In chess, once your hand leaves the piece, the move is final. There are no take-backs in a tournament. That sense of irreversibility is precisely what makes the opening so high-stakes and separates the strategic players from the reactive ones. The strategist does not only think about the move being made. They consider how the position can be recovered if the move exposes an unexpected vulnerability.

In 2022, IBM shut down Watson Health. The division had spent years positioning AI as the backbone of decision-making. Hospital systems, insurers, and clinical research organizations had integrated Watson deeply into their workflows. When IBM dissolved the unit and sold off its assets, these organizations faced a problem that no contract adequately prepared them for. The technology they had built around was no longer available. The data relationships, the institutional knowledge embedded in the system, and the workflows redesigned around the outputs: all of it needed to be unwound under pressure, on a timeline they did not control.

They had built One-Way Gates.

A One-way Gate is an AI deployment so embedded in an organization’s operations that it cannot be reversed without high cost to continuity, valuation, or credibility. The integration made strategic sense at the time. The problem was that no one designed the exit. When IBM made its decision, the organizations downstream had no piece to retract.

The Kill- Switch Protocol is the architectural and legal framework that prevents that positioning from arising. It is not a literal off-switch. It is the governance design that ensures every AI deployment remains a modular, replaceable component rather than a permanent fixture. It turns reversibility from an afterthought into a structural feature of every AI decision you make.

The Sunk Cost Trap: Why Boards are Right to Worry About AI Sprawl

Most organizations approach AI integration the way they approached early cloud adoption: move fast, build deep, and assume the vendor relationship is stable, and address portability later. In AI governance, later tends to arrive in one of three forms.

Gartner has identified AI vendor concentration as one of the top emerging risks for enterprise technology strategy. McKinsey’s research on AI governance consistently finds that organizations that plan for reversibility at the point of deployment report significantly lower disruption costs when vendor or regulatory conditions change. The EU AI Act goes further: its provider obligation framework is explicitly designed to ensure that organizations can switch AI systems without operational collapse.

A regulatory shift renders the current model non-compliant in the jurisdiction where you operate. A change in vendor pricing or terms makes the current model commercially unviable. A technical failure or reputational event associated with the provider renders the current model institutionally untenable. In each case, the organization that planned for reversibility moves cleanly. The one that did not is managing a crisis with constrained options and no governance record to support the decisions it now needs to make quickly.

The concern in most boardrooms is not that AI will fail in a visible, contained way. It is the operational dependency that quietly accumulates, integration by integration, until the cost of leaving a vendor relationship exceeds the cost of staying, even when staying is the wrong strategic choice.

The Three Dimensions of the Kill-Switch Protocol

Reversibility operates across three layers simultaneously: the technical architecture, the operational continuity plan, and the legal framework governing the vendor relationship. A protocol that addresses only one or two of these leaves the others exposed precisely when they are needed.

Technical Reversibility

If the AI system your organization depends on today becomes unavailable tomorrow, could your product continue to function? Not in six months. Tomorrow.

Most organizations cannot answer yes because the AI is built in, not bolted on. The governance requirement is straightforward: every AI deployment must be substitutable. The technical team should be able to replace one model with another without dismantling the surrounding product. That is an architectural standard, and it is a governance decision before it is an engineering one.

THE GOVERNANCE DEMAND

Ask your technical team: if we needed to move to a different provider in 30 days, what would break and how long would it take to fix? If there is no clear answer, the dependency has not been designed for reversibility. That is the gap to close before the next deployment goes live.

---

Operational Reversibility

If the AI system stopped working today, how would the business serve its customers? Who would step in and what would they do?

The Air Canada case established that an AI-driven workflow without a human fallback is a governance gap, not an efficiency gain. If the answer to the question above is “ we would figure it out”, the organization has outsourced a critical business function to a system without retaining the institutional knowledge to run it manually. That is operational risk, and it accumulates quietly until something forces the issue.

THE GOVERNANCE DEMAND

For every AI-driven workflow, there should be a named person who owns what happens when the AI cannot. That person should know what to do, have done it recently enough to it completely, and have the authority to activate the process without waiting for approval. If that person does not exist, the deployment is not complete.

---

Legal Reversibility:

If you decided today to end your relationship with an AI vendor, what would you be legally entitled to take with you, and what would remain theirs?

Most AI vendor contracts are written to protect the provider. Without specific provisions, an organization that terminates a vendor relationship may find that the data it contributed, the customization it funded, and the operational record it built during the relationship sit in a legal grey area at the point of exit. The time to negotiate the right to leave is before the relationship begins, not after the decision to leave has been made.

THE GOVERNANCE DEMAND

Before signing any AI vendor agreement, confirm three things: you retain the right to take your data with you on exit, the vendor is obligated to delete it if you ask, and the contract specifies what happens to any customization or fine-tuning you paid for. If the contract is silent on these points, the exit terms need to be negotiated before signature.

---

Positioning the Kill Switch Protocol: The Translation Guide on how to bring it to the table

Reversibility is not a technical conversation. It is a strategic one. Here is how to bring it to the audience in the language that lands.

For the CEO:

"We are building our AI program with exit velocity in mind. Every deployment is designed to allow us to retract it cleanly if the model, the vendor, or the regulatory environment shifts. This is not a contingency plan. It is what allows us to move faster and deploy more ambitiously, because the downside of any individual move is contained. We are choosing agility over dependency”.

