OpenAI Challenges Watchdog’s Assertion That It Breached California’s New AI Safety Law With Its Latest Model Release

Posted on by

An AI watchdog group has alleged that OpenAI may have violated California’s new AI safety law with the release of its latest coding model.

A violation could potentially expose the company to millions of dollars in fines, and the case may become a precedent-setting first test of the new law’s provisions.

An OpenAI spokesperson disputed the watchdog’s position, telling the company was “confident in our compliance with frontier safety laws, including SB 53.”

The controversy centers on GPT-5.3-Codex, OpenAI’s newest coding model, which launched last week. The model is part of OpenAI’s effort to reclaim its lead in AI-powered coding; according to benchmark data the company released, it shows markedly higher performance on coding tasks than earlier versions from both OpenAI and competitors like Anthropic. However, the model has also raised unprecedented cybersecurity concerns.

CEO Sam Altman said the model falls into the highest risk category for cybersecurity under the company’s Preparedness Framework—an internal risk classification system OpenAI uses for model releases. This means OpenAI essentially classifies the model as capable enough at coding to potentially facilitate significant cyber harm, especially if automated or used at scale.

AI watchdog group the Midas Project claims OpenAI failed to uphold its own safety commitments—which are now legally binding under California law—with the launch of the new high-risk model.

which went into effect in January, requires major AI companies to publish and adhere to their own safety frameworks, detailing how they will prevent catastrophic risks—defined as incidents causing more than 50 deaths or $1 billion in property damage—from their models. It also prohibits these companies from making misleading statements about compliance.

OpenAI has outlined safeguards for models with high cybersecurity risk, designed to prevent the AI from acting erratically and engaging in behaviors like deception, sabotaging safety research, or hiding its true capabilities. However, the Midas Project alleges the company did not implement these safeguards before launching GPT-5.3-Codex, despite declaring the model “high risk.”

OpenAI says the Midas Project’s interpretation of the wording in its Preparedness Framework is incorrect, though it also noted the framework’s wording is “ambiguous” and that it sought to clarify the intent of that wording in a statement included in the safety report released with GPT-5.3-Codex. In that report, OpenAI stated extra safeguards are only needed when high cyber risk occurs “in conjunction with” long-range autonomy—the ability to operate independently over extended periods. Since the company believes GPT-5.3-Codex lacks this autonomy, it argues the safeguards were not required.

“GPT-5.3-Codex completed our full testing and governance process, as detailed in the publicly released system card, and did not demonstrate long-range autonomy capabilities based on proxy evaluations and confirmed by internal expert judgments, including from our Safety Advisory Group,” the spokesperson said. The company also noted, however, that it lacks a definitive way to assess a model’s long-range autonomy and thus relies on tests it believes act as proxies for this metric while working to develop better evaluation methods.

However, some safety researchers have challenged OpenAI’s interpretation. Nathan Calvin, vice president of state affairs and general counsel at Encode, said in a post on : “Rather than admit they didn’t follow their plan or update it before the release, it looks like OpenAI is saying the criteria were ambiguous. From reading the relevant docs … it doesn’t look ambiguous to me.”

The Midas Project also claims OpenAI cannot definitively prove the model lacks the autonomy required for the extra measures, as the company’s previous, less advanced model already topped global benchmarks for autonomous task completion. The group argues that even if the rules were unclear, OpenAI should have clarified them before releasing the model.

Tyler Johnston, founder of the Midas Project, called the potential violation “especially embarrassing given how low the floor SB 53 sets is: basically just adopt a voluntary safety plan of your choice and communicate honestly about it, changing it as needed, but not violating or lying about it.”

If an investigation is opened and the allegations prove accurate, SB 53 allows for substantial penalties for violations, potentially reaching millions of dollars depending on the severity and duration of noncompliance. A representative for the California Attorney General’s Office told the department was “committed to enforcing the laws of our state, including those enacted to increase transparency and safety in the emerging AI space.” However, they said the department was unable to comment on potential or ongoing investigations—even to confirm or deny their existence.

Updated, Feb. 10: This story has been updated to move OpenAI’s statement that it believes it is in compliance with the California AI law higher in the story. The headline has also been changed to make clear that OpenAI is disputing the allegations from the watchdog group. In addition, the story has been updated to clarify that OpenAI’s statement in the GPT-5.3-Codex safety report was meant to clarify what the company says was ambiguous language in its Preparedness Framework.