Sam Altman praised Trump’s AI executive order publicly. Then his company released a policy paper that quietly disagrees with its most important structural choice: putting the NSA in charge.
OpenAI’s “Democratic Governance of Frontier AI: A blueprint for a federal framework”, released Tuesday, argues that civilian scientific agencies — specifically the Center for AI Standards and Innovation (CAISI) within the Commerce Department’s NIST — should oversee frontier AI safety, not the National Security Agency.
The executive order Trump signed June 2 places the NSA at the centre of AI risk evaluation. OpenAI’s paper places CAISI there instead. These are not the same thing, and the difference matters.
🔍 THE BOTTOM LINE
OpenAI publicly supports Trump’s AI executive order while simultaneously lobbying to redirect its oversight mechanism from military intelligence to civilian regulators. It’s a two-track strategy: don’t antagonise the White House, but make sure the actual architecture of oversight ends up where you want it.
What the Policy Paper Proposes
OpenAI’s blueprint argues for three core positions:
1. Civilian oversight, not military. The paper explicitly states that CAISI — a civilian agency within the Commerce Department — should evaluate frontier AI risks, not the NSA. The reasoning is straightforward: AI safety evaluation requires scientific rigour and transparency, not intelligence-community classification regimes.
2. Clear capability thresholds. OpenAI executive Chris Lehane told Politico that one of the biggest open questions is “when do you hit the capability threshold?” The executive order uses vague language about “covered frontier models” without defining what that means. OpenAI wants clear, published criteria — partly because ambiguity about what triggers NSA scrutiny is bad for business.
3. Federal preemption over state patchwork. The paper argues for a single federal framework rather than allowing states to create competing AI regulations. This is self-interested — a patchwork of 50 state regimes would be a compliance nightmare — but it’s also the position most tech policy experts support.
The Public/Private Disconnect
Here’s what makes this story interesting: Altman posted on X that “The U.S. should lead on AI by continuing to develop the very best models, making sure they’re safe, and getting cyber tools into the hands of trusted defenders. The new EO gets the balance right.”
Meanwhile, his company released a 20-page document saying the EO’s key institutional choice is wrong.
This isn’t hypocrisy, exactly — it’s influence. Altman visited the White House the same day the policy paper dropped, and is scheduled to meet with Sen. Bernie Sanders, Speaker Mike Johnson, and Senate Minority Leader Chuck Schumer this week. The public praise keeps the door open. The policy paper does the actual work of redirecting oversight.
NSA vs CAISI: Why It Matters
The difference between NSA oversight and CAISI oversight isn’t bureaucratic hair-splitting. It’s the difference between:
| Dimension | NSA | CAISI (NIST/Commerce) |
|---|---|---|
| Orientation | National security, threat detection | Scientific standards, public safety |
| Transparency | Classified by default | Public by default |
| Expertise | Offensive/defensive cyber operations | Measurement science, standards, testing |
| Accountability | Intelligence oversight committees | Congressional commerce committees |
| Relationship with AI labs | Adversarial, security-clearance-gated | Collaborative, information-sharing |
OpenAI and Anthropic have already been sharing information with CAISI during model development. They have a working relationship. They have no such relationship with the NSA, and they don’t want one — not least because NSA evaluation would likely happen behind classification walls, making it impossible to tell the public anything meaningful about what was found.
The Bigger Picture: Who Regulates AI?
This is the latest skirmish in a fight that’s been building for months. The June 2 executive order was already a shadow of the original 90-day mandatory review Trump refused to sign in May, replaced with a 30-day voluntary framework with no enforcement mechanism.
Now OpenAI is trying to shape the institutional architecture that will outlast any single executive order. If oversight ends up at CAISI, it’ll be civilian, transparent, and scientifically grounded. If it stays at the NSA, it’ll be classified, security-oriented, and largely opaque to the public.
Both approaches have trade-offs. The NSA has actual cybersecurity expertise and the classified infrastructure to evaluate AI models for genuine national security risks. CAISI has scientific credibility and public accountability but limited enforcement power and no intelligence apparatus.
The real question isn’t which agency is “better” — it’s whether a voluntary framework with no penalties, housed in whichever agency, actually provides meaningful oversight of frontier AI. Right now, the answer is no.
The Anthropic Angle
Conspicuously, Anthropic hasn’t released a competing policy paper. But they’re aligned with OpenAI on this one — Lehane noted that both companies have been working closely with CAISI. And Anthropic has its own reasons to prefer civilian oversight: their containment engineering work on Claude and their role in the Mythos security response both argue for a model of oversight that’s collaborative rather than adversarial.
The same day, both Altman and Amodei signed a public letter asking Congress to mandate DNA screening — a different policy ask, but the same pattern: AI companies supporting regulation of other industries while lobbying to shape the regulation of their own.
What This Means for New Zealand
New Zealand doesn’t have a CAISI or an NSA-equivalent evaluating AI models. MBIE’s AI compliance guidance is voluntary. The AI Blueprint for Aotearoa refresh flagged regulatory gaps but didn’t fill them.
The OpenAI-White House tension is a preview of a conversation NZ will need to have: who evaluates frontier AI risks here — GCSB (our signals intelligence agency, the Five Eyes partner that would be the NSA equivalent), or a civilian standards body? The answer matters for NZ’s sovereign compute ambitions and for any NZ company building or deploying frontier models.
❓ Frequently Asked Questions
Q: Is OpenAI opposing the executive order? Not publicly. Altman praised it. The policy paper proposes a different institutional structure for oversight, which is opposition-by-alternative rather than direct criticism.
Q: What is CAISI? The Center for AI Standards and Innovation, part of NIST within the Commerce Department. It was created to develop AI evaluation benchmarks and standards. OpenAI and Anthropic have both been sharing information with CAISI during model development.
Q: Why does the NSA want to evaluate AI? The NSA’s interest is primarily in AI’s cybersecurity capabilities — both offensive (can this model discover zero-day vulnerabilities?) and defensive (can it help secure systems?). The Mythos episode demonstrated that frontier AI models can find real security flaws, which is squarely in the NSA’s lane.
Q: Will this actually change the EO? Executive orders can be amended or supplemented. OpenAI is lobbying Congress and the White House simultaneously — the policy paper is designed to influence the implementation details and any future legislation, not necessarily to overturn the EO itself.
SOURCES
- SiliconANGLE: OpenAI diverges from White House on AI safety
- Politico: OpenAI meets with lawmakers on AI regulation
- OpenAI: Democratic Governance of Frontier AI — A blueprint for a federal framework (PDF)
- The White House: Executive Order on Promoting Advanced Artificial Intelligence Innovation and Security
- PBS: Trump signs executive order that allows voluntary federal vetting of top AI models
