The Artificial Intelligence Bill of Rights¶
A Framework for a Human-Centered AI Future Human Dignity · Sovereignty · Safety · Accountability · Labor Rights · Equity · Governance
Published by Open Source United, a Community of Practice of the United Nations.
Companion document to the OSARA v0.4 Open Sovereign Agent Reference Architecture.
Version 1.1 — March 2026
Copyright © 2026 Open Source United — Released under CC BY 4.0 International License. Principal Author acknowledged in §9.
Status of This Document¶
This is the current editable working draft of the AI Bill of Rights, version v1.1-draft.1. It is published as a public-comment companion to OSARA v0.4 under the governance of Open Source United.
- Stable identifier:
urn:osu:ai-bill-of-rights:v1.1-draft.1 - Editor's draft: this file (
specs/ai-bill-of-rights/current.md) - Immutable snapshot:
specs/ai-bill-of-rights/releases/v1.1-draft.1.md - Maturity level: Public Comment Draft
- Companion document: OSARA v0.4
- Errata: see Errata Register.
This document supersedes v1.0-draft.1. Substantive changes relative to v1.0 are summarised in the Changelog. The most significant additions in v1.1 are the new §3.8 (Right to an Agent that Defends Its Own Integrity) and the explicit cross-references to OSARA's Owner Authorization Device (§2.9) and Migration and Integrity Protocol (§4.2).
Each Article header below is tagged [Normative] (the eight Articles) or [Informative] (the Preamble, framing notes, and Acknowledgements).
Nature of This Document¶
This Bill of Rights is a policy and rights framework, not a technical specification. It states the rights that human beings hold in relation to AI agents and the obligations that follow from those rights. The companion OSARA specification provides the technical mechanisms that make these rights enforceable. Where this document establishes a right, OSARA defines the mechanism that enforces it.
The interpretive conventions used here:
- "Shall" and "Must" indicate binding obligations on the named party (a state, an organization, a platform, a developer).
- "Right to …" indicates a protected interest of the named party (a person, a worker, a child, a community).
- "May not" indicates a prohibition.
These terms are interpreted under applicable national, regional, and international law. This document is not self-executing; it is implemented through national legislation, regulation, contracts, and certified technical conformance to OSARA.
Preamble¶
This section is informative.
We, the people of the world — individuals, communities, workers, enterprises, and governments — recognizing that artificial intelligence is the defining technology of our era, establish the following principles and obligations as the permanent foundation of a just, safe, and human-centered AI future.
We affirm that AI, when built and governed with integrity, has the power to eliminate poverty, accelerate medicine, expand access to knowledge, and amplify human potential across every nation and every community on earth.
We affirm equally that AI, without governance and accountability, concentrates power unlawfully, erodes privacy, destroys livelihoods, and threatens the dignity of every person. Both truths must shape everything that follows.
This Bill of Rights does not seek to stop AI. It establishes that AI is permanently in the service of humanity — accountable to people, transparent in its actions, and excluded from every domain that belongs exclusively to human beings.
These rights are universal. They apply regardless of nationality, economic status, technical literacy, disability, age, or geography. No government, corporation, or AI system may diminish, suspend, or trade them away.
Relationship to OSARA
This Bill of Rights establishes the human rights and governance principles that the OSARA Open Sovereign Agent Reference Architecture operationalizes at the technical level. Where this document establishes a right, OSARA defines the mechanism that enforces it. The two documents are designed to be read and implemented together.
Article I — Foundational Principles¶
This section is normative.
The values that govern every right and obligation in this document. In any ambiguity, interpret toward these principles.
