Governing Borderless AI: Accountability, Peace, and Human Rights

Building legal boundaries for AI in a borderless digital world

AI now sits inside defence, healthcare, social policy, finance, and platforms that run across borders. Law is national; AI is not. That tension forces a new playbook for accountability, human rights, and international security.

The goal is simple: set shared rules that let innovation move while keeping people safe. That requires clarity on who is responsible, how systems are audited, and what happens when things go wrong.

The accountability gap

When AI systems act with a degree of autonomy-especially in military or security settings-pinning down responsibility gets messy. Developers build, operators deploy, commanders approve, and states own the outcomes. The law needs a clean chain of accountability.

• Define roles: developer, deployer, operator, and state responsibility with clear fault allocation.
• Require audit-grade logs for decisions, inputs, model versions, and overrides.
• Use strict or tiered liability for high-risk uses (weapons, critical infrastructure, biometric surveillance).
• Apply command responsibility where AI is used in armed conflict.

From national patchwork to shared standards

Countries are moving-UK, US, France with national rules; others deploying at scale in space, telecoms, and cybersecurity projects (including China, USA, Kazakhstan, Türkiye, Azerbaijan). A patchwork invites forum shopping and weak safeguards.

• Create an international body with authority to set baseline standards, register high-risk systems, and publish incident reports.
• Adopt interoperability for audits, testing, and evidence sharing to avoid fragmented compliance.
• Embed reciprocal enforcement tools: fines, procurement restrictions, and suspension of cross-border access for repeat violators.

Human rights first-by design

Any global AI framework must protect life, dignity, privacy, equality, and due process. This matters most for refugees and migrants, children, and women-groups often scored, profiled, or excluded by automated systems.

• Mandatory human rights impact assessments before deployment, not after.
• Prohibit or narrowly limit uses that enable mass surveillance or discrimination.
• Guarantee appeal, human review, and accessible remedies for automated decisions.
• Public transparency on use in welfare, border control, policing, and courts.

Reference points exist, but they need teeth. See UN guidance on AI and human rights for baseline principles here.

AI as a weapon: drawing the red lines

Lethal or near-lethal applications demand firm constraints. "Meaningful human control" should be more than a slogan; it needs technical and legal definitions tied to targeting, override speed, and accountability.

• Ban specific functions (e.g., autonomous selection and attack on human targets) or place them under strict control regimes.
• Codify testing, simulation proofs, and fail-safe behavior before battlefield use.
• Map state responsibility under international humanitarian law, with no dilution through delegation to algorithms.

Jurisdiction, evidence, and enforcement

Models are trained in one country, hosted in another, and used everywhere. Evidence trails span data centers, APIs, and subcontractors. Without harmonized rules, prosecutions and remedies stall.

• Modernize mutual legal assistance to cover model artifacts, logs, and safety evaluations.
• Standardize digital evidence formats for AI incidents, including model and dataset fingerprints.
• Clarify extraterritorial reach for high-risk AI services offered across borders.

What the next treaty should include

• Clear definitions of AI system, high-risk use, deployer, provider, and operator.
• Duty of care: pre-deployment risk analysis, ongoing monitoring, and rapid patching.
• Testing standards: red-teaming, adversarial evaluations, robustness to distribution shift, and safety cases.
• Transparency: model and system cards, data governance summaries, and incident disclosure timelines.
• Human oversight requirements: real-time override, escalation paths, and trained operators.
• Prohibitions and moratoria for uses that threaten peace, security, or fundamental rights.
• Certification and conformity assessments for high-risk systems, with cross-recognition between states.
• Export controls for high-risk models and components tied to end-use and end-user risk.
• Sanctions and remedies: fines, suspension, mandatory recalls, and victim compensation funds.
• Dispute settlement and state reporting obligations.

Compliance architecture for organizations

• Governance: board-level accountability, named AI compliance officer, and clear RACI.
• Risk classification: inventory systems, map use cases, rate harm, and set controls.
• Assurance: red-team high-risk systems; log tests, results, and fixes.
• Data controls: provenance checks, consent records, and bias testing on sensitive attributes.
• Human oversight: defined intervention points and operator training.
• Procurement: clauses for audit access, incident reporting, and model updates.
• Records: immutable logs for decisions, training data sources, and model versions.

Immediate actions for legal teams

• Update contracts: warranties on training data legality, safety testing, uptime, and audit rights.
• Draft AI incident response playbooks that cover user harm, security breaches, and regulator notice.
• Embed HRIA and DPIA gates in project lifecycles, with stop-ship authority.
• Set retention and disclosure policies for logs and model artifacts to preserve evidence.
• Train product, procurement, and security teams on upcoming treaty terms and national acts.

If you need structured upskilling for non-lawyer stakeholders you support, see curated AI courses by job here.

Open questions the international community must resolve

• How to align state responsibility with private developer liability for deployed systems.
• How to verify compliance for closed models without forcing full disclosure of IP.
• What counts as "meaningful human control" in time-critical scenarios.
• How to protect vulnerable groups from automated exclusion in borders, welfare, and credit.
• What remedies look like when harm is diffuse and cross-border.

Bottom line

AI moves across borders; accountability must follow it. Build clear roles, verifiable controls, and enforceable rights into law. Do it through international coordination, or expect gaps that put people at risk and leave states arguing after the damage is done.