AI Standards and Global Prosperity: Navigating Agentic AI

Contents

Executive Summary

This panel discussion explores how standards for Agentic AI systems should be developed, who should be involved, and how to ensure inclusive global governance. The speakers—representing regulatory bodies, nonprofit organizations, research institutions, and industry—argue that effective AI governance requires balancing rapid innovation with safety, translating regulatory consensus into practical technical standards, and ensuring meaningful participation from Global South actors and affected communities who currently lack representation in standard-setting processes.

Key Takeaways

Standards Have Multiple Layers: Compliance standards (for regulation), best-practice standards (for competition), and people-centered standards (for workforce skills) are all necessary but operate differently. Conflating them creates confusion and misaligned expectations.
Inclusion Requires Active Resourcing, Not Just Seats at the Table: Meaningful participation from Global South actors, affected communities, and marginalized voices requires funding travel, building literacy, and ensuring co-authorship (not tokenism) in standard-setting committees. Public awareness campaigns are equally important.
Speed vs. Certainty Is a Real Tradeoff: The EU's formal, integrated approach to standards development is slower but potentially more legitimate and durable. Industry-led bottom-up standards move fast but risk excluding voices and regulatory capture. Both approaches have merit depending on the specific problem.
Agentic AI Requires Risk-Scored Action Standards, Not Just Output Metrics: Existing evaluation frameworks are inadequate. Standards must address sequences of autonomous actions and their potential harms—treating agentic systems as orchestrators of risk, not just predictive models.
Get Involved Locally and Across Silos: Anyone can join national standards committees; representation is a matter of choosing to show up. Building multilingual, cross-disciplinary dialogue in your own networks is a practical first step toward better global standards.

Conference Talk Summary

Key Topics Covered

Types of Standards: Distinction between compliance-based standards (responding to legislation like the EU AI Act), best-practice industry standards, and emerging sectoral standards
Agentic AI Challenges: Safety risks, payment systems, data privacy, attack surfaces, and the need for risk-scored action sequences in autonomous systems
Global South Participation: Resource constraints, capacity building, culturally contextual evaluation datasets, and low AI literacy levels impacting governance effectiveness
Standards Development Processes: Comparison of top-down regulatory approaches (EU), bottom-up industry-led approaches (open source), and sandbox/modular approaches for capacity building
Trust Between Stakeholders: Adversarial relationships between regulators, standard-setters, large tech companies, startups, and the impact on implementation and compliance
Language and Consensus: The challenge of operationalizing vague governance goals (fairness, transparency, accountability) into measurable, actionable standards across jurisdictions
Open Source and Decentralization: Mozilla's perspective on maintaining open internet principles as AI systems become gatekeepers of information and commerce
Evaluation and Assessment: Need for region-specific, culturally appropriate evaluation datasets and methodologies rather than generic benchmarks
Implementation Gaps: YOLO-mode deployment driven by fear of missing economic opportunity, with inadequate guardrails
Public Awareness and Literacy: Vastly different awareness levels about AI across geographies and their relationship to trust and skepticism

Key Points & Insights

Standards Are Not Monolithic: Standards serve different functions—compliance standards operationalize legislative requirements, while best-practice standards help industry compete. The EU AI Act is integrating standards development during legislation for the first time, creating real-time feedback loops between lawmakers and technical implementers.
The Operationalization Gap: Legislators and regulators agree on high-level principles (fairness, transparency, accountability) but lack consensus on what these actually mean in practice. Standards bodies must translate political consensus into measurable, implementable specifications—and this varies by sector and jurisdiction.
Agentic AI Introduces New Attack Surfaces: The "lethal trifecta" of untrusted input + access to private data + ability to egress to public internet creates breakable systems. Standards need to score risk across sequences of agentic actions, not just individual outputs.
Trust Between Ecosystem Actors Is Critical: Without dialogue between regulators, standard-setters, large companies, and startups, top-down standards face pushback and non-compliance. Regulatory sandboxes and collaborative innovation frameworks (like the Responsible Innovation Labs) build needed trust.
Global South Faces Structural Barriers: One-third of South Africans have never heard of AI; under-resourced regulators cannot participate in expensive international standard-setting meetings. Agentic AI may reach Global South populations first via public infrastructure (government services) rather than consumer markets—requiring different governance models.
Evaluation Datasets Must Be Contextual: Generic leaderboards and average-case metrics fail to capture cultural appropriateness, safety, or effectiveness in specific regions. The "Evaluating Evaluations" initiative and proposed Global South research networks aim to build regional, multilingual assessment frameworks.
Open Standards Development Prevents Regulatory Capture: Bottom-up, community-driven standards processes (like those in web standards) include diverse voices and prevent incumbent monopoly players from controlling outcomes. Openness is essential for legitimacy and equity, though tensions exist around security and dual-use risks.
Payment Standards Will Drive Agentic AI Deployment: Because economic incentives are powerful, payment processing standards (e.g., Google's and Coinbase's agentic payment frameworks) are being built quickly by industry. Formal standards bodies may lag behind this real-world standardization.
Capacity Building and Modular Standards May Be More Viable for Global South: One-size-fits-all certification is unrealistic; sandboxed, iterative approaches allow countries and organizations with limited resources to participate, learn, and co-develop standards.
Sectoral Differences Matter: Healthcare, finance, defense, and nuclear sectors have pre-existing regulatory frameworks. Standards development should identify what's genuinely new about AI that isn't already covered by existing sector-specific regulation, rather than duplicating governance.

