Standards Body · Institutional-design proposal, public edition · Released July 17, 2026
Canonical record: https://standardsbody.ai/library/institutional-design/transparency-framework/
Standards Body is an independent research and institutional-design project. It is not currently a regulator, accreditation body, certification body, or governmental authority. This document is research; it is not an adopted standard.
Project: Standards Body
Primary domain: standardsbody.ai
Core line: Foundations for Frontier AI
Document type: Canonical transparency, disclosure, confidentiality, public-record, correction, access, and accountability framework
Version: 1.0
Status: Approved foundational source
Document owner: Standards Body
Present institutional stage: Foundational research and institutional design
Applies to: Governance, research, standards development, evaluations, protocols, independent review, evaluator ecosystems, partnerships, funding, conflicts, incidents, registries, public communications, corrections, appeals, complaints, security, controlled evidence, institutional transitions, and future assurance activities
Related canonical sources: PROJECT_IDENTITY.md, PROJECT_MANIFESTO.md, INSTITUTION_DESIGN.md, GOVERNANCE_FRAMEWORK.md, STANDARDS_DEVELOPMENT_PROCESS.md, FOUNDATIONS.md, FOUNDATIONS_APPENDIX.md, TERMINOLOGY.md, EVIDENCE_STANDARDS.md, RESEARCH_METHODOLOGY.md, TAXONOMY.md, EVALUATION_PHILOSOPHY.md, and the eight foundation papers
Research basis reviewed through: July 16, 2026
Review cycle: Annual review, with event-triggered revision after a material change in legal status, institutional authority, information-security posture, public-reporting commitments, evaluation practices, incident experience, privacy obligations, standards processes, or international transparency expectations
This document defines the transparency practices Standards Body should apply to its own work and the disclosure architecture it proposes for a possible future institution.
It does not create:
Standards Body is not presently a government agency, regulator, accreditation body, certification body, statutory standards authority, or international organization.
Nothing in this framework authorizes Standards Body to disclose information it does not lawfully control.
Nothing in this framework overrides:
Transparency commitments should be interpreted together with proportional confidentiality, security, privacy, due process, and evidence integrity.
This document establishes the complete transparency framework for Standards Body.
It defines:
The framework is designed for frontier AI, where transparency serves several different functions.
It can support:
Transparency can also cause harm.
Improper disclosure can:
The governing position is:
Standards Body should disclose enough information for others to understand, scrutinize, challenge, and correctly interpret its work, while protecting information whose disclosure would create material harm, violate rights, or undermine the integrity of the evidence.
Transparency is often treated as the opposite of secrecy.
That framing is too simple.
A credible frontier AI institution must distinguish among:
The central transparency question is not:
Should this institution be transparent?
The better questions are:
NIST describes accountability and transparency as related characteristics of trustworthy AI and notes that documentation can improve transparency, human review, and accountability.[^nist-rmf][^nist-core]
Transparency does not itself establish:
A weak process can be fully visible.
A harmful system can be well documented.
A false claim can be transparently repeated.
Transparency is valuable when it permits informed understanding, challenge, correction, and accountable action.
Standards Body should adopt a presumption that institutional information is public unless a specific, documented reason justifies protection.
The public baseline should include:
The framework uses five information classes.
Information available without special authorization.
Information available to defined participants, implementers, or reviewers under basic conditions.
Information available only to authorized persons with a documented need and confidentiality duty.
Sensitive information requiring enhanced access controls, logging, security review, and limited distribution.
Information whose unauthorized disclosure could create severe harm, compromise critical evaluation or security infrastructure, or violate exceptional legal duties.
Classification should not be permanent by default.
Each protected record should identify:
A frontier AI institution should provide several layers of transparency.
Who the institution is, what authority it has, how it is governed, and who funds it.
How research, standards, evaluations, reviews, and decisions are conducted.
What methods, protocols, assumptions, and scoring rules are used.
What evidence supports a claim, at which level, with which uncertainty and provenance.
What was found, decided, corrected, withdrawn, or left unresolved.
How standards and evaluations affect organizations, people, markets, rights, security, and public institutions.
Whether a document, result, certificate, protocol, or claim is draft, current, conditional, expired, superseded, suspended, withdrawn, or retired.
Different functions require different disclosure.
A standards process should disclose:
A high-stakes evaluation should disclose:
The exact held-out tasks may remain protected.
A governance decision should disclose:
A funding disclosure should identify:
The OECD's Hiroshima AI Process Reporting Framework provides a voluntary international reporting structure for organizations across the advanced-AI value chain. Version 2.0 was launched in May 2026 and broadened participation, including attention to smaller organizations.[^haip-v2][^haip-overview]
Standards Body should learn from such reporting efforts while preserving several distinctions:
The European Union AI Act contains context-specific transparency obligations and expressly distinguishes compliance with transparency obligations from broader lawfulness.[^eu-ai-act][^eu-summary]
The Council of Europe Framework Convention includes transparency and oversight among its lifecycle principles and connects AI governance to human rights, democracy, and the rule of law.[^coe-convention][^coe-principles]
These legal frameworks do not govern every Standards Body activity automatically.
They demonstrate that transparency should be:
Transparency should not require publication of:
The correct response to sensitive evidence is not to eliminate accountability.
It is to provide:
Transparency includes the visibility of error.
A credible institution should publish:
Material changes should not occur silently.
A transparency framework requires more than publishing documents.
It requires:
The final transparency principle is:
Make authority, process, evidence, uncertainty, status, and correction visible. Protect only what requires protection, explain the protection, and preserve qualified paths for review.
Disclosure should enable someone to understand, evaluate, challenge, or act.
Responsible transparency permits justified confidentiality.
Institutional governance and public-interest work should be public by default.
A protected classification should identify a specific harm, duty, or integrity need.
Different audiences may require different information and levels of access.