For the CTO:

“The question I want us to answer before any AI system goes live is: if we needed to replace this in 30 days, what would that cost us? If the answer is 'months of work and significant disruption,' that tells me we have built a dependency, not a capability. I want every AI deployment to be substitutable. That is not about distrust of the vendor. It is about retaining control of our own roadmap.”

For the Board

““We have moved our AI strategy from one-way gates to two-way doors. The Kill-Switch Protocol ensures that a vendor failure, a regulatory shift, or a performance issue in one part of our AI programme does not create a systemic operational problem for the firm. We have a continuity plan for every automated workflow, and we have negotiated exit rights in every AI vendor contract. That is how we govern our digital supply chain.”

The Path Forward

The IBM Watson Health dissolution was not a failure of AI technology. It was a failure of governance architecture. The organisations that integrated most deeply without designing for exit paid the highest operational cost when the environment changed. The ones that had maintained reversibility adapted.

The Kill-Switch Protocol does not signal doubt about your AI strategy. It signals that you understand the board well enough to plan for the full range of outcomes, including the ones you do not control. That is the governance standard that regulators, acquirers, and boards are beginning to expect as a baseline, not a differentiator.

Share Decoded by Counsel

Next Issue, we move from reversibility to continuous oversight. Week 08 is Managing the Clock: Trigger-Based Governance. We examine how to define the technical and regulatory thresholds that require a formal re-evaluation of any deployed system, before drift, bias, or a changed regulatory landscape forces one on you.

Master the Board: If you are tired of governance feeling like a defensive hurdle: join the leaders who use it as a strategic edge.

In the last issue, we examined the Air Canada chatbot ruling and the Rogue Gambit: the legal argument that a company can be decoupled from the technology it deploys. The court disagreed. The lesson was that accountability must live in the architecture, not the legal footer. This week, we build the system that makes that accountability visible, traceable, and defensible.

In a professional chess match: every single move is recorded. This practice is called “Notation” and it serves two purposes. It allows players to reconstruct the game for analysis, and it provides an irrefutable record should any dispute arise about how the position was developed. Without Notation, there is no proof of strategy. There is only a memory of result.

Most organizations approach AI Governance the same way, an amateur approaches a casual game. They play the moves, they track the outcome, and they only document things down to recontruct the game, i.e., when a regulator arrives or when an auditor requests documentation or legal dispute surfaces. They build the system: deploy the model: and only when a regulator knocks or an auditor arrives do they scramble to reconstruct the "why" behind their decisions. This is a reactive posture, and in the current regulatory environment, it is an increasingly costly one that leaves the King exposed.

In October 2023, the UK Information Commissioner’s Office issued a preliminary enforcement notice to Snap Inc. over its My AI chatbot. The concern was not that the chatbot had caused a specific harm. It was that Snap had failed to conduct an adequate risk assessment before deploying the system, particularly in relation to the children and young people who made up a significant portion of its user base.

Snap had built the board. It had made the moves. It had not kept the Notation.

The ICO did not need to identify a victim. It needed to establish that Snap could not demonstrate, through documentation, that it had assessed the risks before going live. That absence of evidence was, itself, the finding. Snap subsequently conducted a fuller assessment and the ICO closed the matter. But the episode illustrates something organisations are only beginning to internalise: the record of your governance decisions is not a compliance afterthought. It is the governance.

Evidence by Design is the practice of building your Notation into the development lifecycle itself, so that every meaningful move your AI system makes is recorded at the moment it is made. You are not just building a product. You are building a defensible asset.

From Folders to a Vault: What the Difference Costs You

Most legal and compliance teams think in terms of folders. A folder for the DPIA, a folder for the model contract , a folder for the bias assessment. That approach made sense when system being governened were static.

The problem is structural. AI systems are not static. A model that has passed its fairness evaluation in January may behave differently by June, after it has been fine-tuned, after its training data has been updated, and after the regulatory environment it operates within has shifted. A folder of documents from the launch date tells you a very little about the state of the system at the moment a contested decision was made.

This is the difference between a paper trail and an Audit Vault. A paper trail is assembled. An Audit Vault is built into the process itself, recording each significant move at the moment it is made. The distinction matters not just for regulatory purposes, but commercially. An acquirer conducting due diligence on an AI-enabled business will apply a risk discount to a system they cannot interrogate. A clean, chronological governance record is a valuation argument, not just a compliance artifact.

Strategic leaders build an Audit Vault. This is a live: automated repository of every "move" your AI system makes from conception to decommissioning. It turns compliance from a cost center into a Valuation Guard. When a potential acquirer or an investor performs due diligence on your AI: you don't send them a zip file of outdated documents. You show them a chronological record of integrity.

STRATEGIC WIN

The principle at stake: Reactive documentation is a defence. Prospective documentation is a governance system. One is built under pressure, after the position has already changed. The other is part of how the game is played.

---

The Three Phases of Match Notation

A complete governance record spans the full lifecycle of the AI system. The following three phases map the Notation structure to the natural stages of development, from the first data decision to deployment sign-off and the monitoring that follows.

1. The Opening: Data Lineage and Provenance

The first move in your Notation must establish the origin of the data. The Snap enforcement notice centered on the failure to assess risk before deployment, and the most foundational risk in any AI system is what it was trained on. In a landscape, where training datasets are subject to growing intellectual property and privacy scrutiny, knowing where your inputs came from is a legal requirement, in a number of jurisdictions, not an optional audit step.

This phase documents the legal basis for the training data, the cleansing and filtering process applied, and any use of synthetic generation. It is, in practical terms, a Proof of title for the model itself.

