Tech chief executives are increasingly talking about AI rules, but the conversation has shifted from a simple “regulate or don’t regulate” binary to a more uncomfortable question: who gets to write the rules, how quickly they can be agreed, and what happens if the process drags on while AI systems keep improving.
On the surface, the push sounds straightforward. Many of the most influential technology companies want some form of governance—clear expectations for safety testing, transparency obligations, and guardrails around high-risk uses. Yet beneath that consensus lies a tension that is becoming harder to ignore. A deregulated environment may feel like freedom at first, especially to firms that fear compliance costs, slow product cycles, or unpredictable enforcement. But critics argue that the absence of baseline standards doesn’t create a vacuum; it creates space for politics to fill in the gaps. And when politics fills the gaps, the result is often not a coherent regulatory framework but ad hoc interventions—case-by-case actions driven by public outrage, electoral incentives, or geopolitical pressure.
That distinction matters because AI governance is not only about preventing harm. It is also about preventing inconsistency. When rules arrive late or in fragments, companies face a moving target: one set of expectations in one jurisdiction, another elsewhere, and sudden new constraints after a widely publicized incident. The industry’s concern is not merely that regulation could be heavy. It is that regulation could become erratic.
The debate is therefore less about the existence of rules and more about their architecture—whether governance is designed as a stable system or improvised as a series of reactions.
A “rules-first” mindset, with a catch
The most visible advocates for AI regulation among tech leaders tend to frame their position as pragmatic. They argue that without common standards, the market will fragment. Firms will spend time and money building compliance programs for different countries, different regulators, and different interpretations of what counts as “safe.” They also point out that public trust is a prerequisite for adoption. If AI becomes associated with fraud, discrimination, or dangerous failures, governments will respond—whether or not companies wanted them to.
But there is a catch. Many executives also worry about the speed and specificity of regulation. They want principles and processes rather than overly prescriptive requirements that might lock in today’s technical assumptions. In other words, they want guardrails that can evolve with the technology.
This is where the “deregulation” argument enters the conversation. Some in the industry have historically preferred light-touch oversight, arguing that innovation should not be strangled by early rules. Their logic is that AI is moving too fast for detailed regulation to keep up. Better, they say, to allow experimentation while encouraging voluntary safety practices and internal risk management.
Critics counter that this approach can backfire. If voluntary measures are not backed by enforceable baselines, then the system’s real governance mechanism becomes political attention. When something goes wrong—or when a powerful actor wants to make an example—governments can intervene quickly, using whatever legal tools are available at the time. That intervention may be justified, but it is rarely uniform. It tends to be shaped by the incident, the media cycle, and the regulator’s immediate priorities rather than by a pre-agreed framework.
In that scenario, the industry does not get “less regulation.” It gets unpredictable regulation.
Why ad hoc intervention is uniquely risky for AI
Ad hoc political intervention is not just inconvenient. For AI, it can be structurally harmful because AI systems are complex, iterative, and often deployed across multiple contexts.
First, AI harms can be delayed. A model released today may be used in ways that only become apparent months later. If governance is triggered only after visible damage, the response will always lag behind deployment. That lag makes it harder to learn from incidents in a systematic way, because the policy reaction is tied to the specific event rather than to underlying risk categories.
Second, AI supply chains are distributed. A single “incident” might involve model developers, data providers, cloud platforms, integrators, and end users. When governments intervene case-by-case, they may target the most visible party rather than the true source of risk. That can distort incentives and lead to superficial compliance—papering over symptoms instead of addressing root causes.
Third, AI models can be updated frequently. If rules change abruptly after a scandal, companies may scramble to patch behavior without clear guidance on what “good” looks like. That can produce a compliance culture focused on avoiding headlines rather than improving safety engineering.
Fourth, ad hoc intervention can chill beneficial research. When enforcement is unpredictable, firms may become reluctant to test new capabilities or deploy them in controlled settings. The result can be slower progress in safety work itself, because safety evaluation often requires experimentation.
So the fear expressed by critics is not simply that regulation is coming. It is that regulation will arrive in a form that undermines learning, consistency, and long-term planning.
The deeper issue: timing and coordination
The most important variable in the AI governance debate is time. AI capabilities are advancing rapidly, and the window for coordinated rulemaking may be narrower than many policymakers assume. If leaders wait until after major deployments and high-profile failures, they may find themselves negotiating under pressure rather than designing under deliberation.
