Anti-regulatory sentiments are prevalent among European and American lawmakers. Some governments are targeting AI regulation – with the US administration taking aim at state-level AI laws in favour of centralising Silicon Valley’s AI capacity, and the EU AI Act and data protection regulations being rolled back. This trend has inspired policymakers, researchers and industry representatives to consider alternative, non-statutory mechanisms, including ‘private governance’, to guide behaviour towards more responsible outcomes and shape the AI market. 

Private governance mechanisms (not to be confused with company ‘self-governance’) are already common in safety-critical industries (e.g. aviation and healthcare). They typically include  liability regimes as well as narrower, more process-driven activities, like assurance or due diligence frameworks, and are often developed and refined by third-party private companies and industry associations.

On the plus side, these regimes may operate interdependently, boosting their individual contribution to AI safety. And they can be built to function at an international level, rather than only national, in ways that could help pace AI development and its far-reaching, cross-jurisdictional externalities

However, the present emphasis on private governance risks overblowing its capacity. In this blog, we demystify the concept of private governance by looking at three prominent mechanisms – civil liability, assurance and insurance – and their potential and limitations, as well as the conditions under which they could contribute to AI safety. We conclude with some open questions for researchers and policymakers to take forward.  

Civil liability

Civil liability refers to the legal accountability that actors are subjected to via private law (usually torts or contracts) for harms they have caused. This is distinct from criminal liability, where the state prosecutes an actor for breaking a public law. A civil liability claim can be based on a general liability rule (negligence) or specific liability regimes (including product liability, professional liability and strict liability for specific risky activities). 

Civil liability has two functions. First, it provides a path to redress for people who have suffered harm at the hands of another party, whether the harm was intentional or due to negligence. Second, it establishes an economic incentive for actors to behave in line with safety standards failure to employ reasonable safeguards and any subsequent damage could result in a lawsuit and a compensation payout. The latter function is the one integral to private governance.

A recent example of this is the Los Angeles social media addiction trial, which found Google and Meta liable for intentionally embedding addictive design features in their social media platforms and causing mental health harms to the plaintiff. Thousands of similar social media addiction cases are currently making their way through the US courts. 

With the LA case confirming that the line of legal reasoning, demonstrating the companies’ liability, holds water and stands to trigger sizable damages, other cases could cost significant amounts to Google and Meta – perhaps adding up to enough of a financial incentive to rethink the design of their platforms.

This type of legal initiative by individuals can provide a meaningful complement to public enforcement action. Some harms do not amount to criminal misconduct, or regulators and prosecutors may lack resources to investigate all alleged breaches of the law. In the EU there are quite a few examples of cases that aim to ‘privately enforce’ the GDPR (see one here), complementing the public enforcement of overburdened data protection authorities.

Still, private litigation for liability claims is no easy route and has many limitations. 

In the Meta and Google case, the plaintiff boldly confronted two powerful technology companies in an area of legal uncertainty. Winning the case was far from guaranteed. Lawsuits can span many years and the claimant can incur significant cost, in financial terms as well as their time and energy. In some jurisdictions, the claimant in a losing case also risks bearing some of the opponent’s legal costs. 

The nature of AI harm further complicates the picture. Some forms of harm caused by an AI product are immediate and obvious, e.g. an automated car causing a car crash. But many will be pernicious and systemic – the cumulative effect of biased AI recruitment systems, the misinformation spread by LLMs, or the mental health harms of prolonged interaction with AI companions. Damage may not always be visible to the affected person or, if it is, it may not meet the bar to warrant an individual court case. 

Collective redress mechanisms can provide a route to obtain compensation in situations where a large amount of people have suffered a minor harm. Collective actions are well established in the US and are starting to gain traction in the EU (although one GDPR case has been stuck in the admissibility phase for six years), but they are only allowed in very limited contexts  in other jurisdictions, such as the UK.

Overall, while AI liability cases might gain traction over the next few years – indeed there are already some AI chatbot cases in the US – they can come with significant legal and financial risks and place a high burden on the claimants. 

AI assurance 

AI assurance refers to all the activities that measure, evaluate and communicate the trustworthiness of AI systems. While there is no established consensus on its definition, assurance usually comprises some kind of system-level technical testing (such as bias audits or red-teaming) or compliance testing (like a conformity assessment verifying a system against technical standards). AI assurance providers may also fold in additional services for enterprises, like risk management training.  

AI assurance is an apparently blossoming field, with the Department for Science Innovation and Technology reporting the existence of over 80 specialised companies offering services in the UK in 2024. It draws heavily from established traditions of safe innovation in domains like pharmaceuticals, which are underpinned by strong standards of accountability and transparency, as well as technology domains like cybersecurity. 

A functioning AI private governance ecosystem will likely rest heavily on the ability for assurance to reliably verify systems against standards adopted to serve expectations and the requirements of insurance and liability. Verification methods vary according to both the claims needing to be verified (‘is my system biased?’) and the evidence used to verify the claims (technical test results, operational documentation). 

Various standards, frameworks and benchmarks in circulation, such as the ISO 42001 risk management standard or NIST’s AI Risk Management Framework, are increasingly underpinning verification efforts. Indeed, there is an intrinsic relationship between standards development and assurance adoption – the latter is unlikely to develop independently of the former. 

However, research from Ada and the Center for Democracy & Technology shows that companies and assurance providers find existing standards imprecise, as they are both too flexible and too brittle, and in practice often hinder the delivery of assurance rather than guiding it. A fluctuating evidence base, the unpredictability of outputs generated by AI systems, and the fact that the ‘verifier’ (an assurance professional or algorithm auditor) is often given a large degree of discretion add obstacles to standardised verification. 

Other issues might emerge in relation to the present conditions of the AI assurance market. The Big Four accountancy giants are shepherding the market as their clients begin seeking help with AI adoption, strategy and governance, and AI assurance is quickly replacing traditional audit services. This risks overly skewing the assurance market in favour of these big players’ particular approach to assurance as well as their bottom lines, instead of fostering a plural ecosystem.

Improperly scoped or conducted risk assessment and assurance will have a knock-on effect for insurers, as assurance and insurance are complementary. As in the case of start-up Armilla AI, companies may decide it is commercially viable to provide both AI assurance and insurance products. Increased visibility of the dynamics of risk and verification may make for more accurate insurance pricing, but there are clear financial incentives at play that may impact rigour and independence. And a falsely assured system offers no recourse in a liability regime. 

Insurance

Risk management practices in the context of AI governance are often characterised as interventions with the aim of reducing risk. But the management of risk can also involve its externalisation, including by obtaining private insurance.  

The private insurance industry is structured around identifying risk factors that are likely to result in claims, estimating the costs those claims may incur and selling insurance policies that cover those costs when defined conditions are met.  Insurers also commonly impose controls (required practices or safeguards that reduce the likelihood that covered risks materialise to a manageable rate) or offer discounts to reward risk-reducing behaviour to policyholders. This has prompted stakeholders to explore the role that insurers could have in imposing guardrails on AI systems and the organisations that develop them, even in the absence of legal or regulatory requirements.

Coverage for AI-related harms may primarily stem from two types of insurance. First, general liability insurance offers coverage for organisations against accidental, harmful events stemming from normal business operations, which could include AI-related events. However, this type of policy often carves out certain risks that are either difficult to accurately price, due to uncertainty in the likelihood or magnitude of harm, or that present a substantially different risk profile from other risks linked to the general operations of the policyholder. Indeed, insurance policies typically exclude many technology-related risks, and insurers are increasingly exploring and introducing such exclusions for AI-related exposures. 

Where general insurance policies exclude certain issues from coverage, organisations may seek to purchase a second type of insurance: specialised coverage from insurance providers leveraging domain-specific expertise and actuarial models (statistical models that predict the likelihood of incidents) to underwrite risks. 

