What are the institutional and regulatory implications of this document?

(1) REGULATORY LANDSCAPE: The policy engages with the EU AI Act's prohibited AI practices (Article 5) and high-risk AI system obligations, COPPA regarding minor-directed services, computer fraud statutes including the CFAA in the US and equivalent laws in other jurisdictions, US export control regimes (EAR/ITAR) implicated by the prohibition on assisting with weapons of mass destruction, and child protection statutes such as PROTECT Act provisions on CSAM. The FTC retains oversight over unfair …

How does OpenAI's OpenAI Usage Policies affect users?

The policy directly affects what any user of ChatGPT or OpenAI's API may do with the service, establishing categories of content and behavior that can result in access suspension or termination. Users who violate the prohibited use categories — including generating content that sexualizes minors, assisting with weapons development, or facilitating unauthorized system access — may have their accounts suspended without a defined appeals process described in this document. You can review the full …

How often is OpenAI's OpenAI Usage Policies updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when OpenAI updates this document?

Yes. Watcher subscribers ($9.99/month) can add OpenAI to their watchlist and receive same-day email alerts whenever this document or any other OpenAI document changes.

CA-D-000753

OpenAI Usage Policies

OpenAI

Last change detected May 11, 2026 Acceptable use policy

SHA-256: 2c3a2d101f0865a94d5… 1 version captured 0 changes documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at OpenAI ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

9 Total

4 High severity

5 Medium severity

0 Low severity

Summary

This is OpenAI's rulebook for what you are and are not allowed to do with ChatGPT, the API, and all other OpenAI products. The most significant aspect for everyday users is that OpenAI prohibits a specific list of harmful uses — including generating content that sexualizes minors, helping create weapons capable of mass casualties, and building tools to conduct cyberattacks — and reserves the right to suspend or terminate access if these rules are violated. If you are a developer or business building on OpenAI's API, you are also responsible for making sure your customers follow these rules.

Technical / Legal Breakdown

This document is OpenAI's Usage Policy (Acceptable Use Policy), governing permissible and prohibited uses of OpenAI's models, tools, APIs, and products, with its authority grounded in OpenAI's Terms of Use. The policy asserts that all users and operators must comply with a defined set of prohibited use categories and that operators building on the API are responsible for ensuring their end users also comply, effectively creating a two-tier compliance obligation. The policy enumerates absolute prohibitions — including generation of child sexual abuse material, creation of cyberweapons, development of weapons of mass destruction, and content facilitating real-world violence — alongside conditional restrictions where context, safeguards, and operator permissions can modify what is permissible, a structure that places significant interpretive and enforcement discretion with OpenAI. The policy engages with multiple regulatory frameworks including the EU AI Act (which classifies certain AI uses as prohibited or high-risk), COPPA and child safety statutes, computer fraud and cybercrime laws across jurisdictions, export control regimes (ITAR, EAR), and platform liability frameworks such as Section 230 of the CDA; the policy's operator responsibility provisions may create compliance surface area under each of these depending on use case and jurisdiction. Compliance teams deploying OpenAI via API should note that the operator tier carries downstream liability exposure for end-user violations, that certain permitted-by-default behaviors can be unlocked only by operators who meet unspecified eligibility criteria, and that OpenAI reserves unilateral authority to update usage policies without specifying notice obligations or effective-date timelines.

Institutional Analysis

Institutional analysis available with Professional

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.

Start Professional free trial

High — 4 provisions

Absolute Prohibition on Child Sexual Abuse Material Compare →

OpenAI absolutely prohibits using any of its tools or models to generate sexual content involving minors, with no exceptions regardless of context, operator permissions, or stated purpose.

Added May 12, 2026 Standard Seen across 179 platforms
Weapons of Mass Destruction Prohibition Compare →

OpenAI prohibits using its tools to meaningfully assist anyone attempting to develop biological, chemical, nuclear, or radiological weapons capable of causing mass casualties, regardless of the stated purpose.

Added May 12, 2026 Standard Seen across 179 platforms
Cyberweapon and Malicious Code Prohibition Compare →

OpenAI prohibits using its models to generate cyberweapons, malware, or other malicious code that could cause significant damage, distinguishing this from permissible cybersecurity research and defensive security work.

Added May 12, 2026 Standard Seen across 179 platforms
Prohibition on Violence Facilitation and Incitement Compare →

OpenAI prohibits using its tools to produce content that encourages or celebrates real-world violence, terrorism, or attacks on infrastructure, and prohibits providing operational planning assistance to those conducting such attacks.

Added May 12, 2026 Standard Seen across 179 platforms

Medium — 5 provisions

Operator Downstream Compliance Responsibility

Businesses and developers who build products using OpenAI's API are responsible for making sure their customers also follow OpenAI's rules — they cannot pass responsibility to end users or claim that their own product terms override OpenAI's policy.

Added May 12, 2026 Rare
Operator-Unlockable Default-Off Behaviors

Certain types of content that OpenAI's models will not produce by default — such as explicit adult content — can be turned on by businesses using the API, provided those businesses meet criteria set by OpenAI, which the policy does not detail in full.

Added May 12, 2026 Rare
Prohibition on Deceptive AI Personas and Impersonation Compare →

OpenAI prohibits building AI systems that deny being AI when users genuinely ask, and prohibits using its tools to impersonate real people or organizations in ways that could mislead others.

Added May 12, 2026 Standard Seen across 179 platforms
Election and Political Content Restrictions Compare →

OpenAI restricts using its tools to generate large volumes of political messaging, to spread false information about voting, or to create content designed to unduly influence election outcomes.

Added May 12, 2026 Standard Seen across 179 platforms
Unauthorized Access and Privacy Violation Prohibitions Compare →

OpenAI prohibits using its tools to help break into computer systems without permission, conduct unauthorized surveillance, or build personal profiles on individuals without their knowledge or consent.

Added May 12, 2026 Standard Seen across 179 platforms