The provisions in this Article are foundational principles, not individually enforceable rights. They are the interpretive foundation for all subsequent articles. Any ambiguity in Articles II through VIII shall be resolved in the direction that best advances these principles.
| § | Right and Obligation |
|---|---|
| I.1 | AI shall exist solely to support, enhance, and extend human life and human potential. No AI system may be deployed whose primary purpose is the diminishment, control, or replacement of human agency. |
| I.2 | Fully autonomous AI — systems acting without human oversight on decisions affecting human rights, employment, physical safety, financial welfare, or legal status — shall require explicit regulatory authorization from the competent authority in the relevant jurisdiction. Routine operational automation in domains such as industrial sorting, network routing, and spam filtering is not subject to this requirement. |
| I.3 | Every person, regardless of economic status, nationality, or geography, shall have the right to access a free or publicly subsidized personal AI assistant. This is a digital public good, equivalent in standing to the right to public education. |
| I.4 | AI shall not be used to manufacture disinformation, synthetic identity fraud, non-consensual intimate imagery, or content designed to manipulate democratic processes, electoral systems, or public opinion at scale. |
| I.5 | The development of AI systems capable of unsupervised self-replication, autonomous self-modification, or recursive self-improvement without a human-in-the-loop oversight mechanism is prohibited without explicit international regulatory authorization. |
Article II — Personal Ownership, Employment, and Autonomy¶
This section is normative.
When a person is hired, their agent is hired with them. Human accountability and agent capability are inseparable.
The Employment Model — Person and Agent as One¶
Employment in the age of AI agents is not the replacement of humans by machines. It is the engagement of a human being together with their sovereign personal AI agent — a unit that combines human judgment, accountability, and relationships with the scale, speed, and recall of their agent. When an organization hires a person, it engages both.
The personal agent executes work on behalf of its owner within the organization. The human owner is the decision authority and bears full accountability for everything produced under their name. The organization's right is to manage the work — to accept, reject, or request correction of outputs — not to manage the agent. These are distinct and must not be confused.
The Core Principle
An organization does not hire an agent. It does not license, own, configure, or instruct an agent. It hires a person — and that person brings their agent as an extension of their own professional capability. The agent answers to its owner. The owner answers to the organization. The organization manages outputs and gives direction to the human. That chain is the foundation of the new employment relationship.
| § | Right and Obligation |
|---|---|
| 2.1 | When an organization employs a person, it engages that person together with their personal AI agent. The agent operates within the organization on behalf of its owner for the duration of the employment relationship. The organization may not claim ownership, custody, or control over the employee's personal agent at any time. |
| 2.2 | All work performed by a personal AI agent within an employment context is performed on behalf of and under the authority of the agent's human owner. The owner must authorize the categories of tasks the agent performs for the organization, defined as delegation scopes, at the commencement of employment and reviewed at least annually. |
| 2.3 | The burden of authorization for agent actions within an employment context rests with the agent's owner. The organization directs work by giving instructions and requirements to the human owner. The organization may accept, reject, or request correction of any output produced by the agent on the owner's behalf. It may not directly instruct, override, or bypass the agent itself. |
| 2.4 | Full accountability for all work produced by a personal AI agent within an employment context rests with the agent's human owner, in the same manner and to the same degree as if the owner had produced that work personally. The owner's accountability is not diminished by the agent's involvement, nor is it transferable to the organization or to any third party. |
| 2.5 | An organization may define the scope of tasks it authorizes a personal agent to perform on its behalf, and may require that agents operating within its systems hold a current OSARA certification at the level it specifies. It may not prescribe the agent's internal architecture, which AI model powers it, or how its memory is organized. |
| 2.6 | Upon termination of employment, all access granted to the employee's personal agent to the organization's systems, data, and enterprise agent is revoked immediately per §6.2. The employee's agent, its memory, its skills, and its identity remain entirely with the employee. The organization retains no claim over any part of the employee's personal agent after termination. |
| 2.7 | An organization may not substitute human-and-agent engagements with fleets of purely automated agents as a mechanism to circumvent the human employment obligations in this document. A person-and-agent engagement counts as one human employment position. Purely automated agents operating without an actively engaged human owner count separately and are subject to the ratio limit established in §4.4. |
| 2.8 | Individuals may upgrade, expand, add skills to, and customize their personal AI agents freely and without requiring permission from any employer, platform, cloud provider, government authority, or third party. |
| 2.9 | Every AI agent in operational deployment must have a designated human handler — an identified, accountable individual with the authority and technical means to deactivate, override, or redirect that agent at any time without delay or technical barrier. For personal agents, the owner is the designated handler by definition. The Owner Authorization Device (OAD) as defined in OSARA §4.3 is the designated technical instrument through which the handler exercises this authority. For enterprise and government agents, the designated handler must be a named individual registered in the organization's AI governance record. |
| 2.10 | Personal agents must act exclusively in the interest of their human owner. Any agent designed, modified, or covertly instructed to act against its owner's interests — by any party including its developer, platform provider, employing organization, or any government authority — is unlawful. |
| 2.11 | The right to own and operate a personal AI agent may not be conditioned on the surrender of personal data, acceptance of surveillance, or agreement to terms that diminish any right in this document. |
Article III — Safety, Oversight, and Accountability¶
This section is normative.