THE RECORD

Data sources and licensing basis. Cleansing and exclusion log. Synthetic data generation parameters. Date-stamped version of data set used at training.

---

2. The Middlegame: Model Versioning and Tuning

AI models do not stay in the same position. They drift, they are fine-tuned, they are updated in response to new data and new requirements. If you cannot identify the precise version of the model that was active at the momemt a contested decision was made, you have no reference point from which to demonstrate governance. The board has changed, and you cannot show what it looked like when the move was played.

This phase captures automated snapshots of model weights, system prompts, and configuration parameters at each significant change. It is the Notation that tells you, at any point in time, the exact state of the board.

THE RECORD

Model version and weights snapshot · System prompt log · Hyperparameter configuration · Date and trigger of each change · Performance benchmarks at each version

---

3. The Endgame: The Decision Log

The most important link in the governance chain is the one between the model and the human. Who reviewed the red team results? Who signed off on deployment? Who holds ongoing accountability for monitoring outputs in production? These are the questions a regulator will ask. The Air Canada tribunal asked a version of the same question and found no satisfactory answer. The Decision Log is where the answers live, recorded at the moment the decision was made, not reconstructed after the fact.

This phase records the digital sign-off of the named owners established in Week 04: the Strategic, Operational, and Trust Grandmasters. It creates a chain of custody that gives the duty of care principle practical, documented form.

THE RECORD:

Named sign-off at each governance gate · Red team and evaluation review log · Deployment approval with date and scope · Ongoing monitoring owner and review schedule.

---

Translation Guide: How to Bring This to the Table

To move the organization toward Evidence by Design, you must reframe the notation system as a strategic advantage rather than a compliance hurdle.

For the CEO: The Exit Multiplier

“We are moving from a 'trust me' culture to a 'trust the record' architecture. By building an Audit Vault now: we are ensuring that our AI infrastructure is a clean: sellable: and defensible asset. This move eliminates the risk of a deal-killing discovery process during our next funding round or acquisition. We are building institutional certainty into the asset itself.”

For the CTO: The Technical Debt Firewall

“Evidence by Design is the ultimate form of 'Unit Testing' for governance. By automating our notation: we ensure that our developers do not have to spend weeks of their time reconstructing model histories or manual logs for auditors. We are hard-coding our compliance into the CI/CD pipeline: which allows the team to focus on shipping high-velocity features while our systems record their own integrity. This is how we prevent 'governance debt' from slowing down our engineering roadmap.”

For the Board: The Fiduciary Shield

“We have moved our corporate liability from ‘Unknown’ to ‘Documented.’ The Audit Vault provides the board with a real-time: verifiable view of our due diligence. If a model ever fails or is challenged by a regulator: we will not be arguing from a place of ignorance. We will have the ‘Notation’ to prove we met our duty of care at every square on the board.”

The Path Forward

The Governing Principle

“In chess, the player who keeps the best records makes the best future moves. They learn from their blunders and protect their wins. In AI governance, the organisation that masters Notation is the one that stays on the board the longest.”

---

The Snap case is instructive for the same reason the Air Canada case was. Neither turned on a catastrophic system failure. Both turned on a governance gap: something that should have been documented, assessed, or structured, and was not. The exposure in each case was not primarily technical. It was institutional.

Share Decoded by Counsel

Master the Board: If you are tired of governance feeling like a defensive hurdle: join the leaders who use it as a strategic edge.

Next Week: We move to Week 07: VaultGemma and the Memorisation Risk. When a model retains fragments of its training data, the liability is not hypothetical. The chess move: The Exposed King.

Previously, we moved from committees to grandmasters, establishing layered accountability: the idea that "everyone is responsible" is really just a polite way of saying no one is. We named the pieces. We put them on the board. This week, we look at what the absence of that structure can cost in practice.

In chess, a Blunder is not a reckless gamble. It is a move that looks entirely normal, standard even, right up until the moment your opponent responds and you realize you have walked into a position with no way back. The piece is gone. The position collapses. The clock runs out.

Blunder is a move that appears standard on the surface but fundamentally miscalculates the board state, leading to a swift and unavoidable loss. For Air Canada, the blunder was not just a technical error in a chatbot. It was a strategic legal argument that attempted to decouple the company from the technology it deployed.

In 2022, a passenger used Air Canada’s website chatbot to inquire about bereavement fares. The chatbot produced an inaccurate response, generating a retroactive refund policy that did not exist in the airline’s actual written terms. When the airline declined the refund, the resulting dispute reached the Civil Resolution Tribunal of British Columbia.

The airline’s defense rested on what we might call a Rogue Gambit: the argument that the chatbot was a separate legal entity, responsible for its own outputs. The court’s response was a decisive checkmate.

That single strategic decision turned a modest customer service dispute (a refund worth a few hundred dollars) into a landmark legal ruling now cited in AI governance frameworks around the world.

The Board State: How the Piece Was Lost

In late 2022, a passenger named Jake Moffatt used Air Canada’s website chatbot to ask about bereavement fares ahead of booking travel for a family bereavement. The chatbot responded with details of a retroactive discount policy, including a live hyperlink to the airline’s Bereavement Fares Policy page.

That link was the crux of the case. The page it pointed to directly contradicted the chatbot’s response. The policy page stated clearly: “Please be aware that our Bereavement policy does not allow refunds for travel that has already happened.” The chatbot had told the passenger the opposite.

