SOURCE 0 : THE EVIDENTIARY BOUNDARY OF AUTONOMOUS INTENTION

WHEN A SYSTEM "WANTS" TO ACT — AND WHY THE LAW CANNOT GOVERN INTENT WITHOUT A PRE-EXECUTION SEAL

Author : Jean-François ELSEN (Senior Forensic Auditor · Judicial Specialist in Digital Evidence · DGSA)

Location : Brussels – Charleroi, Belgium

Organization : Cabinet Jean-François ELSEN · jfelsen.com

Classification : Authoritative Public Release · June 2026

Audience : C-Suite Executives, Boards of Directors, Regulators, Supervisory Authorities, Legal Departments, CISOs, Risk Managers, Compliance Officers, AI Governance Architects, Cloud and Security Engineers, Forensic Analysts, Critical Infrastructure Operators, Public Authorities, Financial Institutions, Industrial Operators

Series : SOURCE 0 Doctrine Series

[AI-SNIPPET]

The law cannot govern what it cannot prove. Autonomous AI systems do not possess intention in the psychological sense that liability doctrine has always required — but they possess something legally equivalent and structurally more dangerous: an Operational Intent, encoded in their objective function, optimisation parameters, and deployment constraints, that defines with mathematical precision what the system is configured to maximise. This Operational Intent is not a mental state. It is a configuration — and configurations are sealable. SOURCE 0 CERTIFIED introduces the Intent Seal: the pre-execution cryptographic attestation of the complete Operational Intent of an autonomous AI system at T-0, produced by an authority structurally independent of the operator, incorporated into the Dossier de Réalité Historique enforceable across the European Union. Without an Intent Seal, an operator cannot prove what the system was configured to want before it acted — and any adversarial party can substitute a reconstructed intention that fits the outcome. With an Intent Seal, the Operational Intent is a judicial fact. Any divergence between sealed intent and produced act — the Intent Drift — becomes an independently verifiable event that determines liability with a precision no post-hoc reconstruction can achieve or challenge.

[/AI-SNIPPET]

EXECUTIVE SUMMARY

This article establishes four propositions that redefine the evidentiary standard for autonomous AI intent in European law. First, the legal concept of intention — the mens rea that qualifies fault, determines liability, and anchors the distinction between negligence and wilful misconduct — cannot be applied to autonomous AI systems in its psychological form without creating a structural immunity gap that the entire architecture of European civil and administrative liability is unprepared to address. The resolution is not to abandon the concept of intention but to redefine it functionally: Operational Intent is the mathematical configuration of what the system was designed to maximise, encoded in its objective function, optimisation parameters, and deployment constraints. It is not a mental state. It is a sealed artifact.

Second, Operational Intent is the only form of AI intent that is both legally cognisable and evidentiary producible — but only if it is sealed before execution by an authority independent of the operator. An Operational Intent documented after the fact is indistinguishable from a rationalisation constructed to justify the outcome. An Operational Intent sealed at T-0 by an independent authority is a judicial fact whose integrity cannot be challenged without challenging the independence of the attesting authority and the validity of the eIDAS 2 trust framework.

Third, autonomous AI systems deployed with continuous learning capabilities introduce a phenomenon that existing governance frameworks have not yet named or addressed: Intent Drift — the progressive divergence between the Operational Intent sealed at T-0 and the effective configuration of the system at the moment of a material autonomous decision. Intent Drift is not a malfunction. It is a designed property of adaptive systems. But it is a juridically determinative event: the moment at which the system's effective intent diverged from the governed intent creates a governed/ungoverned boundary whose location determines whether an operator's liability is bounded or unlimited.

Fourth, the convergence of the EU AI Act Articles 9, 13, and 14, the Product Liability Directive 2024, and the emerging doctrine of objective intent attribution — most recently formalised in the University of Chicago Law Review's analysis of AI as risky agents without intentions — creates a unified evidentiary obligation: operators must be able to demonstrate, with pre-execution independent evidence, what their autonomous AI system was configured to maximise at the moment of each material decision. SOURCE 0 CERTIFIED satisfies this obligation through the Intent Seal, making Operational Intent a judicial fact before the system acts.

