alternative_explanations_discussed": { 123 "applies": true, 124 "answer": true, 125 "justification": "The paper explicitly acknowledges that the technologies may genuinely serve their stated protective purposes (Section 1): 'We do not argue that these technologies are necessarily ineffective at achieving their protective purposes, or that they are necessarily misaligned with their rhetorical frames.' This is the primary alternative explanation — that the protective framing is accurate, not pretextual." 126 } 127 }, 128 "setup_transparency": { 129 "model_versions_specified": { 130 "applies": false, 131 "answer": false, 132 "justification": "No AI models are used in this paper's methodology. The paper discusses models as subjects of analysis, not tools." 133 }, 134 "prompts_provided": { 135 "applies": false, 136 "answer": false, 137 "justification": "No prompting is used. This is a legal/policy analysis paper." 138 }, 139 "hyperparameters_reported": { 140 "applies": false, 141 "answer": false, 142 "justification": "No computational experiments are performed." 143 }, 144 "scaffolding_described": { 145 "applies": false, 146 "answer": false, 147 "justification": "No agentic scaffolding is used. This is a theoretical analysis." 148 }, 149 "data_preprocessing_documented": { 150 "applies": false, 151 "answer": false, 152 "justification": "No data preprocessing is performed. The paper is a qualitative analysis of corporate statements, regulatory documents, and existing scholarship." 153 } 154 }, 155 "limitations_and_scope": { 156 "limitations_section_present": { 157 "applies": true, 158 "answer": false, 159 "justification": "There is no dedicated limitations or threats-to-validity section. The paper moves directly from Section 4 (mechanisms of change) to Section 5 (Conclusion) without a limitations discussion." 160 }, 161 "threats_to_validity_specific": { 162 "applies": true, 163 "answer": false, 164 "justification": "No specific threats to validity are discussed. The paper does not address potential weaknesses such as selection bias in the choice of examples, the difficulty of attributing intent to corporate actions, or the possibility that the framework overinterprets coincidental alignment between technology features and regulatory avoidance." 165 }, 166 "scope_boundaries_stated": { 167 "applies": true, 168 "answer": true, 169 "justification": "The paper states specific scope boundaries: 'We do not argue that these technologies are necessarily ineffective at achieving their protective purposes, or that they are necessarily misaligned with their rhetorical frames. We aim to bring to light how evaluating these technologies through only their rhetorical frames can constrain how these technologies are conceptualized' (Section 1). This explicitly states what the paper is NOT claiming." 170 } 171 }, 172 "data_integrity": { 173 "raw_data_available": { 174 "applies": false, 175 "answer": false, 176 "justification": "This is a theoretical/legal analysis paper based on publicly available documents. There is no primary data collection. All sources are cited and publicly accessible." 177 }, 178 "data_collection_described": { 179 "applies": false, 180 "answer": false, 181 "justification": "No primary data is collected. The paper synthesizes existing regulatory documents, corporate statements, and academic literature." 182 }, 183 "recruitment_methods_described": { 184 "applies": false, 185 "answer": false, 186 "justification": "No participants are recruited. This is a theoretical analysis paper." 187 }, 188 "data_pipeline_documented": { 189 "applies": false, 190 "answer": false, 191 "justification": "No data pipeline exists. The paper is a qualitative legal/policy analysis." 192 } 193 }, 194 "conflicts_of_interest": { 195 "funding_disclosed": { 196 "applies": true, 197 "answer": false, 198 "justification": "No funding sources are disclosed. The Acknowledgments section thanks specific individuals and anonymous reviewers for 'helpful insight' but does not mention any funding sources, grants, or financial support." 