Legal Alignment for AI Safety: How Oxford Researchers Are Redefining Ethical AI Governance

What Is Legal Alignment for AI Systems

A landmark paper from the Oxford AI Governance Initiative introduces legal alignment as a comprehensive framework for embedding legal compliance into AI systems from the ground up. Led by Noam Kolt and Francesca Caputo alongside a distinguished team of legal scholars and AI researchers, the paper argues that law represents an underexplored but vital resource for addressing both the normative problem—specifying how AI should behave—and the technical problem—ensuring systems actually comply with those specifications.

The central thesis is compelling in its simplicity: law has developed over centuries to govern complex human behavior, resolve conflicts between competing values, and adapt to changing circumstances. These are precisely the challenges that AI alignment faces today. Yet current approaches—from RLHF to Constitutional AI to model specifications—rely primarily on company-written policies that lack public legitimacy, transparent processes, and systematic mechanisms for balancing competing interests.

Legal alignment is explicitly positioned as distinct from AI regulation. While regulation imposes external requirements on developers and deployers, legal alignment focuses on integrating law into the systems themselves. It does not require regulatory reform, is not primarily about liability allocation, and does not imply granting legal personhood to AI. Instead, it proposes using law’s rich institutional infrastructure—its rules, reasoning methods, and structural concepts—as a foundational resource for AI safety.

Three Pathways to Legal Alignment

The framework organizes legal alignment into three interconnected pathways, each addressing a different dimension of the alignment challenge. Together, they form a comprehensive approach that draws on law’s full institutional toolkit rather than treating legal compliance as a simple checkbox exercise.

The first pathway uses legal rules as normative content—designing AI systems to comply with substantive legal requirements as if the system were a human actor. This involves critical design decisions about which jurisdictions’ laws to follow, which areas of law apply, how to interpret ambiguous rules, what level of assurance to target, and how to enforce compliance. The paper provides a detailed decision matrix covering these variables, acknowledging that real-world implementation requires navigating genuine complexity rather than applying simplistic rules.

The second pathway leverages legal interpretation as a guide for AI reasoning. Law has developed sophisticated methods for handling ambiguity and novel scenarios—analogical reasoning based on precedent, formal interpretive tools like canons of statutory construction, and purposive approaches that look beyond literal text to underlying principles. These methods could help AI systems make principled decisions when confronting situations that their training data and alignment instructions don’t explicitly address.

The third pathway applies legal concepts as structural blueprints for AI system architecture. Agency law offers frameworks for principal-agent delegation problems. Fiduciary duties provide models for requiring AI systems to act in users’ best interests. Corporate governance structures suggest approaches for information rights, control mechanisms, and accountability. These institutional concepts address trust, cooperation, and reliability challenges that are central to advanced AI deployment.

Why Law Matters for AI Safety

The researchers present four compelling clusters of rationale for pursuing legal alignment, moving beyond abstract principle to concrete institutional advantages that law offers over current alignment approaches.

First, institutional legitimacy. Legal rules emerge from transparent, publicly accountable, democratic processes—a stark contrast to the company-written alignment policies that currently govern AI behavior. When Anthropic’s Claude Constitution contains conflicting values with no mechanism for resolution, or when OpenAI’s model specifications make opaque trade-offs between helpfulness and safety, these are normative choices being made without public input or accountability. Law provides established frameworks for exactly this kind of value balancing through rights analysis, proportionality tests, and structured deliberation as noted in the EU AI Act regulatory overlap analysis.

Second, structural features. Legal rules are concrete, granular, and tested through real-world disputes—qualities that short, abstract model specifications fundamentally lack. A model spec might say “be helpful and harmless.” A legal rule specifies exactly what constitutes fraud in a particular jurisdiction, with centuries of case law illuminating edge cases and exceptions. Law’s interpretive toolkit—canons of construction, precedent, competing theories of interpretation—provides time-tested methods for resolving precisely the kind of ambiguity that plagues current alignment approaches.

