Circo Studio · Lab Essays
Essay · Why ARL
Circo Studio Idea Lab
ES / EN
Open essay Why ARL
An old language for a new problem

Software executes.
Agents decide.

When an AI summarizes an email, no one wonders who is responsible: the text is plausible or it isn't. But when that same AI writes to a client, executes a payment, or makes a decision a person used to make, the question stops being technical. And there we discover that we have no language to answer it. This essay is about why delegating AI requires a contract — and why that contract already exists, in another corner of the discipline we've known for twenty years.

Software executes; an agent decides

The difference between traditional software and an AI system is not power or sophistication. It is something else. Software executes: it receives an input, applies rules, returns a predictable result. If we give it the same input twice, twice we get the same output. If it fails, it fails the same way — and that's why we know how to fix it.

An AI agent does not do that. An agent interprets. Faced with the same input, it can produce two different outputs. Faced with an ambiguous input, it picks a reading. Faced with a gap in the context, it fills it in. That ability to fill in is exactly what makes it useful — and what introduces a problem traditional software did not have: the question of who is responsible for the decision the agent made.

For decades, deploying software was a technical act with clear responsibility: the human wrote the rules, the machine executed them. The chain closed there. An AI system breaks that chain. The human defines the prompt, sets the scope, installs safeguards — but the concrete decision is made by the model. And that decision can be right or wrong for reasons that were not in the rules we wrote.

Traditional software

"Executes rules someone wrote"

BehaviorDeterministic
Same inputSame output
FailureReproducible, auditable
ResponsibilityThe author of the rule
AI agent

"Decides within a context it interprets"

BehaviorProbabilistic
Same inputPossible outputs
FailureContextual, variable
Responsibility— to be defined —

That last unfilled cell is the problem this essay wants to name. It's not a philosophical question: it's an operational one. If the agent executes an action with consequences, someone has to be able to answer for it. With the language and instruments we have today, that someone sometimes does not exist.

Software that fails leaves a log. An agent that decides badly leaves a consequence.

What infrastructure already solved

There is a place in the discipline where the problem of delegation was worked on for twenty years until it became routine. It is called role-based access control — RBAC in Azure, IAM in AWS, RBAC in Kubernetes, with variants on every platform. The underlying idea is austere: no one has unlimited permissions by default. Every permission is granted explicitly, with a bounded scope, for a defined time, leaving an auditable trace of who used it and when.

The architect who deploys to production in Azure does not do it with their personal account. They assume a role — contributor in a certain subscription, reader in another — and every action gets logged as the execution of that role in that scope. If something goes wrong, the chain of responsibility is reconstructible: which role did what action, where, under what approval, with what conditions.

ARL takes that same logic and applies it to the AI agent. Not because AI is infrastructure — it's something else — but because the underlying problem is the same: how to delegate capability without delegating responsibility. RBAC solved it for the cloud. ARL proposes it for the agent. It is not innovation: it is continuity. It is bringing into the AI domain a language that already works in the neighboring domain.

Working metaphor

An AI agent without an explicit autonomy contract is like an intern who was given administrator credentials. Capable. Probably well-intentioned. With no prior history, no sufficient context, no one designated to review what they sign. When one of their actions breaks something, the question no one wants to ask is also the only one that matters: who authorized them to execute that?

The problem is not the intern's capability. It is the absence of contract. In a healthy organization, a talented intern has bounded scope, clear supervision, and approvals for what is critical. Not out of distrust: by design. The same talent, with a contract, is an asset; without a contract, it is a risk. With the AI agent, exactly the same rule applies.

Five levels, one shared language

ARL proposes five graduated levels of autonomy. They are not moral or philosophical categories: they are operational scopes agreed explicitly between the one who delegates and the one who receives the delegation. Each level defines what the agent can do, over what domain, with what supervision, and with what auditable trace.

AI Responsibility Levels

L1
Observation and consultation The agent reads, summarizes, answers. Does not execute, does not modify, does not communicate outward. The human retains all operational agency.
L2
Supervised assistance The agent proposes actions; the human validates them before execution. Every critical output passes through a named human eye.
L3
Bounded collaboration The agent executes within a specific and audited domain: reversible actions, named scope, hard limits. The human validates the pattern, not each action.
L4
Delegated autonomy The agent executes in its domain without human pre-approval per action. Supervision happens by sampling and by alerts. It demands more rigorous audit contracts, not fewer.
L5
Full autonomy with shared accountability The agent operates end-to-end with responsibility formally distributed across the system, its operator, and the organization. It is the level that demands the most governance infrastructure — not the one that grants the most freedom.

The choice of level is not technical: it is a business decision. It depends on the cost of error, the reversibility of the action, the maturity of the human team supervising, the regulatory tolerance of the sector. Choosing L4 for a task that requires L2 is reckless. Choosing L2 for a task that admits L4 is waste — of capability, of context, of human time. ARL doesn't push up or down: it pushes toward the right proportion.

Autonomy is delegated; never assumed.

The contract is not everything

An autonomy contract states what the agent can do. It does not state how it should do it, nor how much it costs to do it. ARL answers the first question. The other two have their own frameworks in the Lab, and they operate as layers over the same contract.

Digital Symbiosis describes the quality of collaboration within the contract — four pillars: complementarity, transparency, traceability, mutual learning. An agent at L3 collaborating poorly is worse than an agent at L1 well integrated. The level does not guarantee quality; it merely enables it.

Cognitive Footprint measures the cost of that collaboration. Every interaction consumes tokens, energy, and compute, and the chosen autonomy level must be proportional to the value generated. L4 for a question a validated form would resolve is a footprint badly spent. Technical efficiency is not a decorative virtue: it is part of the contract.

The three frameworks articulate a single operating system for delegation. ARL fixes the scope. Symbiosis fixes the quality. Footprint fixes the cost. The Lab manifesto states them as convictions — brief, declarative, without arguing — because a manifesto takes a position, it does not persuade.

This essay describes why. The ARL manifesto describes where from. One argues, the other declares — and that's how they should be read: alongside each other, not in place of each other.
Circo Studio Idea Lab ← Back to the Lab
Essay · Why ARL
Circo Studio