The Institute of Agency Science seal (concept)The Institute of Agency ScienceAgency Science · Standards Body

The Institute of Agency Science

The Charter: rights as architecture, not promises.

A measure of human capability is powerful enough to be abused. The Charter is the founding document that makes abuse structurally hard: every protection is written as a rule, a mechanism, and a test, so a right cannot be quietly set aside.

The Charter is the Institute's founding governance document for the Agency Quotient (AQ): the layer that governs how the measure may and may not be used, written as architecture rather than as a page of prose promises.

Charter Architecture Overview

Nine components, one pattern.

The Charter sets out a nine-component governance architecture. The components are: Score Residency, Purpose Binding, Score Rights, Version and Expiry metadata, Claim Discipline, Minors, an Incident Channel, a Data Firewall, and an Openness Posture. Each is written the same way, as a rule, the mechanism or schema that enforces it, and a test that demonstrates compliance, so the protection is structural rather than a statement of values.

This is what "rights as architecture, not prose promises" means in practice: a right that depends on a written intention can be quietly set aside; a right enforced by a closed API, a required schema field, or a contract test cannot. The provisions described below are designed and architected. The honest status today is that the Institute is being built to operate them at formation, not yet operating them.

Component 1, Score Residency

The Test. a continuous-integration check asserts that no score-read endpoint in any tier accepts an external-identity query parameter, and that the only third-party score read carries a share token. A licensee that builds, feeds, or queries an external score registry commits a top-tier violation under the license framework, immediate revocation plus a public clarification notice.

[ Architecture rule: the person holds the score; the Institute holds the instrument ]

Your score belongs to you: each score artifact has exactly one canonical residence, the score-holder's own account space, while the Institute operates the instrument that computes it. Disclosure is person-initiated, one context at a time, through a single mechanism: a share token scoped to one recipient, one declared purpose, and one validity window, issued by the score-holder, revocable by the score-holder, and audit-logged on each use.

The architecture as built contains no central lookup bureau, no identity-keyed score index, no API path, batch export, or search surface through which a third party can pull a person's score by name, email, government ID, or any other external identifier. The only third-party read path is presentation of a valid, unexpired, unrevoked share token. This is the anti-credit-score design choice: the architecture has no place where an employer, lender, insurer, or school looks a person up. This section is written as a description of the architecture as built, re-reviewed at each edition boundary, it states what exists by design, not a pledge about every possible future.

A figure of the score-residency architecture: the person's account holds the score, the Institute holds the instrument, and the only third-party read path is a person-issued, revocable, audit-logged share token, with no central lookup bureau anywhere in the design.
Figure 1. Score residency as built: the person holds the score, the Institute holds the instrument, and there is no place where a third party looks a person up.

Component 2, Purpose Binding

No score moves without a declared purpose, a consent record, a share token, and an audit-log entry. Purpose is enforced at the API layer, not requested in prose: a consent record carries the person, the declared purpose, the scope, and the policy version; a share token binds the recipient, the purpose, and a default thirty-day validity window (ninety-day maximum) and is server-signed, so it cannot be forged or reused by anyone else; and an append-only access log records every redemption attempt, served or rejected, which the person can read at any time.

The set of requestable purposes is closed and allowlisted. The prohibited uses, hiring, lending, school admission, insurance, custody, and care access, are not members of that set: a purpose-declaration request naming them cannot be expressed against the API at all, and any attempt is logged and rejected as a prohibited purpose. These uses are made inexpressible at the instrument, not merely discouraged in prose. This is stated as a current discipline, AQ is not yet validated for job-relatedness or adverse impact, so it is not licensed for selection.

Component 3, Score Rights

Five rights are enumerated, and each is paired with the mechanism that makes it real rather than left as an assurance:

The appeal surface is the evidence receipt itself: a dispute attaches to specific observations, not to an impression. That is what makes "dispute with human review" testable rather than aspirational.

Component 4, Version and Expiry Metadata

A score artifact missing any required contract field is invalid and must not render, transmit, or be share-tokenized. The contract records the score type and tier, the exact scoring-engine version, the standard edition, the comparability state, the evidence cutoff, a validity window, and a confidence band, so that no reading travels without the metadata a reader needs to weigh it. A point value never renders without its band.

The validity window is what keeps an estimate honest over time. When an artifact expires, it re-renders as "stale, refresh for a current estimate" with widened bands: staleness widens the bands rather than letting an old reading silently pass as current. Comparability is explicit, and is the field that carries the minors' protection, a minor's artifact is always marked non-comparable (Component 6).

