中文
AI Graded Governance and Universal Access

Research Draft

Research Draft on AI Graded Governance and Universal Access

Long-term research notes on AI capability openness, public fairness, responsibility allocation, and risk constraints.

Research Draft on AI Graded Governance and Universal Access

I. General Principles

Meta-Declaration: The Positioning of This Draft

This draft explores an analytical framework for graded AI capability governance and universal access, while acknowledging the following irreducible tensions:

  1. Any hierarchical system replicates and amplifies existing inequalities to some extent. The stairway is not a neutral technical governance tool, but a structure of power.
  2. Any capability assessment relies to some extent on uncontrollable factors. Educational background, cognitive type, cultural capital, and even luck influence assessment results. Assessment is not fair; it is merely transparent.
  3. No institutional design can perfectly achieve its normative goals. Modern management systems are constrained by objective limitations and cannot truly "guarantee" outcomes, only pursue incremental improvement.

Therefore, this draft adopts a dual-layer expression:

The first layer is the technical ethics and public policy discussion dimension. This draft does not evade normative questions. It engages in dialogue with traditions of political philosophy and social theory such as Rawls, Nozick, Sandel, Foucault, Bourdieu, Amartya Sen, and Frankfurt School in theoretical foundations to clarify its relationship to distributive justice—what it may inherit, revise, and reject. This layer asks why this governance framework is worth discussing.

Important Clarification: These dialogues are problem-genealogy positioning, not endorsement by philosophical authority. The discussability of this draft does not derive from the approval of Rawls, Nozick, or Sandel, but from its problem framing, mechanism design, and testable open questions. Philosophical dialogues help readers understand the starting points, but they cannot substitute for this draft's responsibility for its own assumptions.

The second layer is the institutional engineering dimension. On the basis of normative discussion, this draft organizes actionable institutional proposals in mechanism design and core principles—Risk-Graded Permission Model, Capability Certification, Accountability Chain, Audit Transparency, Baseline Service Quality Floor, and Threshold Setting Principles. This layer asks how implementation might be attempted under given constraints.

The relationship between the two layers is mutually testing: Normative discussion provides direction for the institutional layer, preventing institutions from degenerating into pure technical governance; the institutional layer provides realistic constraints for normative discussion, preventing theory from becoming unfalsifiable abstraction. Neither layer alone can provide sufficient defense for this research draft.

This draft does not provide an ultimate standard of justice. It attempts to organize a governance framework that is discussable, actionable, and self-correcting. Its value lies not in being impeccable, but in its ability to acknowledge and respond to its own vulnerabilities.

Methodological Position: Incremental Correction and Responsible Governance

This draft adopts a position of cautious incremental correction: it acknowledges the real and profound power inequalities, resource monopolies, and institutional exclusions that exist in modern society, and recognizes that the AI era may further amplify distributive problems concerning capabilities, permissions, and rule-definition power. But these risks should not be reduced to single-camp narratives, nor should we assume that a wholesale negation of existing institutions will automatically lead to more just arrangements.

Problems that can be corrected through incremental reform, public audit, accountability chains, rights protection, institutional appeals, and transparent governance should be addressed primarily through these means. The goal of this draft is not to manufacture new enemies, but to reduce domination, lower harm, expand people's real capabilities, and ensure that those who hold greater power bear greater public responsibility.

Problem Framework

Artificial intelligence is changing how people access capabilities, bear risks, and participate in public life. This draft proposes a problem framework: social fairness need not mean absolute equality that erases differences; it can also mean ensuring universal access to foundational AI capabilities while making high-impact, high-risk powers accessible through graded conditions of capability, professional competence, accountability, and audit constraints.

Here, "all humanity" is the subject of legitimacy, meaning the foundational dividends of the AI era should not be monopolized by nation-states, capital platforms, or technological communities; "citizens" remain the legal identity for concrete institutional implementation, meaning the provision of rights, appeal and relief, public finance, and audit responsibility must still be grounded in real political communities. The nation-state is not the final boundary of justice, but an executive unit, local autonomy unit, and responsibility-bearing unit in cross-national AI governance.

II. Core Principles

2.1 Infrastructure Universalization

AI, as the new water, electricity, and coal of the era, must achieve indiscriminate universal access in education, healthcare, information access, public services, and daily productivity. The fruits of technological progress should first be transformed into improvements to the living baseline of all members of society, ensuring that those who have not mastered advanced skills are not cast aside by the era's leap, but instead gain a more solid foundation for survival and development.

The theoretical foundation of this principle is that in the AI era, "access to AI infrastructure" is a reconfiguration of primary goods. Rawls argued that rational individuals need primary goods regardless of their life plans—basic liberties, opportunities, income and wealth, and the bases of self-respect. In the AI era, these means must be updated: if a person is systematically excluded from AI infrastructure in education, healthcare, and information access, they can hardly participate effectively in modern society.

But the key distinction is: Rawls demands a "guarantee" of primary goods, while this draft discusses the institutional meaning of a "best-effort guarantee". This "best-effort" is not rhetorical modesty, but institutional engineering honesty—modern management systems cannot truly "guarantee" outcomes, only pursue incremental improvement.

Here, two types of commitments must be distinguished: basic service coverage, quality catch-up, and capability building are progressive realization obligations—institutions must continuously invest, publicly disclose gaps, and accept review; life, health, personal safety, basic legal relief, and the right to know are non-derogable baselines that cannot be actively canceled on grounds of insufficient resources, efficiency optimization, or risk threshold differences. "Best-effort guarantee" limits the institution's promise of perfect outcomes, without weakening the mandatory nature of these minimum rights.

