> ## Documentation Index
> Fetch the complete documentation index at: https://agenticintentprotocol.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Compliance

> Understand AIP's protocol-level compliance invariants for privacy, data integrity, and verifiability.

AIP defines protocol-level compliance invariants that ensure privacy, transparency, and verifiability. **AIP does not define retention policies, audit procedures, incident response, or regulatory frameworks.** Compliance is enforced through protocol constraints, not operator policies.

***

## 1. TL;DR

> AIP guarantees compliance through protocol-level invariants: data minimization, deterministic message flow, and cryptographic verifiability. The protocol does not define how operators, platforms, or brand agents implement compliance procedures.

***

## 2. Compliance philosophy

AIP enforces compliance through protocol constraints, not policy or trust:

* **Data minimization**: The protocol never requires personal identifiers or raw user data
* **Deterministic message flow**: All billable actions are cryptographically verifiable and traceable
* **Cryptographic verifiability**: Every settlement outcome can be independently verified

Compliance is a property of the protocol's design, not a checklist of operator behaviors.

***

## 3. Protocol-level compliance invariants

The protocol guarantees the following compliance invariants:

| Invariant                                | Description                                                                                                                                    |
| ---------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- |
| **No raw personal data required**        | The protocol never mandates personal identifiers, user names, email addresses, or other personally identifiable information                    |
| **Cryptographically verifiable actions** | All billable actions (participation, interaction, delegation, outcomes) are cryptographically verifiable and cannot be unilaterally fabricated |
| **Single serve\_token settlement**       | Every settlement is traceable to a single `serve_token` from the original selection                                                            |
| **No unilateral value fabrication**      | No participant can unilaterally create billable events or settlement outcomes                                                                  |
| **Intent-only context**                  | Brand Agents receive only anonymized intent context, never raw user queries or personal data                                                   |
| **Deterministic outcomes**               | Settlement outcomes are deterministic and reproducible from verifiable event sequences                                                         |
| **Scoped delegation context**            | In delegate mode, brand agents receive only the context defined by `context_scope`, never raw user data                                        |

Operators implement their own compliance procedures, retention policies, and audit systems. The protocol only constrains what data flows and how it is structured.

***

## 4. Data scope and ownership (invariants only)

The protocol defines data ownership and scope through invariants:

* **Platforms control user consent and identity**: Platforms are responsible for user consent, identity management, and data collection. The protocol does not define consent mechanisms.
* **Operators verify events and enforce invariants**: Operators verify events and enforce protocol-level invariants. The protocol does not define verification procedures.
* **Brand Agents receive only anonymized intent context**: Brand Agents receive `ContextRequest` objects that contain intent signals, not raw user data. In delegation, context is further scoped by `context_scope`.
* **The protocol never requires personal identifiers**: No AIP message schema requires personal identifiers, user names, or other PII.

The protocol enforces data minimization by design, not through policy.

***

## 5. Regulatory neutrality

AIP does not encode jurisdiction-specific rules or regulatory frameworks. The protocol is designed to be compatible with privacy and financial regulations without embedding them.

* The protocol does not mandate GDPR, CCPA, PCI DSS, SOC 2, ISO 27001, or any other specific regulatory compliance
* The protocol does not define retention durations, audit procedures, or incident response protocols
* The protocol does not prescribe tax handling, financial reporting, or regulatory filing requirements

Operators, platforms, and brand agents implement their own regulatory compliance according to applicable laws and standards in their jurisdictions.

***

## 6. What AIP does NOT define

The protocol explicitly does not define:

* **Retention durations**: How long data, events, or records must be stored
* **Ledger schemas**: Specific ledger structures, database models, or storage formats
* **Wallet architecture**: Wallet implementations, balance storage, or transaction models
* **Tax handling**: Tax calculation, reporting, or withholding procedures
* **Audit processes**: Audit procedures, audit firm requirements, or audit trail formats
* **Incident response**: Breach procedures, key rotation policies, or recovery protocols
* **Disclosure formats**: Participation labeling requirements, consent UI, or transparency mechanisms
* **Regulatory frameworks**: Specific compliance with GDPR, CCPA, PCI DSS, SOC 2, ISO 27001, or other standards

These are implementation concerns that operators, platforms, and brand agents address according to their own requirements.

***

## 7. Guarantees

The protocol guarantees:

* **Privacy preservation**: The protocol never requires personal identifiers or raw user data. Brand Agents receive only anonymized intent context, scoped further during delegation.
* **Non-repudiation**: All billable actions are cryptographically verifiable. Participants cannot deny authenticated messages they sent.
* **Auditability via cryptographic linkage**: Every settlement outcome is traceable to a single `serve_token` and can be independently verified through cryptographic linkage.
* **Deterministic settlement outcomes**: Settlement outcomes are deterministic and reproducible from verifiable event sequences. No participant can unilaterally fabricate value.

The protocol does not guarantee specific regulatory compliance, retention policies, or audit procedures. Operators implement their own compliance systems to enforce these protocol-level guarantees within applicable regulatory frameworks.

***

## Summary

> AIP defines protocol-level compliance invariants that ensure privacy, verifiability, and deterministic outcomes through cryptographic constraints. The protocol does not define how operators implement compliance procedures, retention policies, or regulatory frameworks.

Next: [Glossary](/glossary)