Moffatt booked full-fare tickets relying on the chatbot’s response, then submitted a refund request under the policy it had described. Air Canada declined, and the dispute went to the Civil Resolution Tribunal of British Columbia.

In its defense, Air Canada argued that because the chatbot’s response included a live link to the actual policy page, the passenger had a reasonable opportunity to verify the information before acting on it. The court did not accept that position. It found that Air Canada had not explained why a passenger should be expected to distrust information provided directly by the airline’s own chatbot on its own website.

The Court's Position:

“Air Canada cannot absolve itself of responsibility for the information its chatbot provided... It is no different from a low-level employee providing incorrect information.”

- Civil Resolution Tribunal, British Columbia · Moffatt v. Air Canada, 2024

The ruling was not about AI specifically. It was about the reasonable expectations of a customer engaging in good faith with a company's own interface. The amount awarded was modest. The precedent was not.

The Anatomy of the Blunder: The Agency Trap

Air Canada’s defense was to argue that the chatbot was a “separate legal entity” responsible for its own statements. The position was that a legal distinction existed between the corporation and the automated system it had deployed under its own brand, on its own platform, to serve its own customers.

The tribunal did not accept that distinction. It ruled that Air Canada was responsible for all information on its website, regardless of whether it came from a static PDF, a terms-and-conditions page, or a dynamic AI system. The delivery mechanism does not change the legal obligation to be accurate.

This case provides a critical lesson for any board: Model performance is not the same as corporate compliance. When an AI agent speaks to a customer, it is not a software experiment; it is a brand representative.

The Governance Failure: Air Canada failed to recognize the principle of Agency. In the eyes of the law, an automated system is an extension of the firm. By attempting to distance themselves from the machine’s “mistake,” the airline did not just lose a refund claim: they lost positioning power. They effectively told the market they lacked control over their own digital infrastructure.

The Legal Precedent: The tribunal ruled that a corporation has a duty of care to ensure that all information on its platform is accurate, regardless of whether it is delivered via a static PDF or a dynamic LLM. Hallucinations are a technical reality, but they are not a legal defense. If your AI “lies,” your company is the one telling the lie.

The Hard Truth: This creates a new baseline for corporate liability. You cannot outsource your "duty of care" to an algorithm. If a piece you put on the board causes damage, you are the one who pays the penalty.

---

No disclaimer, no terms-of-service footnote, and no "AI-generated responses may not be accurate" caveat is sufficient to address that. By the time a customer is relying on an AI tool to make a real decision (booking bereavement flights, understanding a medical benefit, interpreting a financial obligation), they are engaging with the organization's interface in good faith. That trust carries legal weight.

Why the Separate Entity Argument Does Not Hold

In Week 04, we introduced the concept of Piece Coordination: the governance principle that accountability requires named owners rather than distributed responsibility. Where internal ownership is unclear, the law will assign it externally. The tribunal did not need to find a named AI owner inside Air Canada. It simply held the organization responsible, as the party that deployed the system.

When a governance gap exists at the point of deployment, it tends to surface at the point of dispute. With no internal accountability structure to reference, the legal argument available was limited to distancing the company from its own technology. That argument, as this case illustrates, does not succeed.

The broader lesson is not specific to Air Canada. Any organization deploying customer-facing AI without a defined accountability framework faces the same structural exposure, regardless of the underlying technology's quality.

Three Corrective Moves: Grounding the Piece

The governance gaps in this case were addressable at the architecture level. Each of the following moves, had they been in place, would have either prevented the inaccurate output or established a documented governance position that strengthened the organization's legal standing.

To avoid the "Air Canada Gambit," organizations must shift from viewing AI as an independent "black box" to treating it as a governed representative. This requires moving beyond raw generative power toward structured reliability.

1. Retrieval-Augmented Generation (RAG)

A model that “knows everything” actually knows nothing about your specific corporate policy unless it is tethered. A generative model without grounding does not draw from your policy documents. It generates responses based on patterns in its training data, which may produce outputs that sound authoritative but do not reflect your actual position. A retrieval-grounded model, by contrast, can only surface what exists in your verified document library.

THE MOVE: Implement RAG architectures that direct your AI to pull answers from a controlled, version-managed policy corpus. If the answer isn't in the vetted files, the bot must be programmed to decline the query and escalate to a human. This ensures the piece stays on the "vetted squares" of the board. A structured "I don't know" is a governed, defensible response.

---

2. Confidence Thresholds as Pre-Move Checks

In this case, there was no mechanism to review a low-confidence response before it reached a customer. A confidence threshold control would have intercepted the output at the point of generation, before it could form the basis of a customer decision. Air Canada’s error was a failure of control at scale. There was no safety net to catch the hallucination before it became a financial commitment.

THE MOVE: Build Confidence Thresholds into every customer-facing AI system. If the model's confidence in a policy-related query falls below a defined threshold, the response routes to a human reviewer rather than being delivered directly. This is your pre-move review. A structured pause before the position is committed. An example would be if the model is less than 95% certain about a policy-related response, the move is blocked. This prevents the blunder before it is ever made on the board.

---

3. Explicit Source Notation and UX as Governance

The tribunal noted that customers cannot reasonably be expected to distinguish between official policy content and AI-generated output on a website. The court noted that consumers cannot be expected to know which part of a website is "correct.” Linking responses directly to source documents removes that ambiguity, for the customer and for the organization.

