Pause for authorization.
Policy preconditions are evaluable but the action requires human authorization within scope. The AGL routes the request to the named principal, captures their authorization, and writes the resolution to the chain.
Platform / 1.5
Human authority & privacy.
Privacy is preserved by architecture, not by policy. Human authority is preserved by the Time Sovereignty Layer, not by procedural reminder.
01Human-Non-Modeled / Context-First
The platform is engineered around a foundational refusal: it does not model individual humans. It does not maintain a persistent representation of any specific person across decisions. It reads context — the institutional, situational, and operational facts relevant to a decision — and applies deterministic policy to that context.
Concretely, this means the platform never accumulates a feature vector that says "Person X is likely to do Y." It does not score people. It does not build long-running profiles. The architectural commitment is that the unit of governance is the action, not the person.
02Zero PII retention by design
Personal identifiers are not retained in the forensic chain. Where an authorized integration delivers an input that includes PII (for example, a federation API that identifies an official by name and license number), the IML maps the PII to a policy-relevant role token before the input enters the deterministic kernel. The role token is what the chain records. The original PII does not become part of the durable audit record.
This is more conservative than most regulatory frameworks require. The institutional rationale is that an audit chain that retains PII is a liability surface; an audit chain that records role tokens is an asset.
03No profiling of individuals
The platform does not associate an observed signal with a previously seen instance of the same person. There is no facial recognition. There is no re-identification across decisions. The system has no read of "this is the same person we saw last week." Where continuity is necessary for the action — for example a multi-step authorization — the continuity is carried by an authorization token, not by a person identifier.
04Recovery paths under human authority
The two non-ALLOW states — DEFER and SYSTEM_UNVERIFIED — are not failures. They are pause states with a defined escalation path to a named human within scope. The architectural property is that the recovery path is part of the design, not an afterthought.
Pause for verification.
A precondition for verification cannot be evaluated. The system refuses to guess. Operations or the named human resolves the gap. The action does not proceed under "best effort."
05Time Sovereignty: irreversible actions require human authorization
Some actions cannot be cleanly reversed. A medical clearance for return-to-play that triggers selection. A safety evacuation phase decision that mobilizes responders. A clinical trial protocol amendment that affects an enrolled cohort. For the set of actions classified as irreversible by the vertical's policy, the Time Sovereignty Layer requires explicit, signed, in-scope human authorization before the action proceeds.
The authorization is itself written to the forensic chain — the named human, their scope, their signature, the time. The institutional consequence is that the authority for irreversible actions is not delegated to the system. The system can refuse; the system can pause; the system can record. The system cannot, by architecture, take an irreversible action on its own initiative.
Architectural commitment
Back to top
Privacy is preserved by architecture, not by policy. Human authority is preserved by the Time Sovereignty Layer, not by procedural reminder. Both commitments are visible in the chain — to the operator, to the auditor, to the regulator, to the federation principal — for the lifetime of the deployment.