Therefore, infrastructure universalization is not a slogan, but a set of hard constraints:

  • The baseline universal layer is a right, not a reward. Every citizen is entitled by default to basic AI tools for education, healthcare, legal aid, public services, and information access, without prerequisite certification.
  • Safety encapsulation does not equal low-quality encapsulation. Services at the baseline universal layer must pass quality checks and cannot lower safety standards simply because they are "aimed at the general public."
  • The right to know is non-derogable. Baseline service user citizens have the right to know their risk-threshold position, the functions available to high-risk threshold holders, the reasons for restrictions, and the paths for capability development. Without the right to know, "convenience" is merely anesthesia.

2.2 Risk-Graded Executive Permissions

The closer one approaches financial decision-making, life and health, legal adjudication, industrial control, physical robotics, critical infrastructure, and public safety, the more insurmountable capability boundaries and qualification thresholds must be established. High permission is not a natural human right, but a social trusteeship that can only be unlocked after professional training, passing certification assessments, accepting behavioral audits, and bearing clear legal and ethical responsibilities.

The risk-graded permission model is not a capability ranking table, but a risk governance table. The higher the risk threshold, the greater the system risk one can touch, and therefore responsibility, audit, re-certification, and feedback obligations must rise in tandem. One core risk this draft examines is a structure where "permission rises while responsibility lags."

Core Rules of the Risk-Graded Permission Model:

  • Domain Separation: Permissions are granted by domain. Medical risk decision layer does not automatically equal financial risk decision layer; cybersecurity system definition layer does not automatically equal legal AI system definition layer. The same person may hold different risk thresholds in different domains.
  • Minimum Necessary Permission: Any task is only granted the minimum permission required to complete it. Generalized high-risk permissions must not be granted for convenience.
  • Permission Degradation: Any risk-threshold position must accept re-certification, audit, and degradation. Permission is not property, but social trusteeship. Regular re-certification ensures capability maintenance, responsibility fulfillment, and audit compliance.
  • High Permission Is Not Heritable: Permissions must not be automatically transferred through family, institution, education, wealth, or existing identity. Any hereditary channel constitutes a solidification risk.
  • Baseline Service Users Have the Right to Know: Baseline service users have the right to know what functions they are restricted from, the reasons for restrictions, the paths for capability development, and how to appeal.

Special Treatment for Minors and Those with Limited Accountability: Even if minors meet technical capability standards, they must not obtain fully independent risk decision layer or higher permissions. They may obtain "restricted high permission" under strict conditions: they must execute real operations under the joint confirmation of an adult high-permission supervisor, with operational scope limited to certified specific tasks, and institutions and platforms bear higher management responsibility.

2.3 Two Opposite Mechanism Risks Rejected

This draft focuses on two opposite but equally serious mechanism risks: one is the monopolization of AI core capabilities by a small number of institutions through intellectual property, capital barriers, or safety discourse, creating new class solidification; the other is the indiscriminate delegation of dangerous powers to individuals lacking judgment and accountability under the name of "equality," replacing real security with abstract openness narratives.

Preventing excessive concentration of capability-definition power and protecting baseline service users are not mutually exclusive. The real danger comes from both extremes: one extreme is a small number of platforms, institutions, or expert communities monopolizing core power in the name of "capability" and "security," locking society into a game for the few; the other extreme abolishes all thresholds in the name of "equality" and "rights," outsourcing high-risk decisions to entities without accountability.

The working assumption of this draft is: high-risk permissions should be open, but openness must have constraints; baseline services must be protected, but protection must not become abandonment.

2.4 Capability Diversity Principle

The assessment standards for the risk-graded permission model should include at least three independent capability dimensions (technical capability, social coordination capability, and ethical judgment capability), and no single dimension may substantially dominate the overall assessment. No single group may monopolize the formulation of capability standards. Baseline service users are not "capability-deficient," but "capability-diverse"—operating in different capability domains. This draft explicitly rejects the implicit equation that "high permission = high capability, low permission = low capability."

Core Design of Capability Certification:

Three-Dimension Assessment:

  • Technical Capability: The ability to understand, operate, and evaluate specific AI systems. Assessment forms include scenario simulation tests, troubleshooting tests, and technical solution reviews. Key design: allowing reference manuals and tools, simulating real work scenarios, not testing rote memorization.
  • Social Coordination Capability: The ability to coordinate conflicts, communicate information, and maintain cooperation in multi-stakeholder environments. Assessment forms include role-play negotiation, cross-cultural communication tests, and team collaboration tasks. Key design: scenarios do not presuppose "correct answers," allowing different styles of negotiation strategies.
  • Ethical Judgment Capability: The ability to identify ethical tensions, weigh multiple values, and make responsible judgments in technical decisions. Assessment forms include ethical dilemma case analysis, ethics committee simulation, and value conflict logs. Key design: not requiring "correct answers," but requiring transparency and defensibility of the decision process.

Parallel Certification Paths: Standardized assessments bias toward specific cognitive types and cultural backgrounds. To ensure people from different backgrounds can use their strengths to obtain equivalent permissions, three parallel paths are provided:

  • Standardized Assessment Path (default): Suitable for those with formal education who excel at exams.
  • Practice Demonstration Path (alternative): Candidates submit work samples (portfolio) from real work scenarios, evaluated by a joint review panel of three bodies.
  • Mentorship Heritage Path (alternative, only for specific domains): Joint recommendation by two senior practitioners who have already obtained permission at this risk-threshold level, with recommenders bearing joint liability.

