In April 2024, Meta released LLaMA 3 โ the latest iteration of its open-weight large language model โ and the numbers were remarkable. Within months, the LLaMA model family had been downloaded over 600 million times from Hugging Face and other platforms. Developers, researchers, startups, and governments around the world were running, fine-tuning, and building on Meta's AI models. By any measure, LLaMA had become the most widely distributed AI model in history.
Meta didn't do this out of altruism. The company's open-source AI strategy โ championed by CEO Mark Zuckerberg and AI chief Yann LeCun โ is a calculated competitive play worth understanding. But it has also created one of the most consequential fault lines in AI regulation: should open-source and closed-source AI models be governed by the same rules?
The answer to that question could reshape the AI industry โ and companies on both sides are spending heavily to influence it. Meta alone spent $7.1 million on federal lobbying in Q1 2026, with preserving favorable regulatory treatment for open-source AI among its top priorities.
The Strategic Logic of Open Source
To understand Meta's open-source bet, you need to understand what it's optimizing for. Meta's core business is advertising โ it made $164 billion in revenue in 2024, almost entirely from ads on Facebook, Instagram, and WhatsApp. AI enhances this business in two ways: it improves ad targeting and content recommendation (which Meta handles internally with proprietary models), and it reduces the cost of the AI infrastructure that powers everything.
This is where open source becomes strategic. By releasing LLaMA, Meta is pursuing a classic technology strategy: commoditize the complement. If powerful AI models are freely available, the value shifts to the things that are scarce โ training data (Meta has billions of users generating content), computing infrastructure (Meta has massive GPU clusters), and applications built on top of models (Meta's own products). Open-sourcing the model layer makes it harder for competitors like OpenAI and Google to charge premium prices for model access, while Meta's advantages in data and distribution remain intact.
Zuckerberg has been explicit about this. In a July 2024 blog post titled "Open Source AI Is the Path Forward," he wrote that open source creates "a broader ecosystem of developers and researchers who can innovate on top of our models," which ultimately benefits Meta's products. He also argued that open-source AI is safer because it allows more people to scrutinize the technology โ a direct rebuttal to OpenAI's position that powerful models should be closely held.
LeCun, Meta's chief AI scientist and a Turing Award winner, has been even more forceful. He has repeatedly argued that restricting access to AI models concentrates power in a few companies, creating risks far greater than the hypothetical dangers of open release. "The biggest risk," LeCun has said, "is not that AI is too open โ it's that AI is too closed."
The Closed-Source Counterargument
OpenAI and, to a lesser extent, Anthropic and Google have taken the opposite position. Their argument: frontier AI models are too powerful and too potentially dangerous to release openly. Once a model is open-sourced, it cannot be recalled, patched, or restricted. If a model can be fine-tuned to produce bioweapon instructions, generate convincing disinformation, or assist in cyberattacks, open release means those capabilities are permanently available to anyone.
OpenAI has kept its most capable models โ GPT-4, GPT-4o, and the forthcoming GPT-5 โ proprietary, accessible only through its API and consumer products. The company's usage policies prohibit numerous applications, and its systems include safety guardrails that can be updated in real time. This is impossible with open-source models โ once released, the developer has no control over how the model is used.
Anthropic has taken a similar approach with Claude, emphasizing its Responsible Scaling Policy โ a framework that ties the deployment of increasingly capable models to demonstrated safety measures. Anthropic argues that this kind of iterative, controlled deployment is only possible with closed models where the developer retains control.
Critics of the closed approach note the obvious commercial incentive: keeping models proprietary protects an enormously lucrative business. OpenAI reportedly generated over $3.4 billion in annualized revenue by late 2024, primarily from API access and ChatGPT subscriptions. Open-sourcing GPT-4 would vaporize much of that revenue overnight. The safety argument, skeptics contend, conveniently aligns with the profit motive.
How Regulation Draws the Line
The open-source vs. closed-source distinction has become one of the most contentious issues in AI regulation, both in the US and internationally.
California SB 1047 โ the most ambitious state-level AI safety bill, vetoed by Governor Newsom in September 2024 โ illustrated the challenge perfectly. The bill would have imposed safety requirements on AI models whose training cost exceeded $100 million (or fine-tuned models based on such models costing more than $10 million). These requirements included pre-deployment safety testing, the ability to "shut down" a model if it posed risks, and liability for developers whose models caused serious harm.