THE MOVE: Require every AI response that references policy, pricing, or entitlements to cite its source with a direct link to the official document. Furthermore, the user interface must reflect the "Trust Perimeter." If the AI is providing a summary, the official text should be one click away. This creates a Notation trail that protects both the customer and the firm. This creates a Notation trail that is useful to the customer and defensible for the firm. It is also the foundation of what we build in Week 06: the Audit Vault.

---

The Translation Guide: Positioning the Reliability Risk

When the board asks if your AI is “going rogue,” your response must focus on Governance as Strategy. You aren’t just reporting a risk; you are re-centering the board.

The Air Canada case is instructive not because it involves wrongdoing, but because it illustrates how quickly a governance gap becomes a legal and reputational exposure. The technical issue was a known limitation of generative AI systems. The legal exposure arose from the absence of a governance structure to address that limitation in advance.

Every AI system your organization deploys communicates on its own behalf. The programme we are building through this series (the named owners, the source vaults, the confidence thresholds, the notation trails) is the infrastructure that ensures those communications are accurate, traceable, and defensible.

The Path Forward

The Air Canada blunder confirms that on the AI board, Accountability is the product. Governance is the system that ensures your “representation” remains a strategic asset rather than a liability.

Today, we analyzed The Blunder and the legal reality of Agency.

Master the Board: If you are tired of governance feeling like a defensive hurdle, join the leaders who use it as a strategic edge.

Next Issue: We move to Pillar 3: Evidence by Design. The AI Notation System. I will share the “Audit Vault” framework: how to turn your compliance paperwork into a defensible asset that proves your due diligence to any regulator or investor.

In corporate AI, we often see the opposite. When a model drifts, when an LLM hallucination costs a customer relationship, or when a vendor’s security posture collapses, the most common response is a finger-pointing exercise between Legal, Security, and Product.

The most dangerous phrase in AI governance is “everyone is responsible.” In reality, when everyone is responsible, no one is accountable. This is how you lose control of the center.

To build a board-ready program, you must move from Consensus-Based Committees to Layered Accountability. You need to name your Grandmasters.

The Accountability Vacuum: Why Committees Fail

Most organizations attempt to solve the “AI problem” by forming a committee. While cross-functional input is vital, committees are designed for discussion, not for signing off on risk. When a board asks, “Who approved the risk profile for our customer-facing chatbot?” they aren’t looking for a list of fourteen people who attended a meeting. They are looking for the owner of the move.

Without named accountability, your AI program suffers from Institutional Inertia. Decisions take longer because no one wants to be the one left holding the liability if a “Rogue Gambit” fails. To fix this, we have to hard-code ownership into the lifecycle.

The Framework: The AI Accountability Matrix

Think of your AI program in three distinct layers. Each layer requires a different type of “Grandmaster” with a specific mandate.

1. The Strategic Owner (The Player)

• Who: Usually the CPO, CTO, or a dedicated Head of AI.

• The Mandate: This person owns the Strategic Allowlist. They decide which squares the company will occupy and which it will concede. They are responsible for the ROI of the AI program and ensuring it aligns with the brand’s identity.

• The Board Question: “Does this AI use case reinforce our market position or just add noise and risk?”

2. The Operational Owner (The Piece Lead)

• Who: Product Managers or Engineering Leads for specific use cases.

• The Mandate: This person owns the Lifecycle of the Piece. They are responsible for model selection, performance monitoring, and “Notation” (documentation). If the model starts to hallucinate or drift, they are “on the clock” to trigger a fix or a pause.

• The Board Question: “How is this specific tool performing against our pre-defined accuracy and safety thresholds today?”

3. The Risk/Trust Owner (The Referee)

• Who: Privacy Counsel, CISO, or AI Ethics Lead.

• The Mandate: This person owns the Rules of the Game. They do not decide what to build; they define how it must be built to stay on the board. They provide the “Notation” templates (DPIAs, Bias Audits) and have the power to flag a move that violates the “Non-Negotiables.”

• The Board Question: “Have we met our legal and ethical obligations for this deployment, and can we prove it to a regulator?”

The Move: Hard-Coding Sign-Offs

Accountability isn’t real until it’s documented. In your Notation (governance platform or register), every AI use case should require three digital signatures before it moves from “Pilot” to “Production.”

1. Strategic Sign-off: “I confirm this use case is on our Strategic Allowlist and provides business value.”

2. Operational Sign-off: “I confirm this model has been tested for drift and performance and I own its ongoing monitoring.”

3. Trust Sign-off: “I confirm this deployment meets our Privacy-by-Design and Regulatory standards.”

By requiring these three “Grandmasters” to sign, you eliminate the “I thought they were checking that” excuse. You create Clarity of Action.

The Translation Guide: Positioning Accountability

Naming owners can feel like “blame-shifting” if not positioned correctly. Here is how to frame it as a strategic advantage.

For the CEO: The Execution Move

“We are moving from a ‘Committee of many’ to ‘Accountability by design.’ By naming clear owners for every AI move, we are stripping away the bureaucracy that slows down innovation. We are giving our leaders the authority to move fast because they have the framework to manage the risk.”

For the Board: The Oversight Move

“You no longer have to wonder who is watching the pieces. Our Accountability Matrix ensures that for every AI system in production, there is a named individual responsible for its performance, its security, and its compliance. This is how we provide you with certainty, not just updates.“

For the Product Teams: The Empowerment Move

“This isn’t about being ‘blamed’ if something goes wrong. It’s about being empowered to lead. When you are the named owner, you have a clear mandate and a clear set of resources. Governance isn’t looking over your shoulder; it’s providing you with the ‘Notation’ to prove your success.”

