AI Governance Is Heading Down a Different Path - Mapping the Current Branches
Typical Regulation Doesn’t Start This Way
When a new risk appears in society, regulation typically starts with a predictable pattern. The government sets a single standard. Violating firms get enforced. The market adjusts to the standard. US environmental law: the EPA set emissions standards and fined violators. Financial regulation: the SEC set disclosure standards and went all the way to criminal prosecution. GDPR: the EU set data processing standards and imposed 4% revenue fines on violators. All top-down, single-standard, government-enforcement models.
AI content governance starts differently. The EU AI Act Article 50 requires “machine-readable labeling” but does not designate a single standard. Korea’s AI Basic Act only secures EU interoperability and pushed its own standard to subsequent guidelines. The US went with state-level distributed adoption without federal legislation. Academic critique pointed out “in the absence of standards, watermarking is not governance.” The market adopted SynthID and C2PA simultaneously before the government set any standard, autonomously forming a multi-layer structure.
How AI governance will ultimately solidify is still unknown. But the branches visible at this moment are identifiable. This piece maps five branches and tracks how far the five elements of governance they point to have been built. As the series-closing piece, it also treats the critiques as a branch.
The Typical Regulation Starting Pattern - Top-Down Single Standards
The reference point - typical regulation’s starting pattern:
| Domain | Standard Setter | Standard Form | Enforcement |
|---|---|---|---|
| US environmental law | EPA (government) | Single emissions standard | Violation fines |
| Financial disclosure | SEC (government) | Single disclosure standard | Criminal prosecution |
| GDPR | EU (government) | Single data processing standard | 4% global revenue fines |
| Food safety | FDA (government) | Single ingredient/labeling standard | Recall + fines |
| Auto safety | NHTSA (government) | Single crash safety standard | Recall mandates |
Common structure: government sets a single criterion, firms can verify whether they meet it, and clear enforcement runs when violated. Government designation precedes market autonomous formation. Operational definitions typically get embedded at the legislative stage too.
This didn’t function in the AI governance market. Five signals all point in a different direction.
Branch 1 - Legislation Does Not Designate a Standard
The most atypical part of EU AI Act Article 50 is the absence of a designated standard.
| Article 50 II Required Criteria | Operational Definition Status (May 2026) |
|---|---|
| Effective | Undefined; GPAI Code of Practice to fill |
| Interoperable | Undefined |
| Robust | Undefined; shared robustness benchmark incomplete |
| Reliable | Undefined; independent audit mechanism missing |
The EU imposed only the “machine-readable labeling” obligation but left which technology realizes it (watermark? metadata? cryptographic methods?) to operator judgment. It listed only four criteria and pushed operational definitions to the subsequent GPAI Code of Practice (final draft May-June 2026). arXiv 2603.26983 criticizes this structure as “Transparency as Architecture - Structural Compliance Gaps in EU AI Act Article 50 II.”
Korea’s AI Basic Act follows the same pattern. Enforced in January 2026, but the technical standard for labeling obligations was pushed to subsequent KISA, KOCCA, and KCC guidelines. The US has no federal legislation; state-level deepfake bills (California AB 730, Texas SB 751, New York, etc.) are distributed. The pattern of the strictest state (California) effectively becoming the default - the California Effect.
All three regions designed indirectly with four criteria or industry-specific guidelines rather than the government setting a single standard. A different direction from typical regulation’s starting pattern.
One Thing Worth Noting
The EU’s reason for not designating a single standard reads as intentional design. Technical standards are changing rapidly, so embedding a single standard in legislation risks becoming outdated within 1-2 years. At the legislative moment, it was difficult to decide whether SynthID, C2PA, or proprietary standards would become the de facto default. So the indirect design took shape - “set only the four criteria and let market / industry standards fill the operational definition.” The result is not GDPR-style single-standard enforcement but a multi-layered industry self-formation + legislative verification model.