Component 5, Claim Discipline

[ Evidence tier: [hypothesis-grade] ]

Every outward-facing claim about AQ carries an evidence-tier badge, and no claim may exceed the rung the published evidence has actually bought. AQ is an instrument, not a predictor; its current evidence tier across the whole system is [hypothesis-grade]. The words that overstate evidence, including "validated," "clinical," and "scientifically proven", are barred from public claims, except where "validated" sits inside an earned badge token backed by the published study that earns it. A marketing-and-copy review against the claims register is a release gate for any public surface.

Validation is tracked on a public evidence-tier ladder, and a claim may only carry the badge the published evidence supports, for the specific population, tier, and outcome named:

Component 6, Minors

Youth training is fully in scope, the literacy mission stays whole, but there is no comparable or portable scoring of minors. No minor-derived score artifact may carry a comparability state other than "none," may be share-tokenized, or may surface in any ranking, roster, league table, or cross-child comparison, for schools, parents, or anyone else.

The protection is enforced at the schema level, not asked for in policy: an age assertion gates artifact creation, and a minor bracket forces comparability to "none" and share-token eligibility to false at write time, so a violating artifact cannot be constructed. Guardian consent paired with the minor's own assent is required for any youth-training data capture, and that training telemetry stays in the training stream, it is never scored as AQ input. The lawful youth pathway, the first official score at eighteen by the person's own consent, and the supporting child-privacy analysis are a designed deliverable still pending a formation-stage ruling and counsel review; nothing youth-facing ships before that.

Component 7, Incident Channel

Abuse, adverse events, distress, and misuse are reportable from inside the product at every tier, with bound response times and a defined escalation procedure. An incident record carries its type, a severity from a fixed scale, the reporting channel, and its state; reporting can be anonymous. Safety-level incidents page a human the same day; rights-level incidents are answered within seventy-two hours; quality-level incidents within fourteen days.

A credible report of licensee misuse opens an incident-triggered audit under the license framework, on the path that can lead to decertification. Adverse-event records also feed the validation program's adverse-event procedures, so that measurement harm is tracked with the same discipline as product harm. The crisis-protocol authoring for distress routing is a practitioner-gated deliverable, designed and pending.

Component 8, Data Firewall

AQ results are categorically blocked from advertising surfaces. Analytics events bound for ad platforms are built from a schema allowlist that structurally excludes score, level, band, trap and realm result fields, and raw answers, and the block is category-level, so a newly added result field is excluded by default because it is not on the allowlist. Continuous-integration checks and payload contract tests keep the block true rather than relying on a policy reminder.

From the first event, each measurement record is dual-written: once to the person's own identity-keyed evidence store, which serves the person, and once to a de-identified corpus that keeps no identity join key and exists only to improve the instrument, to calibrate it, monitor drift, and study fairness. Because behavioral streams are fingerprint-like, de-identification is treated as a decaying property rather than a one-time checkbox: re-identification risk is reviewed on a recurring schedule, small-cell suppression thresholds apply to any aggregate output, and a linkage-attack review precedes any corpus-derived publication, with results logged.

Component 9, Openness Posture

The Institute's posture is staged openness, and it is publish-compatible by construction. The architecture maintains a clean separation between the methods-and-model layer, the measurement model, the scoring logic, the level definitions, and the validation studies, on the established pattern of a published methods paper, and the assets that are not published at any stage: the calibrated item banks, the raw data, the training content, the doctrine, and the certification curriculum. "Publish" means the methods layer; the proprietary assets remain proprietary.

While the calibration pilot runs, the scoring formula, parameter values, and calibration internals stay internal, openness arrives as the evidence ladder and the underlying corpus support it. The publish-versus-proprietary decision itself is a deferred ruling, to be made at a governance sitting before the methods paper is submitted, because a paper cannot validate a secret. The structural separation between a publishable public item pool and a secured bank is what lets that decision be honored without weakening the standard.

Charter Boundary

What the Charter does not do.

The Charter does not claim that AQ is validated, clinical, or proven, the current evidence tier is [hypothesis-grade] across the board, and the claim-discipline component is written to keep it there until the evidence advances. It does not make the final publish-versus-proprietary call, which is deferred to a formation-stage governance sitting. It does not by itself design the youth pathway, it mandates the protections and leaves the lawful design to a dedicated, counsel-reviewed deliverable. Stating the boundary plainly is part of the architecture: a governance document earns trust by being as clear about its limits as about its provisions.

Continue: Read where validation stands · Adopt the Agency Bill of Rights