---

The Path Forward

Speed is a byproduct of coordination. When every “Grandmaster” knows their role, the organization can move with a fluidity that reactive companies can never achieve. You stop playing “Defensive Pawn” and start playing “Strategic Master.”

Today, we broke down Layered Accountability and named the owners of the board.

Join the Strategy: If you want to move from defensive compliance to positioning power, subscribe to Decoded by Counsel. Every week, I share one board-ready frame to help you dominate the AI center.

If you are tired of governance feeling like a defensive hurdle, join the leaders who use it as a strategic edge. Subscribe to DecodedbyCounsel for a deep dive into the frameworks, case studies, and “Translation Guides” that turn AI risk into market-leading trust.

Next Issue: We dive into our next Case Study: Air Canada & The Hallucinating Chatbot. We will analyze what happens when accountability is missing from the product roadmap—and why the court doesn’t care if your “AI made a mistake.”

In early 2023, Samsung engineers inadvertently leaked sensitive source code and internal meeting notes by uploading them into ChatGPT to fix bugs and create summaries. This was not a failure of engineering talent; it was a failure of The Scope.

When we talk about Controlling the Center, we are not just talking about the AI tools your company builds. We are talking about the AI tools your employees use. This is the Rogue Gambit of Shadow AI, and if you have not mapped it, your strategy is already exposed.

The Anatomy of the Blunder: The Efficiency Gap

The Samsung incident is the ultimate case study in why a Policy on Paper is a weak defense. Most organizations have a generic Data Privacy Policy. Samsung certainly did. But a policy is just a manual; it is not the game itself.

The Governance Failure

The company had not yet defined its Strategic Allowlist. Employees were operating in a vacuum. Driven by the need for speed, they moved their pieces into Dead Zones—public, unencrypted LLMs—because the organization had not provided a Safe Square (a secure, enterprise-grade sandbox).

This highlights the Efficiency Gap: the distance between the speed at which employees want to work and the speed at which corporate governance allows them to work. When that gap is too wide, employees will jump the fence, often taking the company’s Intellectual Property with them.

The Result: IP Dilution

Once that code was prompted into a public model, it was no longer under Samsung’s control. It became part of the model’s history and, potentially, its future training data. In chess terms: they moved their most powerful piece into a square where it could be captured by anyone.

The Hard Truth: Once your proprietary code is used to train a public model, you have essentially subsidized the R&D of every competitor who uses that same model. You are paying for the innovation that your rival will eventually use against you.

The Leaked Strategy: Preventing the Rogue Gambit

To prevent your own “Samsung Moment,” you must move from reactive warnings to proactive architecture. Here is how to regain control of the board:

1. The Shadow AI Audit: The Scouting Move

You cannot govern what you cannot see. Most CISOs are shocked to find that their employees are using dozens of unauthorized AI tools to summarize meetings, write emails, and debug code.

• The Action: Perform a technical sweep of DNS logs to identify which AI domains are receiving traffic from your internal network.

• The Goal: Map the “Current Board State.” Identify the high-risk clusters where sensitive data is most likely being processed.

2. Deploy the “Safe Square”: The Sandbox Strategy

The reason employees use public AI is rarely malicious; it is about efficiency. If you tell them “No” without providing an alternative, they will find a way around you.

• The Action: Fast-track the deployment of an enterprise-grade, Zero-Retention AI environment (e.g., Azure OpenAI or AWS Bedrock).

• The UX Factor: If your secure sandbox is harder to use than public ChatGPT, the Shadow AI problem will persist. UX is a governance requirement.

• The Goal: Give them the power of the LLM without the risk of exfiltration. By providing a “Safe Square,” you turn a shadow risk into a governed asset.

3. Hard-Code the Notation: Technical Guardrails

Update your Acceptable Use Policy to be technology-specific. Clearly define that internal code and PII are Off-Board for any tool that has not been through the Procurement and Privacy Vetting process.

• The Action: Implement Data Loss Prevention (DLP) triggers and browser extensions that block or alert on the “Copy-Paste” of sensitive code patterns into known public AI URLs. This is the technical enforcement of your strategic Notation.

The Translation Guide: Positioning the Risk

When the board asks, “Could what happened at Samsung happen to us?” your answer determines your Positioning Power. You aren’t just giving an update; you are re-centering the board.

For the CEO: The Valuation Guard

“We are treating this as an Asset Protection move. Every time an employee prompts a public model with our data, they are effectively transferring our R&D budget to a competitor’s training set. By establishing a secure, private perimeter, we ensure our innovation remains an exclusive asset that accrues value to our balance sheet, not the open market.”

For the CTO: The Architectural Integrity Move

“This isn’t about restriction; it’s about cleaning the foundation. Shadow AI creates a ‘poisoned well’—code and logic we can neither audit nor legally defend. By auditing our current traffic and providing a high-performance sandbox, we are eliminating a massive source of technical and legal debt before it becomes baked into our core infrastructure.”

For the Board: The Strategic Control Move

“We have moved from a state of Exposed Defense to Central Control. We have identified the specific squares where our IP was leaking into the public domain. Our transition to a vetted, secure environment means we are no longer vulnerable to a ‘Rogue Gambit.’ We have reclaimed the center, ensuring our AI strategy is driven by design, not by accident.”

---

The Path Forward

The Samsung leak proves that speed without a defined scope is just a faster way to lose. Governance is the system that ensures your Speed does not turn into Surrender.

