A growing concern among biosecurity experts is that artificial intelligence models trained on genetic data could make it easier for bad actors to develop biological weapons, and current regulations aren't equipped to handle this risk. Researchers at Johns Hopkins and Fordham Law School have proposed a new governance framework specifically designed to control how biological data is used in AI systems, preventing the technology from amplifying both novice threats and expert capabilities in dangerous ways. What Makes AI Different From Traditional Genetic Research? For decades, the scientific community has managed biosecurity risks through established protocols. The 1975 Asilomar conference on recombinant DNA set the gold standard for responsible genetic research, creating a framework that has largely worked for traditional laboratory work. But AI changes the equation fundamentally. Unlike a researcher who needs years of training and access to physical labs, an AI model trained on genetic sequences could theoretically help someone with minimal expertise design dangerous pathogens. The distinction matters because AI systems work differently than traditional tools. General-purpose AI models like large language models (LLMs) are trained on broad internet data, but biology-specific foundation models, sometimes called genomic language models, are trained specifically on genetic sequences and biological data. These specialized models can recognize patterns in DNA that humans might miss, making them powerful for legitimate research but also potentially dangerous if misused. How Would This New Framework Actually Work? The proposed system, called Biosecurity Data Levels (BDL), borrows concepts from two existing regulatory systems: biosafety levels, which classify how dangerous different organisms are, and genetic privacy regulations, which protect sensitive health information. The framework would categorize biological data into five tiers, from BDL 0 (lowest risk) to BDL 4 (highest risk), based on how much danger the data could pose if misused. The challenge, according to the researchers, is that this classification needs to be based on capabilities rather than specific pathogens. In other words, regulators can't just say "don't share data about smallpox." Instead, they need to identify which types of genetic information could enable dangerous capabilities, regardless of which specific disease they relate to. Steps to Implement Biological Data Governance - Institutional Enforcement: Use existing mechanisms like National Institutes of Health (NIH) grant conditions to require researchers and institutions receiving federal funding to comply with data governance standards, making compliance a condition of research support. - Federal Regulation: Establish a mandatory federal regime that goes beyond voluntary compliance, creating enforceable rules for how biological data can be used in AI systems across all institutions, not just those receiving federal grants. - International Coordination: Develop agreements with other countries to ensure consistent standards, since most high-tier biological data is generated domestically in the United States, giving the country significant leverage in setting global norms. The researchers also emphasize the importance of mandatory gene synthesis screening, which would require companies that produce synthetic DNA to check orders against databases of dangerous sequences before fulfilling them. This creates a practical barrier that complements data governance. Why Should Institutions Care About This Now? Universities and research institutions are already investing heavily in AI and genomics. Duke University, for example, launched a $100 million Duke Science and Technology initiative in 2019, with funding divided equally between the university and the School of Medicine. This effort positions Duke to maximize advances in genomics, data science, and artificial intelligence, with researchers leading efforts in brain, cancer, immunology, and virus research. As these institutions develop more powerful AI tools for biological research, they're also becoming potential targets for misuse or sources of risk if their data governance isn't robust. The proposed framework would give them clear standards for how to handle sensitive biological data responsibly while continuing their research. The conversation around biological data governance reflects a broader tension in AI development: how to enable beneficial innovation while preventing harmful applications. Unlike some AI risks that remain theoretical, biosecurity threats from AI-enabled biology are concrete and urgent. The researchers argue that establishing clear data governance now, before the technology becomes more powerful, is far more practical than trying to regulate it after dangerous capabilities have already emerged. The framework draws on 50 years of experience managing genetic research responsibly, but it recognizes that AI requires new thinking. By treating biological data governance as a foundational security issue, rather than an afterthought, institutions can harness AI's tremendous potential for medical breakthroughs while reducing the risk that the same tools could be misused.
