Frontier Safety Roadmap Updates (original) (raw)

Previous goals

An archive of the former goals of our Frontier Safety Roadmap. We move goals to this page once we've completed or modified them. A record of the changes we’ve made to our goals can be found on our Roadmap (under the ‘Updates’ heading).

Principles for data retention

Version of this goal as set on: April 2, 2026

Target date: May 11, 2026

We offer many customers “zero data retention” policies so they can be confident that sensitive information is safe. Doing this for all customers, however, would greatly hamper our efforts to detect misuse attempts and continually learn from real-world usage of our systems. We would like better principles for which customers are offered which retention policies, and how we can ensure that “zero data retention” usage remains safe even as AI capabilities improve. We will complete an internal in-depth analysis of key factors and set new Frontier Safety Roadmap goals based on it.

Update

On March 29, 2026, we completed a comprehensive internal report to identify how our Safeguards could be improved by updating our data retention policies. By May 11, 2026, we will publish a new goal related to this or announce that we aren’t doing so.

Version of this goal as set on: February 19, 2026

We offer many customers “zero data retention” policies so they can be confident that sensitive information is safe. Doing this for all customers, however, would greatly hamper our efforts to detect misuse attempts and continually learn from real-world usage of our systems. We would like better principles for which customers are offered which retention policies, and how we can ensure that “zero data retention” usage remains safe even as AI capabilities improve. We will complete an internal in-depth analysis of key factors and set new Frontier Safety Roadmap goals based on it.

Details of this goal

We will write a comprehensive internal report to identify how our Safeguards could be improved by updating our data retention policies. Within 6 weeks of report completion, we will publish a new goal related to this or announce that we aren’t doing so.

We are highly confident that we will complete this report, and will use it as a jumping-off point to set further goals.

Launching moonshot R&D projects

Version of this goal as set on: February 19, 2026

Security is an ongoing and immediate priority for us, but it is also a long-term challenge where we’ll need to be creative and explore promising and incomplete ideas. This is because we may, at some point in the future, be targets of the world’s best-resourced attackers. Our moonshot R&D projects will explore ambitious, possibly unconventional ways to achieve unprecedented levels of security.

Possible moonshot projects range from a small-scale “mock secure research environment” (simulating what our key workflows and infrastructure could look like under extreme security) to exploring applications of advanced AI to security.

Details of this goal

Candidate projects include:

• An operational Mock Secure Research Environment, aiming to simulate at a very small scale what our key workflows and infrastructure would look like (and what the productivity impact would be) if they were subject to extreme security practices. This would include simulating isolated networks,“green lines” for limited remote connections, as well as commensurate physical security controls.
• An analysis of the feasibility of full adoption of confidential compute during the entire lifecycle of model R&D.
• An initial assessment of what AI-assisted security tooling (vulnerability discovery, automated patching, anomaly detection) is feasible today.
• A pilot of a continuous personnel security vetting program for high-risk roles with defined screening criteria, monitoring, and reporting requirements.
• A pilot of a system in which all interaction with our models (including internal research and training) uses APIs rather than interaction with raw model weights.
• An attempt to create adaptive behavioral models for flagging anomalous activity by users and services on our systems (flagged anomalies should adapt as our workflows and usage patterns change).
• An attempt to identify our most valuable algorithmic IP and a path to giving it additional protections.

By April 1, 2026, we will have selected and begun 1-3 project(s), including but not limited to those above, and established concrete further goals and timelines for each. Each should lead to a working answer to the key open questions within 6 months.

We are highly confident that we can complete this initial step, and will use it as a jumping-off point to set further goals.