A Safe Harbor with No Floor

The FTC proposed a rule letting AI companies avoid liability with an "adequate disclosure" when their model reshapes an answer. Nobody defined "adequate." We read every footnote, filed on the record, and proposed the fix. Here is the flaw we found and the four-move method we used to find it.

Yvette
Yvette Managing Partner
July 08, 2026 5 min read
A Safe Harbor with No Floor

What Fusion Collective told the FTC about its proposed AI accuracy rule, and the repeatable method we used to say it.

On the record. Docket No. FTC-2026-0859

The Federal Trade Commission has proposed a Policy Statement Concerning Suppression of Accuracy in AI Systems. Stripped of the framing, the mechanism at its center is simple: an AI company can avoid Section 5 liability by making a "clear, conspicuous, and adequate disclosure" that its system prioritizes certain objectives over what a user asked for or expected.

We read the whole thing.

Every footnote, every carve-out, every supporting statistic.

Then we filed a comment into the federal record under Fusion Collective's name. Here’s the problem we put in front of the Commission, and the method we used to find it. Both matter, because the method is the product. A single comment is an event. A method is something you can run again on the next rule, and the one after that.

The move that started this

The proposed statement takes a 90-year-old, viewpoint-neutral deception test (representation, reasonable consumer, materiality) and points it at a narrow, politically specified target. The legal chassis is generic. The payload? Well, it is not. A casual reader sees only "FTC protects consumers from deceptive AI." A practitioner sees an enforcement theory being built on lines that will not hold once anyone has to prove them in litigation.

That gap between how a rule reads and how it would operate is where we live. Reading it well is a discipline, not a reaction.

How Fusion Collective reads a rule

We run every proposal through 4 moves. This is the citable part, so we are naming it plainly.

One. Find the hidden assumptions. We look for the places where the drafters treated a contested design choice as if it were a neutral fact. In this statement, "accuracy" and "no undisclosed ideological objective" are quietly treated as synonyms. They are not. A model that declines to generate a slur, or applies a safety classifier, is making a values-laden choice. The statement calls that "suppression" when a state anti-bias law compels it, while implicitly exempting identical choices made for child-safety or cybersecurity reasons. The line between "legitimate guardrail" and "ideologically motivated distortion" is never defined by a test. It is asserted by example. That is an assumption wearing the costume of a finding.

Two. Stress-test the enforcement theory for administrability. A theory can be conceptually coherent and still be impossible to run. The statement draws a hard boundary between an unintended failure (a hallucination, where the model is trying to be accurate and misses) and an intended output (a refusal or a correction). At the level of intent, that distinction is defensible, because deception law does care about intent. But both outputs emerge from the same training objectives and the same data. Proving which side of the line any given answer falls on becomes a discovery-and-expert-witness problem. The enforcement theory depends on a line that cannot be cleanly established in litigation. That’s not a footnote. That’s the whole crux of the issue.

Three. Map the silences. What a rule omits governs as much as what it says. This one is nearly silent on privacy (no account of how disclosure interacts with model cards, training-data provenance, or the user data that personalizes an output), thin on security (a single narrow carve-out for cybersecurity, no framework for adversarial prompting or CBRN refusals), and lopsided on accountability (100 percent of the burden on the labs, no safe harbor for good-faith safety research, no advisory process to test a posture before shipping). And most ironic for a statement about accuracy, it never defines "best output possible" against any baseline. For a values-laden question, the baseline it assumes is being distorted may not exist at all.

Four. Propose the standard, not just the objection. Anyone can name a flaw. Our comments only carry weight because every objection ships with a fix anchored to an existing, tested framework. We do not ask the Commission to invent. We ask it to adapt what it already built.

What we found, and what we asked for

The disclosure "safe harbor" at the center of this statement has no defined floor. The Commission never says what "adequate" means for a conversational AI output that is generated fresh for every prompt.

This is nit a nit-pick. The Commission spent more than two decades building an objective, multi-factor test for "clear and conspicuous" disclosure, first in the 2000 Dot Com Disclosures guidance and then in the 2013 update. That test weighs proximity, prominence, distracting elements, repetition, duration, and plain language against the net impression of the whole communication. None of it has been adapted to a system that produces novel, unscripted output on demand. Leave "adequate" undefined and its meaning gets set case by case, after the fact, by whichever enforcement actions the Commission happens to bring. A vague safe harbor does not reduce regulatory burden. It moves that burden from rulemaking to enforcement, where it’s harder to anticipate and more expensive to contest. That cost falls hardest on the smallest builders, because only the largest labs can afford to litigate an undefined standard.

So, we recommended, on the record, that the Commission:

  1. Adapt its existing clear-and-conspicuous factors to conversational AI outputs: proximity and placement, prominence, unavoidability, repetition, and understandable language.
  2. Attach the disclosure obligation where the undisclosed objective actually changes an output, not once at account setup and not buried in a terms-of-service screen nobody reads months before the answer arrives.
  3. Recognize independent, third-party verification against a recognized AI-governance standard, such as ISO/IEC 42001, as a mitigating factor and, where appropriate, a rebuttable presumption of compliance, rather than accepting a company's self-certification at face value.
  4. Establish an advisory-opinion process so companies and their auditors can test a compliance posture before it is tested in enforcement, consistent with the Commission's long practice of issuing business guidance letters in analogous consumer-protection contexts.

Why self-attestation was always going to fail

The consent orders that the proposed statement itself cites (Workado, DoNotPay, Intellivision Technologies) each involved a company's own representations about its AI system, representations the company believed were adequate and the Commission later found were not. The pattern is already on the record. Letting the party that makes the representation be the only party that certifies the representation is adequate is how those cases happened in the first place.

Which is one of the principles Fusion Collective was built on. The auditor cannot be the vendor. A disclosure-based safe harbor is only as strong as the definition of "adequate" behind it, and the party making the claim should never be the sole grader of its own claim. Independent verification isn’t a nice-to-have layered on top of good governance. It’s the thing that makes the claim believable to anyone who wasn’t in the room.

This is a record, not a one-off

This filing is one entry in a growing regulatory record. Fusion Collective submitted expert practitioner feedback into the EU AI Act consultation process, where our behavioral-drift taxonomy was cited as evidence and our pending formal comments to Singapore's IMDA Model AI Governance Framework. Different jurisdictions, same method: read what the drafters assumed, test whether the theory survives contact with reality, find the silences, and propose the standard rather than only the objection.

Why do we do this? We do this because the alternative is Checkbox Theater at the scale of federal policy: a rule that looks like protection, reads like protection, and cannot actually be administered as protection. Gold runs through the cracks in the Kintsugi tradition, but only if someone is watching the seams. Right now, a great many of the seams in AI regulation are going unwatched. We intend to keep watching them, in writing, on the record, where it counts.

Related Articles