Governance, research, standards, evaluation, assurance, incidents, and security require different disclosures.
Information may move from restricted to public as risk changes.
Disclosure does not establish that a claim is true or a system is safe.
A record without current status can mislead even when its contents are accurate.
Public summaries should preserve material limitations and uncertainty.
A public conclusion based on protected evidence should not rely only on the interested party's assertion.
A correction system is part of disclosure, not an admission that transparency failed.
Financial dependence can affect judgment and should be disclosed.
Role-specific conflicts should be visible and governed.
The institution should disclose who had influence and which perspectives were missing.
Publication without organization, accessibility, or current status is weak transparency.
Security should not become reputation management.
Public accountability does not require exposing personal data unnecessarily.
AI-assisted institutional outputs should remain attributable to accountable humans and processes.
The institution should measure whether disclosure improves understanding and accountability.
This framework applies to:
Standards Body should not publish third-party information beyond its lawful rights and responsibilities.
This framework creates internal commitments.
It does not create statutory access rights unless incorporated into a contract, charter, law, or formal policy that does so.
Different jurisdictions and domains may impose different duties.
Publishing selected favorable information while concealing material limitations does not satisfy this framework.
Definitions in TERMINOLOGY.md govern.
The degree to which relevant information concerning an institution, system, process, method, evidence base, decision, or outcome is available and understandable to the appropriate audience.
The act of making information available to a defined audience.
Publication without a specific request.
Disclosure in response to a request, complaint, appeal, review, legal duty, or incident.
A record available publicly without special authorization.
A record available to an eligible group under defined conditions.
A record available only to authorized persons with a defined need and duty.
A sensitive record subject to enhanced security and access controls.
A record whose unauthorized disclosure could create severe harm or exceptional legal or security consequences.
Removal or masking of information from a disclosed record.
Combination of information to reduce identification or security risk while preserving useful meaning.
A decision to reduce the protection level of information.
A periodic report describing disclosures, requests, restrictions, incidents, corrections, and institutional practices.
The origin, custody, transformation, and source history of information.
Visible indication of whether a record is draft, current, conditional, expired, superseded, suspended, withdrawn, retired, or archived.
The minimum information that should remain public even when detailed evidence is protected.
The degree to which relevant persons can understand reasons, factors, logic, or behavior at a level appropriate to the context.
The ability to inspect evidence and reconstruct a process or decision.
The ability to follow the lineage of a system, record, decision, requirement, or evidence object.
Accumulated missing, stale, inaccessible, or misleading disclosure that impairs accountability.
Transparency should allow responsible actors to be identified and held answerable.
Disclosure should reduce the risk that:
Qualified persons should be able to evaluate:
The public should be able to understand:
Participants should receive enough information to contribute meaningfully before decisions are finalized.
Others should be able to identify and report errors.
Transparency should support justified trust rather than reputation-based trust.
Comparable disclosures should help institutions understand and reuse evidence across jurisdictions.
Safe incident disclosure should support prevention and standards improvement.
Transparency should reduce misleading claims concerning:
The framework contains six layers.
Discloses:
Discloses:
Discloses:
Discloses:
Discloses:
Discloses:
A public summary should not jump directly from identity to favorable outcome while omitting process, evidence, and limitations.
Information suitable for unrestricted public access.
Information available to defined eligible persons under basic access or use conditions.
Information whose disclosure could create material but bounded harm, violate legitimate duties, or undermine a defined process.
Information requiring enhanced protection because disclosure could materially compromise security, evaluation integrity, safety, privacy, or legal duties.
Information whose unauthorized disclosure could create severe harm or exceptional institutional, legal, or security consequences.
Consider:
Use the lowest classification sufficient to address the legitimate risk.
A mixed record should be:
rather than withheld entirely where possible.
Every protected record should include:
Review after:
A qualified person may challenge classification through a secure process.
Even when detailed information is protected, the following should ordinarily remain public.
That the work, process, or decision exists.
Why the work is being conducted.
Which institutional body owns it.
Under which mandate it operates.
What category of system, risk, standard, or evidence is involved.
Whether the activity is:
That information is protected and which qualified roles can review it.
Draft, active, complete, suspended, corrected, withdrawn, or archived.
What the public output cannot establish.
Whether independent review occurred and at what level.
A safe explanation of why more detail is not public.
When the restriction will be reconsidered.
The public minimum itself may be narrowed only when acknowledging existence would create exceptional harm or violate law.
Such exceptions should receive high-level independent review.
Needs:
Needs:
Needs:
Needs:
Needs:
Needs:
Needs:
They should not receive privileged control of conclusions.
Need:
Where audiences have competing needs, use layered disclosure.
Standards Body should publish important institutional information before a request is made.
Proactive disclosure should occur close enough to the event to support participation and accountability.
Pages should display:
Superseded information should remain available and clearly labeled.
Important disclosures should not be hidden in inaccessible repositories or unindexed pages.
High-value records should be available in structured formats where useful.
A transparency-request process allows persons to request records or clarification not already public.
The process is voluntary unless a legal or contractual right applies.
Requests may concern:
Requesters should identify:
The institution should:
Suggested internal targets:
These are service targets, not statutory deadlines.
Routine digital requests should ordinarily be free.
Exceptional costs may justify a disclosed fee or narrowed request.
Possible grounds:
Use redaction or summary before full denial.
A requester may seek internal review of a denial.
Publish aggregate request statistics and significant decisions.
Before publishing or withholding, ask:
Would disclosure support accountability, understanding, participation, correction, or safety?
Could disclosure create a material and plausible harm?
Would disclosure violate privacy or other rights?
Would disclosure undermine evaluation or research validity?
Can the information be:
Who may decide?
How long should protection last?
Can the decision be challenged?
Is the rationale documented?
What should remain visible?