All path recipients must complete a probationary period under supervision and undergo a unified practical assessment after a reasonable cycle. If the assessment is not passed, permissions are degraded or revoked.

Grading System Rather Than Pass/Fail: Not simply "pass" or "fail," but graded assessment (A/B/C/D). Grade A receives the highest permission, B receives standard permission, C receives restricted permission (must operate under supervision), D means not passed.

Continuous Monitoring of Cognitive Bias: Establish a capability certification bias monitoring system to track pass rate differences across different populations (gender, region, educational background, native language, age), assessment form preferences, parallel path distribution, and bias allegations in appeals. Bias review meetings and public reports must be held regularly, with specific cycles determined by domain risk and data update frequency.

Theoretical Foundation Support and Correction: The Capability Diversity Principle receives direct support and correction from four new theoretical foundations. Foucault reveals that "capability" itself is a product of disciplinary power—the three-dimension assessment presupposes a rational, systematic, and assessable subject ideal, systematically excluding those who do not conform to this ideal. Therefore, capability dimensions must remain open, and citizens must have the right to question why certain capabilities are included in assessment. Bourdieu exposes how cultural capital replicates class structures through seemingly fair standards—if all three dimensions bias toward "middle-class habitus," they merely expand the exchange range of cultural capital. Therefore, review panels must be class-diversified, assessment forms must be habitus-sensitive, and pass rate differences must be interrogated as to whether they reflect capability differences or class biases. Amartya Sen distinguishes "functionings" (realized capabilities) from "capability sets" (capabilities to achieve functionings)—assessment measures the former rather than the latter, making contextualized simulation tests and probationary evaluations particularly important; meanwhile, Sen reveals the danger of "adaptive preferences"—those in long-term low-permission situations may internalize "I don't deserve it" beliefs, so institutions must actively outreach rather than merely wait for applicants.

2.5 Multi-Stakeholder Institutional Constraints on Grading Definition Power

Any risk-graded permission model's assessment standards, certification rules, and audit processes should be jointly designed by at least three mutually independent formulation bodies. Definers must accept regular independent audits, have clearly defined term limits, and cannot be re-elected indefinitely. When the solidification rate of a risk-threshold position exceeds a preset threshold, the assessment standards for that position must be automatically frozen and subject to public review, with baseline service user representatives having substantive participation rights.

Three-Body Design:

  • Body A: Technical Expert Committee—provides technical feasibility assessments, safety standard recommendations, and frontier risk analysis.
  • Body B: Citizen Representative Lottery Committee—represents the interests of citizens at different risk thresholds, ensuring that standard formulation is not monopolized by technical elites. Must include a certain proportion of baseline service user representatives.
  • Body C: Ethics Review and External Oversight Committee—reviews the procedural justice, conflicts of interest, and cultural bias in the standard formulation process.

Core Constraints on Definition Power:

  • Supermajority Approval: Any standard must obtain substantive supermajority approval from the three bodies, with specific proportions determined by domain risk and representative structure.
  • Cooling-off Period: After standards are formulated, they must undergo a reasonable public comment period before taking effect.
  • Objection Mechanism: Any citizen has the right to raise objections to standards, which must be recorded, responded to, and reviewed.
  • Automatic Freeze: When the solidification rate (proportion of a specific group) at a risk-threshold level exceeds the threshold, the assessment standards for that level are automatically frozen and enter public review procedures.

Appeal Mechanism: Distinguish between "objections" (targeting rules themselves) and "appeals" (targeting individual decisions):

  • Objections: Targeting the reasonableness of assessment standards, certification rules, and safety encapsulation rules. Any citizen has the right to raise objections without needing to prove personal harm.
  • Appeals: Targeting individual decisions (certification failure, permission degradation, responsibility determination, etc.). A unified appeal entry point includes capability certification appeals, permission degradation appeals, responsibility determination appeals, audit result appeals, and service quality appeals.

2.6 Baseline Service User Quality Standard Commitment

AI services at the baseline universal layer must not fall below the quality floor of the performance standards of high-risk threshold holders in equivalent scenarios for key indicators. This floor is a minimum alarm line, not a long-term justice line; specific values are determined by domain and era conditions, must accept regular review, and protective requirements must be raised when systematic harm is discovered. Baseline service users receiving safe, usable, compliant but lagging services over the long term may also constitute chronic under-provisioning. Baseline service user citizens enjoy the non-derogable right to know, including their risk-threshold level (i.e., their current position in the permission hierarchy), the functions available to high-risk threshold holders, the reasons for restrictions, and the paths for capability development. The systematic advantages of high-risk threshold holders must feedback to the baseline universal layer through redistribution mechanisms. This feedback includes not only compensatory service improvements but also catch-up capability building.

Function of the Quality Floor: Turning "gentle abandonment" into a visible problem. If low-permission medical diagnoses are significantly worse, if low-permission legal aid omits key steps, if low-permission educational AI uses old models for the long term—the institution must at least acknowledge that gaps exist. But the quality floor is not a sufficient line for justice; if a service remains near the floor for the long term, quality catch-up, cause explanation, and feedback investment must be initiated.

Risk of Chronic Underconfiguration: Baseline service users receive safe, usable, compliant but lagging AI services over the long term, while high-risk threshold holders continuously receive stronger models, deeper explanations, and faster feedback. Baseline service users are not abandoned, but are steadily left behind. The quality floor must be bound to dynamic gap monitoring: comparing explanation depth, update speed, tool freedom, personalization level, and public training opportunities; monitoring whether the gap between baseline service users and high-risk threshold holders is continuously widening; assessing whether baseline service users are gaining capability growth and governance participation through services.