Today, we analyzed The Leaked Strategy and the danger of an Exposed King.

Join the Strategy: If you want to move from defensive compliance to positioning power, subscribe to Decoded by Counsel. Every week, I share one board-ready frame to help you dominate the AI center.

Subscribe now

Next Week: We move to Pillar 2: Who is formally accountable at each layer? I will share the AI Accountability Matrix. This is the definitive guide to naming the Grandmasters who own your AI decisions so the board never has to ask “who is responsible for this?” again.

In chess, the most dangerous part of the game is The Opening. If you do not decide which squares matter, the chaos of the board will decide for you.

Last week, we established The Anchor, the five-point spine of a resilient AI program. Today, we go deep into the first and most critical pillar: The Scope.

Most boards are currently paralyzed by the “AI is everywhere” narrative. They hear about productivity gains in Marketing, code assistants in Engineering, and shadow AI in HR. Without a defined scope, the board sees a blurred map where every move is a potential liability.

To take the center, you must move from a vague inventory to a Strategic Allowlist. You are defining your territory: where you will plant your flag and where you will intentionally retreat to avoid a trap.

1. Defining the Square: What are we actually governing?

The word “AI” is too broad for a boardroom. To provide clarity, you must categorize your scope by the nature of the move. This allows you to apply different Notation (documentation) to different risks.

Predictive AI: The Steady Pieces. These models are the workhorses of the enterprise, used for credit scoring, churn prediction, or dynamic pricing. The primary risk here is Bias and Fairness. Because these models often make “life-altering” decisions for customers, the governance focus is on the data inputs and the mathematical integrity of the output.

Generative AI: The Volatile Pieces. These are your Large Language Models (LLMs) and image generators. The primary risks here are Intellectual Property exfiltration, Hallucinations, and Data Leakage. This is the domain where the Samsung and VaultGemma vulnerabilities live. The governance here is less about math and more about the “Trust Perimeter” around the prompt and the response.

Agentic AI: The Independent Pieces. These are AI agents that can execute transactions, send emails, or navigate software autonomously. The primary risks here are Liability and Autonomy. When the AI moves from "suggesting" to "doing," your governance must expand to include system-level overrides and financial guardrails.

2. The Strategic Allowlist: The Prophylactic Move

A strategic leader does not just list what the company is doing. They define what the company will not do. This is the Prophylactic Move, a move that prevents an opponent’s strategy before it even develops. By presenting a Strategic Allowlist, you are telling the board that you are focusing elite resources on specific squares because they have a clear path to trust.

The Allowlist (The Center): These are your vetted, high-conviction use cases. Examples include an internal research bot trained exclusively on verified company manuals or a secure coding assistant deployed within a private cloud. These are projects where the “ROI of Trust” is highest.

The Denylist (The Dead Zones): These moves are strictly prohibited. An example is using publicly available, unencrypted LLMs to process sensitive client source code or PII. By explicitly naming these “Dead Zones,” you provide the organization with the psychological safety to innovate within the Allowlist.

3. Risk Tiering: The Value of the Pieces

In chess, a Queen is not a Pawn. In governance, a resume-screening AI is not a meeting-summary bot. You must tier your scope so the board knows where the high-stakes moves are happening.

Tier 1: Unacceptable Risk. These moves are off the board entirely. This includes things like real-time biometric surveillance in public spaces or AI designed for social scoring. Identifying these early prevents the company from wasting R&D budget on “dead ends.”

Tier 2: High Risk. These require full Notation, including Data Protection Impact Assessments (DPIAs), model cards, and human-in-the-loop sign-off. This includes any AI affecting hiring, lending, healthcare, or legal rights. This is where you apply the most rigorous “Legal and Ethical” standards.

Tier 3: Limited or Minimal Risk. These require basic transparency and security hygiene. This includes spam filters, internal scheduling tools, and sentiment analysis for internal employee surveys. These move faster because the stakes are lower.

4. The Translation Guide: Positioning the Scope

One of the greatest hurdles for a Privacy Counsel is the language gap. To bridge this, you must translate the concept of Scope into the specific currency of your audience.

For the CEO Frame the scope as a Defensive Exchange. Explain that you are not limiting growth but concentrating force. By focusing on a Strategic Allowlist, you ensure that 100 percent of the AI budget is spent on defensible, scalable assets that will not be shut down by regulators or reputational crises in twelve months. You are buying the company “Strategic Certainty.”

For the CTO Frame the scope as Technical Debt Prevention. This is the company's architectural blueprint. By tiering risks now, the engineering team avoids the refactoring nightmare of building a product on a data foundation that the company cannot legally defend later. You are building for durability, not just deployment.

For the Board Frame, the scope is Territory Control. Provide them with a clear view that you have mapped every AI square. You know exactly where the data is, who owns the decision, and where you have placed a firewall to protect the core brand equity of the firm. This is how you turn “AI Anxiety” into “AI Oversight.”

The Path Forward

Governance as Strategy is not about adding friction. It is about adding clarity. When you answer these five questions, you stop being a leader who manages a “legal requirement” and start being a strategist who manages certainty.

In this series, I am diving deep into each of these pillars. My focus is on providing specific frameworks, “Translation Guides” between legal and product, and case studies to show you how to dominate the center of the board. Today, we established The Anchor and broke down The Scope.

Join the Strategy: If you want to move from defensive compliance to positioning power, subscribe to Decoded by Counsel. Every Tuesday, I share one board-ready frame to help you dominate the AI center.