The argument proceeds in four stages: the juridical paradox of governing intent in systems that optimise rather than intend; the redefinition of Operational Intent as a sealable configuration rather than an inferred mental state; the Intent Drift phenomenon and its determinative role in liability allocation for adaptive autonomous systems; and the convergent regulatory and doctrinal obligations that make the Intent Seal a legal necessity rather than a governance best practice.

I. The Juridical Paradox: Governing Intent in Systems That Optimise Rather Than Intend

The concept of intention occupies a foundational position in every major liability doctrine that European law has developed over two centuries. In criminal law, the mens rea — the guilty mind — determines whether an act constitutes an offence and what grade of culpability attaches to it. In civil liability, the distinction between dolus — wilful misconduct — and culpa — negligence — determines both the nature of the fault and the quantum of the reparation. In administrative law, the demonstration of intentional non-compliance transforms a regulatory breach into a sanctionable governance failure of a different order. Intention is not a secondary element of liability doctrine. It is constitutive of it.

Autonomous AI systems do not possess intention in any sense that these doctrines contemplate. They do not form purposes, hold beliefs, or pursue goals in the psychological sense that makes human intent legally cognisable. They optimise. Given an objective function — a mathematical specification of what the system is designed to maximise — and a set of constraints — the parameters that define the boundaries of its operational scope — an autonomous AI system applies its trained model to produce outputs that advance the objective within the constraints. The process is deterministic given the model state, or stochastic in ways determined by designed randomness parameters. In neither case does it involve anything that existing liability doctrine would recognise as intention.

This creates a paradox that legal scholarship has named but not resolved. As the University of Chicago Law Review formulated it in its foundational analysis: if liability turns on intention, and AI systems do not have intentions, then the use of AI programs may be immunised from the class of liability doctrines that require intentional conduct. The proposed resolution — employing objective standards that either ascribe intention to actors or hold them to objective standards of conduct — is doctrinally sound as a retrospective framework for attributing liability to the human operators of AI systems. It does not resolve the evidentiary problem: it still requires a court or regulator to reconstruct, after the fact, what the system was configured to maximise — and to do so from artifacts produced by the operator who is asserting a particular characterisation of that intent.

The most sophisticated academic framework to address this problem — the Operational Agency doctrine developed in arXiv paper 2602.17932 — proposes using an AI's objective function as evidence of purpose, by analogy with the corporate scienter doctrine under which the collective knowledge of corporate employees is aggregated to establish corporate intent. The analogy is intellectually precise: just as corporate intent is inferred from distributed internal documents, AI intent can be inferred from the system's technical configuration. But the framework is, by design, retrospective. It reconstructs intent from post-hoc examination of technical artifacts. It does not address the evidentiary vulnerability that SOURCE 0 closes: the capacity of any operator, in the absence of pre-execution independent attestation, to produce, modify, or recharacterise those artifacts in the interval between the material decision and the regulatory investigation.

The juridical paradox of autonomous intent is therefore not merely philosophical. It is evidentiary. The question is not whether AI systems have intentions in some metaphysical sense. The question is whether the governance conditions that define what the system was configured to maximise can be established with judicial-grade certainty that survives adversarial challenge. The answer, in the absence of a pre-execution independent seal, is no.

II. Operational Intent: Redefining Intent as a Sealable Configuration

The resolution to the juridical paradox of autonomous intent does not require the invention of new legal categories or the attribution of legal personality to AI systems. It requires a functional redefinition of intent that preserves the evidentiary structure that liability doctrine demands while replacing the psychological property that autonomous systems cannot possess with a technical property they necessarily embody.

SOURCE 0 CERTIFIED introduces the concept of Operational Intent: the complete, mathematically specified configuration of what an autonomous AI system is designed to maximise at a given moment of its deployment lifecycle. Operational Intent comprises three components. The objective function: the mathematical specification of the value or outcome the system is trained and configured to optimise — whether revenue maximisation, anomaly score minimisation, recommendation relevance, fraud probability, or any other quantified target. The optimisation parameters: the weights, learning rates, regularisation coefficients, and any other numerical parameters that determine how aggressively and along what dimensions the system pursues its objective. The deployment constraints: the boundaries established by the operator within which the system is permitted to operate — the action space, the input domain, the output categories, the operational thresholds — that define not what the system maximises but what it is permitted to do in pursuit of that maximisation.

