Overview
Severity: MEDIUM | Affected: U.S. and EU Governments | Category: policy
In a landmark policy move, a joint U.S.-EU task force has announced the AI Secure Deployment Act (ASDA), which mandates compulsory third-party security audits for all foundational models and AI systems deployed in critical infrastructure sectors. The new regulation applies to AI used in finance, energy grids, healthcare, and transportation. Under ASDA, developers must submit their systems to certified, independent red teams for rigorous testing against a standardized framework of threats, including evasion, poisoning, and misuse, before deployment. The results of these audits must be submitted to a newly formed Transatlantic AI Safety Board. The policy aims to move beyond voluntary corporate commitments and establish a baseline for AI security and accountability in high-stakes applications. Critics have raised concerns about the cost of compliance for smaller AI companies and the potential for slowing down innovation, while proponents hail it as a necessary step to prevent systemic risks.