中文
AI Graded Governance and Universal Access

safety encapsulation critique

Safety Encapsulation and "Gentle Abandonment" Critique

Document Positioning: This document transforms "safety encapsulation" from a mechanism design tool into an object of critique. It does not deny that high-risk scenarios require operational restrictions, but asks: Has encapsulation slid from a protective mechanism to an exclusionary mechanism? Have basic service users lost not only operational freedom, but also the rights to understand, question, and demand system services?

Immune Layer Correspondence: This critique corresponds to Immune Layers 3.1 (Basic Service User Quality Standard Commitment), 3.2 (Right to Know as Inalienable Right), 3.3 (Spillover Feedback Mechanism), 3.4 (Encapsulation Standard Reviewability), 6.1 (Human Rights Protection Channel), 6.2 (Core Service Equivalence), and 6.3 (Resource Honesty) in the Manifesto Index.

Core Judgment: Safety encapsulation is not a purely technical decision, but a relational reconstruction—it transforms the relationship between people and systems from "user" to "managed." If encapsulation is not accompanied by the right to know, reviewability, and a timeline for mature capability transfer, it will evolve into a more refined form of exclusion.

I. Encapsulation Is Not Protection, But Relational Reconstruction

The Manifesto contains a seemingly caring statement:

"Those who do not study or delve into technical details still have the right to enjoy the convenience and dignity brought by AI within the standardized interface of safety encapsulation."

This statement promises two things: convenience and dignity. But can the mechanism of "safety encapsulation" itself truly provide both simultaneously? Or does it, in providing "convenience," already secretly deprive people of "dignity"?

1.1 The Essence of Safety Encapsulation

From a technical perspective, safety encapsulation means: basic service users can only access pre-designed, restricted AI functions, unable to modify parameters, unable to delve into the system, unable to obtain complete decision information. From a governance perspective, this means: basic service users are deprived of the right to directly interact with the system, and can only accept filtered results.

This is not necessarily problematic. The problem is: Do basic service users have the right to know they are being encapsulated? Do they have the right to know what high-risk threshold holders possess? Do they have the right to question the reasonableness of the encapsulation itself?

Without these rights, "safety encapsulation" is no longer protection, but a gentle abandonment—not throwing you out the door, but locking you in a room that looks comfortable, telling you "it's safe here," while not telling you what is outside.

1.2 From User to Managed

"Convenience" can be provided through standardized interfaces, but "dignity" requires autonomy and the right to know. If basic service users do not know what they are restricted from, if they face a "black box" system where they can only accept results but cannot question the process, then their relationship with the system is not that of a user, but of the managed. The "convenience" of the managed is a completely different experience from the "convenience" of the served.

The managed face a system that requires no explanation. System decisions are presented as "for your own good," not as "negotiating with you." The right to refuse is packaged as "you do not have the operational capability," not as "you have the right to choose a different mode of participation." This asymmetry of relationship is the most hidden violence of safety encapsulation.

II. Threefold Deprivation of Information Asymmetry

The Manifesto's statement already implicitly contains three information asymmetry risks of safety encapsulation:

2.1 Not Knowing One Is Restricted

Basic service users "enjoy the convenience brought by AI within the standardized interface of safety encapsulation." But who designed the "standardized interface"? When designing standards, were the real needs of basic service users considered, or only "preventing them from making mistakes"? If basic service users' medical AI diagnostic accuracy is significantly lower than that of high-risk threshold holders, if basic service users' financial tools systematically yield lower returns—can this still be called "universalism"?

2.2 Not Knowing What High-Risk Threshold Holders Possess

Do basic service users have the right to know what functions and authorities high-risk threshold holders possess that they lack? If encapsulation standards are confidential, if high-risk threshold holders' operational space is completely invisible to basic service users, then basic service users cannot judge "whether my restrictions are reasonable." This is not safety; this is information monopoly.