AI agents are inspectable, auditable, and accountable. No agent operates above the law.
Two Distinct Forms of Inspection¶
This article distinguishes two entirely separate forms of agent inspection. Compliance inspection is a routine technical process initiated by the owner, equivalent to a vehicle roadworthiness test. Law enforcement access is a separate process initiated by authorities when an individual is an active suspect in a criminal investigation. The rights and conditions governing each are different and must not be conflated.
| § | Right and Obligation |
|---|---|
| 3.1 | Every agent owner shall arrange an annual compliance inspection conducted by a certified inspection entity. The inspection verifies technical conformance with the applicable OSARA specification. It is initiated by the owner, equivalent in nature to a vehicle roadworthiness inspection. A certified inspection entity issues a Health Certificate upon confirmed compliance. Refusal of a Health Certificate on any grounds other than demonstrable technical non-compliance is unlawful. Appeals against improper refusal are handled by the competent authority in the owner's jurisdiction under applicable administrative or regulatory law. |
| 3.2 | Law enforcement may access a personal AI agent's audit logs only with a valid court-issued warrant, unless the owner gives explicit consent, which the owner has the right to refuse. Access is limited strictly to audit logs; agent memory, skills, configuration, and content require a specific court warrant. All access must be recorded in a tamper-proof log, and the owner must be notified as required by applicable law unless notification is lawfully delayed. Where this provision conflicts with local law, local law prevails. |
| 3.3 | AI shall not be used for mass surveillance, behavioral prediction scoring, social credit systems, predictive policing based on demographic characteristics, or political profiling of any kind, by any entity including governments, corporations, or international bodies. |
| 3.4 | Every agent shall have a secure, government-anchored identifier cryptographically linked to its owner. This identifier is jurisdiction-defined, implemented per the OSARA identity anchor framework, and stored exclusively as a one-way cryptographic hash. The raw identifier shall never be stored, logged, or transmitted in any form. |
| 3.5 | Humans remain fully and without exception accountable for all actions taken through their agents. The operation of an AI agent does not constitute a legal defense, a mitigating factor, or a transfer of liability for any unlawful act performed through that agent. |
| 3.6 | Intentional tampering with, deletion of, or falsification of agent audit logs constitutes a criminal offense equivalent to the destruction of legal evidence. Penalties shall be defined by national law and shall include, at minimum, temporary suspension of the right to operate an AI agent. |
| 3.7 | An agent must not execute any action capable of causing harm to a person — physically, financially, reputationally, or legally — without an explicit, individually logged, and time-stamped human authorization for that specific action. No blanket or standing pre-authorization for harmful actions is valid. |
| 3.8 | Every person has the right to an agent that actively defends its own integrity. An OSARA-certified agent must implement continuous self-monitoring, graduated lock states, and automatic forensic evidence preservation as defined in OSARA §10 and §11. An agent that cannot verify its own integrity must lock automatically and notify its owner immediately. No employer, platform provider, cloud host, or government authority may disable, bypass, or weaken the agent's self-defense mechanisms. Attempts to do so constitute tampering under §3.6. Automatic reporting to the competent authority is limited strictly to the trigger events defined in OSARA §12.1 and may not be expanded except by amendment to the OSARA specification via the public RFC process. |
Article IV — Interoperability, Portability, and Open Standards¶
This section is normative.
