AIPolicy Terminology
Document Identifier: AIPOLICY-TERMS Status: Non-normative Version: 2.0.0-draft.1 Date: 2026-02-07 Editor: Guido Mitschke Repository: https://gitlab.com/human-first-ai/hf-ai-web-standard
About This Document
This document defines the canonical terminology used across the AIPolicy specification, registry, and supplementary documents. Terms defined here carry their stated meanings whenever they appear in project documentation. Where a term has a specific technical meaning that differs from common usage, the definition in this document takes precedence.
This document is non-normative. It does not create conformance requirements. Normative use of these terms is defined in the specification itself.
Terms
Declaration
A structured JSON document published by a website operator at a well-known URI, expressing governance signals related to AI system behaviour. A declaration contains metadata about the publisher, the applicable scope, and a set of policy endorsements. The declaration serves as the primary machine-readable artefact defined by the specification.
Where used: Specification (Sections 3-7), Schema, Validator, Examples.
Example: A JSON file served at https://example.com/.well-known/aipolicy.json containing the publisher's endorsed policies.
Policy
A discrete governance signal defined in the AIPolicy Registry. Each policy carries a unique identifier following the pattern AP-x.x, a human-readable statement, a category assignment, and testability criteria. Policies represent specific, well-defined governance preferences that a publisher may endorse, partially support, or observe within a declaration.
Where used: Registry, Specification (Section 4.3), Declaration format (policies array).
Example: Policy AP-2.1 -- "AI systems should disclose when content is AI-generated."
Registry
The canonical, versioned list of all recognised policies in the AIPolicy standard. The registry is maintained as a separate document from the specification and follows its own versioning scheme. Each registry version defines the complete set of valid policy identifiers, their statements, categories, and associated metadata.
Where used: Registry document, Specification (Section 4.3), Validator (policy identifier verification).
Example: AIPolicy Registry v1.1 defines 16 policies across 7 categories (AP-1.1 through AP-7.2).
Publisher
The entity responsible for creating and maintaining an AIPolicy Declaration. A publisher is typically a website operator, organisation, or individual who controls the domain on which the declaration is served. The publisher is identified within the declaration by name and URL.
Where used: Specification (Section 5), Declaration format (publisher object).
Example: { "name": "Example Corp", "url": "https://example.com" }
Conformance Level
The degree to which a declaration satisfies the requirements defined in the specification. Three levels are defined:
- Level 1 (Basic): The declaration contains all required fields and is valid JSON.
- Level 2 (Structured): The declaration includes optional metadata fields (contact, evidence, extensions) in addition to Level 1 requirements.
- Level 3 (Complete): The declaration includes all recommended fields, provides evidence URLs for endorsed policies, and passes all validator checks.
Where used: Specification (Section 7), Validator, Badge Generator.
Example: A declaration with all required fields and no optional fields conforms at Level 1.
Scope
The portion of a web property to which a declaration applies. The specification defines three scope values:
site-- The declaration applies to the entire domain.section-- The declaration applies to a specific URL path prefix.page-- The declaration applies to a single URL.
Where used: Specification (Section 4.1), Declaration format (scope object).
Example: { "type": "site", "domain": "example.com" }
Extension
A non-standard field within a declaration that provides additional metadata not defined in the core specification. Extensions use a namespace prefix to avoid conflicts with current and future standard fields. The specification defines the extension mechanism but does not prescribe specific extensions.
Where used: Specification (Section 9), Declaration format (extensions object).
Example: { "extensions": { "x-industry": { "sector": "healthcare", "regulation": "HIPAA" } } }
Validator
A tool or service that checks whether an AIPolicy Declaration conforms to the specification and its associated schema. A validator verifies JSON structure, required fields, policy identifier validity against the registry, conformance level assignment, and optional checks such as expiration status and scope consistency.
Where used: Validator tool documentation, Specification (Section 7, conformance level definitions).
Example: aipolicy validate https://example.com/.well-known/aipolicy.json returns a validation result with conformance level and any errors or warnings.
Signal
A machine-readable governance preference published on the web. In the context of the specification, a signal is a specific policy endorsement within a declaration. The term is used more broadly in supplementary documents to refer to any structured data point that expresses a governance-relevant preference, whether or not it is acted upon by any AI system.
Where used: Specification (Section 1, Motivation), Mechanism Analysis, Research documents.