Branch 2 - Academia Points the Same Direction
arXiv 2505.23814, “Watermarking Without Standards Is Not AI Governance” (May 2026, co-authored by MIT · Stanford · Berkeley), targets this branch directly.
| arXiv 2505.23814 Core Claims | Implication |
|---|---|
| Absence of shared robustness benchmarks | Cannot measure which watermark is robust |
| Absence of verifiability | Meaningful regulatory compliance is not verifiable |
| No standard for adversarial tests | No evaluation framework for bypass attempts |
| No independent audit mechanism | No externally-verifiable compliance attestation path |
| Gaming possibility | Firms can implement weak watermarking schemes and still claim compliance |
The paper’s conclusion isn’t a government critique. “In the absence of standards, watermarking is not governance - it’s closer to a signal mimicking governance.” The proposal is that shared robustness benchmarks, independent audit mechanisms, and adversarial test standards are needed.
Immediately after this academic critique released, the EU GPAI Code of Practice working group added robustness benchmark work as a formal agenda item. NIST (US National Institute of Standards and Technology) also moved to include watermark robustness benchmarks in follow-up work on the AI Risk Management Framework. A case of academic critique directly influencing policy agenda setting. The academic critique also doesn’t ask for stronger government enforcement - it proposes building verification infrastructure (benchmarks + audit) together.
Branch 3 - The Market Autonomously Adopts Multi-Layer
Before the government set any standard, the market already moved to multi-layer.
| Content Lifecycle Stage | Adopted Standard | Representative Adopters |
|---|---|---|
| AI model generation | SynthID | Google, OpenAI, Kakao, ElevenLabs |
| Camera capture | C2PA | Sony, Canon, Nikon, Leica |
| Production tool editing | C2PA | Adobe, Microsoft, Figma |
| Media wire distribution | C2PA | Reuters, AP, BBC, NYT |
| Browser verification UX | Split | Chrome (SynthID), Edge (C2PA) |
| Government endorsement | C2PA | NSA, CISA |
| EU compliance recommendation | Both jointly | GPAI Code of Practice (multi-layer) |
The division of labor between the two standards covered in series Episode 2 (SynthID vs C2PA) formed autonomously in the market without government standard designation. This is the most divergent part from typical regulation patterns. Where GDPR set data processing standards first and the market followed, AI content governance sees the market move to multi-layer first, with the government following by recognizing and enforcing that multi-layer structure.
The EU GPAI Code of Practice explicitly mandating a multi-layered approach is design that solidifies the market’s autonomous adoption through post-hoc enforcement. The opposite flow from typical regulation where the government sets a single standard.
Branch 4 - Identity / KYC Infrastructure Complements Watermarks
In the same window, the identity track (covered in series Episode 3) came in as a layer complementing watermark weaknesses.
| Identity Layer | Watermark Weakness It Complements |
|---|---|
| World ID (iris authentication) | Blocks Sybil attacks - one person bypassing watermarks with multiple accounts |
| Apple Face ID + Passkey | Device-level identity confirmation - blocks phishing, account takeover |
| EU EUDI Wallet | Government-authenticated identity - integrates KYC + content provenance |
| Defakto + t54 + Indicio | AI agent delegated identity - “who authorized this action?” |
| Visa / Mastercard payment standards | Delegation chain verification at the payment moment |
Watermarks answer “is this content AI?” Identity infrastructure answers “who is this actor?” When the two combine, “who created this content and within whose delegation was it created” becomes traceable. The three-layer structure from the series Pillar operates here.
The idea that identity infrastructure complements watermark weaknesses also emerged earlier in market autonomous formation than in government legislation. The EU AI Act does not directly address identity infrastructure; eIDAS 2.0 and EUDI Wallet are separate laws. The market built the two layers’ combination first, and legislation only partially follows.