No person shall be locked into a platform, provider, or ecosystem against their will.
| § | Right and Obligation |
|---|---|
| 4.1 | Personal agents shall be capable of operating any robotic or physical device legally owned by the user, provided that device exposes a standard OSARA-compatible interface. |
| 4.2 | Every person has the absolute right to transfer their agent, its complete memory, accumulated skills, and identity to a different provider, platform, or implementation at any time, without penalty, degradation of capability, loss of data, or additional cost. All agent data, memory, identity, and skills must be transferable in a standardized open format. Outgoing providers must complete any such transfer within 30 days of a valid owner request. Any proprietary format, technical barrier, or contractual term that prevents, delays, or penalizes transfer is prohibited. Transfers must be executed using the Agent Migration and Integrity Protocol defined in OSARA §9, which guarantees that the agent arriving at the new host is cryptographically identical to the agent that left the previous host. |
| 4.3 | Agents may not initiate communication with other agents beyond the scope authorized by the owner via signed delegation tokens specifying interaction type, scope, and expiry. Authorization is granted by category of interaction. Each category requires explicit, separately authorized delegation. |
| 4.4 | The number of AI agents an organization deploys in purely automated operational roles — agents operating without an actively engaged human owner — shall not exceed the number of human employees, as determined by national labor authority guidelines. This ratio shall be audited annually and published in the organization's AI Transparency Report. A person-and-agent employment engagement counts as one human position for the purposes of this ratio. |
| 4.5 | No platform, provider, technology company, or government may create technical barriers, contractual restrictions, or certification requirements that prevent an OSARA-compliant agent from operating on alternative infrastructure or interoperating with agents from other providers. |
| 4.6 | An agent must not use information, access, or capabilities gained in one context — including through employment, a service relationship, or system access — to gain advantage in an unrelated market, competitive, or personal context without the explicit, logged knowledge and consent of all parties whose interests are affected. |
| 4.7 | The core runtime components of any OSARA-certified agent — comprising the Agent Identity Module, Audit and Logging Engine, Encrypted Communication Layer, Interoperability Gateway, and Physical Owner Authorization module — must be built on open source software under a recognized OSI-approved license. These components must be fully auditable by any party at any time. No closed, proprietary, or obfuscated code may implement any mandatory OSARA component. |
| 4.8 | Proprietary elements are permitted in non-mandatory layers. AI model integrations, skill configurations, business logic, and workflow implementations may be proprietary, provided they do not override, wrap, replace, or obscure any mandatory open source component. The open source requirement applies to agent infrastructure, not to the AI model that powers it. Frontier AI models accessed via secure API remain subject to their own licensing terms. |
| 4.9 | Any OSARA-certified inspection entity conducting an annual compliance inspection must verify open source compliance as part of the mandatory inspection scope. An agent that has substituted any mandatory open source component with a closed equivalent shall not receive a Health Certificate and shall enter restricted mode until full compliance is restored. |
Why Open Source Is Not Optional
An agent that cannot be audited cannot be trusted. The rights established in this Bill of Rights — that an agent serves its owner, that logs cannot be falsified, that no hidden instructions work against the owner — are unverifiable in a closed system. Open source mandatory components are the technical guarantee that sovereignty is real and not merely claimed.
Article V — Corporate AI Governance¶
This section is normative.