199 }, 200 "affiliations_disclosed": { 201 "applies": true, 202 "answer": true, 203 "justification": "Author affiliations are clearly stated: Rui-Jie Yew is affiliated with the Center for Technology Responsibility, Reimagination, and Redesign at Brown University and the Center for Human-Compatible AI at UC Berkeley. Brian Judge is affiliated with the Center for Human-Compatible AI at UC Berkeley." 204 }, 205 "funder_independent_of_outcome": { 206 "applies": false, 207 "answer": false, 208 "justification": "No funding is disclosed, so independence cannot be assessed. The paper appears to be academic research without disclosed corporate funding, though one author's affiliation (CHAI at UC Berkeley) has received funding from various sources including tech companies." 209 }, 210 "financial_interests_declared": { 211 "applies": true, 212 "answer": false, 213 "justification": "No competing interests statement or financial interests declaration is present in the paper." 214 } 215 }, 216 "contamination": { 217 "training_cutoff_stated": { 218 "applies": false, 219 "answer": false, 220 "justification": "No pre-trained model is evaluated on any benchmark. This is a legal/policy analysis paper." 221 }, 222 "train_test_overlap_discussed": { 223 "applies": false, 224 "answer": false, 225 "justification": "No model evaluation on benchmarks is performed." 226 }, 227 "benchmark_contamination_addressed": { 228 "applies": false, 229 "answer": false, 230 "justification": "No benchmark evaluation is performed." 231 } 232 }, 233 "human_studies": { 234 "pre_registered": { 235 "applies": false, 236 "answer": false, 237 "justification": "No human participants are involved. This is a theoretical/legal analysis paper." 238 }, 239 "irb_or_ethics_approval": { 240 "applies": false, 241 "answer": false, 242 "justification": "No human participants are involved." 243 }, 244 "demographics_reported": { 245 "applies": false, 246 "answer": false, 247 "justification": "No human participants are involved." 248 }, 249 "inclusion_exclusion_criteria": { 250 "applies": false, 251 "answer": false, 252 "justification": "No human participants are involved." 253 }, 254 "randomization_described": { 255 "applies": false, 256 "answer": false, 257 "justification": "No human participants are involved." 258 }, 259 "blinding_described": { 260 "applies": false, 261 "answer": false, 262 "justification": "No human participants are involved." 263 }, 264 "attrition_reported": { 265 "applies": false, 266 "answer": false, 267 "justification": "No human participants are involved." 268 } 269 }, 270 "cost_and_practicality": { 271 "inference_cost_reported": { 272 "applies": false, 273 "answer": false, 274 "justification": "This is a theoretical/legal analysis paper. No computational method is proposed whose cost would be relevant." 275 }, 276 "compute_budget_stated": { 277 "applies": false, 278 "answer": false, 279 "justification": "No computation is performed." 280 } 281 } 282 }, 283 "claims": [ 284 { 285 "claim": "Privacy-enhancing technologies (encryption, federated learning, synthetic data) can function as anti-regulatory mechanisms of avoidance, placing data operations outside the scope of regulatory frameworks.", 286 "evidence": "Section 3 provides multiple concrete examples: Google-MasterCard PSI deal to track retail sales under encryption framing (Section 3.0.1, citing [72]); Google's argument to the EU that PETs prevent compliance with AIA dataset requirements (Section 3.0.2, citing [46]); synthetic data as 'copyright laundering' bypassing consent and attribution requirements (Section 3.0.3, citing [82, 137]).", 287 "supported": "moderate" 288 }, 289 { 290 "claim": "AI safety practices (open-sourcing, evaluations/benchmarks, alignment techniques) function as mechanisms of change that redirect regulatory focus towards voluntary, industry-controlled standards.", 291 "evidence": "Section 4 cites Google's AIA response arguing open-source should be exempt from regulation (Section 4.0.1, citing [46]); Anthropic's SB1047 response using 'nascency' to argue