OpenAI's new Model Spec and Safety Bug Bounty program look like accountability. They're actually accountability theater that lets the company control the narrative without surrendering any real power to external oversight.
The Model Spec, released publicly on March 25, describes how OpenAI's models should balance safety, user freedom, and accountability. The Safety Bug Bounty invites researchers to hunt for vulnerabilities including agentic vulnerabilities, prompt injection attacks, and data exfiltration vectors. Both initiatives generate positive press. Neither changes who holds the keys.
The core problem is verification. The Model Spec is self-defined, self-applied, and self-reported. OpenAI created the framework, trains its teams to follow it, and publishes descriptions of what that looks like. Nobody outside the company checks whether the spec actually governs behavior or serves as a public relations document. The bug bounty program pays researchers to identify specific technical flaws, but it explicitly does not grant participants the right to audit whether OpenAI follows its own governance commitments. Researchers can report a prompt injection vulnerability for cash. They cannot commission an independent assessment of whether OpenAI's safety processes actually reduce systemic risk.
This structure benefits OpenAI in ways that matter. The company gets credit for transparency while retaining full control over what transparency looks like. It can highlight favorable data, frame ambiguous decisions favorably, and correct the record when external observers notice problems. Critics who challenge OpenAI's practices can be answered with references to the Model Spec, creating an illusion of structured accountability without any mechanism to enforce it.
OpenAI will likely argue this approach mirrors standard corporate governance. Public frameworks do invite scrutiny, and bug bounties have proven effective in software security. The company has historically engaged seriously with safety research. These points are not nothing. But they conflate two different things: finding specific technical bugs and verifying that an organization operates as claimed. Bug bounties work for the former. They say nothing about whether OpenAI's internal processes match its public commitments across the full range of AI development decisions.
Independent auditors exist in other regulated industries for a reason. Financial institutions don't self-certify compliance with accounting standards. Pharmaceutical companies don't publish safety protocols and call it done. In each case, external verification provides assurance that the published framework reflects actual practice. AI development currently has no equivalent requirement, and OpenAI's new programs don't create one.
The stakes extend beyond one company. If AI development increasingly shapes critical infrastructure, healthcare decisions, and economic stability, the question of who verifies safety claims becomes a public interest question. Voluntary transparency programs that keep verification authority private serve the interests of companies more than the public. OpenAI's latest announcements are not bad-faith gestures, but they address a symptom—demands for accountability—without touching the structural condition that makes accountability theater possible: the absence of any external authority with the right and ability to confirm whether the theater matches the script.
The company can publish frameworks forever. Until an independent body can walk into OpenAI, assess whether those frameworks govern decisions, and publish findings the company cannot suppress, the Model Spec remains a document. Not a check.