Branch 5 - Compliance SaaS / Certification Adjacent Markets Complement Verification
The gap created by the government’s failure to build verification infrastructure (shared benchmarks, independent audits) is being filled by adjacent markets.
| Adjacent Market | Major Players | Complementary Role |
|---|---|---|
| AI Governance Advisory | PwC, Deloitte, EY, KPMG, BCG | Operator-side compliance interpretation / advisory |
| Compliance SaaS | OneTrust, TrustArc, Credo AI, Holistic AI | Automated verification + monitoring |
| Standardization / Certification | BSI, TÜV, SGS, TTA (Korea) | ISO 42001 certification, EU AI Act conformity assessment |
| Academic benchmark work | NIST, EU AI Office | Shared robustness benchmarks (in progress) |
| Civil society watchdog | World Privacy Forum, EDRi | Privacy / civil rights trade-off checks |
The flow of Big 4 consulting establishing AI Governance Advisory as a separate category, new SaaS like Credo AI and Holistic AI growing fast through Series A and B rounds, and BSI · TÜV · SGS rolling out ISO 42001 certification services in earnest - all of it follows the pattern of the market filling the government’s verification infrastructure gap.
Similar to how OneTrust grew after GDPR, but with the difference that in AI governance, the verification mechanism itself is built by the market. GDPR had clear EU regulations, so compliance tools alone sufficed. AI governance has uncertainty about what compliance even is, so consulting + SaaS + certification + academia + civil society - five camps - build the verification mechanism together.
One Thing Worth Noting
Verification formation by these five camps is likely to become the de facto standard. Once the EU mandates a multi-layered approach through the GPAI Code of Practice, PwC and Deloitte transmit that interpretation to operators, SaaS like Credo AI automates it, BSI and TÜV verify through certification, and NIST measures through benchmarks. When five camps point the same direction, that becomes the default. Not government setting a single standard, but the market + academia + civil society + certification bodies + consulting - five camps combined - creating a “de facto standard.”
Critiques Also Point to the Same Branch
As the series-closing piece, critiques get organized here too. Critiques don’t move in one direction, but conclusions converge on the same place.
| Critique | Source | Core |
|---|---|---|
| Standards absence | Academic (arXiv 2505.23814) | Unverifiable + gameable |
| Structural gaps | Academic (arXiv 2603.26983) | Operational definitions missing |
| Privacy violations | Civil society (World Privacy Forum) | Provenance verification ↔ author anonymity trade-off |
| Open-source bypass | Technical reality | Only closed models comply; bypass routes always open |
| Compliance Gaming | Academic + operational | Five scenarios for compliance bypass |
The five critiques differ in form and source but converge on the same conclusion. Watermarking alone does not function as AI content governance. And the direction they point as the solution aligns with the market’s autonomous formation direction - multi-layer infrastructure + verification mechanisms + identity coupling + post-hoc penalties.
The open-source bypass critique fits the same context. Open-weight models like Llama, Mistral, and Stable Diffusion can’t apply watermarks, and academic watermark removal research reports 90%+ success rates. If someone deliberately tries to avoid watermarks, they can. So a division of labor becomes the default - disclosure via watermarks, blocking via identity / KYC / legal penalties.
The point that the critiques don’t demand stronger government enforcement but instead propose building multi-layer infrastructure + verification mechanisms together is what differs from typical regulation critique.
Five Elements of Governance - What’s Been Built So Far
Organizing what five branches + five critiques point to, the five elements needed for governance to function emerge.
| Element | Details | Current Status |
|---|---|---|
| 1. Multi-layer marking | Watermark + metadata + visible label applied together | EU Code of Practice mandates (in progress) |
| 2. Standardized robustness benchmarks | Measurable assessment of which watermark is robust | NIST · EU work started, completion TBD |
| 3. Independent audit mechanisms | External compliance verification possible | Undecided; certification body market may fill |
| 4. Coupling with identity verification | Identity Layer pairs with watermarks | World ID, Passkey growing as separate markets (Episode 3) |
| 5. Legal penalties | Post-incident sanction mechanisms against malicious bypass | EU, Korea, US legislation in progress (Branch 1 of this piece) |
Three of the five elements (1, 4, 5) are already running simultaneously in market and government. Two (2, 3) are still incomplete. Academic benchmark work has started, and the certification body market is forming, so they’re likely to fill partially over the next 2-3 years. But whether one can say governance “functions sufficiently” at any specific point remains open.