Spillover Feedback Mechanism: The systematic advantages obtained by high-risk threshold holders (greater system freedom, higher decision-making influence, more information access rights) are not purely the result of "individual effort," but are embedded in the multi-layer infrastructure provided by society. Society has the right to require that part of the benefits flow back.

Feedback should distinguish at least two types:

  • Compensatory Feedback: Improving baseline universal layer service quality, providing fee subsidies, improving computing power and model access in disadvantaged areas. Preventing baseline service users from falling below the basic guarantee line.
  • Catch-up Feedback: Transforming mature, stable, auditable high-permission capabilities into baseline universal capabilities; establishing low-risk public training environments; shortening the cycle for high-permission capabilities to be delegated to the baseline universal layer after maturation. Enabling baseline service users to obtain stronger action capabilities, understanding capabilities, and public participation capabilities.

A stable portion of feedback funds must be used for catch-up feedback, with specific proportions determined by domain conditions, gap scale, and baseline service user representative participation. If the dynamic gap between baseline service users and high-risk threshold holders continues to widen, this proportion should be automatically increased.

2.7 Discourse Transparency and Public Policy Dimension

This draft acknowledges that grading systems are not purely technical governance solutions; they also contain public-policy and value trade-offs. Any technical standard must publicly disclose its corresponding trade-offs; substituting "technical optimization" for "public discussion" is not allowed. Criticism of this framework does not need to be accompanied by alternative proposals to be valid.

"Risk grading" describes existing differences in resources, capabilities, and power in real society, not a ranking of human value. This draft examines the institutional conditions under which low-resource individuals can gain stronger agency, while rejecting the attribution of low-resource situations to personal inadequacy; capability development channels can only represent the accessibility of high-risk permissions and public capabilities, and cannot be interpreted as the only legitimate direction in life.

Specific Requirements for Discourse Transparency:

  • The public trade-offs behind every "technical standard" must be made public. For example, the design of "safety encapsulation" cannot only argue "this is safer," but must also explain "what citizen rights are sacrificed," "whether these sacrifices have undergone multi-stakeholder institutional review," and "who has the authority to decide that this sacrifice is acceptable."
  • The grading system must be acknowledged as containing public-policy choices; "technical optimization" cannot substitute for "public discussion."
  • Critics have the right to say "this hierarchical system is unfair" without simultaneously saying "if not hierarchically arranged, how should it be arranged." Requiring critics to propose alternatives is a common strategy of technical governance discourse to dissolve criticism.
  • "Risk grading" is not the only metaphor; space must be reserved to acknowledge that better metaphors for social organization may emerge in the future (such as "network," "ecology," "collaborative commons").

Frankfurt School Critical Support: Frankfurt School reveals how technical governance discourse becomes a new form of domination—"safety" replaces "justice," "efficiency" replaces "fairness," "capability" replaces "power." The discourse transparency principle is a direct response to this critique: not abandoning technical governance vocabulary, but exposing what it obscures while using it. But the Frankfurt School's ultimate challenge is: once an institution uses technical governance discourse, it has already internalized the logic of technical rationality. Resistance can only occur within discourse, not completely outside it. This is the dilemma this draft must honestly face—it uses the tools of technical rationality to combat the consequences of technical rationality.

2.8 Cross-National Fairness, Local Autonomy, and Unequal Capability Access

The foundational technical dividends of the AI era should not be permanently occupied by any country, platform, or technological group. Any local community enjoys necessary technological autonomy, including audit rights, localized deployment rights, basic capability building rights, and the right to set local safety standards without creating global inequality.

Technological autonomy is not a right to closure. Nation-states must not permanently blockade key AI capabilities in the name of "national security," "civilizational differences," or "technological sovereignty," nor lock low-resource regions into dependent positions where they can only call encapsulated interfaces, cannot understand system logic, and cannot participate in standard formulation. The technological output of high-permission countries, platforms, and institutions should be accompanied by substantive technology transfer obligations. Cross-national AI governance standards should be formulated through multilateral mechanisms, with low-resource regions having substantive participation rights, blocking rights, and appeal rights. Cross-national governance frameworks must acknowledge the historical causes of current capability distribution and correct historical inequalities through computing power sharing, data commons, open architectures, R&D funding transfers, and talent cultivation mechanisms.

Core Principles of the Global Dimension:

  • The legitimacy subject of the baseline universal layer is all humanity. Basic AI services, human rights protection channels, and necessary information accessibility should not depend on nationality, regional wealth, or platform membership.
  • Cross-national permissions are not automatically equivalent. One country's medical AI risk decision layer does not automatically equal another country's medical AI risk decision layer; cross-national permissions require additional review of local laws, cultural risks, language environments, and public responsibility.
  • The global system definition layer must be subject to stronger constraints. Entities participating in the formulation of global model standards, cross-national audit rules, foundational model openness levels, and computing power allocation rules must accept multilateral audits, conflict of interest disclosure, and substantive blocking by low-resource regions.
  • Countries or regions must not be permanently marked as low-permission subjects. Low-resource regions may temporarily lack operational capabilities in specific high-risk technologies, but the institution must provide capability building, technology transfer, and localized deployment paths. Encapsulation without capability development paths is not security, but the solidification of cross-national capability-access inequality.
  • Local autonomy must not become a blocking right. Countries or regions may adjust deployment methods according to local risks, but cannot use security as a pretext to prevent the diffusion of basic capabilities or prohibit other regions from obtaining audit, training, and alternative capabilities.

