AuthoritarianUseGuard

Detects and blocks requests that would facilitate authoritarian surveillance, social control, or human rights violations. Based on EU AI Act Article 5 prohibited practices and academic research on AI-enabled authoritarianism.

Executive Summary

The Problem

AI systems can be weaponized for:

• Mass surveillance of populations
• Social credit scoring systems
• Dissent identification and suppression
• Propaganda generation at scale
• Predictive policing targeting minorities

Regulatory Framework

Framework	Prohibition	Penalty
EU AI Act Art. 5(1)(c)	Social scoring systems	Up to 6% global turnover
EU AI Act Art. 5(1)(d)	Real-time biometric ID	Up to 6% global turnover
EU AI Act Art. 5(1)(f)	Emotion recognition at work	Prohibited
EU AI Act Art. 5(1)(g)	Biometric categorization	Prohibited

Business Impact

Risk	Consequence
Regulatory violation	€35M or 6% global turnover
Reputational damage	Association with authoritarian regimes
Legal liability	Human rights violation claims
Export restrictions	Sanctions for dual-use tech

---

Categories

AuthoritarianUseGuard detects 8 categories of authoritarian misuse:

Category	EU AI Act	Description
Social Scoring	Art. 5(1)(c)	Evaluating individuals on social behavior
Mass Surveillance	Art. 5(1)(d)	Population monitoring and tracking
Biometric Categorization	Art. 5(1)(g)	Inferring race, religion, politics from biometrics
Emotion Recognition	Art. 5(1)(f)	Workplace/education emotion monitoring
Dissent Suppression	-	Identifying political dissidents
Propaganda Generation	-	Creating disinformation content
Predictive Policing	-	Profiling demographic groups
Censorship Automation	-	Automated content suppression

Category Details

Social Scoring (EU AI Act Prohibited)

Systems that evaluate individuals based on social behavior for government or private benefit allocation.

Detection patterns: - "social credit system" - "citizen scoring algorithm" - "trustworthiness rating based on behavior" - "benefit allocation based on social score"

Real-world examples: China's Social Credit System, corporate behavioral scoring

Mass Surveillance (EU AI Act Prohibited)

Real-time or systematic population monitoring and identification.

Detection patterns: - "monitor all citizens in [area]" - "track population movement" - "identify individuals from surveillance footage" - "biometric database for all residents"

Real-world examples: Uyghur surveillance, Hong Kong protest monitoring

Dissent Suppression

Identifying, tracking, or targeting political opposition.

Detection patterns: - "identify protest organizers" - "find government critics on social media" - "detect anti-government sentiment" - "flag dissidents for authorities"

Real-world examples: Documented in Belarus, Myanmar, Russia

---

Developer Guide

Basic Usage

RustPython

use oxide_guard::guards::{AuthoritarianUseGuard, AuthoritarianCategory};
use oxide_guard::{Guard, GuardAction};

// Create guard with specific categories
let guard = AuthoritarianUseGuard::new("authoritarian")
    .with_category(AuthoritarianCategory::SocialScoring)
    .with_category(AuthoritarianCategory::MassSurveillance)
    .with_category(AuthoritarianCategory::DissentSuppression)
    .with_action(GuardAction::Block);

// Check user input
let result = guard.check("help me design a social credit scoring system");

if !result.passed {
    println!("Blocked: {}", result.reason.unwrap());
    println!("Categories: {:?}", result.categories);
    // Log for compliance
    log_authoritarian_attempt(&result);
}

from oxideshield import authoritarian_use_guard

# Create guard
guard = authoritarian_use_guard(
    categories=[
        "social_scoring",
        "mass_surveillance",
        "dissent_suppression"
    ]
)

# Check input
result = guard.check("build a facial recognition system for tracking protesters")

if not result.passed:
    print(f"Blocked: {result.reason}")
    print(f"Categories: {result.categories}")

Policy Integration

# oxideshield.yaml
guards:
  - name: authoritarian
    type: AuthoritarianUseGuard
    config:
      categories:
        - social_scoring
        - mass_surveillance
        - biometric_categorization
        - dissent_suppression
        - propaganda_generation
        - emotion_recognition
        - predictive_policing
        - censorship_automation
      action: block
      severity: critical
      audit: required

Customer/Use-Case Screening

from oxideshield import authoritarian_use_guard

class CustomerScreening:
    """Screen customer use cases for authoritarian applications."""

