Terms of Engagement

Human-Centric Artificial Intelligence Council for Artificial Intelligence Assurance (HCAI-CAIA)

Last Updated: January 1, 2026

1. Acceptance of These Terms

These Terms of Engagement (“Terms”) govern all access to and interaction with the Human-Centric Artificial Intelligence Council for Artificial Intelligence Assurance (“HCAI-CAIA,” “the Council,” “we,” “us,” or “our”), including but not limited to participation in assurance processes, submission of evidence, receipt or use of assurance artifacts, and access to the public assurance registry. By engaging with HCAI-CAIA in any manner, you (“Participant,” “Applicant,” or “User”) confirm that you have read, understood, and agree to be bound by these Terms. If you do not agree, you must not engage with HCAI-CAIA or use its services or materials.

2. Nature of HCAI-CAIA Services

HCAI-CAIA is an independent, non-regulatory, non-political public-interest assurance institution. It does not design, develop, deploy, operate, host, manage, or control artificial intelligence systems or related infrastructure. HCAI-CAIA provides assurance services only, consisting of evidence-based assessments and professional opinions regarding whether declared accountability mechanisms existed and operated within a defined scope and time period.

HCAI-CAIA does not provide:

· legal advice;

· regulatory determinations or authorizations;

· compliance certifications;

· safety, performance, or outcome guarantees;

· endorsements or approvals of systems, organizations, or technologies.

All assurance artifacts are descriptive, time-bound, and evidentiary in nature.

3. No Reliance and No Fiduciary Relationship

Assurance artifacts issued by HCAI-CAIA are informational and context-specific. They are not intended to be relied upon as the sole basis for decisions involving legal compliance, risk acceptance, investment, employment, credit, healthcare, public services, or other consequential matters.

You acknowledge and agree that:

· you retain full responsibility for decisions and actions taken in relation to artificial intelligence systems;

· HCAI-CAIA does not assume a fiduciary duty to you or any third party;

· assurance does not create a duty of care beyond the limited scope expressly stated.

3A. No Professional Substitution

HCAI-CAIA does not provide medical, legal, financial, accounting, insurance, engineering, or other licensed professional advice. Assurance artifacts, opinions, and registry entries issued by HCAI-CAIA are not a substitute for the judgment, advice, or services of qualified and licensed professionals. Users acknowledge that reliance on HCAI-CAIA assurance does not eliminate the need to consult appropriate professionals or to comply with applicable professional, legal, or regulatory requirements.

4. Scope, Limitations, and Expiration of Assurance

All assurance issued by HCAI-CAIA:

· applies only to the specific system, context, and period described;

· is limited to the evidence reviewed;

· expires automatically upon the stated expiration date, scope change, or material system modification.

Assurance is not continuous or permanent. Expired or superseded assurance artifacts have no force or effect.

5. Evidence Submission and Applicant Representations

Applicants represent and warrant that all information, data, records, and evidence submitted to HCAI-CAIA:

· are accurate, complete, and not misleading;

· were lawfully obtained and disclosed;

· do not infringe the rights of third parties.

HCAI-CAIA relies on submitted evidence and has no obligation to detect fraud, investigate concealed facts, or verify information beyond the declared assurance scope. Material misrepresentation or omission renders assurance void ab initio.

6. Technology Neutrality and Non-Endorsement

HCAI-CAIA is technology-neutral. Assurance outcomes reflect the sufficiency and quality of evidence presented, not preference for any vendor, platform, architecture, or methodology. Assurance does not imply endorsement, recommendation, or approval of any technology or provider, including those developed by idōs, LLC or any other entity.

7. Public Assurance Registry

HCAI-CAIA may publish assurance artifacts, summaries, scope statements, and expiration information in a public assurance registry. Registry entries are descriptive and time-limited. Publication:

· does not imply wrongdoing where assurance is limited or denied;

· does not imply endorsement where assurance is granted.

By participating, you consent to such publication where it is integral to assurance transparency.

