By Jen Evans | B2BNN | May 2026
This is a companion to “There Are No Watchmen: Why the AI Governance Conversation Is Asking the Wrong Question,” published April 10, 2026.
In 1942, Isaac Asimov proposed three laws for governing autonomous non-human capability. They were elegant, intuitive, and wrong. Asimov spent the rest of his career writing stories about how they failed; how the laws broke down under conflicting imperatives, ambiguous real-world conditions, and edge cases that no rule set could anticipate. The laws were tool-focused: don’t harm humans, obey humans, protect yourself. They governed the robot.
Eighty-four years later, we need to govern the institution that holds the robot.
The term for what we are confronting is existential AI – not in the speculative sense of AI that might someday threaten human survival, but in the literal, present-tense sense: AI capability that is already materially altering the conditions of human existence. The distribution of power. The security of infrastructure. The capacity for state violence. The ability of populations to govern themselves.
An AI system that generates kill lists of 37,000 people and automates targeting decisions with twenty-second human review is existential. A model that can autonomously find exploitable vulnerabilities in every major operating system on earth is existential. A surveillance apparatus that draws from medical records, facial recognition, iris scanners, license plate readers, and spyware to track, profile, and deport civilian populations is existential. This is not a future risk. It is a present condition.
Asimov’s laws failed because they tried to govern behavior. What follows are five principles for governing power. They are structural, not behavioral. They do not depend on the character of the people involved, because the entire historical record tells us that character is not a durable safeguard against the deformation that power produces over time.
Principle 1: No Single Entity Rule
No existential AI capability may be controlled exclusively by a single private institution, government, or individual. The functions of building, deploying, auditing, and constraining existential AI must be structurally independent. This is separation of powers applied to AI, the same design principle that every functioning democracy embeds in its governance architecture, for the same reason: concentrated, unchecked power degrades the judgment of whoever holds it, regardless of their intentions at the outset.
Principle 2: Mandatory Capability Disclosure
When an AI system crosses a defined existential threshold, autonomous vulnerability discovery in critical infrastructure, autonomous weapons targeting, population-scale surveillance, capacity to compromise major operating systems or communication networks, that fact must become public record. Not a press release. Not a partner announcement. Public, verifiable record, subject to independent confirmation. The threshold definitions themselves must be established through processes that include democratic input, not defined solely by the entity that crossed them.
Principle 3: Structural Accountability Over Character Trust
Any governance mechanism that depends on the continued goodwill, ethics, or character of the individuals or leadership team it is meant to constrain is not a governance mechanism. It is a hope. Constraints on existential AI must be architectural — embedded in law, treaty, and institutional design — such that they cannot be overridden by the entity they constrain. The OpenAI board crisis of November 2023 is the case study: a governance structure explicitly designed to prioritize safety over commercial interests collapsed in five days under pressure from capital, talent, and investor mobilization. Any framework that could fail the same way under the same pressures is not a framework. It is a suggestion.
Principle 4: Democratic Standing for Affected Populations
When an AI capability affects the security, privacy, infrastructure, or physical safety of a population, that population must have standing in decisions about its deployment. Not as consumers choosing whether to subscribe. Not as downstream recipients of a partner announcement. As citizens with governance rights over the conditions of their own existence. No population should learn about threats to its infrastructure on a timeline determined by a foreign private company’s disclosure schedule and commercial partnerships.
Principle 5: Sovereignty of Last Resort
No nation’s critical infrastructure security may be wholly dependent on the disclosure decisions, commercial relationships, or goodwill of a foreign private entity. Every state must retain the independent capacity, or have guaranteed, binding multilateral access to shared capacity, to assess and respond to threats against its own digital infrastructure. When a private company in San Francisco discovers a 27-year-old vulnerability in the operating system running your country’s firewalls, your government cannot be in the position of learning about it only when that company decides to tell you. Dependency at this level is not a partnership. It is a loss of sovereignty by another name.
These five principles are not novel. They are applications of governance logic that democratic societies have understood for centuries, adapted to a class of technology that has outrun every institutional structure designed to contain it. Asimov’s laws tried to make the tool safe. These principles try to make the power structure governable. The distinction matters because the tool is no longer the problem. The tool works. The question is who holds it, under what constraints, and what happens when those constraints are tested.
Jen Evans is the founder of B2BNN and Pattern Pulse AI. Her ongoing research series “Whose AI Runs the Government?” examines AI sovereignty dependency chains in Canadian federal and provincial infrastructure. She is the originator of Evans’ Law, the Nudgment framework, and AI Conversational Phenomenology.