Closing - Where It Solidifies Is Unknown, But These Are the Current Branches
Typical regulation starts with the government setting a single standard and enforcing it. AI governance is going down a different path. Legislation avoided standard designation. Academia proposed building verification infrastructure rather than strengthening enforcement. The market autonomously adopted multi-layer before standard designation. Identity infrastructure complements watermark weaknesses. Compliance SaaS, certification, academia, and civil society - five camps - build the verification mechanism together.
Bundled together - five branches + five critiques + five elements of governance all point to the same assumption. AI content governance is not a single-standard + government-enforcement model but is heading toward multi-layer infrastructure + multi-stakeholder verification. Not a GDPR-style model but what looks like a multi-stakeholder co-regulation model. In the absence of a standard, the market moves first, and government, academia, and civil society follow with post-hoc verification, enforcement, and complement.
How this shape ultimately solidifies remains open. The EU might directly designate a standard at some point. Academic benchmarks might become de facto standards. Multi-layer agreed by the market might solidify as an ISO standard. But as of May 2026, the five branches visible at this moment all point in the same direction - multi-layer autonomy + multi-stakeholder verification.
This series ends here. Across five pieces, the same market was viewed from five angles. The reason for not landing on a single unified conclusion is that the market itself still moves through five branches simultaneously. Placing them as a bundle on a single plane is as far as this series goes.
Series 5-Piece Index
| # | Title | Category | Published |
|---|---|---|---|
| 1 | Pillar - The AI Trust Stack: Content, Personhood, Agents in Three Layers | analysis | 2026-05-27 |
| 2 | SynthID vs C2PA - The Standards War in Adoption Data | analysis | 2026-05-29 |
| 3 | The Identity Track - From Proof of Personhood to AI Agent Delegation | analysis | 2026-05-31 |
| 4 | Deepfake Detection $15B - Who Are the Real Buyers? | analysis | 2026-06-03 |
| 5 | This piece - AI Governance Is Heading Down a Different Path: Mapping the Current Branches | analysis | 2026-06-09 |
References
- artificialintelligenceact.eu - Article 50 Transparency Guide
- EU Council - May 2026 provisional agreement
- TechPolicy.Press - “What the EU’s New AI Code of Practice Means for Labeling Deepfakes”
- Ministry of Science and ICT (Korea) - AI Basic Act enforcement decree
- KISA - AI Content Labeling Guidelines (draft)
- arXiv 2505.23814 - “Watermarking Without Standards Is Not AI Governance” (2026-05)
- arXiv 2603.26983 - “Transparency as Architecture: Structural Compliance Gaps in EU AI Act Article 50 II”
- arXiv 2601.08005 - “Internal Deployment Gaps in AI Regulation”
- World Privacy Forum - “Privacy, Identity and Trust in C2PA: A Technical Review and Analysis”
- California Legislature - AB 730, AB 2655
- Texas Legislature - SB 751
- ISO - 42001 standard (AI Management System)
- BSI, TÜV, SGS - AI certification service materials
- PwC - “AI Trust” Practice launch
- Deloitte - “Trustworthy AI” framework
- Credo AI, Holistic AI - Series B announcements
- Meta - Llama 3, 4 model cards (open weights)
- Saberi et al. (2023), An et al. (2024), Jiang et al. (2024) - Watermark removal research
- NIST - AI Risk Management Framework + watermark benchmark work
- Greenberg Traurig - “2026 Outlook: Artificial Intelligence”
Related Posts
SynthID vs C2PA - The Standards War in Adoption Data
The two dominant AI content watermark standards - SynthID and C2PA - adoption broken down by modality, timeline, and camp. Same trust problem at different layers, heading toward coexistence rather than displacement. Plus EU Article 50's operational gaps and compliance gaming scenarios.
The AI Trust Stack - Content, Personhood, and Agents in Three Layers
As AI-generated content becomes the default, trust infrastructure is splitting into content, personhood, and agent-identity tracks. Five markets, a 5-layer frame, five Big Tech camps, VC flows, and regulation - placed on a single plane.
The Identity Track - From Proof of Personhood to AI Agent Delegation
Proof of personhood and AI agent identity are two layers of the same track. World ID, Passkey, DID adoption curves + Defakto, t54, Indicio funding + payment network entries - the entire identity track in one piece.