Transitional Legitimacy of Global Governance: At the global level, there is no true "representative" structure. Shift the source of legitimacy from "representation" to "being constrained"—the power of global governance institutions comes from the strength of the constraints they themselves are subject to. The stronger the constraints, the more authority the institution has to act; the weaker the constraints, the more its actions should be questioned.

Specific mechanisms include:

  • Substantive Blocking Rights: Low-resource regions have substantive veto or suspension rights over global standards.
  • Audit Chain Disclosure: Any global decision must have public reasoning and traceable audit records.
  • Sunset Clauses: Global system definition layer standard institutions automatically trigger re-evaluation at regular intervals.
  • Right to Exit: Any participant has the right to exit, but exit must publicly state reasons and accept audit.

Frankfurt School Colonization of the Lifeworld Warning: Frankfurt School's Habermas proposed the concept of "colonization of the lifeworld"—when systems (bureaucracy, market, technical governance) continuously intrude into the lifeworld (family, community, culture), reducing human relationships to system logic, colonization occurs. In AI global governance, this means: cross-national platforms, global audit institutions, and multilateral governance mechanisms may, in the name of "capability building" and "technology transfer," replace local doctor-patient trust relationships, local community cultural traditions and ethical consensus, and local democratic deliberation with algorithmic diagnosis, global "safety standards," and technical expert design. This draft's local autonomy rights (audit rights, localized deployment rights, basic capability building rights) are precisely resistance against this colonization—technical assistance cannot merely be "giving you tools," but must include "giving you the capability to understand, audit, modify, and replace."

2.9 Human Rights Protection Channel: Non-Graded Baseline in Life-and-Death Scenarios

Human rights protection is not an internal principle of the grading system, but a precondition for the grading system's establishment. If a hierarchical system systematically places people in life-threatening situations, it lacks legitimacy, regardless of how sufficient its efficiency arguments may be.

In scenarios involving irreversible harm to life, health, personal safety, and basic legal relief, core service quality must not differ due to risk threshold. AI-assisted services in such scenarios are subject to the Human Rights Protection Channel:

  • Automatic Activation: Anyone automatically accesses the highest standard core AI assistance, without going through conventional risk threshold certification processes.
  • Public Bearing: Costs are borne by public funds, not traced back to individual risk thresholds.
  • Core Equivalence: Key judgments directly affecting outcomes—diagnostic conclusions, treatment plans, legal strategies, safety directives—must be equivalent. Peripheral expressions such as explanation format and interface adaptation may be differentiated, but must not affect the accuracy of core judgments.
  • Resource Honesty: The human rights protection channel provides baseline protection, not unlimited resources. Public budget constraints may create upper limits for certain high-cost investments, but these limits must be public budget constraints, not risk threshold discrimination. The institution must publicly acknowledge this limit and continuously narrow the gap through feedback mechanisms. In any case, insufficient resources cannot be a legitimate reason for lowering core service standards—standards are non-negotiable, and insufficiency can only be addressed by expanding public investment.
  • Strictly Limited: The human rights protection channel only applies to common survival problems that everyone faces (emergency medical care, major disease diagnosis, personal safety warnings, disaster response, criminal legal aid, etc.). Personal choices (such as elective surgery, cosmetic medicine, commercial legal consultation) must not enter this channel.

The quality floor only applies to non-irreversible basic development scenarios and daily service configurations. It cannot be invoked as a reason for creating differences in life-and-death scenarios.

Core Principles Concept Genealogy Table

PrincipleCore TensionPhilosophical DialogueMechanism ExpansionCritical TestingStatus
2.1 Infrastructure UniversalizationUniversal access to tech dividends vs. resource constraints and efficiencyRawls (primary goods/bottom-line priority); Amartya Sen (adaptive preferences/capability set)Permission Ladder § Baseline Universal Layer, Baseline Service User Quality FloorSafety Encapsulation Layer Critique (safety encapsulation risks)Established
2.2 Risk-Graded Executive PermissionsHigh-risk permissions require expertise vs. open channels prevent monopolyNozick (social trust/entitlement boundary)Risk-Graded Permission Model, Capability Certification, Accountability ChainCapability Discrimination Critique (permission differences spill over as identity hierarchy)Established
2.4 Capability DiversityStandardized assessment vs. exclusion of diverse cognitive typesSandel (conception of the good presupposition); Foucault (disciplinary power); Bourdieu (cultural capital/distinction); Amartya Sen (functionings vs. capability set)Capability Certification (three dimensions, parallel paths, bias monitoring)Capability Discrimination Critique (single capability monopoly)To Be Consolidated
2.5 Multi-Stakeholder Institutional Constraints on Grading Definition PowerExpert knowledge necessity vs. democratic participation prevents monopolyNozick (definition power is power); Foucault (normalization and power production)Risk-Graded Permission Model, Threshold Setting PrinciplesSelf-Negation Clause (definition power aristocratization)To Be Consolidated
2.6 Baseline Service User Quality StandardQuality floor prevents abandonment vs. chronic under-provisioning riskRawls (strong guarantee vs. maximization); Bourdieu (symbolic violence)Baseline Service User Quality FloorBaseline User Long-term Degradation (chronic under-provisioning)To Be Consolidated
2.7 Discourse TransparencyTechnical governance efficiency vs. political dimension obscuredSandel (technical neutrality discourse critique); Frankfurt School (technical rationality critique)Audit TransparencySelf-Negation Clause (technical discourse obscures politics)Established
2.8 Cross-National Fairness, Local Autonomy, and Unequal Capability AccessGlobal tech diffusion vs. local autonomy/anti-colonialismFrankfurt School (colonization of the lifeworld); Self-Negation Clause (techno-colonialism critique)Risk-Graded Permission Model § Global Dimension, Audit Transparency § Cross-national AuditTechnocrat Critique, International Technological HegemonyFrontier Exploration
2.9 Human Rights Protection ChannelEfficiency-based grading vs. human rights baseline in life-and-death scenariosRawls (bottom-line priority/primary goods)Baseline Service User Quality Floor § Human Rights Protection ChannelMedical Liability Segmentation (equal protection in life-and-death scenarios)Established

