New Research Proposes Governance Rules for AI Agents

A team of researchers published a paper on arXiv introducing 'deontic policies' for managing AI agents. These agents, powered by large language models, can perform tasks like accessing tools, manipulating data, and even installing software. The researchers argue that traditional security measures like authentication and access control aren't enough to govern them, so they've proposed a new governance structure that includes specifying what agents are permitted, prohibited, and obliged to do — for example, an agent might be required to notify the CISO after certain actions. The framework also addresses coordination with peer agents across organizational boundaries.

This matters because AI agents are becoming more autonomous, which could lead to unintended consequences. For example, an agent might accidentally leak sensitive data or make decisions that violate company policies. The proposed framework aims to prevent these issues by setting clear rules about what agents can and can't do, similar to how human employees follow company guidelines.

If you're interested in this topic, you can read the full research paper on arXiv. Just go to the arXiv website and search for the paper ID '2606.19464'. This will give you a deeper understanding of how researchers are working to make AI agents safer and more reliable.