The $100 million threshold was explicitly designed to capture frontier models from OpenAI, Google, Anthropic, and Meta โ but the practical impact would have fallen disproportionately on closed-source companies. Why? Because the bill's "shutdown" requirement is straightforward for API-based models (just turn off the API) but physically impossible for open-source models that have already been downloaded millions of times. You can't "shut down" LLaMA โ it's running on servers around the world that Meta doesn't control.
This asymmetry drove fierce debate. Meta argued that SB 1047 would effectively penalize open-source development โ if you release a model openly and someone fine-tunes it to cause harm, you'd face liability even though you have no technical ability to prevent the misuse. Open-source advocates, including many prominent AI researchers, signed an open letter warning that the bill would chill open-source AI development and push it offshore.
Supporters of SB 1047 countered that the bill's requirements were reasonable: if you're releasing an extremely powerful AI model into the world, you should conduct safety testing before release and accept some responsibility for foreseeable misuse. The inability to recall an open-source model, they argued, makes pre-release safety testing more important, not less.
Governor Newsom ultimately vetoed the bill, citing concerns about its impact on the AI industry โ but the debate it generated continues to shape regulatory proposals nationwide.
The EU Approach
The EU AI Act takes a more nuanced approach to the open-source question, though one that has generated its own controversies. The Act creates a category of General-Purpose AI (GPAI) models with specific obligations:
- All GPAI providers must maintain technical documentation, comply with EU copyright law, and publish a training data summary
- GPAI models with "systemic risk" (those trained with more than 10^25 FLOPs of compute) face additional requirements including adversarial testing, incident reporting, and cybersecurity measures
- Open-source GPAI models are partially exempt: if a model is released under an open-source license, it is exempted from most GPAI obligations unless it poses systemic risk. This means open-source models below the compute threshold get a regulatory free pass that closed-source models don't.
This exemption was heavily lobbied for by Meta and by European open-source AI companies, particularly Mistral โ the Paris-based AI startup that has become France's flagship AI company. Mistral, founded by former Google DeepMind and Meta researchers, has released a series of open-weight models (Mistral 7B, Mixtral, Mistral Large) that have become popular alternatives to US closed-source models. The French government, eager to support its national AI champion, pushed hard for the open-source exemption in the AI Act negotiations.
Critics argue the EU exemption creates a loophole: a company could release a powerful model as "open source" to avoid regulation, while still profiting from it through consulting, cloud hosting, and enterprise support โ exactly Meta's business model. The exemption also doesn't address the core safety concern: an open-source model that can be misused is just as dangerous whether it was regulated or not.
The International Dimension
The open-source AI landscape is increasingly global, with major implications for regulation:
DeepSeek, a Chinese AI company, released its DeepSeek-V2 and DeepSeek-Coder models as open-weight in 2024, demonstrating that China is actively competing in the open-source AI space. DeepSeek's models achieved impressive benchmarks at lower computational costs, suggesting that Chinese companies have found efficiency gains that partially offset US chip export restrictions. The presence of powerful Chinese open-source models complicates US regulatory debates โ if the US restricts open-source AI release, Chinese alternatives remain freely available.
Alibaba released its Qwen model family as open-weight, with Qwen 2.5 achieving performance competitive with much larger Western models. Like DeepSeek, Alibaba's open-source strategy serves both commercial and geopolitical purposes โ it expands Alibaba Cloud's ecosystem while demonstrating Chinese AI capabilities to the world.
Mistral has positioned itself as the European alternative to both US closed-source companies and Chinese open-source releases. The company raised over $600 million in funding by early 2025 and has become a key player in EU AI policy discussions. Mistral's argument โ that European AI sovereignty requires open-source models that European companies and governments can run independently โ resonates strongly with European policymakers wary of dependence on American tech giants.
The international dimension creates a regulatory dilemma. If the US imposes strict requirements on open-source AI release, developers and companies may simply move to jurisdictions with lighter regulation โ or US restrictions may be irrelevant if equivalent models are available from Chinese and European sources. This "regulatory arbitrage" argument has been deployed effectively by Meta and other open-source advocates in Washington.
