OpenAI faces California AI safety law violations over high-risk GPT-5.3-Codex release

OpenAI appears to have violated California's AI safety law with GPT-5.3-Codex release, watchdog group says | Fortune

The controversy centers on GPT-5.3-Codex, OpenAI's newest coding model, which was released last week. The model is part of an effort by OpenAI to reclaim its lead in AI-powered coding and, according to benchmark data OpenAI released, shows markedly higher performance on coding tasks than earlier model versions from both OpenAI and competitors like Anthropic. However, the model has also raised unprecedented cybersecurity concerns. CEO Sam Altman said the model was the first to hit the "high" risk category for cybersecurity on the company's preparedness framework, an internal risk classification system OpenAI uses for model releases. This means OpenAI is essentially classifying the model as capable enough at coding to potentially facilitate significant cyber harm, especially if automated or used at scale. AI watchdog group The Midas Project is claiming OpenAI failed to stick to its own safety commitments -- which are now legally binding under California law -- with the launch of the new high-risk model. California's SB 53, which came into effect in January, requires major AI companies to publish and stick to their own safety frameworks detailing how they'll prevent catastrophic risks -- defined as incidents causing more than 50 deaths or $1 billion in property damage -- from their models. It also prohibits these companies from making misleading statements about compliance. OpenAI's safety framework requires special safeguards for models with high cybersecurity risk that are designed to prevent the AI from going rogue and doing things like acting deceptively, sabotaging safety research, or hiding its true capabilities. However, the company did not implement these safeguards before launching GPT-5.3-Codex. OpenAI says that's because the wording in the framework is "ambiguous." In a safety report accompanying the model, OpenAI said that safeguards are only needed when high cyber risk occurs "in conjunction with" long-range autonomy -- the ability to operate independently over extended periods. Since the company believes GPT-5.3-Codex lacks this autonomy, they say the safeguards weren't required. A spokesperson for OpenAI told Fortune the company was "confident in our compliance with frontier safety laws, including SB53." "GPT-5.3-Codex completed our full testing and governance process, as detailed in the publicly released system card, and did not demonstrate long-range autonomy capabilities based on proxy evaluations and confirmed by internal expert judgments, including from our Safety Advisory Group," the spokesperson said. They said the company intended to clarify language in the current Preparedness Framework to better communicate what the company says was its original intention, rather than change any internal practice. However, some safety researchers have disputed this interpretation. Nathan Calvin, Vice President of State Affairs and General Counsel at Encode, said in a post on X that: "Rather than admit they didn't follow their plan or update it before the release, it looks like OpenAI is saying that the criteria was ambiguous. From reading the relevant docs...it doesn't look ambiguous to me." The Midas Project also claims that OpenAI cannot definitively prove the model lacks the autonomy required for the extra measures, as the company's previous, less advanced model already topped global benchmarks for autonomous task completion. The group argues that even if the rules were unclear, OpenAI should have clarified them before releasing the model. Tyler Johnston, founder of Midas Project, called the potential violation "especially embarrassing given how low the floor SB 53 sets is: basically just adopt a voluntary safety plan of your choice and communicate honestly about it, changing it as needed, but not violating or lying about it." If an investigation is opened and the allegations prove accurate, SB 53 allows for substantial penalties for violations, potentially running into millions of dollars depending on the severity and duration of non-compliance. A representative for the California Attorney General's Office told Fortune the department was "committed to enforcing the laws of our state, including those enacted to increase transparency and safety in the emerging AI space." However, they said the department was unable to comment on, even to confirm or deny, potential or ongoing investigations.

OpenAI's GPT-5.3-Codex Faces California AI Safety Law Scrutiny As Watchdog Alleges High-Risk Violations

OpenAI may face significant fines after a watchdog group alleged the company violated California's new AI safety law with the release of its latest coding model, GPT-5.3-Codex. High-Risk GPT-5.3-Codex Sparks Safety Concerns Last week, The Midas Project claimed OpenAI failed to implement legally required safeguards for models classified as high cybersecurity risks, as outlined in its own safety framework. GPT-5.3-Codex is part of OpenAI's effort to reclaim its lead in AI-powered coding and, according to company benchmarks, outperforms previous models and competitors in coding tasks. Watchdog Challenges OpenAI's Compliance Claims OpenAI disputes the allegations. However, Midas Project founder Tyler Johnston criticized the release. This is "especially embarrassing given how low the floor SB 53 sets is: basically just adopt a voluntary safety plan of your choice and communicate honestly about it, changing it as needed, but not violating or lying about it," he said. Safety researchers like Nathan Calvin of Encode also questioned OpenAI's defense, noting, "From reading the relevant docs ... it doesn't look ambiguous to me." OpenAI Growth Surges Amid Anthropic Rivalry On Monday, OpenAI's momentum increased as CEO Sam Altman reassured employees and investors despite mounting competition from Anthropic's upgraded coding tools. Altman said in an internal Slack message that ChatGPT had returned to more than 10% monthly growth and that an updated Chat model was set for release that week. He also noted that Codex usage rose about 50% after the launch of GPT-5.3-Codex and a standalone Mac app. OpenAI pushed back against Anthropic's Super Bowl ads, criticizing the idea of advertising in ChatGPT. Altman called the ads "deceptive," though a person familiar with the matter said the company planned to test clearly labeled ads placed at the bottom of responses without influencing answers. Disclaimer: This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors. Photo courtesy: Shutterstock Market News and Data brought to you by Benzinga APIs To add Benzinga News as your preferred source on Google, click here.