Status: Public analytical note
Last updated: 2026-04-12 KST
This note argues that AI is structurally closer to the history of encryption conflicts, DRM, and networked information technologies than to classical nuclear non-proliferation.
The central question is not whether leakage can be fully prevented, but what kind of order emerges after partial diffusion.
AI should not be understood primarily as a nuclear-style technology.
It is better understood as a diffusive information technology with high strategic value, closer to the historical logic of encryption conflicts, DRM, and internet-scale software distribution. The difference is that AI adds a further layer: it does not merely store or transmit information, but increasingly mediates or performs action.
That means the central governance problem is not simply whether the technology “leaks.”
It is who controls the bottlenecks, the distribution channels, and the post-leak order.
Nuclear technologies depend on heavy material bottlenecks: fissile material, specialized facilities, large-scale state capacity, and highly visible supply chains.
That structure makes non-proliferation partially workable. Even where information diffuses, material control remains decisive.
AI is different.
Frontier-scale training remains expensive and infrastructure-heavy, but once methods, code, evaluation routines, interface logic, deployment patterns, and organizational know-how begin to diffuse, the problem changes. The relevant governance challenge becomes less about total exclusion and more about access control, chokepoints, managed distribution, and selective containment.
In that sense, the nuclear analogy captures only the very top layer of AI development.
Encryption history shows what happens when states try to control a strategically important information technology whose key elements can be reproduced, published, or reimplemented.
Once diffusion begins, durable governance tends to shift away from pure prohibition and toward a mixture of export control, infrastructure control, selective tolerance, and managed legality.
AI shares that pattern. Total lock-down is difficult once methods and operational practices spread. The problem becomes one of who can scale, who can deploy, and who controls the infrastructure around use.
DRM history shows another important pattern: when full control over copying fails, industries often move from ownership models toward access models.
The key shift is from selling the object to controlling the channel.
This is highly relevant to AI. Even where weights, tools, or operational logic diffuse, firms may still preserve power through APIs, cloud dependency, account systems, licensing terms, safety layers, and distribution control. In that world, the main economic question is not who “has the model” in some abstract sense, but who controls practical access and scalable deployment.
The internet normalized a world in which information could not be perfectly contained, but value could still be captured through infrastructure, standards, interfaces, and network control.
AI increasingly appears to be moving in a similar direction. Leakage does not necessarily dissolve hierarchy. It can instead produce a more stratified order in which upper layers remain concentrated while lower layers diffuse rapidly.
To think clearly about AI order formation, six variables matter more than moral panic or simple open/closed binaries:
Replication cost
How difficult is it to copy or reimplement the relevant capability?
Material dependence
Does meaningful capability require scarce physical inputs, or can information alone travel far?
Control chokepoints
Are there durable bottlenecks such as GPUs, cloud infrastructure, app stores, enterprise distribution channels, or regulatory gateways?
Leak pathways
Does diffusion happen mainly through insider leaks, public release, error, reverse engineering, or partial reimplementation?
Recoverability after leakage
Once key components spread, can they realistically be recalled or re-contained?
Post-failure order formation
When control fails, does the response take the form of harder prohibition, or of business-model and governance restructuring?
These variables help explain why “leakage” by itself is not the decisive issue. What matters is what kind of order is built around diffusion.
AI is not just another file format or software library.
Its distinctive feature is that it increasingly combines:
That means diffusion can have consequences beyond copying or piracy. The spread of AI-related capabilities can also expand the practical capacity to automate judgment, compress decision chains, and redistribute organizational power.
This is why the long-run stakes are higher than in classical DRM or code publication fights, even if the structural dynamics are similar.
This is the most likely near-term path.
Under this scenario, frontier models remain largely closed or tightly governed, while mass access is organized through APIs, cloud platforms, subscriptions, and account-based permission systems. The model itself is not broadly owned; what is sold is managed access.
This resembles the shift from ownership to access in digital media markets. Leakage and open alternatives continue to exist, but the dominant market structure is built around convenience, integration, compliance, and infrastructure control.
In this scenario, methods, code, tools, fine-tuning practices, and operational patterns spread widely enough that strict exclusion becomes unstable.
Governance then shifts from “stop the technology” to “control the scale, the compute, the export routes, and the deployment environment.” The technology remains politically contested, but prohibition gives way to layered management.
This path is especially plausible if repeated leaks, public releases, or open-model ecosystems continue to erode the viability of total closure.
This is the most realistic medium-term outcome.
The upper layer remains relatively concentrated: frontier training infrastructure, the newest weights, premium deployment channels, and high-trust enterprise integration.
The lower layer diffuses much more broadly: methods, wrappers, agent patterns, open models, application-layer practices, and organizational adaptation techniques.
The result is neither full monopoly nor full openness. It is a hierarchical AI order in which concentration and diffusion coexist at different levels.
The most plausible long-run trajectory is not a purely nuclear order and not a fully open one.
It is a mixed formation:
In other words, the decisive political-economic question is not simply whether AI can be contained. It is who gets to define the post-diffusion order.
This note connects to broader questions of:
It is therefore best read not as a prediction of one single future, but as a structured way of thinking about how AI order may harden after partial diffusion.