Coordination is difficult even in normal circumstances. It becomes harder when the stakes are global and the incentives diverge. Governments want to protect citizens and maintain competitiveness. Companies want to avoid constraints that could reduce their advantage. Civil society wants stronger protections and accountability. Researchers want room to explore.
When these groups cannot align early, the system defaults to reactive governance. Reactive governance is politically attractive because it signals action. But it is technically weak because it lacks the foresight to anticipate how AI systems will evolve.
This is why the current push for AI rules—however imperfect—can be seen as an attempt to reclaim the initiative. Tech CEOs may be trying to prevent a future where they are forced to comply with whatever policy emerges after the next crisis. By advocating for rules now, they hope to shape the process before it is shaped for them.
Yet the industry’s own history complicates the narrative. Voluntary commitments have often been criticized as insufficient. If companies want enforceable standards, they must also accept that enforcement will exist. If they want flexible principles, they must accept that regulators will still need mechanisms to interpret those principles when disputes arise.
The challenge is to design governance that is both credible and adaptable.
What “good” AI rules would look like in practice
Even without a single universal template, there are emerging themes in what many stakeholders consider workable governance.
One theme is risk-based classification. Rather than treating all AI systems equally, rules should differentiate between low-risk tools and high-risk applications—such as those affecting employment decisions, access to essential services, or critical infrastructure. Risk-based approaches aim to avoid burdening harmless uses while focusing scrutiny where harm is more likely or more severe.
Another theme is documentation and transparency. Regulators and auditors need enough information to evaluate whether a system meets safety expectations. That includes details about training data provenance, evaluation methods, model limitations, and intended use. Transparency is not only about public disclosure; it is also about enabling technical accountability.
A third theme is evaluation and testing. Safety is not a slogan; it is a process. Rules increasingly emphasize pre-deployment testing, ongoing monitoring, and incident reporting. For advanced models, this may include stress tests for misuse, checks for bias and robustness, and verification of safeguards.
A fourth theme is accountability across the lifecycle. Governance should not stop at launch. AI systems can drift as they interact with users and environments. Good rules therefore require monitoring, update procedures, and clear responsibility for changes.
Finally, there is the question of enforcement. Without enforcement, rules become suggestions. But enforcement without clarity becomes arbitrary. The goal is to create predictable pathways: what companies must do, how regulators will assess compliance, and what happens when problems are found.
If these elements are missing, the system becomes vulnerable to ad hoc intervention. If they are present, governance can be proactive rather than reactive.
The political economy of AI governance
The phrase “ad hoc political intervention” captures a broader reality: AI governance is not only a technical matter. It is also a political economy problem.
AI is strategic. It affects national security, economic competitiveness, and social stability. That means governments may treat AI not just as a product category but as a lever of power. When that happens, policy can shift quickly based on geopolitical events or domestic political needs.
In such an environment, even well-intentioned regulation can become politicized. A government may decide that a particular company, model, or use case represents a threat. It may then act using whatever legal authority it has, even if that authority was not designed for AI’s technical realities.
This is why industry leaders sometimes prefer “deregulation” rhetoric: it signals resistance to politicization. But critics argue that deregulation rhetoric can be misleading. If the state is determined to act, it will find a way. The question is whether it acts through a stable framework or through emergency measures.
A stable framework can reduce politicization by setting expectations in advance. Emergency measures, by contrast, invite politicization because they are inherently discretionary.
The unique twist in the current moment is that tech CEOs are now asking for rules while simultaneously warning against the consequences of waiting too long. That combination suggests a recognition that the political process cannot be avoided. The only choice is whether companies help shape the rules before politics takes over—or whether they wait and then react to politics after the fact.
A “patchwork” future is already taking shape
Even without a single dramatic crackdown, the world is already moving toward a patchwork of AI governance. Different jurisdictions are developing different approaches to transparency, risk assessment, and enforcement. Some focus on consumer protection. Others emphasize competition policy. Others prioritize safety and security.
Companies operating globally face a practical dilemma: they can either build one compliance system that tries to satisfy everyone, or build multiple systems tailored to local requirements. Both strategies are expensive. Both strategies also create uncertainty about which standards are truly decisive.
This is one reason