2.3 Not Knowing the Reasons for Restrictions and Paths for Capability Development

The Manifesto does not fully explain whether basic service users have the right to choose not to remain in the safety encapsulation layer. If someone is willing to bear risk, learn technical details, and apply for higher authority, is the channel truly open? Or does "safety encapsulation," once becoming the default option, become an insurmountable fence due to institutional inertia?

The right to know is not an "optional service," but a necessary condition for "dignity." Without the right to know, "convenience" is merely anesthesia.

III. Rehearsals in Reality

This "gentle abandonment" is already happening, just with different carriers:

3.1 Smartphones and the Elderly

Today's smartphones provide an "easy mode" for the elderly—larger fonts, fewer features, simpler operation. This is technically "safety encapsulation." But many elderly users find: Easy mode not only limits functions, but also hides critical settings and privacy controls. They can "use" the phone, but cannot truly "master" it. When children or customer service help them solve problems, they are often told "don't worry about these, just use the basic functions." This is not protection; this is capability deprivation in the name of care.

3.2 Financial Services and Low-Income Groups

Banking systems provide standardized wealth management products for clients with "low risk tolerance" (low risk, low return), while reserving complex investment tools for "high-net-worth clients." This looks like reasonable risk control, but the result is: low-income groups are systematically excluded from high-return opportunities, and banks never explain "why you cannot participate."

3.3 Public Service Simplified Interfaces

Government digital services provide simplified application interfaces for "ordinary citizens," and complete versions for "professionals." Simplified versions often lack key information, hide complex options, and reduce appeal entries. Citizens are told "this is easier to use," but do not know what they are missing.

If the "safety encapsulation layer" of Stairway Universalism operates along the same logic, it will replicate these inequalities, just packaged more refinedly.

IV. Hidden Forms of Dignity Injury

The harm caused by safety encapsulation is not necessarily explicit. It may covertly erode the dignity of basic service users through the following methods:

4.1 Being Interpreted

AI outputs received by basic service users are pre-interpreted and filtered. They cannot see raw data, alternative options, and uncertainty ranges. They are told "the system recommends doing this," rather than "the system provides the following options, with probabilities and risks for each option as follows." The interpreted do not need to understand; they only need to accept.

4.2 Being Represented

Certain decisions of basic service users are "made on their behalf" by the system. For example: medical AI directly selects treatment plans for low-authority patients (rather than providing options for patients and doctors to jointly decide), financial AI directly allocates investment portfolios for low-authority users. Representation saves cognitive costs, but also deprives the right to participate in decision-making.

4.3 Being Protected

"Protection" is an asymmetric relationship. Protectors possess complete information; the protected are isolated from risks. But when protection becomes long-term, institutionalized, and unchoosable, it becomes guardianship. The consent of the ward is no longer a necessary condition, because their "best interests" have already been defined by others.

4.4 Chronic Under-provisioning

Chronic under-provisioning is not service collapse, but basic services remaining stable near the minimum quality line for a long time. Basic service users receive AI services that are safe, usable, compliant, but lagging; high-risk threshold holders continue to receive stronger models, deeper explanations, faster feedback, and greater freedom. Basic service users are not abandoned, but are stably left behind. The quality baseline is the minimum alarm line, but if basic service users remain stable near the minimum line for multiple consecutive years, even if the baseline is not breached, a special review should be triggered.

V. Why Safety Encapsulation Slides Toward Fencing

Safety encapsulation slides from protection toward fencing not because of designers' malice, but because of the following structural factors:

5.1 Cost Asymmetry

Developing complete functions for high-risk threshold holders already incurs costs, and providing deep explanations for high-risk threshold holders also incurs costs. Transferring these functions to basic service users requires additional adaptation, testing, and support costs. Under resource constraints, "temporarily not distributing" easily becomes "permanently not distributing."

5.2 Risk Aversion

Any capability transfer is accompanied by risks: basic service users may misuse, misunderstand, or over-rely on new functions. Regulatory agencies and platforms tend to be conservative—"if not given, it cannot be wrong." This risk aversion may be rational at the individual level, but at the institutional level it creates systemic inequality.

