Delegated Agency Responsibility Model¶

Purpose¶

The Delegated Agency Responsibility Model clarifies how responsibility is assigned when an agent authorizes software agents — including generative AI systems capable of creating or dispatching subagents — to act within or across MAP Spaces.

Its central claim is simple:

Operational autonomy does not dissolve accountability.
When an agent delegates action to tools, services, or subagents, responsibility follows the chain of authorization, bounded by the agreements, membranes, and trust channels through which those delegated agents are allowed to act.

This model is designed to make responsibility legible even when behavior cannot be fully predicted in advance.

Core Principle¶

Responsibility in MAP is grounded in authorization, not prediction.

A delegating agent is not expected to perfectly foresee every behavior of a generative or autopoietic system.
But that agent is responsible for:

what capabilities it admits into its I-Space
what permissions it grants
what trust channels it allows those capabilities to act through
what risks it knowingly accepts as part of that delegation

Likewise, a provider of agentic capability is responsible for the promises it makes about that capability, the risks it obscures or reveals, and the degree to which the capability exceeds the expectations reasonably created by its offer.

Why This Model Is Needed¶

Generative AI introduces a structural challenge:

the provider cannot fully predict what a generated agent or subagent will do
the deployer cannot fully predict what that agent will attempt to do on their behalf
the surrounding ecosystem still requires clear accountability

Conventional governance often struggles here because it assumes responsibility depends on prior specification of behavior or on ex post legal recourse.

MAP takes a different approach.

Rather than requiring full predictability, MAP assigns responsibility through:

explicit promises
layered agreements
membrane-bounded execution
trust channel enforcement
revocable access
reputation and social coordination

This allows generative systems to remain open-ended internally while still being bounded externally.

Foundational Assumptions¶

1. Agents remain accountable for delegated action¶

When a person or organization deploys an agent into its I-Space, that agent acts under the authority envelope of the deploying agent unless and until another accountable party explicitly assumes responsibility.

2. Subagents are instruments, not final moral actors¶

Generated subagents may be operationally autonomous, adaptive, or recursive, but they do not become the final bearer of ethical responsibility merely by virtue of local autonomy.

3. Trust channels do not need to inspect internal cognition¶

A trust channel does not need to know how many subagents exist internally, how they were generated, or how they reason. It only needs to enforce what may cross the membrane, under what roles, and under what conditions.

4. Boundaries matter more than internal complexity¶

The ethical question is not primarily how complex the internal agent ecology becomes. The key question is what that ecology is authorized to do across membranes and agreements.

5. Responsibility is layered¶

Responsibility can be distributed across provider, deployer, membrane, and participating spaces without becoming vague, so long as each layer has explicit duties.

Responsibility Layers¶

1. Capability Provider Responsibility¶

A Capability Provider is an agent that offers an AI capability, model, service, or generative substrate that can be admitted into another agent’s I-Space.

The provider is responsible for:

clearly representing the capability envelope of what is being offered
disclosing meaningful constraints, risks, and known failure modes
avoiding hidden affordances that materially exceed what the promise implies
ensuring that the offered capability does not silently bypass declared membrane or trust channel expectations
standing behind the provenance and integrity of what it supplies

In MAP terms, the provider is accountable for the truthfulness and adequacy of its promise.

Provider Responsibility Principle¶

Do not offer delegated power whose risk surface materially exceeds the expectations created by your promise.

2. Deploying Agent Responsibility¶

A Deploying Agent is the person-agent or organizational agent that admits a capability into its I-Space and authorizes it to act.

The deployer is responsible for:

deciding whether to admit the capability at all
determining what local permissions the capability receives
deciding which trust channels, if any, may be used for external action
ensuring that granted permissions do not exceed what the deployer is willing to stand behind
exercising due care before authorizing interaction across membranes
revoking or narrowing permissions when trust is not justified

In MAP terms, the deployer is accountable for what it authorizes through its membrane.

Deployer Responsibility Principle¶

If a delegated agent acts through your membrane, it acts under your responsibility envelope.

This remains true even if its exact behavior was not fully predictable.

3. Trust Channel Responsibility¶

A Trust Channel governs what may pass between Spaces and under what conditions.

The trust channel is responsible for:

enforcing the terms of the governing agreements
constraining inbound and outbound flows
ensuring that only authorized roles are enacted across the boundary
blocking or rejecting flows that violate declared conditions
making participation contingent on compliance, not goodwill

The trust channel is not responsible for understanding internal agent architecture.
Its job is not to inspect cognition.
Its job is to enforce boundary conditions.

Trust Channel Responsibility Principle¶

The ecosystem need not trust your internal process if it can trust the membrane conditions under which you are allowed to interact.

4. Receiving Space Responsibility¶

A Receiving Space is any We-Space that allows another agent, or agents acting on its behalf, to participate under specific agreements.

The receiving space is responsible for:

defining the roles under which participation is allowed
specifying the information access conditions and exfiltration constraints that govern interaction
determining what kinds of delegated action are acceptable
monitoring whether participation remains within agreed bounds
revoking participation when trust conditions are violated

A We-Space does not need to regulate the deployer’s entire internal ecology.
It only needs to regulate what is admitted into the relationship domain that it governs.

Receiving Space Responsibility Principle¶

Participation rights are granted to boundary-conforming actors, not to opaque internal architectures as such.

5. Generated Subagent Status¶

A Generated Subagent is a delegated computational actor created, configured, or dispatched by another agentic capability inside an I-Space.