Publish:
Publish:
Publish for directors and major council members:
Publish:
Publish:
State:
Publish material delegations of authority.
Publish vote totals for:
Material board and council dissent should be preserved where safe.
Funding can shape:
Publish:
Preferred:
Where exact disclosure is not possible:
Disclose material:
Publish:
Publish whether the funder may:
A funder should not control findings.
Disclose:
Large anonymous funding should be exceptional.
Personal donor privacy may justify limited disclosure for small gifts.
Publish:
Publish role-relevant conflict summaries for:
The register should identify:
Do not publish unnecessary personal financial details.
Publish material recusals with:
State whether the response was:
Disclose when a reviewer:
Reports should identify project-specific funding and publication control.
Publish:
The summary should state that partnership does not imply approval of all partner activities.
Identify whether the relationship is:
Disclose:
Identify which institution:
Publish termination when material to public reliance.
Every material research project should have a register entry containing:
Publish the protocol or a safe summary before results when feasible.
Confirmatory and high-consequence work should use prospective registration where appropriate.
Disclose:
Data access should be classified as:
State why.
Publish code, prompts, schemas, and analysis artifacts when safe and legally permitted.
Protect:
Do not suppress findings because they are unfavorable, inconclusive, or inconsistent with institutional expectations.
Publish:
Disclose material departures from the planned method.
State:
Research status should be updated visibly.
Sensitive research may require:
The decision should be reviewed and documented.
Publish:
Publish the proposal, need, scope, evidence maturity, and decision.
Publish:
Publish:
Publish a balance assessment and identified gaps.
Public drafts should display:
Publish:
Publish comments and responses where lawful and safe.
State the number and categories of protected submissions.
Publish substantial objections, responses, and unresolved dissent.
Publish the consensus report.
Publish:
Publish the decision, authority, conditions, appeal, effective date, and maintenance owner.
Publish:
Core Standards Body standards should be freely readable.
Each material evaluation should have a record containing:
Disclose enough to identify:
State:
Publish:
Exact tasks may remain protected.
Disclose:
at the level necessary for interpretation.
Disclose:
Use bounded language.
Preferred:
The capability was not demonstrated under the assessed conditions.
Disclose:
Disclose:
Use:
Every consequential result should show:
Where tasks or evidence are protected, publish the public minimum and independent-review architecture.
The public summary should not exceed the evidence.
Disclose material:
State whether protocols and conditions are comparable.
Possible protected elements:
Publish:
Qualified reviewers should receive enough protected access to evaluate:
Maintain controlled records of:
Publicly state material exposure or compromise promptly.
Publish task-rotation policy without revealing current content.
Consider releasing retired tasks when:
A conclusion based entirely on secret evidence with no qualified independent review should not support a high-consequence public claim.
Publish:
State what the review did and did not examine.
Disclose whether reviewers considered access sufficient.
Disclose who selected reviewers and under which criteria.
Disclose who paid reviewers.
State whether the reviewed party had factual-response rights.
State who controlled publication.
Publish findings, limitations, and recommendations where safe.
Publish minority findings or state that protected dissent exists.
Distinguish:
Do not describe a limited factual check as independent expert review.
A public evaluator record should identify:
State exact:
Disclose material client concentration in aggregate where confidentiality prevents exact detail.
Disclose whether the evaluator also provides:
Publish proficiency status and limitations.
A certificate record should identify:
An accreditation record should identify:
Standards Body recognition should identify:
Publish aggregate complaint and disciplinary information without compromising fairness or privacy.
Every mark should link to a registry explaining its meaning.
A material decision should identify:
Reasons should be sufficiently specific to permit understanding and challenge.
Where detail is protected, publish a safe summary and provide qualified review.
State material alternatives considered.
State the uncertainty that remained.
Preserve material dissent.
State who is responsible for action.
State whether the decision is:
Maintain a searchable registry of material public decisions.
Use controlled statuses:
Display status:
Display:
Keep superseded versions available with a warning.
A status change should update dependent:
A file without a current owner or status should not remain presented as canonical.
Immediate response should prioritize:
Public notice may be required when:
State:
Avoid premature certainty.
Where feasible, publish:
Redact:
Publish safe learning from near misses.
Use:
Update prior statements visibly when facts change.
Publish:
For material cases, publish:
subject to privacy and fairness.
Publish:
Protect identity while reporting systemic lessons.
Report retaliation findings and corrective action where lawful.
Publish reasoned appeal decisions or safe summaries.
Complaint and appeal procedures should be understandable and usable.
The institution should make the history of material change visible.
State:
A material correction should be linked prominently from the original.
State:
Do not silently remove a consequential public record.
Corrections should be discoverable in search and registries.
Notify known affected:
where feasible.
Maintain a source record containing:
Prefer primary sources for:
Use secondary sources for context, synthesis, and critique.
Disclose:
without exposing identity unnecessarily.
State when a source is:
Public claims should display or link to the applicable evidence level.
Disclose material contrary evidence.
Update records when sources are corrected, withdrawn, or superseded.
Citations should support the precise claim made.
Every canonical file should display:
State:
Disclose:
Preserve:
Use controlled repositories and immutable release records where feasible.
Publish metadata for:
A derivative should identify its source and changes.
Each public record should identify the canonical location.
Transparency should not expose personal information beyond what accountability requires.
Collect and publish only what is necessary.
Public roles may justify disclosure of:
Do not publish:
Consent may support disclosure.
It should not be the sole basis where power imbalance makes consent weak.
Use:
Protect identities unless:
Assess whether combined public records can identify protected persons.
Where applicable, provide pathways for:
subject to law and evidence-preservation duties.
A privacy incident should trigger:
Transparency should not materially increase the ability to cause harm.
Before publication, assess:
Coordinate with affected organizations where disclosure concerns remediable vulnerabilities.
An affected organization should not control publication indefinitely.