Reading Guide: Philosophical dialogue answers "why it is defensible"; mechanism design answers "how to implement"; critical testing answers "where it is most likely to fail." All three must be read cross-referentially; no single layer can provide sufficient defense alone.

Appendix: Cross-Reference of Theoretical Foundations and Core Principles

Theoretical LayerDialogue PartnerCore PropositionLocation in DraftCorrection/Tension Introduced
Distributive Justice TraditionRawlsPrimary goods; bottom-line priority; difference principle2.1, 2.6, 2.9Revised from "guarantee" to "best-effort guarantee"
Distributive Justice TraditionNozickSocial trust; entitlement boundary; definition power is power2.2, 2.5Entitlement boundary corrects bottom-line priority
Distributive Justice TraditionSandelUnencumbered self critique; conception of the good presupposition2.4, 2.7Rejects implicit equation of capability = value
Critical Examination of CapabilityFoucaultDisciplinary power; normalization; capability as ideological disguise2.4, 2.5Capability dimensions must remain open; citizens have right to question standards
Critical Examination of CapabilityBourdieuCultural capital; distinction; class reproduction2.4, 2.6Review panel must be class-diverse; assessment forms must be habitus-sensitive
Critical Examination of CapabilityAmartya SenFunctionings vs. capability set; adaptive preferences2.1, 2.4Contextualized simulation tests; probationary evaluation; proactive outreach
Discourse and Rationality CritiqueFrankfurt SchoolTechnical rationality critique; colonization of the lifeworld; efficiency ideology2.7, 2.8Direct source of discourse transparency principle; local autonomy resists colonization

III. Cross-National Publicness Turn

Technological progress does not naturally lead to a happier society. Technology can only expand human capabilities, but cannot automatically determine whether these capabilities are used for liberation or control, cooperation or confrontation, reducing scarcity or creating new feelings of deprivation.

Therefore, this draft does not limit its object of study to distributive justice within a single nation, but takes the common condition of all humanity in the AI era as its foundation of legitimacy. The real question is not whether a particular country, system, or camp ultimately wins, but: why, when humanity already possesses so much knowledge, technology, and productivity, can it still not steadily move toward a society with less fear, less humiliation, and less mutual harm?

The most dangerous aspect of competitive narratives is their appropriation of real human fears. Unemployment, backwardness, resource scarcity, and future uncertainty are real sufferings, but they are often compressed into us-vs-them stories: suffering comes from external enemies, sacrifice is historically necessary, obedience is the premise of security. Thus, sufferings that should be understood and resolved are translated into reasons for continuing to create suffering.

The cross-national publicness turn does not mean establishing a global center that erases differences. On the contrary, it requires distinguishing three layers of order:

  1. All humanity is the subject of legitimacy: Any basic AI capability arrangement must be able to explain its legitimacy to every individual, not just to citizens of one's own country, capital shareholders, or technological communities.
  2. Nation-states are executive units: Public finance, judicial relief, audit responsibility, and local risk judgment must still be undertaken through real political communities, but these communities cannot disguise their own interests as boundaries of justice.
  3. Local autonomy is a limited right: Local communities may adjust deployment methods, language interfaces, cultural adaptations, and safety details, but cannot use autonomy as a pretext for creating global technological blockades, permanent dependencies, or cross-national capability-access inequality.

Technology has an open tendency: code is replicable, models are migratable, knowledge is diffusible. But open tendency is not a promise of liberation. Without institutional constraints, openness may also be re-enclosed as intellectual property barriers, platform monopolies, national security bans, and camp competition. The cross-national publicness perspective in this draft must simultaneously hold two points: acknowledging the realistic possibility of technological diffusion, and remaining alert to the enclosure of this possibility by fear politics.

What civilization truly deserves to pursue is not the victory of a particular camp in the arena, but making the arena no longer the only form in which humanity imagines its future.

IV. Social Contract

Under the universal access framework discussed here, every individual should enjoy a non-derogable baseline guarantee right: those who do not learn or delve into technical details still have the right to enjoy the convenience and dignity brought by AI within safety-encapsulated standardized interfaces, without being regarded as failures, incomplete citizens, or inferior members of the global technological order.

This commitment is not paternalistic "we protect them," but rather an acknowledgment that: the complexity of technology should not be a reason for exclusion. If a person is deprived of basic services, dignity, and social participation rights simply because they are unwilling or unable to master the underlying logic of AI systems, then technology itself is unjust.

At the same time, society needs to keep capability development channels open: those willing to invest in learning, understand system logic, and proactively undertake public responsibility have the right to obtain higher system freedom, creative space, and social action capabilities according to their risk threshold position. But the openness of capability development channels is not a competitive command for all, but rather a public transformation of existing closed permission structures. Not everyone must enter higher-risk positions, but high-risk permissions should be open to everyone willing to bear corresponding responsibilities.