Example: A publisher endorsing policy AP-1.1 with status endorsed is publishing a signal that they support AI transparency in training data disclosure.
Endorsement
A publisher's stated position on a specific registry policy. Each policy reference within a declaration carries an endorsement status indicating the publisher's relationship to that policy. Three statuses are defined:
endorsed-- The publisher fully supports this policy and considers it applicable to their domain.partial-- The publisher supports the intent of this policy but cannot fully implement or commit to it.observed-- The publisher acknowledges this policy and includes it in their declaration for transparency, without expressing support or opposition.
Where used: Specification (Section 4.3), Declaration format (policies[].status).
Example: { "id": "AP-2.1", "status": "endorsed", "evidence": "https://example.com/ai-disclosure-policy" }
Normative
Text within a document that creates binding conformance requirements. Normative sections use the keywords defined in RFC 2119 (MUST, SHALL, SHOULD, MAY, and their negatives) to express obligation levels. Only normative text determines whether an implementation conforms to the specification.
Where used: Specification, Governance documents.
Example: "The version field MUST be present in every declaration" is a normative statement.
Non-Normative
Text provided for guidance, context, or illustration that does not create conformance requirements. Non-normative content includes examples, explanatory notes, appendices, and supplementary documents such as this terminology reference. Implementations are not required to follow non-normative text, though doing so is generally advisable.
Where used: Terminology document, Examples directory, Research documents, Specification (Section 13).
Example: Section 13 of the specification provides non-normative guidance on adoption strategies.
Consumer
Any system, tool, or entity that reads and processes AIPolicy Declarations. Consumers include AI crawlers, validators, aggregation services, browser extensions, researchers, and any other software that retrieves and interprets declaration data. The specification places no requirements on consumer behaviour but defines the declaration format to facilitate interoperable consumption.
Where used: Specification (Sections 9, 13), Security considerations.
Example: A search engine reading /.well-known/aipolicy.json to index a site's AI governance posture is a consumer.
Crawler
An automated system that discovers and retrieves AIPolicy Declarations from the web. Crawlers are a specific category of consumer that operate at scale, requesting declarations from multiple domains. The specification addresses crawler behaviour in the context of discovery mechanisms and rate-limiting recommendations.
Where used: Specification (Section 7, discovery), Specification (Section 10.6, rate limiting).
Example: An aggregation crawler checking /.well-known/aipolicy.json across thousands of domains on a scheduled interval.
Aggregation
The process of collecting, indexing, and analysing AIPolicy Declarations from multiple publishers to derive statistical or comparative insights. Aggregation enables ecosystem-wide visibility into policy adoption but introduces risks around misrepresentation, selective reporting, and undue pressure on publishers. The specification acknowledges aggregation as a use case without endorsing specific aggregation services.
Where used: Specification (Section 1, Motivation), Abuse risk analysis.
Example: A research dashboard displaying policy adoption rates across the top 10,000 domains by traffic.
Trust Anchor
Any external mechanism that provides confidence in the authenticity of an AIPolicy Declaration. Trust anchors may include domain authority, HTTPS transport security, DNS verification, or third-party audits. The specification does not define or mandate specific trust anchors but acknowledges their role in establishing confidence that a declaration was published by its claimed publisher.
Where used: Specification (Section 10, Security considerations).
Example: An HTTPS certificate serving as a transport-level trust anchor, providing assurance that the declaration was retrieved from the authentic domain.
Adoption Guide
A non-normative document providing step-by-step instructions for publishers implementing the AIPolicy standard. Adoption guides are tailored to specific audiences (webmasters, CMS administrators, enterprise teams) and supplement the specification with practical implementation advice. They do not define conformance requirements.
Where used: Adoption directory (/adoption/), Supplementary documents.
Example: The webmaster guide at /adoption/webmaster-guide.md provides instructions for adding an AIPolicy Declaration to a static website.
Human-Readable Disclosure
A web page, footer element, or visual badge that communicates AIPolicy participation to human visitors. Human-readable disclosures serve as a non-normative complement to the machine-readable declaration, making governance signals accessible to non-technical audiences. The specification recommends but does not require human-readable disclosures.
Where used: Specification (Sections 16-18), Adoption templates.
Example: A dedicated /ai-policy page summarising the site's AI governance positions, or a footer link labelled "AI Policy" pointing to that page.