5.3 Self-Fulfilling Capability Assumptions

Safety encapsulation design is based on an assumption: basic service users "currently do not possess" the capability to operate complex systems. But this assumption may be self-fulfilling: because they are not given opportunities to access complex systems, they will forever "not possess" the operational capability. Encapsulation manufactures the capability gap it claims to prevent.

5.4 Stairway Fixation of Technological Progress

Even if a technology has matured, become safe, and easy to use, if it is "defined" as a high-authority function, it may long remain with high-risk threshold holders. The inertia of technical definition is slower than technical change itself. Basic service users do not receive "the safest current technology," but "technology defined as suitable for them."

VI. Immune Layer Design

If the safety encapsulation critique is valid, the Manifesto must write the following constraints into core principles:

6.1 Basic Service User Quality Standard Commitment

"Safety encapsulation" does not equal "low-quality encapsulation." AI services for basic service users on key indicators (such as medical diagnostic accuracy, legal aid completeness, educational content richness) must not fall below the quality baseline of the performance standards that high-risk threshold holders have in equivalent scenarios. Specific values are determined by domain and temporal conditions, and must undergo regular review and protective correction. If the technical gap exceeds the baseline, mandatory technical updates or compensation mechanisms must be triggered.

In scenarios involving irreversible harm to life, health, personal safety, and basic legal remedies, core service quality must not differ due to authority stair position. Such scenarios apply the human rights protection channel.

6.2 Right to Know as an Inalienable Right

Basic service users have the right to know:

  • Which authority stair position they currently occupy;
  • What functions and authorities high-risk threshold holders possess that they lack;
  • What the reasons for these restrictions are;
  • How to apply for threshold unlocking, and whether the application process is accessible.

The right to know is not an "optional service," but a necessary condition for "dignity." Without the right to know, "convenience" is merely anesthesia.

6.3 Reviewability of Encapsulation Standards

The design standards of "safety encapsulation" themselves must undergo periodic public review. Basic service user representatives must participate in the review process, and their objections cannot be simply overridden by majority vote—a substantive supermajority is required to maintain existing encapsulation standards.

6.4 Timeline for Mature Capability Transfer

Any technical capability that has operated at the high-risk threshold holder level for more than a certain period (for example, three years) and has been assessed as mature and safe must have a transfer timeline established. It cannot be indefinitely refused to basic service users on grounds of "safety." The transfer plan should specify timelines, quality standards, and verification procedures.

6.5 Spillover Feedback Mechanism

Systematic advantages generated by high-risk threshold holders due to AI capability differences must flow back to the baseline universal layer through taxation, technology sharing, or redistribution mechanisms. High authority is not a pure reward for "personal achievement," but an incidental benefit of social trust; society has the right to demand that a portion of the benefits flow back.

6.6 Co-Governance Rights of Basic Service Users

Basic service users cannot have only service usage rights, the right to know, and the right to appeal. They must also have substantive participation rights in encapsulation standards, quality baselines, feedback directions, certification rules, and audit priorities. Otherwise, basic service users are merely being better served, not being equally recognized as co-creators.

VII. Summary

"Safety encapsulation" is a well-intentioned metaphor, but good intentions cannot substitute for structural constraints. Without quality standards, the right to know, feedback mechanisms, and reviewability, "safety encapsulation" will evolve into a new form of information-asymmetric control—basic service users are protected, served, and managed, but never truly respected as equal citizens.

This is not the goal that Stairway Universalism pursues, but if hard constraints are not written at the institutional level, this is the outcome it is most likely to slide toward.

The safety encapsulation layer critique asks not "whether basic service users can still receive services," but: Can they still be understood by society as complete co-decision-makers? If basic service users can only receive convenience, but cannot substantially participate in defining the standards of convenience; if they have the right to appeal, but lack the power to jointly formulate rules; if they are allowed to apply for advancement, but cannot question why they must prove themselves by advancing, then dignity injury has already occurred.

Related Documents: