10 to the 23 AI logo

Practice Library

Governance patternauthority

Connection authorization

No data pathway exists until someone with authority approved it — the general edge-level access control.

What it changes

removedContaminated records repeated as fresh output(unauthorized pathways)
removedRecords replicated between systems(unauthorized replication)

Who can pull it

Deploying organizationHarness builderData-protection officer

What it looks like institutionally

Systems accrete connections: a cache wired to an agent, a transcript fed to a fine-tune, a case system syncing to a analytics store. Each new pathway is a new route for error and a new surface nobody governs. Connection authorization inverts the default: pathways between components are closed until an accountable actor opens them, with the grant recorded.

This is ordinary security practice applied to error propagation: least-privilege for information flow, where the risk isn't exfiltration but contamination.

The audit twin: periodically enumerate live pathways and reconcile against grants. The connections nobody remembers approving are precisely the ones to worry about.

Addresses: Unauthorized data pathways · Shadow integrations. Test a version of this lever in the PAN Lab.

Deciding whether this lever fits your deployment?

Which patterns matter — and in what order — depends on your system's actual shape. Ranking your options on evidence, with what can backfire stated, is engagement work.

Sources & Evidence

Claims made on this page and what supports them. The full registry lives in Evidence.

ScenarioIn published PAN runs, content-blind record removal raised the contaminated share of the record system by stri…

In published PAN runs, content-blind record removal raised the contaminated share of the record system by stripping benign dilution; only content-aware decontamination reliably reduced it.

Illustrative PAN-run result: PAN Governance Lever Audit ('content-blind levers backfire'). Direction-and-shape only — not a calibrated prediction for any specific deployment.