by Shreya Tewari and Elonnai Hickok, Global Network Initiative
The question of AI safety has, over the past few years, moved from the margins of technology policy to its very centre. Yet as it has grown more prominent, it has also grown more contested. Divergent national priorities, competing definitions, differing approaches to achieving safety, geopolitical tensions, and a persistent gap between stated principles and operational reality all complicate what might otherwise seem like a straightforward shared goal. Two sessions on ‘A Deep Dive on AI Governance Frameworks and Processes’ and ‘Catalyzing Global Leadership on AI Safety and Security’ at the Reinforcements & Learning: Multistakeholder Convening on AI Governance, held on February 17, 2026 as part of the MAP-AI initiative co-hosted by the Centre for Communication Governance (CCG) and the Global Network Initiative (GNI), brought this complexity into sharp focus: one examining AI governance frameworks and processes in depth, the other focused on catalysing global leadership on AI safety and security.
Taken together, they surfaced a set of interconnected challenges that any serious effort at global cooperation will need to confront.
Safety as Infrastructure, Not Afterthought
Perhaps the most consistent thread running through both discussions was the argument that AI safety cannot be treated as a layer added onto systems after deployment. It must function as foundational architecture, embedded across the entire lifecycle of AI development, from model design and data sourcing and annotation through to deployment and monitoring as well as governance, from regulatory mechanisms (standards, legislation, oversight, institutions) to technical safety controls (red teaming, alignment, assurance, human-in-the-loop).
This framing carried particular urgency given how rapidly AI is diffusing into domains that matter most to people’s lives. Speakers drew attention to conversational AI tools being used by farmers seeking agricultural advice, patients navigating health questions, and individuals looking for legal guidance. In these contexts, safety failures can emerge from biased or inaccurate recommendations, commercially influenced system values and outputs, system failure, or the misapplication of AI responses in high-stakes environments. Safety concerns can also arise from malicious secondary use, e.g., health data from an AI system is used for surveillance. The consequences, at scale, can be severe.
This is why, participants argued, safety must be understood as a systemic governance challenge rather than a narrow technical one. It implicates the social (culture, values, language), economic (capacity, resources, market structure), political (geopolitics, regulatory & operating environment), and technical (infrastructure & hardware, data sourcing & annotation, training & optimization, controls & monitoring) contexts into which AI systems are designed, built, and deployed.
The Safety-Security Distinction, and Its Blurring
The discussions also highlighted a distinction that often gets lost in policy debates: the distinction between AI safety and AI security. Safety concerns the prevention of societal harm and the production of trustworthy outcomes. Security concerns resilience against adversarial manipulation, protecting AI systems from deliberate exploitation to cause harm.
These are interconnected, but distinct challenges, and conflating them can lead to governance frameworks that address neither well. At the same time, the boundary between them is increasingly blurred. AI systems are being used to detect cyberattacks at scale, demonstrating real defensive value. But the same capabilities are being exploited by adversaries to automate attacks and compromise critical digital infrastructure. This dual-use character of AI demands a security posture that, unlike approaches designed for traditional software, is dynamic, lifecycle-oriented, extending across the entire technological stack, including data pipelines, cloud infrastructure, model environments, and the growing ecosystem of agentic AI systems.
The Political Economy of Safety
Both discussions were notable for their willingness to engage with the structural and political dimensions of AI safety, territory that more technical conversations tend to avoid.
One recurring concern was the way safety requirements are being framed in public debate. Verification and validation regimes, which are standard practice in other safety-critical sectors, are increasingly being portrayed by companies as barriers to innovation, as is, perhaps most consequentially, human rights. Participants argued that this reflects deeper structural issues, most importantly the concentration of technological power among a small number of frontier AI companies. When those companies also dominate the discourse about what constitutes acceptable risk and the methods that should be used to address the risk, the result is a democratic accountability problem: societies bearing the consequences of AI deployment end up with limited ability to shape the terms on which it proceeds.
Speakers from Brazil, India, and the Global South more broadly pushed back on the idea that safety and innovation are in necessary tension. They equally pushed back on the assumption that safety frameworks developed in the Global North can simply be transplanted elsewhere. India’s approach, described by one participant, explicitly aims to embed safety into the technical architecture of AI systems rather than relying on post-hoc compliance mechanisms, treating trustworthiness as a design property rather than a regulatory box to check. Brazil’s draft AI legislation was presented in a similar spirit, as an effort to show that robust governance and continued innovation can advance together, not as a concession to industry pressure, but as a principled alternative to approaches that have produced significant harms in other contexts. In this context, a significant conceptual shift also emerged: governance must move beyond evaluating individual models toward assessing systemic impacts.
Participants also raised concerns about definitional paralysis. Multistakeholder conversations on AI safety have surfaced multiple perspectives over what the term means. They reflect different understandings of what AI safety is fundamentally about. In many prominent technology and policy circles, safety discourse is focused on concerns about frontier risks and long-term existential threats. But for many participants at the convening, particularly those from the Global South and from frontline practices, safety is first and foremost about the harms that are already happening: biased outputs, discriminatory systems, misinformation, and the erosion of institutional trust. One participant described this gap as a ‘tyranny of small differences,’ where stakeholders broadly agree on goals like transparency and harm prevention, but cannot agree on which harms to prioritise. It was also noted that an over-emphasis on frontier risks could result in the glossing over of on the ground harms. The prescription offered was straightforward: rather than waiting for conceptual consensus, the focus should broaden to encompass and prioritize operational collaboration around the harms that communities are experiencing right now.