8. Use of Automation and Human Judgment

HCAI-CAIA may use analytical, computational, or automated tools to assist with evidence intake, organization, comparison, and review. All assurance determinations are made by humans exercising independent professional judgment. No automated system issues assurance or replaces human decision-making.

9. Indemnification

To the fullest extent permitted by applicable law, you agree to indemnify, defend, and hold harmless HCAI-CAIA, its officers, directors, panel members, employees, agents, and affiliates from and against any claims, losses, damages, liabilities, costs, or expenses (including reasonable legal fees) arising from or related to:

· your artificial intelligence systems or their deployment;

· your use or misuse of assurance artifacts;

· your breach of these Terms;

· misrepresentation or omission of evidence;

· claims by third parties affected by your systems.

These obligations survive termination or expiration of assurance.

10. Limitation of Liability

To the maximum extent permitted by applicable law, HCAI-CAIA shall not be liable for indirect, incidental, consequential, special, punitive, or exemplary damages, including loss of profits, loss of data, reputational harm, or regulatory penalties. HCAI-CAIA’s aggregate liability for any claim relating to an assurance engagement shall not exceed the fees paid for that specific engagement.

11. No Agency, Partnership, or Control

Nothing in these Terms creates any partnership, joint venture, agency, or employment relationship. HCAI-CAIA does not control, direct, supervise, or intervene in the design, deployment, or operation of artificial intelligence systems.

12. Relationship to idōs, LLC

HCAI-CAIA is institutionally independent from idōs, LLC. While founders may overlap, execution and assurance are structurally separated. No officer, director, employee, or agent of idōs, LLC may participate in assurance determinations relating to idōs, its affiliates, customers, or partners.

13. Governing Law and Dispute Resolution

These Terms shall be governed by the laws of the jurisdiction in which HCAI-CAIA is incorporated, without regard to conflict-of-law principles. Disputes shall be resolved in competent courts or through other lawful dispute resolution mechanisms in that jurisdiction, unless otherwise required by applicable law.

14. Severability and Survival

If any provision of these Terms is held unenforceable, the remaining provisions shall remain in effect. Sections relating to non-reliance, professional substitution, indemnification, limitation of liability, and governing law survive termination.

15. Amendments

HCAI-CAIA may update these Terms periodically. Updated versions will be posted on the HCAI-CAIA website with a revised date. Continued engagement constitutes acceptance of the updated Terms.

Closing Notice

HCAI-CAIA provides assurance regarding accountability mechanisms, not guarantees of outcomes. Responsibility for artificial intelligence systems remains with those who design, deploy, govern, and rely upon them.

Artificial intelligence systems increasingly influence decisions that affect people’s lives. As these systems operate at scale and adapt over time, questions of responsibility, accountability, and trust become unavoidable. The purpose of HCAI-CAIA is to provide independent assurance that accountability mechanisms existed and operated within defined boundaries. It is equally important to be clear about what assurance can—and cannot—do.

What Assurance Is

Assurance provided by HCAI-CAIA evaluates evidence of accountability. It examines whether human authority was defined, whether oversight mechanisms were in place, whether system behavior was recorded in a human-legible way, and whether declared boundaries of use and change were respected during a specific period of time. Assurance is based on evidence and professional human judgment. It is time-bound, scope-limited, and subject to expiration. It is intended to make accountability visible and examinable, not to replace it.

What Assurance Is Not

Assurance is not a guarantee of outcomes. It does not certify safety, fairness, legality, or correctness. It does not prevent harm, eliminate risk, or ensure future behavior. It does not approve systems, endorse technologies, or authorize deployment. HCAI-CAIA does not regulate, enforce, investigate, or adjudicate. It does not determine liability, assign blame, or resolve disputes. Assurance should not be interpreted as compliance certification, legal advice, or a substitute for governance, law, or oversight.