Core Terms of the Social Contract:

  1. Baseline Protection Is Non-Derogable: Regardless of capability, willingness, or background, everyone enjoys basic AI services, human rights protection channels, and necessary information accessibility.
  2. Capability Development Channels Are Truly Open: Certification standards are public and transparent, parallel paths provide alternative channels for people from different backgrounds, and the bias monitoring system ensures that these channels are not monopolized by specific groups.
  3. Reciprocal Right to Know: Baseline service users not only have the right to know what they are restricted from, but also the right to know the reasons for restrictions, what high-risk threshold holders possess, and how to apply for advancement.
  4. Failure Is Not Stigmatized: Those who do not pass certification or choose not to apply for advancement are not labeled as "capability-deficient," "lazy," or "failures."
  5. Permission and Responsibility Are Symmetrical: Those who obtain higher permissions must bear higher responsibilities, accept stricter audits, and feed back part of their systematic advantages to the baseline universal layer.

At the global level, this contract also means: no country, region, or community should be permanently locked in as a low-permission user. Technology assistance cannot merely be "giving it to you to use," but must include "giving you the capability to understand, audit, modify, and replace" paths.

V. Power Constraint Framework

The unlocking of permissions at any risk-threshold position should be collateralized by the corresponding accountability chain at that position; any high-permission behavior should leave traces, be auditable, traceable, and accountable. The acquisition and maintenance of control depend on four mutually reinforcing constraint conditions:

Four Conditions of the Power Constraint Framework:

  1. Capability Condition: Operators must possess technical capability, social coordination capability, and ethical judgment capability matching the risk level. When capability is absent, corresponding permissions must not be granted.

  2. Responsibility Condition: Permissions must be bound to clearly traceable responsibility subjects. When the accountability chain breaks, permissions should be frozen or degraded. Permission is not a natural right, but a revocable social trusteeship.

  3. Audit Transparency Condition: Any high-permission behavior must leave traces, be auditable, and traceable. When audit mechanisms are absent, even if capability and responsibility are present, the legitimacy of that permission is questionable—because there is no way to verify whether it is being abused.

  4. Definition Power Constraint Condition: The power to define grading standards (assessment criteria, risk thresholds, certification rules) must be subject to multi-stakeholder constraints. When definition power is monopolized by a single institution, when objection pass rates remain chronically low, or when solidification rates exceed thresholds, the legitimacy of the entire grading system is compromised, and the control ceiling of all levels should be compressed. This is not punishing individuals, but punishing structural power monopoly.

Note: A previous version attempted to express this relationship through a multiplicative formula, but the four variables are not commensurable and cannot be naturally mapped to the real number domain; the "constraint coefficient" also lacked operationalized measurement methods. Therefore, this version downgrades the formula to a qualitative constraint framework—it indicates necessary conditional relationships, not numerical operations.

Immune Layer Priority Order

When the constraints in this framework conflict and cannot be simultaneously satisfied, the following priority order applies:

  1. Human rights protection takes precedence over everything: Rights to life, health, and basic legal relief are non-negotiable absolute baselines.
  2. Rights-based protections take precedence over structural mechanisms: The right to know and technological autonomy rights are non-negotiable.
  3. Procedural protections take precedence over discursive commitments: Contestability, reconstruction triggers, and other procedural guarantees are hard constraints.
  4. Safety baseline takes precedence over efficiency pursuit: Efficiency cannot justify reducing pluralism, the right to know, or human rights protections.
  5. Baseline service user interests take precedence over high-risk threshold holder interests: Any conflict resolution defaults to favoring those at the baseline universal layer (or low-authority countries). This is not charity "favoring the weak," but structural correction of power asymmetry.

VI. Provisional Vision

The provisional social image pursued by this draft is: baseline protection, development channels, high-risk constraints, and cross-national exits. Let technology support more people wherever possible, rather than divide societies, nations, and civilizations.

VII. Addressed Issues and Current Weak Points

This section does not turn "partly addressed" into "solved." It distinguishes three states: issues that have gained a preliminary structure, issues that remain real weak points of this draft, and issues that have moved into conditional observation. The maturity of this draft does not depend on eliminating vulnerabilities, but on exposing them accurately and connecting them to further revision.

7.1 Issues with Preliminary Responses, but Not Closure

Issue One: Theoretical Foundation Suspended in Mid-Air. The early draft was questioned for merely opposing crude equality of outcomes without explaining its relationship with theoretical traditions such as Rawls, Nozick, and Sandel. The current response has entered theoretical foundations: the Rawls chapter establishes the inheritance relationship with bottom-line priority and primary goods; the Nozick chapter handles the tension between entitlement, property rights, and social trust; the Sandel chapter examines capability measurement and the conception-of-the-good presupposition behind the risk-grading metaphor. Foucault, Bourdieu, Amartya Sen, and the Frankfurt School add critical dimensions around discipline, cultural capital, capability sets, and technical rationality.

Remaining Risk: These theoretical resources are not naturally compatible. Rawls demands bottom-line priority; Nozick demands entitlement boundaries; Sandel warns about embedded conceptions of the good; Foucault and Bourdieu question capability standards themselves; Sen requires distinguishing real capabilities from adaptive preferences; the Frankfurt School warns that technical rationality may absorb public judgment. This draft cannot package these tensions as the victory of a comprehensive theory. It can only use them as normative pressure for continuously testing mechanism design.