The Safety Debate
The core safety question around open-source AI remains genuinely difficult:
Arguments that open source is safer:
- More eyes on the code and model behavior means faster identification of vulnerabilities and biases
- Independent safety researchers can audit models without relying on the developer's self-reporting
- Concentrating AI power in a few closed companies creates single points of failure and abuse
- Open models enable governments and academic institutions to maintain AI expertise independent of corporate providers
- Historical precedent: open-source software (Linux, Apache, OpenSSL) has generally proven more secure than proprietary alternatives over time
Arguments that open source is riskier:
- Open-source models can be fine-tuned to remove safety guardrails โ and this has been demonstrated repeatedly. Within days of LLaMA's initial release, "uncensored" versions appeared on Hugging Face
- Once released, a model cannot be recalled, updated, or restricted โ there is no patch mechanism for a model running on someone else's hardware
- Dual-use risks are real: models capable of assisting with beneficial tasks (drug discovery, code generation) can also assist with harmful ones (bioweapon design, malware creation)
- The software security analogy breaks down because AI models are fundamentally different from code โ you can't simply patch a vulnerability in a neural network the way you can in a software library
- As models become more capable, the consequences of misuse become more severe โ the safety calculus that applies to a 7-billion parameter model may not apply to a 1-trillion parameter model
Industry Positions and Advocacy
The open-source AI debate has mobilized significant institutional advocacy on both sides:
The Linux Foundation AI & Data and the Apache Software Foundation have weighed in strongly in favor of protecting open-source AI from burdensome regulation. Their argument: the open-source development model has powered decades of technological innovation, and AI should not be treated differently. These organizations have significant credibility in Washington and have been effective advocates in regulatory discussions.
The Mozilla Foundation has advocated for a nuanced middle ground: supporting open-source AI development while calling for transparency requirements (like training data disclosure) that apply equally to open and closed models. Mozilla's position recognizes that openness and accountability aren't mutually exclusive.
On the other side, organizations like the Center for AI Safety and prominent researchers including Yoshua Bengio and Geoffrey Hinton have argued for caution in open-sourcing the most capable models. Their position: below a certain capability threshold, open source is clearly beneficial; above it, the risks of uncontrollable proliferation outweigh the benefits of openness. The challenge is determining where that threshold lies.
The US government's position has been ambiguous. The October 2023 Executive Order on AI (EO 14110) imposed reporting requirements on developers of powerful models regardless of whether they're open or closed, but it didn't restrict open-source release. The Commerce Department's subsequent report on open-weight models (released in 2024) acknowledged both benefits and risks without recommending restrictions. The political reality is that both parties see value in open-source AI โ Republicans view restrictions as government overreach, while many Democrats see open source as a check on corporate power.
What Comes Next
The open-source vs. closed-source regulatory question will be central to every major AI policy debate in 2026 and beyond:
- Federal legislation: Any comprehensive federal AI bill will have to decide whether to exempt, accommodate, or regulate open-source models. The lobbying war over this question โ with Meta spending $7.1M per quarter and OpenAI spending $1.5M โ ensures it will be heavily contested.
- State bills: Following SB 1047's veto, California and other states are crafting new AI safety proposals that attempt to address the open-source question more carefully. Watch for bills that impose pre-release safety testing requirements on open-source models above certain capability thresholds.
- EU implementation: As the AI Act's GPAI provisions take effect through 2025-2027, the practical impact of the open-source exemption will become clearer. If powerful open-source models proliferate in ways that cause harm, pressure to close the exemption will grow.
- Capability scaling: As open-source models become more capable โ LLaMA 4 and its successors will likely approach GPT-4-level performance โ the safety stakes of open release increase. The regulatory framework that made sense for a 7B parameter model may not make sense for a model that can reliably assist with sophisticated tasks.
The fundamental tension is real and won't be resolved easily. Open-source AI democratizes access, enables innovation, and prevents dangerous concentration of power. It also makes powerful capabilities permanently and uncontrollably available to anyone, including bad actors. Getting the regulatory balance right โ protecting the benefits of openness while managing the risks of proliferation โ may be the hardest problem in AI policy.
Track how companies are lobbying on this issue on our Follow the Money page, and follow the legislative proposals on our Bill Tracker.