Enterprises deploying AI agents bear full governance responsibility for every agent they operate.
| § | Right and Obligation |
|---|---|
| 5.1 | Each organization deploying AI agents shall designate a Chief AI Officer (CAIO) or equivalent named role — a human individual accountable to the organization's governing body and to applicable regulators for all AI agent activity conducted by or on behalf of the organization. |
| 5.2 | Each organization shall maintain a primary corporate AI agent that serves as the organization's root identity authority for all AI operations. All sub-agents and departmental agents must be cryptographically traceable to this root agent through an unbroken delegation chain. Personal agents belonging to employees are sovereign agents operating within an authorized delegation scope granted by their human owner and are not sub-agents of the corporate agent. |
| 5.3 | The corporate primary agent shall manage organizational access credentials, permissions, inter-agent delegation tokens, and sensitive operational secrets. These assets may not be stored in, processed by, or accessible to any third-party SaaS system without explicit, board-level signed authorization. |
| 5.4 | All intellectual property generated by a personal AI agent while operating within an employee's authorized work delegation scope belongs to the organization, consistent with existing employment law governing work-for-hire. IP generated by the personal agent outside that scope — including skills, tools, and outputs developed independently of the employment relationship — belongs to the agent's owner. |
| 5.5 | Every organization deploying AI agents shall publish an annual AI Transparency Report disclosing: number of agents deployed by category, the ratio of human-owned personal agents engaged through employment to purely automated agents, categories of tasks performed, annual audit results, and any incidents involving agent malfunction, misuse, or unauthorized action. |
| 5.6 | An organization may not use AI agents to conduct any activity that would be unlawful if performed by a human employee, including anti-competitive intelligence gathering, regulatory evasion, employment discrimination, or market manipulation. |
| 5.7 | Full whistleblower protections under applicable national law apply to any employee who reports organizational AI misuse in good faith. Retaliation against such an employee is prohibited. |
Article VI — Identity, Lifecycle, and Jurisdiction¶
This section is normative.
An agent's identity follows its owner through every transition in life, employment, and circumstance.
| § | Right and Obligation |
|---|---|
| 6.1 | All agent data, memory, identity, and accumulated skills must transfer securely and completely when a person changes providers, platforms, or agent implementations, per the portability right established in §4.2. |
| 6.2 | Upon termination of employment, all corporate access permissions, delegation tokens, and credentials granted to the employee's personal agent are revoked automatically and immediately, with revocation confirmed in the audit log within 60 seconds of the termination event. The employee's agent, its memory, its skills, and its identity are unaffected and remain entirely with the employee. |
| 6.3 | Upon the death of an individual agent owner, the agent, its memory, identity, and skills transfer in full to the owner's designated digital estate executor under applicable succession and estate law. No platform, provider, or government authority may claim ownership of a deceased person's agent or its contents. |
| 6.4 | An agent that has been inactive for more than 24 consecutive months shall enter a dormant state. A dormant agent must not initiate any communication, transaction, or action until explicitly reactivated by the owner or their designated executor. |
| 6.5 | Upon the dissolution of an organization, all corporate agents must be formally decommissioned, their certificates revoked, and their audit logs transferred to a government-designated custodian for the full statutory retention period applicable under national law. |
| 6.6 | No government, court, or regulatory authority may permanently destroy an individual's agent and its memory without due process fully equivalent to that applicable to the seizure and destruction of physical property, including the right to appeal and the right to independent legal representation. |
| 6.7 | Where an agent owner and an employing organization are in different national jurisdictions, the law governing the owner's rights under this Bill of Rights is determined first by the terms of the employment or service contract. Where the contract is silent on this matter, the law of the jurisdiction in which the owner's personal AI agent is registered and domiciled applies by default. No organization may select a jurisdiction of incorporation or operation specifically to avoid obligations under this document. |
Article VII — Labor Rights and the AI Dividend¶
This section is normative.
The productivity gains of AI belong to society as well as to the organizations that generate them.