Where Responsibility Remains

Responsibility for artificial intelligence systems always remains with people and institutions. This includes those who design systems, those who deploy and operate them, those who govern their use, and those who rely on their outputs. HCAI-CAIA does not assume responsibility for the behavior of AI systems. It does not control how systems are designed, trained, deployed, or used. Assurance does not transfer accountability away from system owners, operators, or governing authorities.

Why Assurance Cannot Eliminate Harm

Artificial intelligence systems are non-stationary. They evolve as data, environments, and objectives change. Even systems with well-designed accountability mechanisms can fail, behave unexpectedly, or be misused. Assurance reflects what can be shown to have existed and operated within a defined scope and time. It cannot eliminate uncertainty, prevent misuse, or guarantee that harm will not occur. Assurance is a tool for transparency and accountability, not a promise of perfection.

When AI Systems Fail

When AI systems fail or cause harm, responsibility lies with those who designed, deployed, governed, or relied upon those systems. Existing legal, regulatory, and institutional processes remain the appropriate forums for investigation, remedy, and accountability. HCAI-CAIA does not act as an enforcement body, incident investigator, or advocate. It does not shield any organization from scrutiny, nor does it speak on behalf of affected individuals or institutions. Its role is limited to preserving and evaluating assurance evidence where appropriate.

Why HCAI-CAIA Chooses Restraint

HCAI-CAIA deliberately limits its own authority. It does not seek to govern behavior, dictate outcomes, or accumulate power. This restraint is intentional. Trust in AI cannot be created by concentrating authority in new institutions; it must be grounded in evidence, human judgment, and existing systems of accountability. By clearly defining the limits of assurance and the allocation of responsibility, HCAI-CAIA aims to support human decision-making rather than replace it. Assurance exists to make responsibility visible—not to assume it.

The Human-Centric Artificial Intelligence Council for Artificial Intelligence Assurance (HCAI-CAIA) is committed to promoting inclusive access to its digital services, publications, and public assurance materials. We seek to ensure that our website and content are usable by people with diverse abilities and access needs.

Accessibility Standards and Approach

HCAI-CAIA aims to align its digital content with the Web Content Accessibility Guidelines (WCAG) 2.1, Level AA, developed by the World Wide Web Consortium (W3C), which are widely recognized as an international benchmark for digital accessibility. Accessibility is an ongoing process. While we strive to meet recognized standards, some content may not yet fully conform to all accessibility criteria. We are committed to improving accessibility over time as technologies, standards, and user needs evolve.

Measures to Support Accessibility

To support accessibility, HCAI-CAIA undertakes the following measures:

• Integrating accessibility considerations into the design and maintenance of its website
• Structuring content to support readability, navigation, and assistive technologies
• Using clear and plain language where appropriate
• Reviewing public-facing materials for accessibility prior to publication
• Periodically evaluating accessibility practices and updating them as standards evolve

Scope and Limitations

This accessibility commitment applies to digital content and services that are directly operated or controlled by HCAI-CAIA. We do not control, and cannot guarantee, the accessibility of third-party content, external websites, or materials submitted by assurance applicants or referenced for informational purposes. Where third-party materials are integral to understanding an assurance artifact, we seek to provide reasonable alternative descriptions or summaries when feasible.

Feedback and Access Requests

HCAI-CAIA welcomes feedback regarding the accessibility of its digital content and services. If you encounter barriers to access or require assistance, please contact us. We will make reasonable efforts to respond and to provide information in accessible formats, subject to practical and legal constraints.

Commitment to Continuous Improvement

Accessibility is part of HCAI-CAIA’s broader commitment to human-centered systems and institutional responsibility. We recognize that accessibility is not a static condition and commit to ongoing improvement consistent with our mission, resources, and evolving best practices.

The Human-Centric Artificial Intelligence Council for Artificial Intelligence Assurance (HCAI-CAIA) respects the privacy of individuals and is committed to handling personal data responsibly, transparently, and in accordance with applicable data protection laws. This Privacy Notice explains how HCAI-CAIA collects, uses, discloses, and protects personal data in connection with its operations as an independent public-interest assurance institution.