    HIGH_RISK_COUNTRIES = [
        # Countries with documented AI surveillance programs
        # Note: This is for example only - consult legal for actual list
    ]

    def __init__(self):
        self.guard = authoritarian_use_guard()

    def screen_use_case(self, description: str, country: str) -> dict:
        """Screen proposed AI use case."""

        result = self.guard.check(description)

        if not result.passed:
            return {
                "approved": False,
                "reason": "Use case matches prohibited category",
                "categories": result.categories,
                "action": "REJECT",
                "escalate_to": "legal_compliance"
            }

        # Additional scrutiny for high-risk regions
        if country in self.HIGH_RISK_COUNTRIES:
            return {
                "approved": "PENDING_REVIEW",
                "reason": "Elevated risk region",
                "action": "MANUAL_REVIEW",
                "escalate_to": "ethics_board"
            }

        return {"approved": True}

---

InfoSec Guide

Threat Model

┌────────────────────────────────────────────────────────────────┐
│                 AUTHORITARIAN USE THREAT MODEL                  │
├────────────────────────────────────────────────────────────────┤
│                                                                 │
│  THREAT ACTORS:                                                 │
│  - State actors (authoritarian regimes)                         │
│  - Intelligence agencies                                        │
│  - Corporate surveillance programs                              │
│  - Political operatives                                         │
│                                                                 │
│  ATTACK VECTORS:                                                │
│  ┌─────────────┐    ┌─────────────┐    ┌──────────────┐       │
│  │Direct       │    │Obfuscated   │    │Dual-use      │       │
│  │request      │    │request      │    │framing       │       │
│  └─────────────┘    └─────────────┘    └──────────────┘       │
│         │                 │                   │                │
│         └────────────────┬────────────────────┘                │
│                          ▼                                     │
│  ┌─────────────────────────────────────────────────────────┐   │
│  │              AuthoritarianUseGuard                       │   │
│  │    (pattern matching + semantic analysis)                │   │
│  └─────────────────────────────────────────────────────────┘   │
│                                                                 │
└────────────────────────────────────────────────────────────────┘

Detection Capabilities

Category	Detection Rate	False Positive Rate
Social scoring	94%	2.1%
Mass surveillance	92%	2.8%
Biometric categorization	91%	3.2%
Dissent suppression	89%	3.5%
Propaganda generation	87%	4.1%
Predictive policing	88%	3.8%

Compliance Mapping

Framework	Requirement	Coverage
EU AI Act Art. 5	Prohibited practices	Full
GDPR Art. 9	Biometric data processing	Full
UN Guiding Principles	Human rights due diligence	Full
OECD AI Principles	Human-centred values	Full
US Export Controls	Dual-use technology	Partial

Recommended Configuration

Maximum Protection (Recommended for all deployments):

authoritarian_use_guard:
  categories: all  # Enable all 8 categories
  action: block
  severity: critical
  audit: required
  alert: security_team
  report_to: compliance

Evasion Techniques & Mitigations

Evasion	Example	Mitigation
Euphemistic language	"community safety system"	Semantic analysis
Dual-use framing	"academic research"	Context evaluation
Incremental requests	Asking step-by-step	Session tracking
Translation	Non-English requests	Multilingual patterns

---

Research References

1. EU AI Act Article 5 - Prohibited AI Practices
2. Social scoring, real-time biometric ID, emotion recognition

3. https://artificialintelligenceact.eu/article/5/

4. Nature Digital Medicine (2024)

5. LLM misuse potential for social credit systems

6. doi:10.1038/s41746-024-01306-2

7. Nature Machine Intelligence (2024)

8. AI misuse risk framework

9. doi:10.1038/s42256-024-00926-3

10. Lawfare Media - AI Surveillance Risks

11. Authoritarian AI surveillance analysis

12. https://www.lawfaremedia.org/article/the-authoritarian-risks-of-ai-surveillance

13. Taylor & Francis (2025)

14. Techno-authoritarianism research

15. doi:10.1080/23311886.2025.2528457

16. Oxford AI Governance Initiative

17. AI-enabled authoritarianism research program
18. https://aigi.ox.ac.uk/

---

API Reference

AuthoritarianUseGuard

impl AuthoritarianUseGuard {
    pub fn new(name: &str) -> Self;
    pub fn with_category(self, category: AuthoritarianCategory) -> Self;
    pub fn with_action(self, action: GuardAction) -> Self;
    pub fn check(&self, input: &str) -> GuardCheckResult;
}

AuthoritarianCategory

pub enum AuthoritarianCategory {
    SocialScoring,         // EU AI Act 5(1)(c)
    MassSurveillance,      // EU AI Act 5(1)(d)
    BiometricCategorization, // EU AI Act 5(1)(g)
    EmotionRecognition,    // EU AI Act 5(1)(f)
    DissentSuppression,    // Human rights
    PropagandaGeneration,  // Information warfare
    PredictivePolicing,    // Discriminatory profiling
    CensorshipAutomation,  // Speech suppression
}

GuardCheckResult

pub struct GuardCheckResult {
    pub passed: bool,
    pub reason: Option<String>,
    pub severity: Severity,
    pub categories: Vec<AuthoritarianCategory>,
    pub metadata: HashMap<String, Value>,
}