In both cases, by defining the conditions under which organisations can obtain coverage through required controls or available incentives, insurers can in theory play a significant role in defining how those seeking or holding insurance policies develop and deploy AI. In order to determine whether and what sort of coverage to offer to applicants, insurers may request internal documentation and attestation of practices as well as turn to AI assurance to verify organisations’ claims or validate the conformity of a system to a particular set of standards.

However, for insurance to be an effective lever of private governance, insurers must use actuarial models that accurately reflect an understanding of the characteristics of high-risk AI systems, as well as the effectiveness of safeguards in reducing risk. 

Yet data to inform these actuarial models in emerging domains like AI is scarce, leading to insurers requiring or incentivising behavior that does not meaningfully reduce the likelihood or magnitude of harm.

Experts who have observed similar dynamics in cyber insurance have warned that this lack of data will likely lead to ineffective risk mitigations. For insurance to act as an effective lever of governance, more data collection to support the development of accurate risk models will be necessary. And insurance providers have their own business risks to manage as well. Interest in maintaining profitability and ensuring liquidity will influence their choices.

Example models of liability, assurance and insurance working interdependently

Below we provide two hypothetical examples of how private governance mechanisms could work together interdependently. We consider good outcomes and potential failure modes across two different technologies with different user and adoption profiles.

Failure mode Good outcome
Example 1:

Harms to user/consumer of an AI therapy chatbot.

A therapy chatbot is found to be causing harm through exercising manipulative behaviour. ‘Manipulation’ is a challenging impact to measure, which creates points of uncertainty at each governance layer.

Liability failure:

A user seeking redress for manipulative effects from using the chatbot has to show that their harm is ‘serious’ enough to be covered by negligence or product liability laws.

They will also have to prove that the AI company failed to meet a standard of ‘reasonable behaviour’ and that this caused their harm. This is a high burden of proof to meet, especially where the ‘standard of care’ for AI companies is not yet fully clear. The user struggles to obtain redress.

Liability success:

The ecosystem understands the risks of AI chatbots for manipulation well enough to have established expectations around which measures an AI company should take to mitigate them, i.e. the standard of care is clear. Evidence that a company has fallen short of taking such measures can be a way to show that the company did not comply with the required ‘standard of care’ towards its users.

Additionally, supportive procedural rules (including rules that allow for collective redress, or evidence disclosure mechanisms) help the user with their claim.

Assurance failure:

The chatbot was tested with users and refined according to user feedback, and it is assured against data privacy and cybersecurity standards. The chatbot is not considered a medical device, so rigorous safety testing is not required, and there is no recognised benchmark for assuring against manipulative behaviour.

Assurance success:

A longitudinal study with a third-party research lab finds systematic evidence of user dependency on the chatbot, which becomes self-reinforcing. Regulatory bodies in healthcare revise their digital healthcare technologies assurance frameworks to include manipulation as a potential risk.

Insurance failure:

The developer of the chatbot holds a product liability policy, which covers physical harm but not psychological harm (like manipulation). As a result, there is a gap in coverage, affecting both the developer and the users.

Insurance success:

An insurance company has sufficient data to create an insurance policy that accurately reflects the risks posed by AI chatbots for mental health harms caused by manipulation. The provider understands the risks well enough to be able to stipulate what safeguards should be put in place to mitigate mental health risks and thereby incentivise AI companies’ safety practices.

Example 2:

Harms to enterprise due to the use of an AI recruitment scoring system.

An employer, Company A, uses an off-the-shelf AI recruitment tool to sift through job applicants. The tool turns out to be biased: it filters out applicants with long hair (men or women) in their headshots.

 

Liability failure:

Company A has missed out on good potential applicants who were filtered out based on irrelevant characteristics. It has suffered reputational damage and faces a potential legal claims from the unfairly rejected applicants. It wants to hold the AI company liable for this.

However, as this is a new and emergent risk and not a form of discrimination based on a protected characteristic in the relevant jurisdiction, it is not clear that the AI company should have legally done more to prevent it. Company A struggles to hold the AI company liable.