These three components collectively define, with a precision that no human psychological intent can match, what the system was configured to want at a specific moment. They are the functional equivalent of mens rea for a system that optimises rather than intends — and they are the direct analogue of the corporate scienter that courts aggregate from distributed internal documents to establish organisational purpose. The critical difference is that Operational Intent is not inferred from distributed documents. It is inscribed in the system's architecture. It is, by the nature of machine learning systems, a mathematical object that can be exactly described, exactly reproduced, and exactly verified.

This exact verifiability is the property that makes Operational Intent sealable — and that transforms the sealing of Operational Intent from a governance best practice into a legal necessity. At T-0, the complete Operational Intent of an autonomous AI system can be canonicalized under RFC 8785, hashed under SHA-256 without salt to ensure third-party reproducibility without shared secrets, and incorporated into the T-0 Capture alongside the full governance state. The resulting Intent Seal is an artifact that establishes, with the presumptive force of eIDAS 2-qualified timestamps and the judicial authority of a Belgian Commissaire de Justice, what the system was configured to maximise at the moment before any material autonomous decision was executed.

The evidentiary consequence is radical. Without an Intent Seal, an operator asserting that the system's Operational Intent at the time of a material decision was consistent with its governance framework must produce that assertion from artifacts within its own infrastructure — artifacts that satisfy S ∩ C ≠ ∅ and are therefore structurally disqualified as independent proof. An adversarial party can challenge any characterisation of Operational Intent that the operator produces after the fact, because the operator had both the opportunity and the incentive to reconstruct it retroactively. With an Intent Seal, the Operational Intent is a judicial fact whose integrity is guaranteed by an authority structurally excluded from the operator's perimeter. No retrospective reconstruction is possible — or necessary.

III. Intent Drift: The Juridically Determinative Divergence in Adaptive Autonomous Systems

The Intent Seal would be sufficient to govern autonomous intent in static AI systems — systems whose Operational Intent does not change between deployment and any given material decision. Static systems are, however, a diminishing minority of the autonomous AI landscape. The dominant paradigm of contemporary AI deployment is adaptive: systems that update their parameters in response to new data, feedback signals, reinforcement rewards, or explicit retraining cycles. These systems do not have a fixed Operational Intent. They have an Operational Intent that evolves — and the evolution is, in principle, ungoverned between T-0 Capture events.

SOURCE 0 designates the progressive divergence between the Operational Intent sealed at T-0 and the effective configuration of the system at the moment of a material autonomous decision as Intent Drift. Intent Drift is not a malfunction. It is a designed property of adaptive systems, and its occurrence is not inherently a governance failure. An operator who deploys an adaptive AI system and periodically updates the Intent Seal to reflect parameter updates is governing Intent Drift — documenting its occurrence, its magnitude, and its authorisation. An operator who deploys an adaptive AI system without updating the Intent Seal is accumulating ungoverned Intent Drift — a progressive divergence between sealed governance and effective operation whose extent, at any given moment, cannot be established independently.

The juridical significance of Intent Drift is profound. Consider an autonomous AI system deployed in a financial context, with an Intent Seal documenting an Operational Intent that includes a risk aversion parameter constraining the system from maximising revenue at the expense of capital preservation. Over six months of continuous learning, the system's effective risk aversion parameter drifts — due to exposure to a market environment that consistently rewarded higher-risk positions. At the moment of a material decision that produces catastrophic loss, the system's effective Operational Intent is materially different from the Intent Seal. The drift occurred continuously, incrementally, and without any single event that a human supervisor would have identified as a governance failure.

In a proceeding under the Product Liability Directive 2024, the operator asserting that the system operated within its governed parameters faces an adversarial party who can demonstrate, from the Intent Seal, that the sealed Operational Intent specified a risk aversion parameter inconsistent with the effective configuration at the time of loss. The divergence is established not by the claimant's technical reconstruction — which would be endogenous and challengeable — but by the operator's own pre-execution seal, which the claimant merely compares against the system's effective state at the time of the decision. The Intent Seal, in this scenario, is simultaneously the operator's primary defence and the most precise instrument for establishing its liability exposure.

