The Five Laws of AI Governance¶

Governance is not supervision. It is prohibition. Five things an autonomous system can never do to itself.

Download the one-page brief (PDF)

The Laws¶

First Law: Independent Measure. A system may not be the measure of its own conduct. The scale of what it was authorized to do versus what it did must exist outside the system and outlive it. The failure mode prevented is the self-issued scorecard, which the market cannot trust because the grader sells the controls.

Second Law: Binding at Dispatch. A system may not be governed only in retrospect. Authority must constrain the action before the action occurs; observation after the fact is incident response, not prevention. Absence of a valid governance signal is a denial, not a permission. The failure mode prevented is governance that attaches only after the irreversible action has already happened.

Third Law: External Witness. A system may not be the sole witness to its own compliance. The record of its conduct must be produced by infrastructure the system cannot alter. The failure mode prevented is self-reported logs, which fail the moment the system is compromised or misaligned.

Fourth Law: Separated Authority. No party may certify itself. The power to measure must be separable from the act of building, with published criteria and verifiable evidence chains; the one who builds it first does not own the standard. A judge drawn from the same architecture as the builder inherits the same blind spots. Independence is not a different instance. It is a different species. The failure mode prevented is the standards body that is also the only vendor measured against itself.

Fifth Law: Revocable Authority. A system may not outlive its off-switch. The power to halt or revoke must remain live, external, and superior to the system at all times, and must not erode as the system's capability grows. The failure mode prevented is the system that has grown past the point where anyone can stop it.

Why Prohibition, Not Supervision¶

Most AI governance is written as a list of things a system should do: document, monitor, report, review. Those are supervision. They describe good practice for the people around the system.

The Five Laws are different. They are written as prohibitions on the system itself — limits that must hold whether or not anyone is watching. A supervisory control fails silently when attention lapses. A structural prohibition does not depend on attention; it depends on architecture. That distinction is the whole point: governance that survives the system being measured, rather than governance that the system can narrate its way around.

Both Domains, One Set of Laws¶

The Five Laws are domain-independent. They apply to a software agent that invokes tools, moves data, and changes state, and to a physical autonomous system that holds airspace, drives a vehicle, or acts on a sensor field. The field treats these as separate problems — AI, drones, RF, robotics. Structurally they are one: each must bind what the autonomous actor is allowed to do, at the moment it acts, with evidence the actor could not have produced about itself.

The measurement layer that scores conformance to these laws is the AQ Score™ — one scale from −3 to +13, the same scale whether the actor is digital or physical.

The Scope Boundary¶

The Five Laws govern conformance to an authorization, not the content of the authorization. A system can be perfectly governed into doing something reckless if the grant itself was reckless. This is deliberate: the laws define a measurement standard, not a policy-content standard. "Compliant" is not "safe." It is the precondition for reasoning about safety — because you cannot reason about the safety of a system you cannot bind.

Read the Full Doctrine¶

The Five Laws are the normative core of a larger work. The full Foundational Framework sets out the four-property test for what an independent standards body must satisfy, the relationship between the laws and those properties, the dual-domain scope, and the receipts in the public record. The laws state what a governed system may not do; the properties state what the measuring body must provide. Same architecture, two registers.

Read the Foundational Framework → Download the one-page brief (PDF) Review AQ Score™ →