against prescriptive legislation (Section 4.0.2, citing [8]); OpenAI's advocacy for voluntary frameworks (citing [71]); EU Parliament's use of 'compliance' language for Constitutional AI (Section 4.0.3, citing [115]).", 292 "supported": "moderate" 293 }, 294 { 295 "claim": "The rhetoric of 'nascency' in AI safety science is used to delay and preempt binding regulation.", 296 "evidence": "Section 4.0.2 cites Anthropic CEO Amodei's statement that nascency 'is a reason not to legislate too prescriptively, too early' [8] and OpenAI's claim that 'the science of AI risk evaluations is nascent' [71], used to argue for government investment in evaluation maturation rather than binding legislation.", 297 "supported": "moderate" 298 }, 299 { 300 "claim": "Companies' investment in AI safety institutes and evaluation grants creates a self-fulfilling ecosystem that legitimizes voluntary self-governance.", 301 "evidence": "Section 4.0.2 describes OpenAI and Anthropic providing monetary support to UK AISI [94], the AI Safety Fund (funded by Google, Microsoft, Anthropic, OpenAI) awarding grants to 'independent researchers' [38], and Meta's LLM Evaluation Research Grant to university faculty [79]. The paper draws an analogy to credit rating agencies and the financial industry.", 302 "supported": "weak" 303 }, 304 { 305 "claim": "'Human-out-of-the-loop' alignment techniques serve to obscure labor dependencies and muddle liability attribution.", 306 "evidence": "Section 4.0.3 cites Perrigo [93] on undisclosed labor practices at OpenAI, EU Parliament's language describing Constitutional AI as ensuring 'compliance' [115], and Nissenbaum [84] on 'vacuums of accountability'. However, the connection between alignment techniques and liability avoidance is largely theoretical.", 307 "supported": "weak" 308 } 309 ], 310 "methodology_tags": ["theoretical", "qualitative"], 311 "key_findings": "The paper introduces the concept of 'anti-regulatory AI' by applying Wu's (2003) anti-regulatory framework to AI technologies. It identifies two categories: avoidance mechanisms (encryption, federated learning, synthetic data) that attempt to place data operations outside regulatory scope, and change mechanisms (open-source models, AI evaluations, alignment techniques) that redirect regulatory focus toward voluntary industry-controlled standards. The analysis reveals how corporate rhetorical framing of these technologies as 'safe', 'private', or 'fair' can obscure their function as regulatory workarounds, and argues that policy must attend to the business incentives driving AI development.", 312 "red_flags": [ 313 { 314 "flag": "No limitations section", 315 "detail": "The paper lacks a dedicated limitations or threats-to-validity section, which is notable for a paper making strong claims about corporate motivations and regulatory dynamics. Key limitations not addressed include: selection bias in examples chosen, difficulty of attributing intent to corporate actions, and whether the framework systematically overinterprets coincidental alignment between technology features and regulatory avoidance." 316 }, 317 { 318 "flag": "Intent attribution without evidence of intent", 319 "detail": "The paper frequently implies or states that technologies serve anti-regulatory purposes ('can operate as mechanisms of avoidance') but the evidence is primarily structural/functional rather than showing companies adopted these technologies *because of* their regulatory avoidance properties. The distinction between incidental and intentional anti-regulatory functions is not always clearly drawn." 320 }, 321 { 322 "flag": "Selective example choice", 323 "detail": "The paper selects examples that support the anti-regulatory thesis without systematically considering counterexamples — cases where these same technologies genuinely delivered their stated protections without anti-regulatory effect, or where companies adopted them despite regulatory costs. While the paper hedges with 'can' language, the cumulative impression is more one-sided than the evidence warrants." 