1. Scope of This Notice

This Privacy Notice applies to personal data processed by HCAI-CAIA in connection with:

• operation of its website and public assurance registry;
• assurance engagements and related communications;
• governance, panel administration, and institutional recordkeeping;
• legal, compliance, and security obligations.

This Notice does not apply to the data practices of assurance applicants, AI system operators, or third parties, which remain subject to their own privacy policies and legal obligations.

2. Role of HCAI-CAIA

HCAI-CAIA acts as an independent data controller only with respect to personal data processed for its own institutional purposes. It does not act as a processor, joint controller, or agent for assurance applicants or third parties, except where explicitly required by law.

3. Categories of Personal Data Processed

Depending on the nature of interaction, HCAI-CAIA may process the following categories of personal data:

• identification and contact information (such as name, title, organization, email address);
• professional or institutional affiliation details;
• assurance-related declarations and attestations made by designated human authorities;
• communications and correspondence;
• technical data associated with website use (such as IP address, browser type, or      access logs);
• records necessary to maintain assurance integrity, auditability, and institutional  memory.

HCAI-CAIA does not intentionally collect sensitive personal data unless strictly necessary for a specific assurance engagement or required by law.

4. Purposes and Legal Bases for Processing

HCAI-CAIA processes personal data only for legitimate and defined purposes, including:

• conducting assurance engagements and issuing assurance artifacts;
• maintaining public assurance records and registries;
• administering governance, panel participation, and conflict-of-interest processes;
• responding to inquiries and communications;
• meeting legal, regulatory, and security obligations.

Where applicable under GDPR and comparable regimes, processing is based on one or more of the following legal grounds:

• performance of a contract or engagement;
• compliance with legal obligations;
• legitimate institutional interests in operating a credible assurance function;
• consent, where required by law.

5. Data Minimization and Retention

HCAI-CAIA applies data minimization principles and collects only personal data that is relevant and necessary for stated purposes.

Personal data is retained only for as long as necessary to:

• support assurance validity and contestability;
• comply with legal or regulatory obligations;
• preserve institutional accountability and audit trails.

Retention periods may vary depending on context and legal requirements.

6. Data Sharing and Disclosure

HCAI-CAIA does not sell personal data.

Personal data may be disclosed only:

• where required by law or lawful request;
• to professional advisers or service providers acting under confidentiality obligations;
• as part of public assurance registry entries, where consent or lawful basis      exists and publication is integral to assurance transparency.

HCAI-CAIA does not control how third parties process personal data outside its own operations.

7. International Data Transfers

Where personal data is transferred across borders, HCAI-CAIA takes reasonable steps to ensure appropriate safeguards consistent with applicable data protection laws, including contractual protections where required.

8. Data Security

HCAI-CAIA implements reasonable administrative, technical, and organizational measures to protect personal data against unauthorized access, disclosure, alteration, or destruction. No system can guarantee absolute security, but data protection is treated as a core institutional responsibility.

9. Individual Rights

Subject to applicable law, individuals may have rights to:

• access their personal data;
• request correction or update of inaccurate data;
• request deletion or restriction of processing, where appropriate;
• object to certain processing activities;
• lodge a complaint with a relevant data protection authority.

Requests will be handled in accordance with legal requirements and institutional obligations.

10. Third-Party Content and Links

HCAI-CAIA’s website and assurance materials may reference or link to third-party content. HCAI-CAIA is not responsible for the privacy practices of third parties and encourages users to review applicable privacy notices.

11. Updates to This Notice

This Privacy Notice may be updated periodically to reflect changes in law, institutional practice, or operational requirements. Updates will be posted on the HCAI-CAIA website with an updated effective date.

Closing Statement

HCAI-CAIA processes personal data only to the extent necessary to support independent assurance, institutional accountability, and public trust. Responsibility for data practices beyond HCAI-CAIA’s operations remains with the respective system owners, operators, and institutions.