An embargo should have:
High-consequence restrictions should receive independent review.
State:
Secrecy should not substitute for sound security design.
Reassess publication when the vulnerability is mitigated.
Redaction should remove only what requires protection.
A redacted document should indicate:
unless doing so would itself create harm.
A second qualified person should review material redactions.
Redaction should remove underlying data, metadata, comments, layers, and hidden text.
Remaining text should not create a false interpretation.
Release nonprotected portions.
Material redactions may be challenged through the transparency-request process.
Aggregation can disclose patterns while reducing privacy, security, or confidentiality risk.
Suppress or combine small categories where identification is likely.
Aggregation should not conceal:
Use ranges where exact values create unnecessary risk.
Disclose aggregation method sufficiently for interpretation.
Advanced privacy-preserving methods may be used where valid and proportionate.
Their effect on accuracy should be disclosed.
Correct aggregate reports when underlying data changes materially.
Information should be disclosed while it remains useful.
Premature disclosure can:
Delay should identify:
Publish enough before a decision to permit meaningful participation.
Publish the outcome promptly after approval.
Publish implementation and impact evidence.
Use staged updates as facts develop.
Do not delay correction merely to coordinate favorable communications.
Handle lawfully and avoid selective disclosure.
Information is not meaningfully transparent if intended audiences cannot access or understand it.
Provide:
Follow applicable accessibility standards and test with users.
Provide plain-language summaries for consequential public outputs.
Plain language should supplement, not replace, technical evidence.
Use:
Define necessary technical and institutional terms.
Charts should include:
Important public information should remain usable on common devices and limited connections.
Provide a channel to report barriers.
State the original and controlling language.
Use:
Normative and technical translations should receive domain review.
Publish known non-equivalence.
Explain where:
differ by region.
International projects should provide meaningful multilingual pathways as resources permit.
Disclose material machine translation and human review.
A process should not claim broad international legitimacy while practical access remains limited to one language.
WEBSITE_SOURCE_OF_TRUTH.md should govern public website facts and claims.
The website should include:
Display:
Monitor and repair.
Provide searchable access to standards, decisions, corrections, and registries.
Maintain access to superseded public records.
Disclose material use of tracking and analytics.
Use proportionate data collection.
Review claims concerning:
State whether communications come from the project, a staff member, a working group, or an independent panel.
Human and institutional accountability remains even when AI assists.
Disclose AI assistance when material to:
Routine spelling or formatting assistance may not require item-level disclosure.
Material analytical or drafting assistance should be recorded internally and disclosed appropriately.
AI-generated content should receive qualified human review before institutional publication.
AI-generated citations, summaries, and factual claims require source verification.
An AI system should not be presented as the accountable decision maker.
Disclose:
Identify machine-assisted translation where it may affect normative meaning.
Maintain records of:
Do not submit protected information to unauthorized AI services.
Public communications should preserve:
A press release should not broaden a technical finding.
Short-form posts should link to the full record.
Institutional representatives should distinguish:
Embargoes should not create privileged influence over findings.
Correct media and social posts visibly.
Coordinate facts without allowing partners to control institutional conclusions.
Avoid headlines that state:
unless those claims are precisely true.
Preserve material public statements and corrections.
High-stakes domains may require greater public accountability and stronger information protection simultaneously.
Publicly disclose:
Protect actionable exploit details until responsible release.
Disclose governance, construct, high-level results, review, and safeguards.
Protect procedural detail that could materially increase harmful capability.
Coordinate with operators and authorized authorities.
Avoid disclosing vulnerabilities that create operational risk.
Disclose:
Protect participants and provide ethics transparency.
Comply with lawful restrictions while maintaining public minimum and independent authorized review where possible.
A high-stakes label should not eliminate all accountability automatically.
State the jurisdiction and status of cited law.
Institutional publications should not imply individualized legal advice.
Disclose whether Standards Body is:
Requests from authorities should be handled under:
Publish aggregate reporting where lawful.
Protect legitimate legal process while disclosing material institutional effect.
State when an external authority adopts or references a Standards Body document.
A standard's technical importance should not be described as legal force.
Update affected public materials promptly.
A shared transparency profile should include:
Allow jurisdictional and sectoral additions.
Standards Body should map its disclosures to relevant external frameworks rather than require duplicative reporting without justification.
A future crosswalk may connect Standards Body records to the OECD Hiroshima AI Process Reporting Framework.
Self-reported information should be labeled as such.
Use:
only when accurate.
Recognition of an external transparency report should state:
Support:
The annual report should make the institution's own transparency performance visible.
Metrics should test whether transparency supports understanding and accountability.
High document volume does not equal meaningful transparency.
Determine whether transparency commitments are implemented.
Test:
Examples:
Assign:
A mature institution should receive periodic external transparency review.
Characteristics:
Characteristics:
Characteristics:
Characteristics:
Characteristics:
Characteristics:
Transparency maturity depends on reliability and use, not the number of pages published.
Failure:
The institution publishes polished summaries while withholding the information needed to evaluate authority, evidence, conflicts, or limitations.
Controls:
Failure:
Large volumes of unorganized documents create the appearance of openness without usability.
Controls:
Failure:
The institution's role is described in language that implies regulatory, certification, accreditation, or international authority it does not possess.
Controls:
Failure:
Draft, expired, withdrawn, or superseded material appears current.
Controls:
Failure:
A public summary omits the limitations contained in the technical report.
Controls:
Failure:
Major financial dependence is hidden through intermediaries, categories, or in-kind support.
Controls:
Failure:
A participant states "no conflict" without disclosing relevant relationships.
Controls:
Failure:
A process appears open while the institution does not disclose who actually participated or influenced the result.
Controls:
Failure:
Only evidence supporting the preferred conclusion is published.
Controls:
Failure:
Organizational claims are published without clear self-reported or unverified status.