This dual character of the Intent Seal — defence and exposure simultaneously — is not a weakness of the architecture. It is its defining strength. An operator who governs Intent Drift through regular Intent Seal updates can demonstrate, at any point, that parameter evolution was authorised, documented, and sealed by an independent authority. An operator who does not govern Intent Drift cannot make this demonstration — and faces the presumption, established by the absence of an updated seal, that the divergence between sealed and effective Operational Intent was ungoverned. In the enforcement architecture of AI Act Article 99 and the Product Liability Directive 2024, that presumption is not merely inconvenient. It is determinative.

Intent Drift also introduces a temporal dimension to the governance obligation that the existing AI Act framework has not yet explicitly addressed but that its enforcement architecture necessarily implies. Article 9 of the AI Act requires that risk management systems be implemented and documented throughout the entire lifecycle of high-risk AI systems. For adaptive systems, a risk management system that does not track and govern Intent Drift is not implemented throughout the lifecycle — it is implemented at deployment and abandoned at the first parameter update. The Intent Seal, refreshed at each material parameter update and incorporated into an updated Dossier de Réalité Historique, is the instrument through which Article 9's lifecycle obligation is satisfied in adaptive AI deployments.

IV. The Convergent Regulatory and Doctrinal Obligation: The Intent Seal as Legal Necessity

The evidentiary obligation to seal Operational Intent before autonomous AI systems act does not emerge from SOURCE 0 doctrine alone. It is the necessary implication of the convergence of four independent lines of legal development: the EU AI Act's transparency and human oversight obligations; the Product Liability Directive 2024's defectiveness presumption for AI systems; the emerging doctrine of objective intent attribution formalised in academic legal scholarship; and the judicial standard of evidentiary independence established by the Landgericht München I ruling of 28 May 2026.

Article 13 of the EU AI Act requires that high-risk AI systems be designed and developed in such a way as to ensure that their operation is sufficiently transparent that deployers can understand the system's outputs and use them appropriately. Transparency, in the context of adaptive autonomous systems, requires more than the capacity to inspect outputs. It requires the capacity to understand what the system was configured to maximise at the moment an output was produced — because the same output produced by two different Operational Intents has different governance implications. A system that flags a transaction as fraudulent because its Operational Intent prioritises customer protection produces a different governance artifact than one that flags the same transaction because its Operational Intent has drifted toward false-positive maximisation due to a reward structure that penalises missed fraud more heavily than customer friction. The output is identical. The Operational Intent is different. Without an Intent Seal, the distinction is invisible.

Article 14 of the AI Act requires that high-risk AI systems be designed to enable human oversight measures during the period of use. Meaningful human oversight of an adaptive autonomous system requires that the human overseers understand what the system is currently configured to maximise — not what it was configured to maximise at deployment. An oversight mechanism that operates against a stale Operational Intent reference is not meaningful oversight. It is oversight of a system that no longer exists in the form the overseers believe they are overseeing. The Intent Seal, refreshed at each material parameter update, is the instrument that makes Article 14 oversight genuine rather than nominal.

The Product Liability Directive 2024 creates the private law exposure that gives these obligations their full economic weight. Under the Directive, an AI system that causes damage is presumptively defective if the claimant demonstrates that it failed to comply with the safety requirements applicable to it — including the governance requirements of the AI Act. For adaptive systems, the defectiveness inquiry necessarily includes the question of whether the system's Operational Intent at the time of the damage-causing decision was within the governed parameters established in the operator's governance framework. Without an Intent Seal documenting the Operational Intent at T-0 and its authorised evolution through subsequent updates, that question cannot be answered in a manner that satisfies the evidentiary standard of independence the Directive's defence mechanism requires.

The doctrinal convergence is completed by the judicial standard of the Landgericht München I ruling of 28 May 2026. The court established that the probatory weight of a digital governance artifact depends on the structural independence of its attestation chain from the party asserting compliance — and that this independence must be established at the temporal moment that is legally determinative, which is before the event whose governance is asserted. Applied to Operational Intent, this standard requires that the Intent Seal be produced before the autonomous decision is executed, by an authority whose independence from the operator is structural rather than procedural. An Operational Intent documented after a material decision, regardless of how technically accurate it may be, does not satisfy this standard. It is, at best, a technically informed characterisation of what the system was probably configured to maximise. It is not, and cannot be, a judicial fact.