Notable Quotes or Statements

"Standards are not standard." — Ashley Caspen (opening the tension of the panel)

"Standards tend to be dominated by places with the most resources and time to influence them, and then look like gold standards rather than minimum standards, acting as market filters that are difficult for smaller organizations and countries to meet." — Rachel Adams, on equity barriers in standard-setting

"We felt like the politicians did the easy job and threw the hard job to us—make all of this practically useful." — Emanuel Kway, on translating EU AI Act principles into technical standards

"There is a lethal trifecta: untrusted input + access to private data + ability to egress to public internet. We need standards that give risk scores to sequences of agentic actions." — John Dickerson, on agentic AI safety

"Two-thirds of South Africans don't know what AI is. The more people know about AI, the more skeptical they are. It's a funny balancing act." — Rachel Adams, on public perception and AI literacy

"Standards are already cool—they're one of the few places where you can shape how a technology is deployed. If your view isn't represented, you can apply to join your national standards committee." — Emanuel Kway, encouraging participation

"Pull back the veil of opaqueness and hype around AI to make it more approachable to the rest of the world beyond tech and investors." — John Dickerson, on transparency and democratization

Speakers & Organizations Mentioned

Name	Title	Organization
Ashley Caspen	Managing Director, AI Governance Center	Association of Professionals in Governance (AP)
Rachel Adams	Director, Global Center on AI Governance; Research Professor	Cambridge University (Leverhulme Center for the Future of Intelligence); Global Centre on AI Governance (South Africa-based think tank)
John Dickerson	CEO	Mozilla AI
Emanuel Kway	Managing Director and CEO, UK Division	VDE (German nonprofit standards body, 130+ years old)

Other Organizations & Initiatives Referenced

Global Index on Responsible AI (co-designed by Adams and Caspen)
EU AI Act and CEN/CENELEC/ETSI (Standardization Committee for AI)
Linux Foundation Agentic AI Framework (industry-led working groups)
NIST (U.S. National Institute of Standards and Technology) – mentioned for AI profiles and emerging agentic AI standards development
OECD (developing AI governance frameworks internationally)
Mozilla Firefox (open internet browser)
Responsible Innovation Labs (collaborative VC and startup initiative)
Human Sciences Research Council (South Africa; conducted public perception survey)
Evaluating Evaluations (initiative led by Hugging Face and others on contextual AI evaluation)
Global South AI Research Network on Evaluations and Assurance (proposed by Rachel Adams)
Google & Coinbase (agentic payment frameworks)
CFPB (U.S. Consumer Financial Protection Bureau; sandbox approach)
UK Financial Conduct Authority (FCA) (outcomes-based regulatory approach)

Technical Concepts & Resources

Key Concepts

Agentic AI: Autonomous AI systems that take actions (not just make predictions) based on goals, often interacting with external systems, data, and users
Attack Surfaces in Agentic Systems: Vulnerabilities arising from sequences of actions, untrusted inputs, private data access, and egress capabilities
Compliance Standards vs. Best-Practice Standards: Compliance standards operationalize legislation; best-practice standards help organizations compete and innovate
Gradient/Graded Standards: Standards that use scales rather than binary yes/no certification, allowing organizations to invest in specific areas based on market and societal demands
Regulatory Sandboxes: Controlled environments where startups and innovators can test new approaches with regulators present, building trust and identifying new risks
Evaluation Datasets: Collections of test cases used to measure model performance; currently biased toward Western contexts and generic benchmarks
YOLO Mode: Rapid deployment driven by fear of missing economic opportunity, often without adequate safety guardrails
Standards Consensus: The requirement that standards must reflect society-wide agreement on principles and practices
Contextual vs. Generic Evaluation: Region-specific, culturally appropriate assessment frameworks vs. one-size-fits-all benchmarks
Cross-Disciplinary Language Translation: Building shared vocabulary across policy, technical, ethics, and business communities

Standards Bodies & Frameworks

ISO/IEC (International Organization for Standardization / International Electrotechnical Commission)
CEN/CENELEC/ETSI (Standardization Committee for AI) – responsible for EU AI Act standards
NIST Cybersecurity Framework & NIST AI Risk Management Framework
NIST AI Governance Profile for Generative AI
National Standards Bodies (accessible entry point for individual and organizational participation)

Datasets & Methodologies

Global Index on Responsible AI (2024 and 2026 editions; does not yet include agentic AI specifics)
Public Perception Surveys (South Africa, University of Queensland/KPMG global trust surveys)
Regional Evaluation Datasets (to be developed; multilingual, culturally attuned)
Audits and Assurance Mechanisms (emerging tools for measuring responsible AI practices)

Emerging Standards Initiatives

Agentic AI Payments Standard (Google, Coinbase, others)
VDE Trustworthiness Standard (graded, principle-based: accountability, transparency, etc.)
NIST Agentic AI Group (newly formed for standards development)
Evaluating Evaluations Initiative (Hugging Face + responsible AI/fairness ML community)
Global South Research Network on Evaluations and Assurance (proposed by Adams)

Actionable Recommendations (Implicit in Discussion)

For Global South Policymakers: Explore modular, sandbox-based governance approaches rather than rigid compliance models; invest in public AI literacy campaigns; fund regional representatives to participate in international standards bodies
For Standards Bodies: Integrate feedback from regulators and industry in real-time (not retrospectively); develop graded rather than binary standards; ensure explicit inclusion of Global South voices and underrepresented sectors
For Industry and Startups: Engage early with regulators; build agentic systems with action-level risk scoring; collaborate on evaluation datasets that reflect diverse contexts
For Researchers and Technologists: Work on contextual evaluation frameworks; support initiatives like "Evaluating Evaluations"; practice translating technical concepts across disciplinary silos
For Individuals: Join national standards committees; discuss AI concerns with people outside your silo; advocate for open-source, community-led approaches to standards development; spread AI literacy in non-technical networks

End of Summary