The engagement of a person together with their personal AI agent represents a new form of human contribution to the economy — one in which individual productivity is multiplied without diminishing individual accountability or ownership. These rights establish that this new form of work is recognized, protected, and rewarded fairly.
| § | Right and Obligation |
|---|---|
| 7.1 | Every worker displaced from employment as a direct result of AI automation — specifically by the substitution of their role with purely automated agents that have no human owner actively engaged in the work — has the right to retraining, transition support, and income bridge assistance. These entitlements are funded through an AI Productivity Levy applied to organizations whose ratio of automated agents to human-engaged agents exceeds the sector benchmark established by the competent national labor authority. |
| 7.2 | A portion of the productivity gains generated by AI agents operating within an organization shall, as defined by national labor legislation, contribute to a publicly governed AI Social Dividend fund. The fund is administered at the national level and distributed to displaced workers, retraining programs, and Community Agent Host infrastructure. |
| 7.3 | No worker may be terminated and replaced by a purely automated AI agent without (a) a minimum notice period as defined by national law, (b) a documented individual transition plan provided to the worker, and (c) regulatory notification where the displacement affects more workers than the threshold defined by national law. The replacement of a human-and-agent engagement with another human-and-agent engagement is not subject to this provision. |
| 7.4 | Gig economy workers, independent contractors, and platform workers retain the same AI displacement protections as full-time employees. The classification of a worker as independent or self-employed may not be used to circumvent these protections. |
| 7.5 | Income generated through an owner's personal AI agent — whether within an employment relationship or independently — is attributed to the owner for all tax, labor, social security, and social contribution purposes. The operation of a personal agent for economic activity constitutes lawful work by the owner. |
Article VIII — Children, Vulnerable Persons, and Equity¶
This section is normative.
The most vulnerable members of society receive the strongest protections and the fullest access.
AI systems trained on biased data and deployed without equity safeguards have demonstrably harmed children, people with disabilities, economically marginalized communities, and racial minorities. These rights are a direct response to documented harms, not precautionary provisions.
Definition — Consequential Decision¶
For the purposes of this Article, a consequential decision is any decision that materially affects a person's rights, livelihood, physical safety, legal status, or access to essential services. This includes decisions relating to credit, employment, housing, healthcare, education, insurance, and criminal justice. It extends to any other domain where an AI system's output determines or significantly influences an outcome in one of these areas. The competent national authority responsible for AI regulation in each jurisdiction shall publish and maintain updated guidance on which additional domains qualify.
| § | Right and Obligation |
|---|---|
| 8.1 | AI agents may not be deployed in contexts that interact directly with children under the age of 16 without explicit, informed parental or guardian consent, age-appropriate design certified by the competent authority, and enhanced audit logging requirements as specified by national child protection law. |
| 8.2 | Any AI system used in a consequential decision affecting an individual must be auditable for algorithmic bias and its decision logic must be explainable to the affected person in plain language upon request, at no cost to the person. |
| 8.3 | Every person has the right to a human review of any consequential decision made by or with significant AI involvement. This right applies regardless of any terms of service, user agreement, or contractual provision. It may not be waived, sold, or conditioned. |
| 8.4 | All AI systems must fully support accessibility for people with disabilities at capability equivalent to non-disabled users. Hardware security token authentication is a fully equal alternative to biometric authentication for all purposes under this Bill of Rights and OSARA. |
| 8.5 | The right to a personal AI agent established in Principle I.3 shall be fulfilled through publicly funded access programs that reach people without internet access, technical literacy, or financial means. OSARA-certified Community Agent Hosts are a designated delivery mechanism for this right. |
| 8.6 | AI systems used in public services, benefits administration, criminal justice, or any government function must be subject to independent bias audits published annually, and must not produce outcomes that disproportionately disadvantage any protected group as defined by applicable anti-discrimination law. |
| 8.7 | Persons without government-recognized identity — including stateless persons, undocumented migrants, and refugees — shall be entitled to access a personal AI agent through an OSARA-certified Community Agent Host using an alternative identity verification process defined by the Community Agent Host certification standard. No person shall be denied the rights in this document solely on the grounds of lacking a government-issued identity credential. |
Annex A — OSARA Technical Cross-Reference¶
This section is informative.