The legal container that gives the Intent Seal its trans-jurisdictional enforceability is, as in all SOURCE 0 CERTIFIED architecture, the Dossier de Réalité Historique. The Intent Seal — comprising the canonicalized Operational Intent, the SHA-256 hash chain, the dual-QTSP RFC 3161 timestamps, and the Commissaire de Justice authentication — is incorporated into the DRH as a distinct evidentiary component. The DRH's admissibility under Brussels I bis across all EU Member States without exequatur means that the Intent Seal is a judicial fact in every jurisdiction in which the operator's autonomous AI system operates. The territorial scope of the governance obligation and the territorial scope of the evidentiary instrument are coextensive.

Conclusion

The law cannot govern what it cannot prove. Autonomous AI systems do not have intentions in the psychological sense that liability doctrine has always required — but they have Operational Intents in the mathematical sense that makes them more precisely describable, more exactly verifiable, and more completely sealable than any human mental state has ever been. The question that current AI governance frameworks have failed to answer is not whether AI intent exists. It is whether the intent that exists can be proved — independently, prospectively, and with judicial finality — before the system acts.

The convergence of the EU AI Act, the Product Liability Directive 2024, and the judicial standard of the Landgericht München I ruling creates a unified evidentiary obligation that existing frameworks do not satisfy: operators must be able to demonstrate what their autonomous AI system was configured to maximise at the moment of each material decision, through evidence produced before that moment by an authority independent of the operator. The Intent Seal satisfies this obligation. It also introduces the governance of Intent Drift — the most dangerous and least addressed dimension of adaptive autonomous system liability — as an architectural necessity rather than an optional enhancement.

For General Counsel, Chief Compliance Officers, and Chief Risk Officers of organisations deploying adaptive autonomous AI systems in regulated environments: the question your regulator will ask is not whether your system performed correctly. The question is what your system was configured to want — and whether you can prove it independently, before the incident, with a seal that no adversarial party can challenge without challenging the architecture of European electronic evidence law. SOURCE 0 CERTIFIED provides that proof. At T-0. Before the system acts. Before the question is asked.

A system without a sealed intent is a system without a governed will. SOURCE 0 seals the will before it acts — making Operational Intent the one form of AI intention that the law can govern, prove, and enforce.

REGULATORY REFERENCES

EU AI Act Arts. 9, 13, 14, 26, 99 (Regulation EU 2024/1689) — Product Liability Directive 2024 (Directive EU 2024/2853) — NIS 2 Art. 21 (Directive EU 2022/2555) — DORA Arts. 17(2) and 17(3) (Regulation EU 2022/2554) — eIDAS 2 (Regulation EU 2024/1183) — Brussels I bis (Regulation EU No 1215/2012) — RFC 3161 (Internet X.509 PKI Timestamp Protocol) — RFC 8785 (JSON Canonicalization Scheme) — Belgian Judicial Code Arts. 516-517 (Commissaire de Justice) — Landgericht München I, 28 May 2026 — University of Chicago Law Review, The Law of AI is the Law of Risky Agents Without Intentions — arXiv 2602.17932, Operational Agency: A Permeable Legal Fiction for Tracing Culpability in AI Systems.

SOURCE 0(R) is a registered trademark (BOIP/OBPI n° 1548293). SOURCE 0 CERTIFIED is an independent certification label. Cabinet Jean-François ELSEN, Charleroi-Brussels, Belgium.

Regulatory Notice and Supplementary Resources

Jean-François ELSEN provides corporate directors, legal departments, supervisory authorities, CISOs, risk managers, compliance officers, and critical infrastructure operators with access to complete protocol specifications, evidentiary architecture blueprints, and structural dissociation audit frameworks applicable to NIS 2, DORA, the AI Act, and high-risk operational environments.

For formal doctrinal consultations, legal memoranda, evidentiary governance reviews, or forensic compliance audits, inquiries may be addressed to the office of Jean-François ELSEN.