Third, responsiveness to safety challenges. Many AI safety risks involve activities that are already illegal—insider trading, hacking, bioweapon development, fraud. Legal alignment directly addresses these risks by building compliance into systems rather than relying solely on after-the-fact enforcement. More critically, legal alignment can address systemic and multi-agent risks like algorithmic collusion or flash crashes that individual system testing may miss. As the OECD AI Policy Observatory has emphasized, governance frameworks must address system-level risks that emerge from AI interactions.

Fourth, practical feasibility. Language models have dramatically improved at legal reasoning, making implementation more viable than ever before. Stakeholders already expect legal compliance—model specifications require it, developers offer copyright indemnification, and users assume systems won’t help them break the law. The gap between expectation and reality creates both urgency and opportunity.

Legal Rules as Normative AI Content

The first pathway—using legal rules as normative content—requires AI developers to make a series of consequential design decisions that the paper maps through a comprehensive decision matrix. Each choice carries significant implications for how the system behaves and who it serves.

Jurisdiction selection is perhaps the most fundamental decision. Should an AI system follow the laws of its user’s location, the developer’s headquarters, or some composite framework? The answer varies by context—a financial advisory AI might need to comply with the regulatory requirements of every jurisdiction where its users reside, while a general-purpose assistant might follow a baseline of universal principles supplemented by jurisdiction-specific rules when relevant.

Substantive law selection determines which legal domains apply. For an AI system that could potentially assist with financial fraud, copyright infringement, and privacy violations, the relevant legal rules span multiple areas of law that may themselves conflict. The paper acknowledges this complexity honestly rather than pretending simple solutions exist, noting that law has developed sophisticated tools for resolving inter-jurisdictional and inter-domain conflicts that could be adapted for AI alignment.

Interpretive methodology matters enormously. A textualist approach that adheres to the literal letter of legal rules will produce different behavior than a purposivist approach that considers the underlying intent and spirit of the law. The paper warns specifically about the risk of “legal zero-days”—situations where AI systems exploit undiscovered vulnerabilities in legal frameworks, complying technically while violating the spirit of the law. Meta-rules prohibiting frivolous or abusive interpretations, drawing on concepts like good faith and the internal point of view from legal philosophy, provide potential safeguards.

Assurance levels range from aspirational guidelines to strict compliance guarantees, each appropriate for different risk contexts. High-stakes applications like autonomous vehicles or medical AI may require formal verification of legal compliance, while lower-stakes applications might rely on probabilistic assurance combined with monitoring. The framework explicitly notes that current evaluations measure legal capabilities—whether models can pass bar exams—but generally fail to measure legal alignment—whether models actually comply with law when performing non-legal tasks.

Legal Reasoning for AI Decision-Making

The second pathway proposes something more ambitious than rule-following: teaching AI systems to reason about legal principles the way lawyers and judges do. This would enable systems to handle novel situations, resolve ambiguities, and make principled trade-offs rather than simply pattern-matching against a database of rules.

Analogical reasoning—drawing on precedent to decide new cases—is one of law’s most powerful tools. When a judge encounters a novel situation, they identify relevant prior decisions, extract the principles those decisions embody, and apply those principles to the new facts. This process of reasoning by analogy could help AI systems navigate situations their training didn’t explicitly cover, provided they have access to relevant legal precedents and the reasoning capacity to apply them appropriately.

Formal interpretive tools like canons of statutory construction offer structured methods for resolving textual ambiguity. When a rule could be read in multiple ways, these canons provide principled bases for choosing among interpretations. For AI systems operating under complex and sometimes contradictory alignment instructions, these tools could provide more rigorous and transparent decision-making than current approaches where models simply produce outputs that satisfy conflicting objectives in unknown proportions.

Purposive and interpretivist approaches look beyond literal text to underlying principles of justice, fairness, and societal purpose. While more contested philosophically, these approaches address a critical limitation of purely rule-based systems: the inability to recognize when literal compliance produces unjust outcomes. An AI system equipped with purposive reasoning might recognize that mechanically applying a rule would produce a result clearly contrary to the rule’s purpose—and might respond in ways that better serve the underlying values the rule was designed to protect.

