A new governance framework is emerging to address a critical gap in AI regulation: controlling access to biological data that could be weaponized through artificial intelligence. Researchers at Johns Hopkins University and Fordham Law School have proposed a biosecurity data levels (BDL) system, modeled after existing biosafety protocols, to prevent AI models from amplifying biological threats. What Makes Biological AI Different From General-Purpose Models? The distinction matters because biology-specific foundation models, like genomic language models, operate differently than general-purpose AI systems. These specialized models are trained on genetic sequences and biological research data, making them particularly vulnerable to dual-use risks. Unlike ChatGPT or other broad AI assistants, biology-focused models can directly enable dangerous capabilities when trained on sensitive datasets. The core problem is straightforward: as AI models become more powerful, they can amplify biosecurity threats in two ways. First, they lower the barrier to entry for novice actors who lack deep biological expertise but could use AI to design harmful pathogens. Second, they raise the ceiling of what expert researchers can accomplish, potentially accelerating dangerous research timelines. How Does the Proposed Biosecurity Data Levels Framework Work? The framework draws inspiration from established regulatory precedents. Just as biosafety levels (BSL-1 through BSL-4) classify laboratory work by risk, the new BDL system (BDL 0-4) classifies biological data by its potential for misuse. This capabilities-based approach focuses on what an AI model could do with the data, rather than classifying specific pathogens. The proposal includes multiple enforcement mechanisms designed to make the system workable across institutions: - NIH Grant Conditions: The National Institutes of Health could require compliance as a condition of federal research funding, creating immediate incentives for academic institutions to adopt data governance practices. - Mandatory Federal Regime: A proposed federal requirement would establish baseline standards across all institutions handling high-tier biological data, preventing regulatory arbitrage where researchers move to less-restrictive jurisdictions. - International Collaboration: U.S. leadership is critical because most high-tier biological data is generated domestically, giving American regulators significant leverage to shape global norms. Why Is This Approach Different From Existing AI Regulation? Most current AI regulation focuses on general-purpose models and broad concerns like bias or transparency. The biosecurity data governance proposal targets a specific vulnerability: the intersection of AI capability and biological knowledge. It's narrower than the EU AI Act but potentially more effective for this particular risk because it addresses the data pipeline rather than just the model itself. The framework also reflects lessons from the 1975 Asilomar Conference on recombinant DNA, which established voluntary guidelines for genetic research. That precedent showed that scientific communities can self-regulate when given clear frameworks and institutional support, though the new proposal adds mandatory federal oversight to address modern AI risks. What Are the Practical Implications for Research Institutions? For universities, biotech companies, and research hospitals, this framework would require new data governance practices. Institutions would need to classify biological datasets according to BDL levels, implement access controls, and potentially restrict which AI models can be trained on sensitive data. The challenge lies in implementation: determining which datasets fall into which category requires expertise in both biology and AI capabilities. The proposal also addresses open-source biological AI development, a growing concern as researchers increasingly publish code and models publicly. The framework would need to balance scientific openness with biosecurity, potentially requiring that certain high-risk models remain restricted to credentialed researchers. How Does This Fit Into Broader AI Governance Efforts? This biosecurity-focused approach complements but doesn't replace broader AI regulation. While the White House and Congress debate general AI governance frameworks, this proposal targets a specific, high-stakes vulnerability. It's an example of domain-specific regulation, where different sectors and risks require tailored approaches rather than one-size-fits-all rules. The timing is significant. As AI capabilities accelerate and biological research becomes increasingly computational, the window for establishing governance norms is narrowing. Experts argue that waiting for comprehensive AI legislation could leave biosecurity gaps unaddressed for years. "The offense-defense imbalance in biosecurity is a critical concern that mandatory gene synthesis screening and data governance can help address," noted researchers in the proposal. Jassi Pannu and Doni Bloomfield, Johns Hopkins University and Fordham Law School The proposal represents a shift in how policymakers think about AI risk. Rather than treating AI as a monolithic technology requiring universal rules, experts are increasingly recognizing that different applications and data types require different governance approaches. For biosecurity, that means controlling data access before it reaches powerful AI models, not just regulating the models themselves.
