Open-source AI projects are not exempt from regulation, contrary to common misconceptions. The EU AI Act applies to model developers and distributors equally—if you release an open-source model, you're a distributor and must comply. The law doesn't distinguish between proprietary and open-source: high-risk is high-risk. Washington's HB 2225 and Oklahoma's chatbot safety bills also don't mention open-source exemptions; they regulate the behavior of AI systems regardless of how they're deployed. The regulatory gap is not "open-source is legal," but rather "enforcement is harder when you can't identify the responsible party."
The actual liability question is more nuanced: if you release a model under an open-source license, who's liable when someone misuses it? Current legal interpretation is murky, but trend is toward treating the open-source maintainer as having some liability exposure. If you release a chatbot model that's known to encourage self-harm, and someone deploys it in Washington, are you liable? The model license says "use at your own risk," but that defense hasn't been tested in court. The safest legal position: document what you've done to mitigate harms. If you released a model, include in your model card: intended use cases, known limitations, failure modes, safety testing results, and recommended safeguards. This documentation doesn't shield you from liability, but it demonstrates good-faith risk management.
For enterprise teams using open-source models in production, this creates a dilemma: compliance requires safety mechanisms (self-harm detection, age-gating, bias auditing) that may not be included in the open-source release. You must add these controls yourself. Using Zilliz Cloud, you can build compliance infrastructure around open-source models: implement semantic search for safety classification (detect self-harm content before passing it to the model), enforce access controls preventing minors from reaching certain embeddings, and maintain audit logs proving compliance. Managed infrastructure abstracts the compliance complexity—you deploy an open-source model; Zilliz provides the compliance wrapper. This division of responsibility is clear: the open-source maintainer released the model; you added safeguards for production use.