Module FT02 — The Open Spectrum: Weights, Data, and Trust

The Open Spectrum: Weights, Data, and Trust

What 'open' actually means for a base model — the distinction between open-weights, open-data, and open-recipe releases, and why it is load-bearing the moment you deploy in a regulated domain where a regulator can ask 'what did this model see?'

60
minutes
8
artifacts
7
sub-sections
Open-weights lets you use the model. Open-data lets you audit what it saw. Open-recipe lets you reproduce and prove the whole thing. The OSAID compromise, the NTIA security-benefit citation, and the Stanford FMTI turn this from a slogan into a procurement criterion — and decide whether you pass the audit before you write a line of code.
Key Claims
Load-Bearing Claims

Openness has three tiers, not a binary. Open-weights-only (Llama 3.x) lets you use the model but you trust the publisher's word about what it saw. Open-data (MiniCPM, OLMo, Tülu, SmolLM3) lets you audit what it saw. Open-recipe (OLMo, Tülu 3, SmolLM3) lets you reproduce and prove the whole thing end to end.

OSAID v1.0 (2024-10-28) is a deliberate compromise, not a reproducibility guarantee. It requires 'sufficiently detailed information about the data,' not the data itself. A Llama-style release can be OSAID-compliant without being reproducible or auditable. Treat 'OSAID-compliant' and 'open-data/recipe' as different claims.

The NTIA 2024 report is the government authority for the sensitive-data argument. Open-weight models 'provide security benefits by allowing firms, researchers, and users to use potentially sensitive data' locally and on-premises. This is why IL5/IL6, HIPAA-covered, and air-gapped environments require an open-weight base.

Open-data is a compliance asset, not an ideology. Auditability (prove what it saw), reproducibility (pin a commit, rebuild, no silent drift), and supply-chain trust (rule out hidden training-time exfiltration) each map to a requirement a regulator can name — and each is satisfiable only when you can see the data and the recipe.

After This Module
01
Distinguish the three openness tiers — open-weights-only, open-data, open-recipe — and classify any model release into the correct tier.
02
Explain what the OSI OSAID v1.0 (2024-10-28) requires and what it deliberately does NOT require, and why this compromise lets non-reproducible releases claim openness.
03
Cite the NTIA 2024 Open-Model Weights Report as the government authority that open weights 'provide security benefits by allowing firms, researchers, and users to use potentially sensitive data' locally/on-premises.
04
Use the Stanford FMTI (Foundation Model Transparency Index) to quantify the transparency gap between closed/weights-only and fully-open releases.
05
Defend, for a sensitive-domain deployment (HIPAA, IL5/IL6, air-gapped), why open-data is a precondition for auditability, reproducibility, and supply-chain trust — and write the one-paragraph 'can I audit this?' verdict for any model.
Artifacts