In international law, the terms are precise. Hard law refers to obligations that are legally binding, usually treaties, that states must implement and can be held accountable for breaching. Soft law refers to instruments that express commitments or standards without creating binding legal obligations — declarations, guiding principles, codes of conduct, and resolutions. Both shape behaviour, but only one can be enforced. Almost all AI governance to date is soft law, and understanding why clarifies both its usefulness and its limits.

What each type can and cannot do

1

Soft law: fast, flexible, non-binding

It can be agreed quickly, adjusted easily, and joined without the political cost of surrendering sovereignty. It sets norms, signals intent, and builds shared expectations. But it imposes no legal duty, carries no verification, and offers no enforcement — compliance is voluntary and reversible.

2

Hard law: slow, rigid, binding

A treaty is difficult and slow to negotiate and ratify, and hard to change once agreed. But it creates genuine legal obligations, can be paired with verification bodies and enforcement mechanisms, and gives states a basis to hold each other accountable. It is the only form that can actually constrain a determined actor.

Why soft law comes first

The progression from soft to hard law is the normal life cycle of international regimes, not a detour. States are reluctant to accept binding constraints on a technology they do not yet fully understand, in an area where the science is unsettled and the strategic stakes are unclear. Soft law lets them start cooperating without that commitment — building the shared understanding, the definitions, and the trust that make a binding agreement negotiable later. The Montreal Protocol began with the non-binding cooperation of the Vienna Convention; climate governance began with a framework convention before any binding targets. Soft law is the scaffolding on which hard law is later built.

Soft law also does real work in its own right. Norms shape what companies and governments consider acceptable, influence domestic legislation, and create reference points that courts, regulators, and publics can invoke. The Hiroshima principles and Seoul commitments are already changing how developers document and describe their systems. None of this should be dismissed.

Why soft law is not enough for frontier AI

  • Voluntary means reversible. A commitment a company or state can abandon under competitive pressure provides no security against exactly the scenario — a race to cross a dangerous line — that matters most.
  • No verification means no trust. Soft-law commitments are unverified, so no party can confirm that others are complying. This is fatal in a domain defined by mutual suspicion.
  • No enforcement means no cost to defect. When breaking a promise carries only reputational cost, the actor who believes the prize is decisive will break it.
  • The stakes are irreversible. For risks that may be catastrophic and unrecoverable, 'we agreed to try our best' is not a safety margin. Only binding, verified obligation is.

Soft law is how the world learns to talk about a problem. Hard law is how it agrees to do something about it. For a risk that could be irreversible, staying permanently on the soft side of the line is a decision to hope rather than to govern.

Naoto Nakada, Founder · Nakada Foundation to Save Humanity

The transition is the task

The point is not that soft law is worthless — it is the necessary first stage, and it is doing useful work now. The point is that AI governance cannot stop there. The declarations and codes are valuable precisely as steps toward binding obligation, and their value collapses if the transition never happens. The central governance task of this decade is to convert the soft-law scaffolding into hard-law structure: to turn acknowledged risks into defined thresholds, voluntary commitments into legal duties, and cooperative dialogue into verification and enforcement. Every declaration is a down payment. Whether it buys anything depends on whether the world follows through to a treaty before the technology it describes advances beyond reach.

Common questions.

What is the difference between soft law and hard law?

Hard law consists of legally binding obligations — chiefly treaties — that states must implement and can be held accountable for breaching, and which can be paired with verification and enforcement. Soft law consists of non-binding instruments such as declarations, guiding principles, and codes of conduct that express commitments or standards without creating legal obligations. Both influence behaviour, but only hard law can actually be enforced.

Is AI governance currently soft law or hard law?

Almost entirely soft law. The Bletchley Declaration, the G7 Hiroshima principles and code of conduct, the Seoul commitments, and the OECD guidelines are all non-binding. The main exception is the Council of Europe's Framework Convention on AI, which is binding but does not address frontier existential risk. There is currently no hard-law instrument governing the catastrophic risks from the most advanced AI systems.

Why does soft law usually come before hard law?

Because states are reluctant to accept binding constraints on a technology they do not yet fully understand. Soft law lets them begin cooperating — building shared definitions, understanding, and trust — without surrendering sovereignty, which makes a binding agreement negotiable later. Major regimes like the ozone and climate treaties began with non-binding frameworks before adding binding obligations. Soft law is the normal scaffolding for hard law.

Why isn't soft law enough for frontier AI?

Because it is voluntary, unverified, and unenforceable. A commitment that can be abandoned under competitive pressure gives no security against a race to cross a dangerous capability line; without verification, no party can confirm others are complying; and without enforcement, defection carries only reputational cost. For risks that may be catastrophic and irreversible, only binding, verified obligation provides a genuine safeguard.