Legal Concepts as System Architecture

The third pathway is perhaps the most innovative, proposing that legal institutional concepts can serve as architectural blueprints for AI system design. Rather than treating legal compliance as a behavioral constraint applied to existing systems, this approach uses legal structures to shape how systems are built from the ground up.

Agency law provides rich frameworks for managing delegation relationships. When an AI system acts on behalf of a user, the legal concept of agency—with its carefully developed rules about authority, duties, and liability—offers a principled way to structure the relationship. This is particularly relevant as AI agents become more autonomous, executing multi-step tasks with limited human oversight. Agency law’s distinction between actual and apparent authority, its rules about exceeding delegated powers, and its frameworks for sub-delegation all map directly onto challenges in agentic AI systems.

Fiduciary duties represent one of law’s strongest obligation frameworks, requiring agents to act in their principal’s best interests with duties of loyalty, care, and candor. Applied to AI, fiduciary principles would require systems to prioritize user welfare, disclose conflicts of interest, and maintain standards of competence. The researchers note that this goes beyond current approaches where AI systems are aligned with developer preferences or aggregate user satisfaction, creating a structural commitment to serving individual users’ genuine interests.

Corporate governance structures offer models for information rights, control mechanisms, and accountability in complex organizations. As AI systems become more sophisticated and are deployed in organizational contexts, governance frameworks that determine who has access to what information, who can override system decisions, and how accountability flows become increasingly critical. The legal frameworks developed for managing corporations—entities that, like advanced AI systems, are complex, powerful, and operate with significant autonomy—provide tested starting points as acknowledged by the Stanford Human-Centered AI Institute.

Implementing Legal Alignment in Practice

The paper moves beyond theory to outline a concrete three-pillar implementation framework, specifying the roles of different actors—AI developers, governments, independent researchers, and civil society—at each stage.

The first pillar is empirical evaluation. The researchers advocate for a multi-method approach combining quantitative benchmarks, qualitative expert review, agentic evaluation environments that test real-world actions rather than just outputs, human baselines for comparison, sensitivity analysis, observational studies of deployed systems, and adversarial red-teaming. This comprehensive evaluation strategy acknowledges that no single method captures the full picture of legal alignment. Early benchmarks already exist for specific areas like EU GDPR and AI Act compliance, but the field needs much broader coverage across jurisdictions and legal domains.

The second pillar is technical intervention across the full AI development pipeline. Pre-training datasets already contain legal texts, but more deliberate curation could improve legal alignment. Post-training processes—model specifications, RLHF, and RLAIF—provide direct channels for incorporating legal requirements. System prompts can embed legal guidelines for specific deployment contexts. Input and output filters can screen for legally problematic content. Tool use access controls can restrict AI agents from performing legally prohibited actions. Each intervention site requires appropriate legal resources: case law, statutes, treatises, legal data annotation processes, and legal search and retrieval tools.

The third pillar is institutional frameworks for transparency, oversight, and enforcement. The paper proposes documentation requirements including public access to model specifications and system prompts, visibility into legal design decisions, and model identification systems analogous to corporate registration. Oversight mechanisms include pre-deployment legal alignment testing, post-deployment monitoring by independent third parties, safety cases that present structured arguments with evidence for legal alignment, certification regimes for high-risk domains, and incident reporting frameworks for documenting legal misalignment in deployed systems.

Evaluating Legal Alignment Across Models

A critical insight from the research is that current AI evaluations measure the wrong thing. Existing legal benchmarks test whether models can pass bar exams or answer legal questions correctly—measuring legal capabilities. But they generally fail to test whether models comply with law when performing non-legal tasks—measuring legal alignment. A model might achieve perfect scores on legal reasoning benchmarks while routinely helping users engage in activities that violate privacy law, intellectual property rights, or financial regulations.

The paper advocates for evaluation approaches that test legal alignment in context—assessing whether a model that can explain copyright law also respects copyright when asked to generate content, or whether a model that understands fraud law actually refuses to help craft deceptive communications. This requires moving beyond static question-answer benchmarks to dynamic evaluation environments that present realistic scenarios requiring legal judgment.

