Google DeepMind released Gemini 2.5 Pro Experimental on March 25, 2025 and made it broadly available to Gemini Advanced subscribers within days. The model debuted at the top of the LMArena leaderboard and notched headline scores on competition-level coding (LiveCodeBench) and graduate-level reasoning (Humanity's Last Exam). What it did not have at release was a model card or a safety evaluation report. The full Gemini 2.5 Pro model card and technical report did not appear until later. On August 29, 2025, 60 U.K. parliamentarians published an open letter accusing Google of breaking the Frontier Safety Commitments signed at the May 2024 AI Seoul Summit, calling the delayed disclosure "a dangerous precedent." For vendor-risk teams managing Gemini deployments, the episode is now a documented case study in how disclosure cadence has become a procurement signal.
What the Frontier Safety Commitments require
Sixteen companies signed the Frontier Safety Commitments at the AI Seoul Summit in May 2024, with several more joining since. The commitments include publishing a Frontier AI Safety Framework prior to the Paris AI Action Summit in February 2025, identifying capability thresholds at which a model would be deemed too dangerous to release without additional safeguards, and publishing how the company assesses whether a model has crossed those thresholds before deployment. Google DeepMind's Frontier Safety Framework was published in May 2024 and updated in February 2025; that part of the commitment was satisfied. The disputed part is whether Google released Gemini 2.5 Pro Experimental as a "deployment" within the meaning of the commitment, which would have triggered an obligation to publish a safety evaluation before users got hands-on access. Google's position has been that experimental releases to a limited preview audience do not trigger the full disclosure obligation. The UK letter rejects that interpretation.
What the eventually-published model card said
The Gemini 2.5 Pro model card, when it finally appeared, disclosed several substantive items. It positioned the model at Google DeepMind's Critical Capability Level 2 (CCL-2) for offensive cyber capabilities, meaning the model can meaningfully assist with intermediate cybersecurity tasks but does not provide novel uplift on advanced operations. It documented dangerous-capability evaluations across CBRN, persuasion, self-proliferation, and offensive cyber dimensions. It described the Deep Think variant — released later in 2025 — as requiring extra evaluation time and being available only to trusted testers initially. Notably, the card characterizes the safety evaluations as having been conducted prior to the March 25 release but not published contemporaneously. That distinction is exactly what the UK letter criticizes.
Why this matters for enterprise consumers of Gemini
For platform security teams underwriting Gemini deployments through Vertex AI or the Gemini API, the disclosure cadence matters in three concrete ways. (1) It changes the evidentiary basis for your model risk file. If your policy requires a vendor safety report dated on or before the model's general availability date, an experimental release without contemporaneous documentation cannot satisfy the policy. (2) It affects EU AI Act compliance. The General-Purpose AI Model obligations entered into application August 2, 2025, and require providers of models trained with ≥10²⁵ FLOPs to publish a training-data summary and maintain documentation that downstream providers can rely on. A late or partial disclosure makes downstream documentation harder to assemble. (3) It signals vendor culture. The other large labs (Anthropic, OpenAI, Meta on Llama 4) released system cards or model cards on or before launch day; Google's approach was an outlier among signatories of the same commitment.
How Gemini 2.5 stacks up against peers on capability disclosure
A quick cross-comparison of capability disclosures from comparable 2025 model releases:
Model Release Card/Report Delay
-------------------------------------------------------------
Claude Opus 4 2025-05-22 Day-of 0 days
Claude Sonnet 4.5 2025-09-29 Day-of 0 days
GPT-5 2025-08-13 Day-of 0 days
Llama 4 Scout 2025-04-05 Day-of 0 days
Gemini 2.5 Pro Exp 2025-03-25 Delayed months
Gemini 2.5 Deep 2025-08-01 Day-of 0 days
Mistral Large 3 2025-12-02 Day-of 0 days
The pattern is clear: the industry norm has crystallized around day-of release of a safety document. Gemini 2.5 Pro Experimental is the conspicuous departure. The Deep Think variant, released August 1, 2025, did ship with a model card on the same day — suggesting Google course-corrected after the initial criticism.
Reading Gemini's 2.5 Flash and Computer Use disclosures
Two subsequent Gemini 2.5 releases are worth flagging. The 2.5 Flash model card was updated in December 2025 to cover the latest native variant, with refreshed evaluations on dangerous-capability tasks. The Gemini 2.5 Computer Use Model, announced October 2025, includes safety training specifically targeting risks of intentional misuse, unexpected model behavior, and scams. Google provides developer-facing safety controls including the ability to prevent actions that harm system integrity, compromise security, or control medical devices. For teams integrating Gemini Computer Use into business workflows, those developer controls are not optional — they are the trust-boundary enforcement layer the model card explicitly assumes you will configure.
What to ask in your next vendor review
A practical questionnaire for Gemini deployments under any future Google DeepMind model release:
- Was a model card and dangerous-capability evaluation published on or before general availability?
- Has the model been classified against Google's Frontier Safety Framework CCL tiers? At what level?
- Are training-data summary documents available under the EU AI Act template?
- Does the deployment expose Computer Use or other agentic surfaces? If so, are developer safety controls documented for our use case?
- What is the contractual SLA for advance notice of model deprecation?
How Safeguard Helps
Safeguard tracks model-card and safety-report publication dates against vendor commitments to the Frontier Safety Commitments and the EU AI Act. When Google DeepMind, OpenAI, or any other lab releases a model with a documentation gap, Griffin AI raises a finding tagged to your vendor scorecard and surfaces it in the AIBOM for affected products. Policy gates can require that any model in your product registry be accompanied by a contemporaneous safety report; an experimental release without that artifact fails the gate. TPRM workflows continuously score Google DeepMind's disclosure cadence against your policy, and let compliance teams generate a defensible audit trail for AI Act and FCA-aligned model risk reviews.