Next Tuesday: We move to our first deep-dive Case Study. We will analyze The Samsung Leak: When the Center Doesn’t Hold. I will break down the “Leaked Strategy” and provide a framework for preventing IP exfiltration through “Shadow AI” before it costs you the game.

Your company doesn’t just need an AI roadmap. It needs an AI governance program that can withstand a regulator’s audit, a vendor’s security incident, and an investor’s scrutiny-all without stalling innovation.

In the current land-grab for AI market share, speed is the primary metric. But as someone who has navigated the intersection of global privacy law and technical product roadmaps for years, I have seen a recurring pattern: Speed falls apart without trust.

Most leadership teams treat governance as the paperwork that follows strategy. In reality, in the age of AI, Governance is the Strategy. The leaders who win the next decade won’t just be the ones with the best models; they will be the ones who use governance to define the terms of trust before the market or a regulator defines it for them.

The Shift: From Defense to Design-Controlling the Center

If your governance conversations feel reactive, defensive, or disconnected from the product, you are operating without a strategic frame. Compliance tells you how not to break the rules.

It moves you from a “Cost Center” mentality to a Positioning Power.

This move is best understood through the lens of chess. In chess, the game is won by controlling the center. If you surrender the center, you are forced to play reactively, defending the edges while your opponent dictates the pace.

Governance is the center of the AI board. Most companies treat it like a peripheral pawn move, a late-game defensive necessity. But when you hard-code integrity into the lifecycle, you occupy the central squares. You gain the mobility to pivot, the stability to scale, and the strategic depth to anticipate regulatory moves before they happen. You stop reacting to the rules and start commanding the space where innovation happens.

To take the center, you don't start with a 50-page policy. You start with five uncomfortable, high-stakes questions that define your operating model before the technology defines it for you.

I call this the Board-Ready AI Program Spine. If you can answer these five questions, you aren't just playing the game; you’re defining the board.

1. Where is AI allowed to live? (The Scope Question)

In chess, you don’t move every piece at once. You develop with purpose. Instead of the vague “we’re experimenting everywhere,” a strategic governance program forces a first cut. You are defining the boundaries of your “territory.”

• The Move: Create a “Strategic Allowlist.” Clearly delineate which functions are In (e.g., productivity copilots, customer support triage) and which are Out for now (e.g., high-stakes automated hiring).

• The Board-Ready Frame: “Can we show the board a single view of where AI is in use today, and which central squares we are intentionally leaving open to protect our core brand equity?”

2. Who is formally accountable at each layer? (The Ownership Question)

A board with no coordination is just a collection of wood. The most dangerous phrase in AI is “everyone is responsible.” In a well-played game, every piece has a specific role in the overarching strategy.

• The Move: Move from “Committees” to Layered Accountability. Who owns model selection? Who owns risk acceptance for a specific use case? Who owns the incident response when the LLM generates a hallucinated customer promise?

• The Board-Ready Frame: “For our top three AI use cases, can we name on one slide the ‘Grandmasters’ who own the Design, the Go/No-Go decision, and the Risk Sign-off?”

3. What evidence will we keep by design? (The Defensibility Question)

Think of evidence as your Notation. In tournament chess, you must record every move. If a dispute arises, the record is the only truth. In the event of an inquiry from the EU AI Office or a major B2B client-“we have a policy” is not a defense.

• The Move: Shift from “Policy on Paper” to Evidence by Design. Build automated trails of model cards, DPIAs, and red-teaming results into the dev cycle.

• The Board-Ready Frame: “If an auditor asked us to replay our moves tomorrow, do we have the recorded notation to prove our due diligence was intentional, not accidental?”

4. How do we keep control at scale? (The Operating Rhythm)

The board state changes with every move. Governance is not a one-time gate; it’s the Clock. As models drift and regulations like the EU AI Act evolve, your “static” approval becomes an obsolete move.

• The Move: Establish Trigger-Based Governance. Define specific thresholds, performance drops, changes in data sources, or new regulatory guidance that force a mandatory re-evaluation of an AI system.

• The Board-Ready Frame: “What are the triggers that force us to pause the clock and re-evaluate our position before we lose the advantage?”

5. What will we never outsource? (The Identity Question)

Every great player has a signature style- an “Endgame” they strive for. In a world of commoditized AI, your ethical boundaries are your signature. This is your Competitive Moat.

• The Move: Define your Non-Negotiables. Which decisions must remain human-led, regardless of the ROI of automation? You decide where you draw the line, not because the law requires it, but because it is how you win the long game.

• The Board-Ready Frame: “Where do we draw the line on automation to ensure we remain the most ‘trusted’ player on the board?”

The Path Forward

In chess, the most brilliant attacks are built on a rock-solid center. Governance as Strategy is no different. It is not about adding friction; it is about adding clarity. When you answer these five questions, you stop being a leader who manages a “legal requirement” and start being a strategist who manages certainty.

In this series, Decoded by Counsel, I’ll be diving deep into each of these pillars. My focus is on providing the specific frameworks, the “Translation Guides” between legal and product, and the case studies, from VaultGemma to the latest GPAI Codes, to show you how to dominate the center of the board.

Today, we established The Anchor: the five-point spine that holds your program together.

Next Tuesday: We move from theory to the “Board Pack.” I will break down The Anatomy of the Board-Ready Governance Frame. I’ll provide a practical walkthrough and template for The Scope: defining exactly where AI is allowed to live, how to tier your risks, and how to present a “Strategic Allowlist” that gives your board absolute confidence in your territory.