Controls:
Failure:
Commercial, political, or reputational interests use confidentiality to prevent scrutiny.
Controls:
Failure:
Security classifications remain broad, indefinite, and unreviewed.
Controls:
Failure:
The institution releases dangerous details, protected tasks, or vulnerabilities.
Controls:
Failure:
Transparency exposes personal data, whistleblowers, research participants, or complainants.
Controls:
Failure:
The redaction can be reversed or hidden metadata reveals the content.
Controls:
Failure:
The remaining text creates a false impression.
Controls:
Failure:
A factual check or sponsor-selected review is described as independent expert review.
Controls:
Failure:
A high-consequence public claim relies on hidden tests with no reviewable protocol or independent access.
Controls:
Failure:
Full disclosure compromises evaluation validity.
Controls:
Failure:
A material incident remains undisclosed after it affects public reliance.
Controls:
Failure:
Early communications state a cause or scope not yet established.
Controls:
Failure:
A file changes without notice or history.
Controls:
Failure:
Sources and records become inaccessible.
Controls:
Failure:
A translation changes normative meaning.
Controls:
Failure:
Information is published in formats inaccessible to affected audiences.
Controls:
Failure:
A social post or headline broadens the evidence.
Controls:
Failure:
A partner describes the relationship as endorsement, approval, or certification.
Controls:
Failure:
AI-assisted drafting introduces false sources, claims, or interpretations.
Controls:
Failure:
The institution delays or narrows transparency requests without reason.
Controls:
Failure:
A temporary publication delay becomes indefinite.
Controls:
Failure:
Detailed disclosure is used to imply that a system or institution is safe.
Controls:
Failure:
A report is treated as proof of full legal compliance.
Controls:
Failure:
Relevant information is divided across inconsistent systems.
Controls:
Failure:
Accurate historical information is presented without an updated date or review.
Controls:
Failure:
Reporting requirements consume resources without improving accountability.
Controls:
Full public disclosure can be incompatible with:
Credibility requires governed access and independent scrutiny, not indiscriminate release.
Confidential evidence creates a legitimacy challenge.
It can support a bounded public decision when:
Some disclosure increases gaming.
The response is layered transparency:
They can add time.
Urgent work may use provisional and staged disclosure.
Urgency should not remove:
Some legitimate donor privacy and contractual constraints exist.
Material institutional dependence should still be visible through:
Personal safety may justify limited disclosure.
The institution should publish professional roles and decisions while minimizing unnecessary personal information.
Bad-faith behavior exists.
A credible process can use:
without eliminating legitimate scrutiny.
Concealed incidents can damage trust more severely.
Good incident transparency shows:
Self-reporting is useful and scalable.
It should be labeled accurately and supplemented with independent review where consequence is high.
The institution can disclose:
while protecting exact evidence.
Unresolved material dissent is part of the evidence.
It can be presented clearly without giving every minor disagreement equal weight.
Structured records support registries, versioning, and interoperability.
They should supplement accessible human summaries.
Disclosure can create legal risk.
So can concealment or misleading public claims.
Qualified legal review should support accurate, bounded publication.
The framework does not create statutory rights.
A voluntary request process supports accountability and institutional legitimacy.
They can.
The framework requires evaluation of comprehension, correction, decision quality, and outcome usefulness.
Publish:
PROJECT_IDENTITY.mdPublish:
Adopt:
Create:
Create:
Establish:
Publish:
Conduct:
Publish:
Map disclosures to:
Standards Body Public Record and Status Registry
Create a unified register for:
Provide:
Qualified reviewers may access controlled metadata and records according to role.
The registry does not itself certify truth, safety, compliance, or authority.
| Dimension | Core question |
|---|---|
| Identity | Is the institution's mission, stage, and authority clear? |
| Governance | Are bodies, appointments, powers, and limits public? |
| Funding | Are material sources, restrictions, and concentration visible? |
| Conflicts | Are relevant interests and recusals disclosed? |
| Work program | Can the public see current and planned work? |
| Process | Are methods and decision procedures understandable? |
| Participation | Is it clear who participated and who was missing? |
| Evidence | Are sources, levels, limitations, and contrary evidence visible? |
| Status | Are draft, current, expired, superseded, and withdrawn states clear? |
| Evaluation | Are object, protocol, conditions, uncertainty, and expiration disclosed? |
| Protected evidence | Is the public minimum available and independent access governed? |
| Standards | Are drafts, comments, objections, consensus, and maintenance visible? |
| Review | Are reviewer competence, independence, access, and findings disclosed? |
| Assurance | Are evaluation, audit, certification, accreditation, and recognition distinct? |
| Decisions | Are authority, reasons, conflicts, dissent, and appeal recorded? |
| Incidents | Are material incidents and corrective actions reported safely? |
| Corrections | Are changes, withdrawals, and downstream effects visible? |
| Provenance | Can the origin and history of a record be traced? |
| Privacy | Is personal information minimized and protected? |
| Security | Are dangerous details protected proportionately? |
| Redaction | Are redactions technically sound and nonmisleading? |
| Requests | Is there a usable disclosure-request and review process? |
| Accessibility | Can intended audiences access and understand information? |
| Language | Are controlling language and translation status clear? |
| Automation | Is material AI assistance attributable and reviewed? |
| Partnerships | Are purpose, funding, roles, and claim limits visible? |
| Legal status | Are jurisdiction and legal effect described accurately? |
| International | Can disclosures map across institutions and jurisdictions? |
| Timeliness | Is information published while useful? |
| Audit | Is transparency independently evaluated? |
| Impact | Does disclosure improve understanding, challenge, and correction? |
The following normally invalidate a claim that Standards Body is operating transparently:
Do not average all dimensions into one number.
A critical failure cannot be offset by a large volume of lower-value publication.
