GPT-OSS 20B
OpenAI · USA
Based on published licence terms, GPT-OSS 20B is released under Apache 2.0 with no field-of-use carve-outs in the licence itself; OpenAI publishes a separate non-binding 'gpt-oss usage policy' as guidance. Training-data disclosure is domain-level only, and US origin carries Schrems-II / CLOUD-Act exposure that enterprise deployers should document for EU workloads.
Licence facts
- Parameters
- ~21B total / ~3.6B active
- Architecture
- Sparse Mixture-of-Experts — 24 layers, 32 experts, Top-4 routing, SwiGLU activations, learned attention sinks, RoPE
- Context length
- 128K tokens
- Reasoning modes
- Low / medium / high configurable reasoning levels
- Tool use
- Function calling, Python execution, browsing, structured outputs via Harmony response format
- Released
- 2025-08
Known risks
- Training-data transparency gap: OpenAI describes the corpus only at domain level ('mostly English, text-only', weighted toward STEM, coding, general knowledge) with no dataset enumeration, source list, or opt-out mechanism — thin for EU AI Act Art. 53(1)(d) 'sufficiently detailed summary' expectations.
- US origin and transfer exposure: self-hosting inside the EU mitigates Schrems-II / CLOUD Act concerns for the weights, but any operational telemetry returned to OpenAI or US-based inference providers re-introduces transfer risk that must be addressed contractually.
- Safety-tuning is removable by fine-tuning: OpenAI acknowledges that determined actors can fine-tune away refusals, so EU deployers carry the mitigation burden (content filtering, downstream provider duties) under AI Act obligations.
Sources
Reviewed by Ali Madjaji · Last reviewed 2026-04-17· Reviewed 1 day agoSuggest a correction