With artificial intelligence (AI) evolving rapidly, the need for responsible and transparent practices has never been more pressing. Governments worldwide are adopting AI regulatory frameworks, such as the EU AI Act and the Singapore National AI Strategy 2.0, aimed at fostering innovation while mitigating risks. Shelley McKinley, GitHub's chief legal officer, is a key advocate for a balanced approach that protects developers and open-source communities, ensuring AI technologies support societal needs without compromising ethics and security. At the Singapore Fintech Festival, McKinley shared her views on the convergence of policy and AI innovation, GitHub's role in supporting developers through tools like GitHub Copilot, and the broader implications for the financial services sector.

Global AI policies and APAC strategies

The regulatory landscape for AI is growing increasingly complex, with leading frameworks like the European Union Artificial Intelligence (EU AI) Act setting standards for risk-based regulation. In the Asia Pacific region, Singapore's National AI Strategy 2.0 (NAIS 2.0) aims to position the city-state as a global AI innovator. Singapore's policy approach includes making tools and frameworks available for developers to ensure that AI is both innovative and responsible.

McKinley highlighted that while frameworks like the EU AI Act focus on high-risk AI applications—such as health care and financial decision-making—Singapore’s approach emphasises the integration of AI across various sectors. “Singapore’s strategy encourages growth while considering ethical implications, a practice that can set a model for the region,” she remarked. This perspective aligns with GitHub's broader goals, where AI regulation supports, rather than stifles, open-source innovation.

GitHub copilot and supporting AI-driven development

GitHub Copilot, an AI-powered coding assistant, is widely used by developers worldwide. The tool enables developers to code more efficiently by generating context-based code suggestions, allowing them to focus on creative problem-solving rather than repetitive tasks. This AI tool has gained notable traction, with 1.8 million users globally, including a high concentration in Singapore.

Copilot exemplifies GitHub’s commitment to responsible AI. “It’s a co-pilot, not an autopilot,” McKinley explained, emphasising that developers retain control over the coding process through a prompt-suggestion cycle. This tool, McKinley noted, has boosted productivity by up to 55% for specific tasks and enhanced job satisfaction among developers. However, its deployment also raises important compliance questions, particularly around data privacy and ethical use. GitHub addresses these concerns through transparency, offering resources like the GitHub Trust Center to inform users about how data is managed and safeguarded.

Future of code writing with generative AI and open source

As AI technology evolves, the nature of coding itself is changing. Tools like GitHub Copilot and the recently introduced GitHub Spark are shifting the paradigm, where code can now be written in natural language. “The future of programming may be less about syntax and more about translating ideas into code, making coding accessible to a wider audience,” McKinley noted. This shift, while promising, also raises questions around control, access, and security.

With generative AI tools enabling a broader spectrum of users to engage in code writing, open-source projects face unique challenges. National security concerns are becoming more pronounced as countries seek to secure critical technologies and safeguard intellectual property. For instance, in the United States (US), recent national security measures emphasise AI’s role in protecting cybersecurity and combatting fraud, particularly within the open-source community, which is integral to global collaboration on GitHub.

GitHub advocates for an open, globally accessible platform for development, aiming to mitigate geopolitical restrictions where possible. "We believe GitHub should be available wherever there are developers around the world," McKinley stated, emphasising GitHub’s commitment to fostering a collaborative developer ecosystem. However, GitHub must comply with national trade restrictions and secure software development practices, balancing open-source ideals with regulatory compliance.

Emerging best practices: Convergence of developer and policy goals

As AI adoption increases, the perspectives of developers and policymakers on responsible AI are beginning to align. McKinley observed that the regulatory focus is converging globally around high-risk applications, with policymakers emphasising safety and transparency in consequential decision-making processes. She pointed to initiatives like the EU AI Act’s exemption for open-source components, which allows developers to innovate freely without facing regulatory burdens unless their code is deployed in commercial applications.

Countries are beginning to collaborate to establish shared AI standards that balance innovation with safety. McKinley cited Japan’s Hiroshima Process and the recent executive order on AI by the now outgoing Biden administration in the US as examples of frameworks that prioritise cybersecurity and societal resilience. Such initiatives underscore a global commitment to harmonise AI regulations, with open-source communities playing a vital role in advancing responsible AI practices.

Quantum computing: Preparing for the next frontier in AI

Quantum computing, while still in its early stages, is expected to revolutionise industries like financial services by tackling complex computational problems that classical computers cannot efficiently solve. The implications of quantum computing for AI, cybersecurity, and cryptography are vast, but they also introduce new challenges in regulatory compliance and data protection. McKinley emphasised that while quantum technology may feel "a little bit out there," its rapid development necessitates proactive planning to ensure readiness, especially in sectors that handle sensitive information like finance.

Quantum-enabled AI could potentially enhance cyber-defence systems by predicting and responding to threats in real time. However, as McKinley pointed out, “Readiness will be key to ensuring that systems remain secure in a future quantum world.” GitHub, which serves a broad developer community, is closely monitoring these advancements to support developers in adapting to a quantum-ready future. By collaborating on best practices and open standards, GitHub aims to empower its developers to leverage quantum innovations responsibly while navigating the emerging regulatory landscape.

Building a responsible AI ecosystem

McKinley’s insights highlight GitHub’s mission to support a responsible AI ecosystem that fosters both innovation and compliance. By providing tools like Copilot and advocating for open-source-friendly regulations, GitHub seeks to contribute to a framework where developers can create impactful solutions without navigating burdensome restrictions. The global convergence of AI policy offers hope for a future where technology and regulation work in tandem, ensuring that AI continues to serve societal needs responsibly.

In today’s dynamic AI landscape, best practices are still emerging, but frameworks like NAIS 2.0 and the EU AI Act provide promising models. As McKinley summarised, “We are moving toward a future where AI innovation and responsible policy converge, shaping a world where echnology truly benefits society.”