Request ID:
Requester:
Date:
Contact:
Preferred format:
Record ID:
Title:
Owner:
Date:
Classification:
Protected activity or record:
Responsible body:
Status:
Funder:
Funding type:
Amount or range:
Period:
Purpose:
Person:
Role:
Period:
Evaluation ID:
System ID and version:
Protocol ID and version:
Evaluator:
Sponsor:
Date:
Status:
Review ID:
Subject:
Mandate:
Date:
Incident ID:
Date detected:
Status:
Responsible body:
Correction ID:
Affected record:
Prior version:
Corrected version:
Date:
Record:
Reviewer:
Date:
Standards Body adopts the following working positions.
Transparency should support accountability, understanding, participation, correction, and informed action.
Transparency is not identical to total public disclosure.
Responsible transparency includes proportionate confidentiality, privacy, security, and evaluation-integrity controls.
The institution should presume that governance and public-interest information is public unless a documented reason justifies protection.
Protection should use the lowest classification sufficient for the legitimate risk.
Every protected record should have an owner, rationale, access rule, review date, and release condition.
A public minimum should remain available for protected work whenever safe and lawful.
The existence of a material institutional process should not be secret without exceptional justification.
Transparency does not establish accuracy, safety, fairness, legality, competence, independence, or legitimacy by itself.
A disclosure should identify the audience and purpose it is intended to serve.
Public summaries should preserve material limitations and uncertainty.
Status is part of meaning.
Draft, current, conditional, expired, superseded, suspended, withdrawn, and retired records should be distinguishable.
A superseded record should remain discoverable with a visible warning.
Material decisions should identify owner, authority, evidence, conflicts, reasons, dissent, appeal, and review date.
The institution's current legal and institutional stage should be visible on major public materials.
Standards Body should not imply regulatory, certification, accreditation, governmental, or international authority it does not possess.
Membership should not be presented as endorsement.
Partnership should not be presented as approval.
Participation in drafting should not be presented as conformity.
A public registry listing should not be presented as certification unless the registry actually records a valid certificate.
Funding is material governance information.
Material funding should disclose source, amount or range, purpose, restrictions, control rights, and related work.
In-kind support can create influence and should be disclosed when material.
Funding concentration should be reported.
A funder should not control findings, standards language, reviewers, or publication.
Role-relevant conflicts should be disclosed and governed.
Disclosure alone may be insufficient to manage a conflict.
Material recusals should be visible.
Intellectual, reputational, client, political, and access-dependence conflicts can matter as much as direct financial conflicts.
Research projects should have visible purpose, owner, method, status, sponsor, and correction route.
Confirmatory and high-consequence research should use prospective registration where appropriate.
Negative, null, and inconclusive findings should not be suppressed for reputational reasons.
Material deviations from a research plan should be disclosed.
Research data, code, prompts, and artifacts should be published when safe, lawful, and useful.
Ethical and privacy duties may justify controlled access.
Standards work programs should be public.
New standards work should disclose need, scope, evidence maturity, participants, and current status.
Standards drafts should display clearly that they are not approved.
Public comments and dispositions should ordinarily be visible.
The number and categories of protected comments should be disclosed.
Substantial objections and unresolved dissent should remain visible.
Consensus reports should explain how consensus was determined.
Standards maintenance, interpretations, corrections, amendments, and withdrawals should be public.
Core public-interest standards should be freely readable.
Evaluation records should identify the exact model, system, version, protocol, evaluator, conditions, date, status, and expiration.
Tools, scaffolds, prompts, retries, fine-tuning, and human assistance should be disclosed at the level necessary for interpretation.
Evaluation uncertainty should not be removed from public summaries.
Failure to demonstrate capability should not be reported as proof of incapability.
A high-consequence evaluation result should identify evidence level and review status.
Public evaluation transparency does not always require publication of exact tasks.
Held-out tasks may remain protected when exposure would weaken validity.
Protection of task content should not eliminate transparency about construct, governance, method class, evaluator, uncertainty, status, and limitations.
A public conclusion based on protected evidence requires sufficient qualified independent review.
A secret test is not valid merely because it is secret.
Task compromise and contamination should be disclosed through result status.
Retired tasks should be considered for release when safe and useful.
Independent review should disclose mandate, reviewer competence, selection, funding, independence, access, findings, and limitations.
A factual review should not be described as independent expert review.
External status does not automatically establish independence.
Evaluator profiles should disclose competence scope, ownership, services, conflicts, security, quality, and recognition status.
Accreditation should be reported with its exact scope.
Certification should be reported with its exact object, scheme, version, status, and expiration.
Standards Body should not describe pilot recognition as accreditation.
Any future mark should link to a public record explaining its exact meaning.
Incident transparency should prioritize safety, containment, affected persons, evidence preservation, and accurate staged reporting.
Initial incident notices should distinguish known facts from unknowns.
Incident updates should be corrected visibly as facts change.
Near-miss learning should be shared at the safest useful level.
Security should not be used to conceal invalid evidence, conflicts, misconduct, or material institutional failure.
Transparency should not expose active vulnerabilities or dangerous procedures irresponsibly.
Responsible disclosure should use documented timelines, review, and escalation.
Embargoes should not become indefinite organizational vetoes.
Personal data should be minimized.
Whistleblower, complainant, and research-participant identities should be protected proportionately.
Transparency should not require publication of unnecessary private financial or family information.
Aggregate reporting should preserve material patterns and severe outliers.
Redactions should be technically irreversible in the released artifact.
Redacted records should indicate the fact and basis of removal where safe.
Redaction should not create a misleading interpretation.
Material corrections should not be silent.
The original public record should remain linked to its correction or withdrawal.
Corrections should propagate to dependent pages, registries, reports, and claims.
Source provenance should be preserved.
Primary sources should be used for legal, regulatory, standards, and official-status claims where possible.
Self-reported information should be labeled as self-reported.
