?asOf= parameter to see the current catalog state.AI Safety Level 3 (ASL-3)
asl-3 · Frontier safety
A capability-based risk tier in Anthropic's Responsible Scaling Policy denoting models with the potential to substantially uplift CBRN attack capabilities or autonomous AI replication.
Definition & scope
ASL-3 was introduced in Anthropic's Responsible Scaling Policy (RSP) framework. Triggering ASL-3 capability requires the model to demonstrate substantial uplift in chemical, biological, radiological, or nuclear (CBRN) weapons design beyond baseline internet resources, OR show signs of autonomous self-replication. ASL-3 status mandates specific deployment safeguards including red-team evaluations, restricted API access, and incident-response protocols. Comparable tiers exist in OpenAI's Preparedness Framework (high) and DeepMind's Frontier Safety Framework (Critical Capability Levels).
Use in governance
How instruments operationalise this concept
| Instrument | Jurisdiction | Status |
|---|---|---|
| G7 Hiroshima AI Process Code of Conduct | G7 | in force |
| UK Pro-Innovation Approach to AI Regulation (White Paper) | UK | in force |
| Anthropic Responsible Scaling Policy (RSP) v2 | US | in force |
Appears in topic articles
Editorial note
ASL-3 is a vendor-specific term; comparable but not interchangeable with EU AIA 'systemic risk' or OpenAI 'high' capability rating. Wiki articles citing ASL-3 should preserve the original-framework name when comparing across vendors.
See also
Further reading
Sources on the broader topics this concept relates to — complementing, not standing in for, the primary sources cited inline above. 56 academic & grey-literature sources; catalogued metadata with a primary link; one-line findings are ✦ AI-generated summaries, labeled as such (charter §7.9). Browse the full literature index.
- An interdisciplinary account of the terminological choices by EU policymakers ahead of the final agreement on the AI Act: AI system, general purpose AI system, foundation model, and generative AI Peer-reviewed✦ AITraces how the AI Act's legal text shifted across versions among the terms 'AI system, general purpose AI system, foundation model, and generative AI', exposing definitional instability in the regime.
- The EU model of AI governance: regulating artificial intelligence through law and policy Peer-reviewed✦ AIAnalyses how the AI Act's risk-based model handles general-purpose and foundation models whose 'autonomous content generation challenges legal categories of authorship, accountability, and control'.
- Generative AI and data protection Peer-reviewed✦ AIExamines friction between foundation-model training and the GDPR, noting models that 'memorize and leak pieces of training data' cannot be treated as anonymous.
- The Current Landscape of Deepfake Legislation in the United States Peer-reviewed✦ AIThematic analysis of 319 state deepfake bills (2019-2024) finds a fragmented patchwork concentrated on political and sexually-explicit content.
- Reimagining U.S. Tort Law for Deepfake Harms: Comparative Insights from China and Singapore Peer-reviewed✦ AIArgues fragmented US tort doctrines (defamation, publicity, IIED) are ill-suited to deepfake harms and draws remedial lessons from Chinese and Singaporean law.
- A Teleological Interpretation of the Definition of DeepFakes in the EU Artificial Intelligence Act—A Purpose-Based Approach to Potential Problems With the Word 'Existing' Peer-reviewed✦ AIWarns a narrow reading of 'existing' in the AI Act's deepfake definition could exclude synthetic media from transparency duties, urging a teleological interpretation.
- Audio deepfakes and the regulation of the landlords of creativity Peer-reviewed✦ AIArgues US, EU and Chinese regimes fail to assign audio-deepfake liability to 'landlords of creativity' (foundation-model providers) and proposes holding them accountable.
- Human detection of political speech deepfakes across transcripts, audio, and video Peer-reviewed✦ AIExperiments show "audio and visual information enables more accurate discernment than text alone" — humans rely more on how something is said than on transcript content.
- GPTs are GPTs: Labor market impact potential of LLMs Peer-reviewed✦ AIFinds around 80% of the U.S. workforce "could have at least 10% of their work tasks affected" by LLMs, which exhibit "traits of general-purpose technologies".
- Generative AI in EU law: Liability, privacy, intellectual property, and cybersecurity Peer-reviewed✦ AIExamines how the EU AI Act, liability regimes, GDPR, copyright and cybersecurity rules apply to generative AI, identifying gaps and proposing targeted regulatory refinements.
- Evaluating Frontier Models for Dangerous Capabilities Preprint✦ AIPilots dangerous-capability evaluations (persuasion, cyber, self-proliferation) on frontier models, finding 'early warning signs' but no strong present danger — grounding evaluation-based gating.
- When non-consensual intimate deepfakes go viral: The insufficiency of the UK Online Safety Act Peer-reviewed✦ AIArgues the UK Online Safety Act 2023 inadequately addresses non-consensual intimate deepfakes as image-based sexual abuse, leaving enforcement and takedown gaps.
+ 44 more across this concept's topics — see the literature index.
References
The primary instrument sources behind the article's classifications.
Cite this article 8 formats · BibTeX, RIS, APA, Chicago, … · 1-click copy
Persistent identifier: https://policywindow.org/wiki/asl-3 — committed-stable URL with content-versioning via ?asOf= (rollout pending per methodology §7). DOIs via Zenodo are on the roadmap.
Article tools — track changes, suggest an edit
View history — every captured revision of this article · What links here