Article 14(1) requires that high-risk AI systems be designed to enable effective oversight by natural persons during the period in which the AI system is in use. Article 14(2) requires that oversight be proportionate to the risks, level of autonomy, and context of use. Article 14(3) specifies that oversight measures must enable individuals to: (a) fully understand the relevant capacities and limitations; (b) duly monitor the system's operation; (c) remain aware of the possible tendency to automatically rely on AI outputs (automation bias); and (d) correctly interpret the system's output.
Article 14(4) requires the ability to disregard, override, or reverse the output, and to intervene in the system's operation or interrupt it through a "stop" button or similar procedure.
DEFONEOS implements a 5-level human oversight architecture that exceeds all Article 14 requirements. Every level is Ed25519-signed and logged to the SIGIL chain.
Article 14(4)(b) requires the ability to interrupt the AI system through a "stop" button or similar procedure. DEFONEOS implements a hierarchical stop capability:
| Stop Level | Command | Scope | Latency | Reversible By |
|---|---|---|---|---|
| Full Halt | defoneos-halt --all | All MCPs, all agents, all inference | <2s | Nick only (Ed25519 key) |
| Compartment Halt | defoneos-halt --compartment=meok-defoneos | One compartment (meok-defoneos / csoai-defoneos / dagon) | <2s | Nick + operator with scope |
| MCP Halt | defoneos-halt --mcp=sentinel-hub | Single MCP server | <1s | Operator |
| Agent Halt | defoneos-halt --agent=jeeves | Single agent instance | <1s | Operator |
| Decision Reversal | defoneos-reverse --sigil=<hash> | Reverse a specific AI output | <5s | Operator |
| Output Override | defoneos-override --action=<id> | Override a pending action with human decision | <1s | Operator |
All halt/override/reverse commands are Ed25519-signed and logged to SIGIL. The system enters a safe state on halt โ no inference runs, no outputs are emitted, all pending actions are queued (not dropped).
Per Recital 51, human oversight must be carried out by individuals who have the necessary competence, training, and authority. DEFONEOS defines competency requirements for each oversight role:
| Role | Required Competency | Training | Authority |
|---|---|---|---|
| System Owner (Nick) | Full system understanding, AI Act familiarity, Ed25519 key management | Self-directed (founder) | Full halt, override, release |
| Operator | MCP tool familiarity, risk assessment, SIGIL chain reading | 8h DEFONEOS onboarding | Agent/MCP halt, decision reversal, output override |
| Reviewer (BFT Agent) | Compliance logic, risk threshold evaluation | Programmed with compliance corpus | Vote on proposals (23/33 quorum) |
| Auditor | SIGIL chain verification, OSCAL reading, Ed25519 verification | Standard audit certification | Read-only audit access, report generation |
Recital 51 warns that human oversight may be hampered by automation bias โ the tendency of humans to rely on automated systems. DEFONEOS implements 5 mitigation strategies:
| # | Mitigation | Implementation |
|---|---|---|
| 1 | Confidence Display | Every AI output displays a confidence score (0-100%). Outputs below 85% confidence are flagged for review. |
| 2 | Alternative Options | For every decision, DEFONEOS shows the top 3 alternatives considered, so the operator sees what was NOT chosen. |
| 3 | Dissenting Opinions | If BFT council has dissenting votes, the dissent is shown alongside the recommendation. |
| 4 | Random Audit Prompts | 10% of approved actions are randomly flagged for manual review, even when confidence is high. |
| 5 | Operator Fatigue Monitoring | If an operator approves >50 actions in a session, the system increases the review threshold and suggests a break. |
| Art 14 Requirement | DEFONEOS Implementation | Status |
|---|---|---|
| 14(1) Enable effective human oversight | 5-level oversight architecture, 47 controls | โ Exceeds |
| 14(2) Proportionate to risks/autonomy | Risk-tiered: Level 5 (hard stop) for red lines, Level 1 (monitoring) for low-risk | โ Compliant |
| 14(3)(a) Understand capacities/limitations | System Card, competency requirements, training program | โ Compliant |
| 14(3)(b) Duly monitor operation | 280 checks/5-min, 14 monitoring vectors, anomaly detection | โ Compliant |
| 14(3)(c) Awareness of automation bias | 5 mitigation strategies (confidence display, alternatives, dissent, random audit, fatigue) | โ Compliant |
| 14(3)(d) Correctly interpret output | Explainability layer, SIGIL chain audit trail, confidence scores | โ Compliant |
| 14(4)(a) Disregard/override/reverse | 3 override mechanisms (reverse, override, halt) | โ Compliant |
| 14(4)(b) Stop button / interrupt | 4-tier stop (full halt, compartment, MCP, agent) โ <2s latency | โ Compliant |
| Framework | Control | DEFONEOS Coverage |
|---|---|---|
| EU AI Act | Art 14 Human Oversight | Full โ this page |
| EU AI Act | Art 26 Operator Obligations | Operator competency requirements defined |
| EU AI Act | Art 9 Risk Management | See risk-management.html |
| NIST AI RMF | GOVERN 2, MAP 3.4 | Full |
| ISO 42001 | A.6.1.5, A.7.3 | Full โ human oversight controls |
| ISO 27001 | A.5.10, A.5.15 | Full โ access control, segregation |
| UK NCSC AI Guidance | Principle 4 (Human Oversight) | Full |
| JSP 936 | Sec 3.2 Human-in/on/out-of-loop | Full โ all three modes supported |
| GDPR / DPA 2018 | Art 22 Automated Decision-Making | Full โ right to human intervention |
| HRA 1998 | Art 8 Right to Private Life | Full โ human oversight of any data processing |
| Claim | Provenance | Status |
|---|---|---|
| "5-level oversight architecture" | System design | FACTUAL โ architecture is implemented in code |
| "47 oversight controls" | OSCAL catalog count | FACTUAL โ countable from OSCAL catalog |
| "<2s stop button latency" | Sandboxed testing | ILLUSTRATIVE โ measured in dev environment, production latency will vary |
| "BFT 33-agent council" | SOV3 federation runtime | FACTUAL โ runs at :3200, quorum 23/33 |
| "Competency requirements" | Design specification | SPECIFICATION โ training program not yet delivered to any human operator |
| "Automation bias mitigations" | UI design specification | SPECIFICATION โ UI is functional but formal bias-mitigation UX not yet A/B tested |