Verification status should be stated accurately.
Evidence contrary to a material institutional conclusion should not be hidden.
Every canonical document should display version, owner, status, current-through date, and revision history.
Material AI assistance in institutional analysis, drafting, translation, or scoring should be recorded and disclosed appropriately.
Human accountability remains when AI assists.
AI-generated sources and factual claims should be verified before publication.
Protected information should not be submitted to unauthorized AI systems.
The website should operate from a controlled source of truth.
Major pages should display update and status information.
Superseded public records should remain accessible through an archive.
Public communications should not broaden the underlying technical evidence.
Social-media summaries should link to the full record.
Accessibility is part of transparency.
Plain-language summaries should supplement technical detail rather than replace it.
International transparency should support translation, common metadata, local context, and machine-readable records.
A process should not claim broad international legitimacy when practical participation and disclosure are limited to one region or language.
External reporting frameworks should be mapped where useful to reduce duplicative burden.
Self-reporting and independent verification should remain distinct.
A transparency report is not proof of legal compliance.
Transparency requests should receive timely acknowledgment, reasoned response, and internal review.
Partial release, redaction, summary, or qualified access should be considered before complete denial.
Request procedures should not be used to obstruct legitimate scrutiny.
Transparency metrics should measure currentness, usability, comprehension, correction, and accountability, not page count alone.
Transparency systems should receive internal and periodic external audit.
Critical transparency failures may require correction, decision review, standard suspension, result withdrawal, governance change, or public notice.
Standards Body should publish its own transparency failures and improvement plans.
Transparency obligations should remain proportionate to institutional stage and consequence.
Early-stage limitations should be disclosed rather than hidden behind institutional presentation.
Mature authority should require mature transparency.
An expansion into standards, assurance, certification, accreditation, or public authority should trigger stronger disclosure and independent review.
Transparency should preserve the ability of others to challenge the institution.
The institution should remain willing to disclose that evidence is incomplete, access is insufficient, or no conclusion is justified.
The strongest transparency statement is sometimes an honest statement of uncertainty.
The ultimate test of transparency is whether others can understand what happened, who was responsible, what evidence existed, what remained hidden and why, and how error can be corrected.
PROJECT_IDENTITY.mdDefines Standards Body's present identity, mission, institutional stage, authority boundaries, audiences, and approved public descriptions.
This transparency framework operationalizes those public commitments.
PROJECT_MANIFESTO.mdDefines the deeper public-interest purpose that transparency should serve.
INSTITUTION_DESIGN.mdDefines the institutional architecture and separation among research, standards, evaluation, assurance, accreditation, certification, and public authority.
This framework defines what each layer should disclose.
GOVERNANCE_FRAMEWORK.mdDefines governing bodies, decision rights, conflicts, funding governance, appeals, records, security, and institutional transitions.
This framework makes those systems visible and reviewable.
STANDARDS_DEVELOPMENT_PROCESS.mdDefines standards work programs, drafting, participation, public review, comments, consensus, voting, approval, maintenance, and appeal.
This framework defines the disclosure requirements across that lifecycle.
FOUNDATIONS.mdDefines the overview of the eight foundations.
FOUNDATIONS_APPENDIX.mdDefines the integrated relationship among protocols, protected evidence, high-stakes evaluation, independent review, assurance, standards, incentives, and interoperability.
This framework supplies the shared public and protected disclosure architecture.
TERMINOLOGY.mdDefines transparency, disclosure, status, review, independence, certification, accreditation, and related terms.
EVIDENCE_STANDARDS.mdDefines source quality, evidence levels, confidence, claims, contrary evidence, and correction.
This framework defines how those properties should be disclosed.
RESEARCH_METHODOLOGY.mdDefines project registration, methods, review, ethics, security, publication, and correction.
This framework establishes their public and protected records.
TAXONOMY.mdClassifies records, statuses, security levels, evidence, actors, decisions, incidents, and relationships.
This framework operationalizes those classifications.
EVALUATION_PHILOSOPHY.mdDefines what evaluation results mean and where their authority ends.
This framework prevents public reporting from overstating those results.
Requires transparent protocol purpose, construct, version, changes, comparability, and retirement.
Requires public governance and qualified review around protected evaluation content.
Requires disclosure proportional to the consequence of high-stakes evaluation.
Requires review mandate, competence, independence, access, conflicts, findings, and dissent to be visible.
Requires evaluator, certification, accreditation, and assurance status to be scope-specific and verifiable.
Requires standards stages, evidence maturity, obligations, recognition, and legal effect to remain distinguishable.
Requires incentives, funding, awards, rankings, and recognition systems to disclose their rules and gaming risks.
Requires interoperable metadata, mappings, recognition conditions, local extensions, and noncomparability to remain visible.
CONTRIBUTOR_FRAMEWORK.mdWill define public contributor roles, credit, affiliations, conduct, confidentiality, and removal.
PARTNERSHIP_PRINCIPLES.mdWill define partnership disclosures, funding, authority, branding, data, intellectual property, and exit.
LONG_TERM_ROADMAP.mdWill define the timing at which more mature transparency infrastructure becomes required.
WEBSITE_SOURCE_OF_TRUTH.mdWill define the canonical public facts, page ownership, claims, update cadence, and correction workflow for standardsbody.ai.
SOURCES.mdWill maintain the source registry and source-status information.
VERSION_HISTORY.mdWill preserve canonical changes, supersession, correction, and institutional history.
A frontier AI institution can appear transparent while remaining difficult to scrutinize.
It can publish thousands of pages without revealing:
It can also create harm by publishing everything.
It can expose:
The solution is not maximum disclosure or maximum secrecy.
The solution is governed transparency.
Governed transparency begins with a presumption of public accountability.
It then asks whether a specific piece of information requires protection.
When protection is justified, the institution should narrow it.
It should identify:
It should preserve a public minimum.