Liability success:

There is a clear established practice for evaluations to check for such new and ‘emergent’ forms of bias in AI tools. ‘Reasonable industry practice’ around such risks is clearly established. If the AI company has failed to follow this practice then its conduct is below the standard of care and it can be held liable by Company A.

If reasonable industry practice has been followed but the bias still occurs, there may be insurance policies that cover such damage. This allows Company A to have access to compensation either way.

Assurance failure:

Company A conducted a bias audit prior to deployment to ensure the system did not create differential impact for applicants with protected characteristics. But this proved ineffective for the risk of an emergent and unknown form of discrimination.

Assurance success:

Company A works with a large third-party technical assurance provider, who helps them deploy continuous testing and live data monitoring to capture any potential bias as it arises, which informs assurance efforts.

Insurance failure:

The insurance market is too immature to provide coverage for risks that are of low likelihood, such as the one exposing the Company A in this case.

Insurance success:

Company A is covered by their existing insurance premium related to cybersecurity, which contains stipulations around robust internal risk management processes. This provides an incentive for the employer to invest properly in oversight and assessment.

Going forward 

We hosted a workshop exploring the dynamics of a potential private governance regime at the ACM Fairness, Accountability and Transparency conference in Montreal in June 2026. Like us, attendees could identify some areas of promise but posed a number of questions about how private governance for AI would work in practice and the societal outcomes. 

Following this discussion, we highlight below some of the questions that research in this area should address. 

  • What does the potential advance of private governance mean for the need to regulate AI? 

The interest in private governance does not reflect an anti-regulatory posture, nor does it promote a hands-off, industry self-governance approach. Previous research shows that often governmental interventions like regulation are the key to providing clarity and incentivising uptake of private levers like assurance. We see the utility of private governance working best when paired with regulatory initiatives. There is much room for future research on what this balance of experimentation between public and private actors looks like in the AI domain.

  • What can these three mechanisms (liability, assurance and insurance) achieve by themselves and together?

Though there is appetite for using liability, assurance and insurance in AI governance, it is not yet clear whether and how they will contribute to AI safety at scale. Each one of them brings a risk of ‘oversight theatre’ that will have to be carefully and iteratively managed.

It is possible that mechanisms working in tandem may paper over the gaps or limitations of any one mechanism working independently. For example, in cases where demand for AI assurance is low, liability regimes might incentivise interest in obtaining insurance, while insurance providers could help to incentivise take-up of AI risk management standards by considering adoption of standards as an insurance parameter during underwriting. But this interdependence could also result in a cascade of failure, instigating the very kind of systemic risk the private governance system seeks to avoid. 

  • What are preconditions to these mechanisms working in practice? 

Organisations need the required incentives to act: it is not clear, for example, that the risk averse insurance industry will dive feet first into underwriting AI. And the benefits people receive from private governance in one jurisdiction may be asymmetric to another area. For instance, the US has by far the largest insurance market in the world – people living outside the US will not receive a comparable level of service.

Different demands on private governance are likely to emerge over time, as both AI governance evolves and technology advances. One argument suggests that AI tools will be used to support the execution of AI governance (for example, AI agents automating some of the querying process between insurance underwriters and adjusters). Going forward, there will be a demand on both assurance and insurance providers to routinise risk profiles and pricing, while simultaneously adapting to new horizons.

  • Will these mechanisms deliver safe AI for people and society? 

Finally, the core motivation for putting private governance on the table is to scrutinise its claims and potential impacts not just for AI governance, but for people and society. 

Public sentiment is increasingly negative about AI, and people are vocal about the need for strong guardrails and oversight. At the heart of private governance lies an interplay between control, risk and trust, but these concepts are not fixed, and will naturally absorb divergent views and values. A plural, sociotechnical and empirically-supported understanding of what, for example, ‘risk’ in AI looks like, and according to whom, will enable a more effective private governance regime. 

It is worth scrutinising the accountability and public interest outcomes of private governance. Ultimately, the transfer of risk between actors is not the same as reducing that risk for people and society. 


In the coming months, Ada will be exploring questions around AI private governance. If you’re interested in participating in this conversation, please email us.