A study from the Stanford Institute for Human-Centered Artificial Intelligence challenges a central claim in AI policy debates: that open source AI models are inherently more dangerous than closed systems such as GPT-4. Its conclusion is not that open foundation models carry no risk, but that current evidence does not show they pose greater marginal risk than closed models or technologies that already exist.
The study looks at the social and political implications of Open Foundation Models, or OFMs, and weighs their risks against their benefits. It also offers recommendations for policymakers considering how to regulate AI systems with widely available weights.
What the Stanford study says about open foundation models
The study defines open foundation models as models with widely available weights. According to the authors, these systems can provide significant benefits by fighting market concentration, supporting innovation, and improving transparency.
That matters because AI policy does not only affect model safety. It can also shape who is able to build, inspect, adapt, and compete in the AI ecosystem. The study argues that OFMs can help distribute power more broadly, rather than leaving advanced AI development concentrated among a smaller number of closed-model providers.
The authors examined several categories of potential harm linked to open foundation models, including disinformation, biorisks, cybersecurity, spear phishing, non-consensual intimate images (NCII), and child sexual abuse material (CSAM). Their central finding is that the evidence for additional risk from OFMs, compared with closed models or existing technologies, remains limited.
Risk is real, but the comparison matters
The study does not dismiss AI risks. Instead, it asks a narrower and more policy-relevant question: whether open foundation models create extra risk relative to alternatives that are already available.
That distinction is important. A harmful use of AI may exist across open systems, closed systems, or pre-existing tools. If a policy targets open models specifically, the case for that policy depends on whether open models add a meaningful new layer of danger.
For harms such as NCII and CSAM, the study says the risks are better documented. But it also argues that proposals focused on licensing computationally intensive models are not well matched to those harms, because the text-image models involved can require far fewer resources to train.
The study also notes that security mechanisms for closed models are vulnerable. In other words, keeping model access closed does not automatically remove the possibility of misuse. The authors still emphasize that more research is needed to assess risks more fully.
Why some AI regulation could hit open models harder
A major concern in the study is that some policy proposals could place heavier burdens on the open foundation model ecosystem than on closed-model companies. The authors specifically point to liability for damages caused by downstream use and strict content provenance requirements as examples that could have a disproportionate impact.
The reason is structural. Open foundation model developers may release model weights that others adapt, deploy, or build on in many different ways. Rules that make developers responsible for downstream harms could create broad legal exposure even when the developer does not control every later use.
The study also warns that licensing proposals may harm OFM developers disproportionately. If regulation is designed around access to computationally intensive models, it may miss some documented harms while still restricting open model development.
According to the team, several lessons follow:
- Open foundation models can help combat market concentration, catalyze innovation, and improve transparency.
- The key policy question is the marginal risk of OFMs compared with closed models or pre-existing technologies.
- Current evidence of that marginal risk is limited.
- Some interventions may work better at downstream choke points beyond the foundation model layer.
- Policymakers should consider unintended consequences for the innovation ecosystem around open foundation models.
What policymakers are being urged to do
The study’s recommendation is caution, not inaction. Policymakers are advised to consider the benefits of open foundation models alongside the risks, and to consult OFM developers before implementing policies that could reshape the field.
That approach would shift the debate away from treating openness itself as the main danger. Instead, it would focus attention on where a specific harm occurs, which tools are involved, and whether the proposed intervention is likely to reduce harm without damaging beneficial uses.
The study also suggests that some interventions may be better aimed downstream from the foundation model layer. This means policymakers may need to look beyond the initial release of model weights and examine later points where systems are deployed, distributed, or used to create harmful content.
How the debate is landing in the AI industry
Meta's head of AI, Yann LeCun, responded to the study on LinkedIn with a sharply worded endorsement. He described it as "A big bunch of nails in the coffin of the idea that open source AI models are more dangerous than closed ones."
LeCun also said that since the release of Metas Llama-2, there has been "an explosion of applications built on top of open source LLMs, and none of the catastrophe scenarios the AI doomers had predicted."
His reaction reflects one side of a broader debate over open source AI, closed models, and regulation. The Stanford study gives that debate a more precise frame: open foundation models may carry serious policy questions, but the evidence presented does not show that they are more dangerous than closed models simply because they are open.
For policymakers, the practical takeaway is clear. Rules aimed at open source AI should be based on demonstrated marginal risk, not assumptions about openness. Otherwise, regulation could weaken competition, transparency, and innovation while failing to address the harms it is meant to reduce.