It should provide qualified independent access when a public conclusion depends on protected evidence.
It should record challenges.
It should release or declassify when the reason for protection ends.
The institution should make several things especially difficult to hide:
These are the facts most likely to determine whether public trust is justified.
Transparency should not become a marketing layer placed over institutional work after decisions are complete.
It should be embedded in:
The mature institution should be able to answer:
The defining transparency rule of Standards Body is:
Make the institution understandable enough to challenge, the evidence traceable enough to assess, the status current enough to rely on, and the protected information governed enough to review without creating greater harm.
[^nist-rmf]: National Institute of Standards and Technology, Artificial Intelligence Risk Management Framework (AI RMF 1.0), NIST AI 100-1, 2023. https://nvlpubs.nist.gov/nistpubs/ai/nist.ai.100-1.pdf
[^nist-core]: National Institute of Standards and Technology, AI RMF Core and Accountable and Transparent Trustworthiness Characteristic, NIST AI Resource Center. https://airc.nist.gov/airmf-resources/airmf/5-sec-core/ and https://airc.nist.gov/airmf-resources/airmf/3-sec-characteristics/
[^nist-playbook]: National Institute of Standards and Technology, AI RMF Playbook, including Govern, Map, Measure, and Manage suggested actions. https://airc.nist.gov/airmf-resources/playbook/
[^nist-privacy]: National Institute of Standards and Technology, NIST Privacy Framework. https://www.nist.gov/privacy-framework
[^oecd-ai]: OECD, Recommendation of the Council on Artificial Intelligence, adopted 2019 and updated 2024. https://legalinstruments.oecd.org/en/instruments/OECD-LEGAL-0449
[^haip-overview]: OECD.AI, Hiroshima AI Process Reporting Framework, reporting and transparency resources. https://oecd.ai/en/transparency/overview
[^haip-v2]: OECD.AI, OECD Launches Hiroshima AI Process Reporting Framework 2.0, May 29, 2026. https://oecd.ai/en/haip-2-launch
[^haip-instructions]: OECD.AI, How to Complete the HAIP Reporting Framework, including eligibility across the advanced-AI value chain. https://oecd.ai/en/transparency/instructions
[^eu-ai-act]: European Union, Regulation (EU) 2024/1689 Laying Down Harmonised Rules on Artificial Intelligence, official EUR-Lex text. https://eur-lex.europa.eu/eli/reg/2024/1689/oj
[^eu-summary]: European Union, Rules for Trustworthy Artificial Intelligence in the EU, EUR-Lex summary. https://eur-lex.europa.eu/EN/legal-content/summary/rules-for-trustworthy-artificial-intelligence-in-the-eu.html
[^coe-convention]: Council of Europe, Framework Convention on Artificial Intelligence and Human Rights, Democracy and the Rule of Law. https://www.coe.int/en/web/artificial-intelligence/the-framework-convention-on-artificial-intelligence
[^coe-principles]: Council of Europe, Framework Convention Lifecycle Principles, including transparency and oversight, accountability and responsibility, equality, privacy, reliability, and safe innovation. https://www.coe.int/en/web/cddh-handbook-on-ai-and-hr/the-framework-convention-on-artificial-intelligence-and-human-rights-democracy-and-the-rule-of-law
[^iso-37000]: International Organization for Standardization, ISO 37000:2021, Governance of Organizations, Guidance. https://www.iso.org/standard/65036.html
[^iso-42001]: International Organization for Standardization and International Electrotechnical Commission, ISO/IEC 42001:2023, Artificial Intelligence Management System. https://www.iso.org/standard/81230.html
[^iso-27001]: International Organization for Standardization and International Electrotechnical Commission, ISO/IEC 27001, Information Security Management Systems. https://www.iso.org/isoiec-27001-information-security.html
[^iso-27701]: International Organization for Standardization and International Electrotechnical Commission, ISO/IEC 27701, Privacy Information Management Systems. https://www.iso.org/standard/85819.html
[^iso-directives]: International Organization for Standardization and International Electrotechnical Commission, ISO/IEC Directives, Part 1, Procedures for the Technical Work. https://www.iso.org/sites/directives/current/consolidated/index.html
[^wto-principles]: World Trade Organization, Principles for the Development of International Standards, Guides and Recommendations. https://www.wto.org/english/tratop_e/tbt_e/principles_standards_tbt_e.htm
[^w3c-process]: World Wide Web Consortium, W3C Process Document. https://www.w3.org/policies/process/
[^ietf-process]: Internet Engineering Task Force, Guide to the IETF Standards Process. https://www.ietf.org/process/process/
[^un-guiding]: Office of the United Nations High Commissioner for Human Rights, Guiding Principles on Business and Human Rights, 2011. https://www.ohchr.org/sites/default/files/documents/publications/guidingprinciplesbusinesshr_en.pdf
[^accessibility]: World Wide Web Consortium, Web Content Accessibility Guidelines. https://www.w3.org/WAI/standards-guidelines/wcag/
Date: July 16, 2026
Change type: Complete foundational edition
Summary: Establishes the canonical Standards Body transparency, confidentiality, disclosure, access, correction, and public-accountability framework. Defines authority limits, transparency objectives, disclosure layers, five information classes, public-minimum rules, audience-based and proactive disclosure, transparency requests, governance, funding, conflict and partnership disclosures, research, standards, evaluation, held-out evidence, independent review, evaluator and assurance records, decision and status transparency, incidents, complaints, appeals, corrections, sources, provenance, privacy, security, redaction, aggregation, timing, accessibility, translations, website governance, AI-assisted content, public communication, high-stakes domains, legal and international reporting, annual reports, metrics, audits, maturity, failure modes, objections, implementation, pilot design, scorecard, operational templates, canonical positions, cross-file interfaces, and primary research basis.
Status: Approved foundational source.