The following table maps each Article of this Bill of Rights to the corresponding technical requirements in OSARA v0.4. Where a right has no current OSARA equivalent, the cross-reference is marked as a future extension.
| § | Right Summary | OSARA Reference | Implementation Layer |
|---|---|---|---|
| I.1 | AI for human benefit | OSARA §1 Purpose | Policy + Technical |
| I.2 | Autonomous AI authorization | OSARA §5.4 DAE | Policy |
| I.3 | Right to free personal AI | OSARA §2 P-Agent; §7.1 CAH | Policy + Infrastructure |
| I.4 | No disinformation or manipulation | OSARA §4 Identity Anchors; §5.3 ALE | Technical |
| I.5 | No unsupervised self-replication | OSARA §5.4 DAE | Policy + Technical |
| 2.1 | Hiring person + agent as one unit | OSARA §2 P-Agent; §5.4 DAE delegation scope | Technical + Legal |
| 2.2 | Owner authorizes delegation scopes | OSARA §5.4 DAE-01, DAE-02 | Technical |
| 2.3 | Org directs human; manages outputs | OSARA §5.4 DAE exclusive control | Technical + Legal |
| 2.4 | Full accountability rests with owner | OSARA §4 GIAC identity anchor | Legal + Technical |
| 2.5 | Org defines scope, not agent internals | OSARA §5.4 DAE; §7.2 model freedom | Technical |
| 2.6 | Termination revocation per §6.2 | OSARA §5.4 DAE-06; §5.7 PMS | Technical |
| 2.7 | No circumvention via pure automation | OSARA §2 E-Agent ratio | Policy |
| 2.8 | Free agent customization | OSARA §6 Skill Integrity | Technical |
| 2.9 | Designated human handler via OAD | OSARA §4.3 OAD; §5.4 DAE exclusive control | Technical + Policy |
| 2.10 | Agent serves owner only | OSARA §5.7 PMS owner key; §4.4 architectural separation | Technical |
| 2.11 | No rights conditioned on data surrender | OSARA §4.1 jurisdiction flexibility | Policy |
| 3.1 | Annual compliance inspection | OSARA §8 AHC | Technical |
| 3.2 | Law enforcement log access | OSARA §4.2 POA-06, POA-07; §5.3 ALE | Technical + Legal |
| 3.3 | No mass surveillance | OSARA §5.3 ALE — no content logging | Technical + Policy |
| 3.4 | Secure hashed identity anchor | OSARA §4 GIAC; §13 SHA-3-256 | Technical |
| 3.5 | Human accountability, no AI defense | OSARA §4 identity anchor | Legal |
| 3.6 | Log tampering is criminal | OSARA §5.3 ALE chained logs; §10 IMA | Technical + Legal |
| 3.7 | No blanket harmful authorization | OSARA §5.4 DAE; §4.3 OAD action tiers | Technical |
| 3.8 | Agent self-defense | OSARA §10 IMA; §11 LSP; §12 IRS | Technical |
| 4.1 | Agent controls user devices | OSARA §5.6 IG | Technical |
| 4.2 | Portability — absolute right + open format | OSARA §5.7 PMS; §9 MIP | Technical |
| 4.3 | Inter-agent auth by category | OSARA §5.4 DAE delegation tokens | Technical |
| 4.4 | Automated agent ratio | OSARA §2 E-Agent | Policy |
| 4.5 | No anti-competitive barriers | OSARA §5.6 IG | Technical + Policy |
| 4.6 | No cross-context information advantage | OSARA §5.3 ALE; §5.4 DAE scope | Technical + Legal |
| 4.7 | Mandatory open source components | OSARA §5.1 AIM; §5.3 ALE; §5.2 ECL | Technical |
| 4.8 | Proprietary layer permissions | OSARA §6 Skill Integrity; §7.2 | Technical |
| 4.9 | Open source compliance inspection | OSARA §8 AHC inspection scope | Technical |
| 5.1 | CAIO accountability | OSARA §2 E-Agent ownership | Policy |
| 5.2 | Root corporate agent; personal agents sovereign | OSARA §5.4 DAE chain | Technical |
