Building safer systems for a changing digital future

Safety by design principles have become an accepted core of digital safety. This is no longer only a matter of good practice; it is increasingly reflected in how regulators and institutions think about online safety and artificial intelligence (AI).

Safety by design is about putting user safety and rights at the centre of the design and development of online products and services, with an emphasis on anticipating harms rather than retrofitting safeguards later.

Many companies – including OpenAI, Amazon, Anthropic, Google, Meta, Mistral AI and others – have publicly committed to safety by design principles for generative AI as part of efforts to prevent sexual harms against children.

With the increased global focus on digital safety, especially in protecting children, companies should know how their current systems and new product releases could be used where their design choices might make harms easier, faster or harder to detect.

However, a key aspect of safety by design is anticipation. Anticipation is not just in relation to how new product and feature releases can cause harm but also to look at the horizon to what is coming. It is also about understanding how the surrounding environment is changing through technology, regulation, behaviour and adversarial adaptation, and how those changes can create new harm pathways around products, services, and systems.

Changes in the digital landscape are accelerating, especially due to AI. Generative AI is making some kinds of harm easier to scale, personalize and disguise. At the 2026 Global Fraud Summit, it was warned that deepfake video, synthetic audio, chatbots and related tools are making it easier for criminals to impersonate trusted people and defraud victims.

This is also seen with the models themselves, as they become more capable, safety increasingly depends on real-world safeguards. OpenAI’s Safety Bug Bounty, launched in March 2026, aims to identify abuse and safety risks across its products by accepting reports of meaningful issues from researchers, ethical hackers and the broader safety and security community.

This is an example of how organizations can actively test systems for emerging vulnerabilities and misuse, but it also shows that digital safety cannot be treated as a one-time exercise because the risks themselves continue to evolve.

In other words, digital safety is not a fixed checklist but a moving target. A feature designed to improve convenience or automate decisions may improve safety in one respect while creating new blind spots in another. A safeguard that works today may be bypassed tomorrow. Bad actors do not stand still, and neither do the systems, incentives and environments in which harm happens.

This is why foresight matters. Foresight is about being more prepared and anticipating changes, and thus a natural extension of safety by design.

Foresight requires asking questions, such as what signals are emerging? Which shifts in technology, policy, markets or user behaviour could reshape risk? What happens when known harms combine with new capabilities?

That is the frame in which a new World Economic Forum report, Preparing for the Future: The Pillars of Digital Safety Foresight, should be read. It helps organizations think more anticipatorily and links foresight to action.

The report presents six pillars for digital safety foresight:

Foresight only matters if it changes what organizations do. The response should depend on two things: how well a harm is understood, and how prepared the organization is to address it.

There are four response pathways outlined in the report that outline how organizations can turn foresight into action:

To explain, when a risk is already well known and existing safeguards appear strong, the priority is not to start over, but to keep those protections effective as technologies, behaviours and threat patterns evolve (Pathway 1).

In other cases, the harm may be emerging and the evidence incomplete. Then the focus should be on testing assumptions, improving visibility into what is happening, and getting possible mitigations ready to deploy (Pathway 2).

When the harm is understood, but current protections are too weak or too narrow. In those situations, organizations need to strengthen specific safeguards and address known points of failure (Pathway 3).

Where the threat is still poorly understood, the first step is not a precise solution but stronger readiness by creating proxy observables, determining pre-agreed tripwires and escalation authorities, and defining redress paths (Pathway 4).

Seen this way, the response pathways are a way of matching action to the level of uncertainty and preparedness.

Safety by design remains essential as it emphasizes preventive and anticipatory action rather than reacting after harm occurs. But it must be paired with foresight to prepare for a shifting digital world where harms evolve, rules change, technologies converge and bad actors adapt.

The organizations that lead on digital safety will not only ask how to build safer systems; they will ask what future those systems must be ready for.