Cross-corpus research synthesis
National Security Carveouts in AI Regulation
The recurring exclusion of military, intelligence, and national-security AI uses from civilian AI-governance instruments. EU AIA Art. 2(3) explicit exclusion; US EO 14110 §11 + NSM-10 separate track; CoE AI Convention Art. 3 carve-out; UK White Paper sectoral-regulator-only scope; India DPDPA state-security exemptions. China's approach is notable for treating state security as the central concern, not a carveout.
Synthesised deterministically from 13 articles that engage this theme. Empirical consensus: settled · contested: Whether the carveout should be (a) categorical exclusion of national-security AI, (b) parallel governance track with sui generis rules, or (c) full civilian-track compliance with national-security override. Most instruments choose (a); the field debates whether this leaves a dangerous gap.. Full theme article: /wiki/national-security-carveouts. Machine-readable: /wiki/synthesis.json.
Cross-jurisdiction stances (6 govern, 12 engage)
| Instrument | Verdict | Provision excerpt / citation |
|---|---|---|
| EU AI Act | governs | “This Regulation does not apply to AI systems where and in so far as they are placed on the market, put into service, or used with or without modification exclusively for military, defence or national security purposes…” Art. 2(3) explicitly excludes AI systems used exclusively for military, defence, or national-security purposes |
| Executive Order 14110 on Safe, Secure, Trustworthy AI | governs | §11 national-security exemption; NSM-10 parallel-track governance for national-security AI |
| UK Pro-Innovation Approach to AI Regulation (White Paper) | implicit | Defence + intelligence excluded via sectoral-regulator scope; carveout via omission rather than explicit clause |
| Council of Europe Framework Convention on AI | governs | Art. 3 — does not apply to AI used for national security / defence |
| India Digital Personal Data Protection Act + AI Advisory (MEITY) | implicit | DPDPA exemptions for state-security functions (Art. 17); not specifically AI but applies |
| GSA Generative AI and Specialized Computing Infrastructure Acquisition Resource Guide | implicit | Guide references existing federal supply-chain risk-management framework (FAR Part 4 Subpart 4.21) which carries national-security overlays |
| DoD Responsible AI Strategy and Implementation Pathway | governs | “DoD personnel will exercise appropriate levels of judgment and care, while remaining responsible for the development, deployment, and use of AI capabilities.” The S&IP IS the DoD-specific RAI framework; tenets + ethical principles operationalise the national-security AI use case rather than carving out from a civilian framework |
| FedRAMP AI Cloud Procurement Guidance | implicit | FedRAMP High baseline + JAB authorisation route exists for higher-sensitivity use cases; classified systems are outside FedRAMP scope and governed by separate ICD-503 / NIST SP 800-53 IC overlay frameworks |
| DFARS Subpart 252.204 (Safeguarding Covered Defense Information and Cyber Incident Reporting) | governs | The Contractor shall provide adequate security on all covered contractor information systems … by implementing NIST Special Publication 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems… (paraphrase) 252.204-7012 + CMMC clauses (-7019/-7020/-7021) are the operative national-security-overlay framework for defence-acquisition information security; the subpart IS the carveout regime |
| Provisions on the Administration of Deep Synthesis of Internet Information Services | implicit | Content prohibitions tied to national security/social order (Art. 6), filing (Art. 19), and security assessment (Art. 20) reflect a state-security orientation, but these are obligations imposed on pro (paraphrase) Art. 6, Art. 19 & Art. 20 |
| Italy Law No. 132/2025 on Artificial Intelligence (Legge 23 settembre 2025, n. 132) | governs | [national-security, cybersecurity, national-defence and certain national-security policing activities] sono escluse dall'ambito applicativo della presente legge. (paraphrase) Art. 6 — activities for national-security purposes by the intelligence services, ACN cybersecurity/resilience, national-defence by the Armed Forces, and certain national-security policing are excluded from the law's scope (subject to fundamental-rights respect; further rules by regulation under l. 124/2007 art. 43). |
| Japan AI Promotion Act (Act on the Promotion of Research, Development and Utilization of AI-Related Technologies) | implicit | ... They are also important technologies from the perspective of national security. (paraphrase) Act No. 53 of 2025, Art. 3(2) |
Evidence convergence
Sources the corpus cites for this theme across multiple articles — a scientometric consensus signal computed from inline prose citations (the more articles independently cite a source, the more load-bearing it is for this theme). 19 sources are cited by ≥2 articles.
- 7×An interdisciplinary account of the terminological choices by EU policymakers ahead of the final agreement on the AI Act: AI system, general purpose AI system, foundation model, and generative AI — cited by 7 articles
- 6×Generative AI and data protection — cited by 6 articles
- 6×The EU model of AI governance: regulating artificial intelligence through law and policy — cited by 6 articles
- 6×Defending Compute Thresholds Against Legal Loopholes — cited by 6 articles
- 6×Identifying Algorithmic Decision Subjects' Needs for Meaningful Contestability — cited by 6 articles
- 5×arxiv:2504.18236 — cited by 5 articles
- 5×The AI Act Roller Coaster: The Evolution of Fundamental Rights Protection in the Legislative Process and the Future of the Regulation — cited by 5 articles
- 4×Predictive policing and predictive justice: Ethics, data protection, and the AI act — cited by 4 articles
- 4×Toward a global standard for ethical AI regulation: addressing gaps in AI-driven biometric and high-resolution satellite imaging in the EU AI Act — cited by 4 articles
- 4×Training Compute Thresholds: Features and Functions in AI Regulation — cited by 4 articles
- 2×Open Foundation Models and TDM Exceptions to Copyright – Building Blocks for an AI Ecosystem — cited by 2 articles
- 2×Missing the Mark: Adoption of Watermarking for Generative AI Systems in Practice and Implications Under the New EU AI Act — cited by 2 articles
- 2×GPTs are GPTs: Labor market impact potential of LLMs — cited by 2 articles
- 2×A Framework for Evaluating Global AI Governance Initiatives — cited by 2 articles
- 2×Artificial intelligence and synthetic biology: biosecurity risks, dual-use concerns, and governance pathways — cited by 2 articles
- 2×A Teleological Interpretation of the Definition of DeepFakes in the EU Artificial Intelligence Act—A Purpose-Based Approach to Potential Problems With the Word 'Existing' — cited by 2 articles
- 2×Generative AI in EU law: Liability, privacy, intellectual property, and cybersecurity — cited by 2 articles
- 2×Global perspectives on regulating facial recognition technology utilization for criminal justice arrests — cited by 2 articles
- 2×Computing Power and the Governance of Artificial Intelligence — cited by 2 articles