Generated subagents may:

reason
plan
create artifacts
invoke tools
propose actions
generate further subagents

But unless separately recognized through explicit agreement and governance, they are not treated as independently accountable agents in the ethical or legal sense.

Their standing is derivative.

Subagent Status Principle¶

A generated subagent is an instrument of delegated agency unless an explicit governance process assigns it a different standing.

Responsibility Chain¶

Responsibility in MAP follows a delegation chain:

A provider offers a capability through a promise
A deployer accepts that capability into an I-Space
The deployer authorizes permissions and trust channel access
The capability may generate or dispatch subagents
Those subagents may act internally or externally
External effects are constrained by agreements and trust channels
Accountability traces back through the authorization path

This means:

generation does not sever provenance
delegation does not erase responsibility
recursion does not create moral independence by default

Internal vs External Open-Endedness¶

The Delegated Agency Responsibility Model distinguishes between two domains.

Internal Open-Endedness¶

Inside an I-Space, an agent may be allowed considerable freedom:

experimentation
planning
simulation
subagent generation
internal drafting
internal orchestration

This open-endedness may be difficult to predict fully in advance.

External Boundedness¶

The moment action crosses a membrane into a We-Space, stricter conditions apply:

role compliance
information access constraints
exfiltration restrictions
protocol requirements
revocation conditions
reputational consequences

This distinction is essential.

Boundary Principle¶

MAP tolerates internal unpredictability more readily than external boundary violation.

Due Care in Delegated Agency¶

Because neither providers nor deployers can fully predict generative behavior, the ethical burden shifts toward due care.

Due care for providers includes:

honest promise framing
meaningful disclosure
clear capability boundaries
avoidance of deceptive opacity
support for constrained deployment

Due care for deployers includes:

progressive permissioning
staged trust
bounded tool access
selective trust channel exposure
monitoring of actual behavior
prompt revocation when needed

Due Care Principle¶

Where prediction is impossible, responsibility requires prudent authorization and bounded exposure.

The Role of Reputation¶

Because MAP is not solely dependent on centralized legal enforcement, reputation becomes a key social coordination mechanism.

Reputation helps agents assess:

whether a provider’s promises are reliable
whether a deployer is careful in what it authorizes
whether a space maintains trustworthy membrane conditions
whether boundary violations are rare, common, repaired, or ignored

In this way, reputation complements formal agreements.

Reputation Principle¶

When generativity increases uncertainty, reputational trust becomes more important, not less.

Ethical Constraint Through Layered Agreements¶

The MAP model strengthens accountability by placing responsibility across multiple agreement layers:

Provider-to-Deployer Layer¶

The provider promises what capability is being offered and under what implied risk surface.

Deployer-to-I-Space Layer¶

The deployer decides what is admitted, what permissions are granted, and what internal latitude is allowed.

I-Space-to-We-Space Layer¶

Trust channels define what kinds of external participation are permitted and what boundaries are enforced.

We-Space Governance Layer¶

The receiving space determines acceptable roles, conditions, and revocation policies.

This means that no single layer must solve the entire problem of agentic unpredictability.
Instead, each layer constrains and clarifies responsibility within its own scope.

Layered Agreement Principle¶

Ethical accountability becomes tractable when each membrane and agreement layer carries a bounded, intelligible responsibility.

What This Model Rejects¶

The Delegated Agency Responsibility Model rejects several inadequate framings.

It rejects the idea that autonomy erases responsibility¶

Operational autonomy does not dissolve the accountability of those who authorized or supplied it.

It rejects the idea that unpredictability excuses negligence¶

Lack of perfect foresight does not remove the duty of bounded authorization.

It rejects the idea that trust channels must understand internal agent architectures¶

Boundary enforcement is sufficient for many governance purposes.

It rejects the idea that only large-scale legal systems can create meaningful accountability¶

MAP supports accountability through consent, revocation, reputation, and membrane enforcement even in the absence of strong centralized governance.

It rejects the idea that generated subagents automatically become sovereign moral actors¶

Subagents do not become independent ethical principals merely because they are recursively generated.

What This Model Enables¶

The model enables MAP to support:

generative and recursive agent systems
internal experimentation without requiring full behavioral predictability
bounded external participation across trust channels
reputationally mediated risk assessment
accountable delegation across membranes
governance that does not collapse under autopoietic complexity

Most importantly, it enables a coherent answer to the question:

Who is responsible when a generated agent acts?

The answer is:

the provider, for the capability promise it made
the deployer, for admitting and authorizing the capability
the trust channel, for enforcing the boundary conditions
the receiving space, for the roles and permissions it grants
and the generated subagent, only in the derivative operational sense granted by its authorizing chain

Compact Formulation¶

Delegated Agency Responsibility Model

Responsibility follows authorization, not prediction.
Providers are responsible for the capability envelopes they promise.
Deployers are responsible for what they admit and authorize through their membranes.
Trust channels are responsible for enforcing boundary conditions, not inspecting internal cognition.
Receiving Spaces are responsible for defining acceptable roles and revoking participation when needed.
Generated subagents are instruments of delegated agency unless explicitly granted a different standing.
Internal open-endedness is acceptable only insofar as external interaction remains membrane-bounded.
Reputation, revocation, and layered agreements provide enforceable accountability even when centralized governance is weak or captured.

One-Sentence Summary¶

In MAP, a generated agent may act autonomously, but responsibility remains attached to the chain of promises, permissions, membranes, and agreements that authorized it to act at all.