Governance Gaps and the Voluntarism Problem
One of the more uncomfortable themes running through both discussions was the inadequacy of existing global governance arrangements. The current international framework for AI safety relies largely on voluntary commitments, declarations, guidelines, and best-practice frameworks that countries and companies may choose to adopt or ignore. There is no comprehensive multilateral treaty governing AI safety, no binding enforcement mechanism, and no independent international institution with the mandate or capacity to evaluate whether commitments are actually being met. And while it is important to unpack the assumption that norms should and need to converge, and that global consensus around how we govern AI is a desired outcome, interoperability between national efforts that have more teeth is needed. Agreeing on specific metrics that would be used to inform different governance mechanisms, a network of standards with common denominators of interoperability, and policies for context and purpose specific AI were offered as approaches to consider.
Participants drew on lessons from cybersecurity governance, which matured through decades of sustained institutional collaboration rather than rapid regulatory intervention, and which eventually produced public-private partnerships, shared vulnerability taxonomies, and a culture of information-sharing that has proved more durable than any single regulatory framework. The argument was not that AI governance should simply copy cybersecurity models, but that comparable institutional investment over comparable time horizons are key lessons that can be taken forward.
Speakers also highlighted significant capacity gaps: many regions lack the linguistic datasets, evaluation standards, hardware capability, ability to ensure technical safeguards keep pace with model advancements locally appropriate training material, and effective institutional and judicial mechanisms that can support accountable and safe AI systems across multilingual and culturally diverse contexts, organizations, and use cases. Participants also noted that the state of AI governance is very different across contexts. For example, Island Nations are focusing on fundamental capacity-building and infrastructure, and many countries in the region still lack data protection frameworks. Currently, the region is focusing on expanding the agendas of existing regional bodies and prioritizing regional standardization. Initiatives like the Pacific ICT Ministers’ dialogues are examining how to coordinate investment to strengthen the effective use of AI, given the region’s limited resources.
The discussions also flagged a geopolitical gap that cannot be papered over. Meaningful global AI safety governance, participants argued, is simply not achievable without substantive engagement from all major AI powers. Yet the current geopolitical environment is fragmented, with powers reconsidering whom they work with. Proposals for neutral international collaboration mechanisms, potentially modeled on scientific institutions capable of supporting verification and shared research across geopolitical divides, were raised as a possible path forward. Participants were clear-eyed about how difficult it would be to get there from current conditions.
Accountability emerged as a critical missing element. Future governance processes, speakers argued, should move beyond restating principles toward evaluating measurable progress, tracking the adoption of safety frameworks, expanding independent evaluation bodies, and integrating governance practices across sectors. Initiatives such as safety benchmarks, sector‑specific white papers, and shared safety databases were also highlighted to guide responsible conversational AI deployment.
Bringing People to the Centre
Both discussions kept returning to a dimension of AI safety that more technical and policy-oriented conversations tend to underweight: the actual human experience of AI harms, and the communities most directly affected by them.
Practitioners working with victims of online harm were direct about the disconnect between governance forums and lived realities. Many of the spaces where AI safety is debated and shaped lack meaningful participation from frontline actors, people who encounter the consequences of unsafe AI deployment in their daily work. The result is governance frameworks that can be technically sophisticated but socially thin, disconnected from the ground-level realities they are supposed to address.
Several participants also pushed back on the framing of AI as a neutral tool. Technology, they argued, is infused with cultural and political assumptions from its inception. The example of an AI system providing justifications for discriminatory social practices when prompted in certain ways was offered as an illustration of what “neutrality bias” can look like in practice, where the attempt to produce balanced responses ends up obscuring important contextual truths.
Trust, speakers repeatedly emphasised, cannot be declared. It has to be earned, and it has to be earned differently in different contexts. Younger populations in particular were described as increasingly sceptical of institutional assurances around AI safety. This means governance cannot succeed as a technocratic exercise alone. It requires transparency, accountability, and consistent responsible behaviour over time. And it requires that the communities most affected by AI systems have genuine, consequential participation in shaping the rules that govern them.
What Comes Next
The discussions did not produce easy answers, and they were not designed to. What they did produce was a clearer picture of the terrain, the structural challenges, governance gaps, and definitional disputes that any serious effort at global AI safety cooperation will need to work through.
Some clear priorities emerged. Building durable third-party shared testing, evaluation, and reporting ecosystems capable of operating over decades. Developing market mechanisms, including procurement requirements from large institutional buyers, that can drive safer practices without waiting for comprehensive regulation. Supporting national AI safety institutes, standards bodies, and shared incident reporting. And pursuing geopolitical inclusion as a precondition for governance legitimacy, not as an afterthought.
Underlying all of this was a shared conviction that the current moment, despite its difficulty, represents a genuine opportunity. AI is becoming critical societal infrastructure, and the governance choices made now will shape its trajectory for decades. Achieving broad societal acceptance of AI, grounded in real trust, depends on simultaneously advancing human rights, safety, security, and transparency through sustained collaboration rather than episodic dialogue.
That is a harder path than the alternatives. It is also, these discussions suggested, the only one that leads somewhere worth going.
______
This is Part 4 in a series of blog posts capturing key insights from the Reinforcements & Learning: Multistakeholder Convening on AI Governance, co-hosted by CCG and GNI on February 17, 2026, as part of the MAP-AI initiative. Part 1 | Part 2 | Part 3