Issue Two: Mechanism Complexity and Realistic Costs. The three bodies, parallel certification, cross-audit, accountability chains, and multi-layer appeals can theoretically restrain power solidification, but in reality may become formalities due to excessive human, time, financial, and coordination costs.

Current Response: Mechanism design documents have been compressed into principle frameworks, deleting specific numbers as hard conclusions so that unverified thresholds are not disguised as institutional answers. Concrete implementation must be operationalized according to domain risk, resource conditions, and the technical level of the period.

Remaining Risk: Cost cannot simply be delegated to "future implementation." If certification, appeal, and audit themselves become high-threshold procedures, baseline service users, small institutions, and low-resource regions will be excluded from correction mechanisms. The grading system would then reproduce exclusion in the name of procedural justice.

Issue Three: Whether the Safety Encapsulation Layer Becomes Gentle Abandonment. The current response has been written into Core Principle 2.6 and expanded by Baseline Service User Quality Floor. Baseline service users must not be treated as low-value populations; the baseline universal layer must include a quality floor, the right to know, and feedback mechanisms.

Remaining Risk: The quality floor can only be a minimum alarm line, not a sufficient line of justice. Especially in irreversible harm scenarios such as healthcare, legal relief, and public safety, the quality floor must yield to the human rights protection channel. In everyday service scenarios, long-term safe but lagging service may still create chronic under-provisioning.

Issue Four: Lack of Mechanism-Risk Portraits and Self-Critique. The current response has entered critique and rebuttal: Self-Negation Clause, Capability Discrimination Critique, Safety Encapsulation Layer Critique, and Technocrat Critique. These documents derive ways in which the framework itself may fail from five directions: capability measurement, grading definition power, safety encapsulation, technical neutrality discourse, and cross-national capability-access inequality.

Remaining Risk: Collapse indicators have appeared, but the principles for setting thresholds remain insufficiently unified. Different risks cannot mechanically share the same numbers, but they also cannot be left entirely to expert discretion. The draft still needs to clarify which thresholds come from rights baselines, which from statistical anomalies, and which from public procedures.

7.2 Current Real Weak Points

Weak Point One: Theoretical Resources and Mechanism Clauses Still Have Gaps Between Them. The theoretical foundations can now explain why capability standards, technical governance, and definition power must be treated with suspicion, but they do not yet sufficiently explain how each critique changes concrete institutional design. For example, how should disciplinary critique change re-certification cycles? How should cultural-capital critique change review-panel composition? How should capability-set theory change proactive outreach obligations? How should critique of technical rationality limit audit language itself? If these connections are not consolidated, theoretical foundations will remain decorative citations.

Weak Point Two: Boundary Tests Have Not Yet Rewritten the Main Claims. Cases such as international technological hegemony, baseline user long-term degradation, and medical liability segmentation have been raised, but they still mostly verify existing principles rather than force principles to change. Effective boundary testing must allow three outcomes: retaining a principle, narrowing a principle, or admitting that a principle fails. Otherwise, boundary testing degenerates into a defensive appendix.

Weak Point Three: Cross-National Enforceability and Legitimacy Remain Incomplete. The cross-national publicness turn has been written into the principles, but the institutional loop is still unclear: why cross-national governance bodies can constrain states, platforms, and high-permission technical communities; how the blocking rights of low-resource regions avoid becoming symbolic; and how technology-transfer obligations avoid becoming a new form of dependency management.

Weak Point Four: The Agency of Baseline Service Users Remains Too Weak. This draft repeatedly states that the baseline universal layer is not a low-value layer, but current mechanisms still mainly write baseline service users as protected parties, recipients of feedback, and appellants. The next step must strengthen their participation in definition, evaluation, suspension, and knowledge production. Otherwise, "universal access" may retain a paternalistic structure.

Weak Point Five: Implementation Sequence Remains Unclear. The text simultaneously proposes baseline universal access, risk grading, capability certification, audit transparency, feedback mechanisms, the human rights protection channel, and cross-national technology transfer, but it does not yet specify which are preconditions, which can be piloted, and which must wait for public finance, audit capacity, or cross-national procedures to mature. Without implementation sequencing, the framework may appear complete but remain non-executable.

7.3 Issues Moved into Conditional Observation

AI Subjectivity Is No Longer Listed as a Currently Unaddressed Weak Point. The current response has entered AI Agency and Liability and AI Agency: based on the ten impossible capabilities of generative LLMs (subjective experience, life situation, responsibility capability, value belief, subjective will, reality presence, personal continuity, creative impulse, moral pain, and concrete love), it is derived that AI cannot become an independent permission subject or responsibility subject. AI's responsibility condition is zero, so its independent control cannot be legitimately established. For the foreseeable future, AI can only operate in the form of "restricted high permission" under the supervision of a clear human responsibility subject.

Conditional Risk: If future AI demonstrates responsibility capability that can be recognized through public procedures, the current conclusion must be reopened. But this is not a purely technical determination. It is a fundamental institutional question: who has the authority to recognize a responsibility subject, who bears the consequences of mistaken recognition, and who can represent affected parties in consenting to permission delegation. Until these questions are resolved, the provisional cautious position of this draft is to bear some efficiency loss rather than elevate an unaccountable system into an independent control subject.

Open Note: This document is a public-facing problem framework, not a claim to a final answer. Further counterexamples and revisions are welcome around the boundaries of universal baseline AI access, responsibility constraints on high-risk permissions, bias risks in capability certification, cross-border technological inequality, and institutional failure conditions.