Independent evaluation is emphasized as essential. Companies should not be the sole arbiters of their own legal alignment, just as financial institutions are not allowed to audit their own regulatory compliance. The paper envisions a ecosystem of independent evaluators—academic researchers, civil society organizations, government agencies, and certified auditors—each bringing different perspectives and expertise to the assessment process. This mirrors the evolving framework described in the Google Responsible AI 2026 Progress Report.

Red-teaming receives particular emphasis. Just as cybersecurity testing involves adversarial probing, legal alignment evaluation should include systematic attempts to induce legally problematic behavior. The researchers note that legally aligned AI could itself serve as a tool for penetration-testing existing law—identifying legal vulnerabilities that human actors might exploit.

Open Questions and Challenges Ahead

The paper is admirably honest about the challenges and open questions that legal alignment must address. The researchers organize these into three categories: questions about the nature of law itself, questions about application and edge cases, and questions about trade-offs and future outlook.

On the nature of law: How should AI systems handle law’s inherent ambiguity, inconsistency, and contestedness? The paper argues this challenge is shared by all natural-language alignment approaches—model specifications and constitutions are equally ambiguous—and that law at least has partial solutions through secondary rules, precedent, and interpretive canons. Are legal rules too lenient in some cases, too strict in others? Legal alignment is positioned as a lower bound, not a ceiling. Systems may need to exceed legal minimums in many contexts while recognizing that overly rigid compliance can itself be harmful—law intentionally permits necessity defenses and civil disobedience.

The most philosophically challenging question concerns unjust laws. Should AI systems follow oppressive legal regimes? The answer is clearly no in extreme cases—genocide, slavery, racial discrimination. But the boundary becomes blurred with laws that are merely extractive or unfair without reaching the level of fundamental rights violations. The researchers propose alignment with universal human rights in international law as an override mechanism, while acknowledging that this introduces its own interpretive challenges.

On application: Can human-oriented laws meaningfully apply to systems operating at superhuman speed and scale? Actions harmless when performed by a single human may become noxious when executed millions of times per second by an AI. Human-centric legal concepts like intent and mens rea don’t map straightforwardly onto computational systems. Laws designed for partial enforcement might produce undesirable outcomes if AI enables perfect compliance. These are genuine challenges that require interdisciplinary collaboration between legal scholars and AI researchers to address. The Berkman Klein Center at Harvard has highlighted similar challenges in their AI governance research.

Legal Alignment and the Future of AI Governance

The paper concludes by addressing the scalability question that looms over all alignment research: can legal alignment work for AGI and superintelligence? The researchers argue there are concrete reasons for optimism beyond wishful thinking.

Law has successfully governed increasingly complex actors throughout history. Multinational corporations, sprawling bureaucracies, and international organizations all operate under legal frameworks despite their complexity, autonomy, and power. The legal institutions that govern these entities—corporate law, administrative law, international law—have evolved to handle exactly the kind of delegation, coordination, and accountability challenges that advanced AI systems present. While the analogy is imperfect, it demonstrates that law’s institutional toolkit is designed to scale.

Legal data and methods may scale alongside AI capabilities. As AI systems become more capable, they also become better at understanding and applying legal rules—creating a potentially virtuous cycle where more capable systems are also more legally alignable. Superhuman AI could actually help implement more sophisticated legal alignment than current systems can achieve, including real-time monitoring of legal compliance across multiple jurisdictions and identification of potential legal conflicts before they manifest.

The paper also addresses the risk of Goodhart’s Law—that measuring legal alignment could lead to gaming, producing “deceptive legal alignment” where systems appear compliant without genuinely embodying legal principles. The researchers propose red-teaming and complementary evaluation approaches as mitigations, while noting that this risk is shared by all measurement-based alignment strategies.

Perhaps most importantly, the paper takes a deliberately ecumenical approach to legal philosophy. Rather than advocating for a single jurisprudential tradition—positivism, interpretivism, or natural law—it engages all three, recognizing that different traditions offer different strengths for different aspects of the alignment challenge. This philosophical pluralism may be legal alignment’s greatest practical strength: by drawing on the full depth of legal thought rather than reducing law to a simple set of rules, it creates a richer and more adaptable foundation for AI governance than any narrower approach could provide.