324 } 325 ], 326 "cited_papers": [ 327 { 328 "title": "Safetywashing: Do AI Safety Benchmarks Actually Measure Safety Progress?", 329 "authors": ["Richard Ren", "Steven Basart", "Adam Khoja", "Alice Gatti", "Long Phan", "Xuwang Yin", "Mantas Mazeika", "Alexander Pan", "Gabriel Mukobi", "Ryan H. Kim", "Stephen Fitz", "Dan Hendrycks"], 330 "year": 2024, 331 "arxiv_id": "2407.21792", 332 "relevance": "Directly examines whether AI safety benchmarks measure what they claim to measure, relevant to evaluation methodology in AI safety." 333 }, 334 { 335 "title": "Pitfalls of Evidence-Based AI Policy", 336 "authors": ["Stephen Casper", "David Krueger", "Dylan Hadfield-Menell"], 337 "year": 2025, 338 "arxiv_id": "2502.09618", 339 "relevance": "Examines how 'evidence-based' AI policy can serve to delay regulation, directly relevant to how methodology quality intersects with policy." 340 }, 341 { 342 "title": "Constitutional ai: Harmlessness from ai feedback", 343 "authors": ["Yuntao Bai", "Saurav Kadavath", "Sandipan Kundu"], 344 "year": 2022, 345 "arxiv_id": "2212.08073", 346 "relevance": "Key alignment technique discussed in the paper as a mechanism of change; relevant to AI safety methodology evaluation." 347 }, 348 { 349 "title": "Open problems and fundamental limitations of reinforcement learning from human feedback", 350 "authors": ["Stephen Casper", "Xander Davies", "Claudia Shi"], 351 "year": 2023, 352 "arxiv_id": "2307.15217", 353 "relevance": "Identifies fundamental limitations of RLHF, relevant to evaluating alignment technique claims." 354 }, 355 { 356 "title": "Sleeper agents: Training deceptive llms that persist through safety training", 357 "authors": ["Evan Hubinger", "Carson Denison", "Jesse Mu"], 358 "year": 2024, 359 "arxiv_id": "2401.05566", 360 "relevance": "Demonstrates deceptive AI behavior that persists through safety training, relevant to AI safety evaluation methodology." 361 }, 362 { 363 "title": "Towards AI Accountability Infrastructure: Gaps and Opportunities in AI Audit Tooling", 364 "authors": ["Victor Ojewale", "Ryan Steed", "Briana Vecchione", "Abeba Birhane", "Inioluwa Deborah Raji"], 365 "year": 2024, 366 "arxiv_id": "2402.17861", 367 "relevance": "Examines gaps in AI audit tooling and accountability infrastructure, directly relevant to evaluation methodology quality." 368 }, 369 { 370 "title": "Red teaming language models with language models", 371 "authors": ["Ethan Perez", "Saffron Huang", "Francis Song"], 372 "year": 2022, 373 "arxiv_id": "2202.03286", 374 "relevance": "Foundational work on AI-based red teaming, relevant to the 'human-out-of-the-loop' alignment paradigm discussed in the paper." 375 }, 376 { 377 "title": "Rethinking open source generative AI: open washing and the EU AI Act", 378 "authors": ["Andreas Liesenfeld", "Mark Dingemanse"], 379 "year": 2024, 380 "relevance": "Examines 'open washing' in AI releases and its interaction with EU AI Act regulation, directly relevant to the paper's analysis of open-source as a change mechanism." 381 }, 382 { 383 "title": "How Do AI Companies 'Fine-Tune' Policy? Examining Regulatory Capture in AI Governance", 384 "authors": ["Kevin Wei", "Carson Ezell", "Nick Gabrieli", "Chinmay Deshpande"], 385 "year": 2024, 386 "relevance": "Examines regulatory capture strategies in AI governance, closely aligned with the anti-regulatory AI framework." 387 }, 388 { 389 "title": "Red Teaming AI Policy: A Taxonomy of Avoision and the EU AI Act", 390 "authors": ["Rui-Jie Yew", "Bill Marino", "Suresh Venkatasubramanian"], 391 "year": 2025, 392 "relevance": "Prior work by one of the same authors on taxonomy of regulatory avoidance strategies in AI, directly extends to this paper's framework." 393 }, 394 { 395 "title": "On the Limitations of Compute Thresholds as a Governance Strategy", 396 "authors": ["Sara Hooker"], 397 "year": 2024, 398 "arxiv_id": "2407.05694", 399 "relevance": "Examines limitations of compute-based governance thresholds and how they can be circumvented, relevant to AI regulatory design." 400 } 401 ] 402 }