A law arrives in the language of protection, positioned as a boundary between harm and those exposed to it. What can happen in these moments is less interruption than conversion. The existing practice remains. Its surface becomes clean, its paperwork complete. The activity is now recognisable, regulated, and formally permitted.
Once upon a time
The practice had been in place for centuries. A worker who left before a contract ended, refused an instruction, or simply failed to appear could be fined, have wages withheld, or be imprisoned with hard labour. A master who broke the same contract, or failed to pay, faced at most a civil claim for damages. Labour was bound. Departure was criminal.
The English Master and Servant Acts gave this arrangement modern legal form. The 1823 act described itself in terms of regulating servants, labourers and work people, framed as order and fair dealing between contracting parties. Both sides were named. Only one side was exposed to criminal sanction. Between 1858 and 1875, prosecutions under these acts ran to thousands a year in Britain. In a single year, more than ten thousand working men were imprisoned at the suit of their masters, and not one master at the suit of the men. This was not unique to one jurisdiction. The same structure appeared across imperial and European legal systems, each expressed in local legal language, each producing a similar asymmetry.
The practice did not begin with the law. Labour already functioned under constraint enforced by the possibility of imprisonment. Regulation provided a formal frame, presenting the arrangement as orderly and contractual. What changed was not the substance but its status. An existing asymmetry became lawful, administrable, and backed by the authority of the state.
Twice as sure, twice as wrong
Across the industrial period and into the modern regulatory state, a dense architecture of safety standards developed. Factory acts, product regulations, certification regimes and compliance frameworks grew around the promise of measurable safety. The harm was real. Industrial work injured bodies. Manufactured goods failed in ways that could kill. A mediating structure between practice and harm was not optional. Standards filled that role.
That was the intention. What follows is a structural drift rather than a historical event, and it recurs wherever standards take hold. Conformance becomes the objective, and safety becomes something inferred from it. Compliance displaces outcome. What counts is not what happens in the world, but whether the correct boxes have been completed against a document. The certificate attests alignment with specification rather than assurance of safety in practice. The gap between specification and lived reality becomes the space in which harm persists, now accompanied by formal proof of compliance.
What emerges is a quieter form of failure. Not driven primarily by intent, but by substitution. A check performed because a check is required. A deadline shaping what is examined. A system in which responsibility is distributed until it becomes difficult to locate. The effect is that compliance can function as a ceiling on care rather than a floor beneath it. Harm is not prevented so much as absorbed into a system that declares itself correct.
The structure also produces a defensive effect. Once certification exists, it can be invoked as evidence of safety even when outcomes contradict it. The framework designed to reduce harm becomes part of the defence for its continuation. Protection language remains present, but it attaches to process rather than outcome. The appearance of care is maintained even where care has thinned into procedure: the certificate on the wall, the energy spent passing the audit rather than on the thing the audit was meant to assure.
The defensive function is not hypothetical. In litigation following the Grenfell Tower fire, a contractor argued that the cladding system it installed had complied with the regulations in force at the time. The court held otherwise, and in doing so set down that a product certificate is not a guarantee of compliance but an aid to demonstrating suitability, evidence that can be rebutted rather than a conclusive answer. The detail underneath that ruling is the more telling one. Of more than six hundred buildings clad in aluminium composite material before 2014, none met the combustibility requirement as later interpreted. Architects, suppliers, building control officers, certifiers and manufacturers had all worked to a rating that the system treated as sufficient. Responsibility was distributed across every party and located in none. The certificate had stood in for the thing it was meant to certify, for years, across an entire industry, until a fire made the gap visible.
Three times is a pattern
For roughly two decades, large-scale personal data collection has expanded as an ordinary feature of digital infrastructure. The associated harms are widely described. Surveillance becomes ambient. Behaviour is profiled. Lives are translated into datasets that can be stored, analysed and recombined elsewhere. In response, data protection regimes emerge, centred on consent, transparency and individual rights. The framing is explicitly protective.
What develops alongside this is a consent structure that stabilises extraction rather than constraining it. Agreements proliferate. Interfaces present choice in standardised form. Access to services becomes conditional on acceptance. Consent becomes legible, recorded, and portable across systems. The underlying extraction continues, now accompanied by documentation that records agreement.
The regulatory layer does not remove the practice. It formalises it. The dataset assembled under that lawful process becomes the foundation for the next system built on it, now carrying the clean provenance that training a large model on personal data requires, the provenance the earlier, unregulated version lacked. The protection framework, intended to govern collection, becomes part of the mechanism by which collection is normalised and scaled. The lawful record of consent begins to function as permission for reuse.
The clearest illustration is the consent machinery itself. The Transparency and Consent Framework, the industry standard behind most of the cookie banners shown to European users, was built expressly to deliver GDPR compliance for online advertising. In 2022 the Belgian data protection authority found that the framework itself breached the regulation, its chair noting that people are invited to give consent while most have no idea their profiles are being sold many times a day. The Brussels Court of Appeal largely upheld that finding in 2025. The instrument designed to record protection had become the instrument that recorded permission, and a regulator had to rule the protection itself unlawful.
A regulatory system can reduce harm, it can define categories of legitimacy, and it can confer formal recognition on practices already in motion. These functions often coexist. The tension appears when protective language is most visible at the same moment that legitimisation is doing most of the work, and when the formal beneficiary of protection is not the same as the party primarily affected by the underlying practice.
A simple separation begins to recur. One side receives protection. Another receives legitimacy. They do not consistently align. Once was an exception. Twice was a coincidence. By the third, the divergence looks less like accident than design.
The fourth time one can choose
A further case is still unfolding, and its boundaries are not settled. Frontier artificial intelligence development already sits inside a competitive dynamic in which capability growth is rapid and unevenly distributed. The associated harms are largely prospective but increasingly discussed in concrete terms: exploitation of software vulnerabilities, automated offensive capability, systemic instability introduced by misaligned deployment, and the broader risks of accelerating capability without equivalent control.
Regulatory frameworks are developing alongside this competition, presenting themselves as protective structures for the public and emphasising safety, oversight and responsible deployment. The European Union’s AI Act is the most developed of them, and its General-Purpose AI Code of Practice is the instrument through which the largest model providers are meant to demonstrate compliance. Adherence to the Code is treated by regulators as evidence of meeting the Act’s obligations, which makes signing it both a compliance step and a public marker of responsibility.
The drafting of that Code is where the pattern becomes legible. An investigation by Corporate Europe Observatory and LobbyControl documented that the companies the Code is meant to govern were given privileged access to its drafting, invited to dedicated workshops with the working group chairs, while civil society and smaller stakeholders were largely confined to upvoting comments on an online platform. One side was in the room. The other side reacted to it. Among the changes secured during that process, a concerted effort by Google and Microsoft moved large-scale illegal discrimination off the list of systemic risks and into a weaker category of risks for optional consideration. The harm was not removed from the world. It was reclassified, by the parties on whom it would otherwise have fallen, into something the framework no longer required them to treat as serious.
The pattern is structurally similar to the earlier cases. A practice associated with harm develops. A protective framework is introduced. The framework formalises the practice, often by making it legible, governable, and therefore more stable. The legitimacy of actors within the system increases, even as the underlying dynamic continues. None of this requires that the framework was designed to legitimise harm. The possibility exists wherever the regulated become participants in defining what regulation means.
The earlier cases have the advantage of distance. Their consequences are visible, their disputes largely settled. This case does not. The framework is still being written, the categories still being defined, the protections still being assigned. The earlier examples are history. This one is still a negotiation.