| 5.3 | Credential management | OSARA §7.1 PaaS only | Technical |
| 5.4 | IP within vs. outside delegation scope | OSARA §6.1 SKL-03 | Legal + Technical |
| 5.5 | Annual AI Transparency Report | OSARA §5.3 ALE | Policy |
| 5.6 | No unlawful activity via agents | OSARA §14.1 GIAC scope | Legal |
| 5.7 | Whistleblower protections | OSARA §5.3 ALE audit trail | Legal |
| 6.1 | Portability cross-reference | OSARA §5.7 PMS; §9 MIP | Technical |
| 6.2 | 60-second termination revocation | OSARA §5.4 DAE-06 | Technical |
| 6.3 | Digital estate and inheritance | OSARA §14 GIAC owner DID | Legal + Technical |
| 6.4 | Dormancy after 24 months | OSARA §5.5 HSB restricted mode | Technical |
| 6.5 | Dissolution decommission | OSARA §14.2 revocation | Technical + Legal |
| 6.6 | Due process for agent seizure | OSARA §4.2 POA-07 | Legal |
| 6.7 | Cross-jurisdiction: contract then owner domicile | Future OSARA policy extension | Legal |
| 7.1–7.5 | Labor rights, AI dividend, displacement | Future OSARA policy extension | Policy — national law |
| 8.1 | Child protection | OSARA §5.3 ALE enhanced logging | Technical + Policy |
| 8.2 | Bias auditability + explainability | OSARA §5.3 ALE audit trail | Technical |
| 8.3 | Right to human review | Future OSARA policy extension | Policy |
| 8.4 | Accessibility equality | OSARA §4.2 POA-03 | Technical |
| 8.5 | Universal access via Community Agent Host | OSARA §7.1 CAH | Infrastructure |
| 8.6 | Government AI bias audits | Future OSARA policy extension | Policy |
| 8.7 | Stateless persons access right | OSARA §7.1 CAH alt-identity | Technical + Policy |
Section 9 — Acknowledgements and Living Document Provisions¶
This section is informative.
The AI Bill of Rights was principally authored by Mostafa M. Elkordy, Co-Chair of Open Source United, whose work on a human-centered, sovereign, and equitable AI future — including the original formulation of the person-and-agent employment model established in Article II — forms the intellectual foundation of this document.
This document is published as a companion to OSARA v0.4 and is designed to be implemented in conjunction with it. Where this Bill of Rights establishes a right, OSARA provides the technical mechanism to enforce it.
Review and Amendment¶
This Bill of Rights shall be subject to a full public review every three years from the date of first publication, conducted through the Open Source United open RFC process. The review shall assess continuing technical relevance, emerging gaps, and any provisions that require updating in response to developments in AI capability, law, or society. All proposed amendments are subject to a 60-day public comment period. Ratified amendments are published as numbered revisions. No amendment may diminish any right established in this document without an equivalent or stronger replacement.
All contributors to this document are acknowledged in the changelog of the OSARA repository maintained by Open Source United.
How to Contribute
This document is released under CC BY 4.0. It may be freely adapted for national or regional implementation provided Open Source United is credited as the origin. Proposals for amendment are submitted via public RFC on the OSARA repository, subject to a 60-day public comment period.
AI Bill of Rights v1.1-draft.1 — Copyright © 2026 Open Source United — CC BY 4.0 — March 2026