SAFEGUARDING OVERLAY

Standard NILP declarations assume the subject's identity is publishable. The safeguarding overlay inverts this: the subject's rights still subsist, but the declaration infrastructure must actively suppress identity-revealing information from downstream AI consumers. This creates an asymmetric architecture where the rights exist but cannot be exercised in the normal manner.

Category 1 — Minors (under-18 in all jurisdictions; under-21 where local law extends protections). Category 2 — At-risk adults (domestic violence survivors, protected witnesses, persons under court-ordered anonymity). Category 3 — Persons with jurisdictionally-mandated identity suppression (witness protection, super-injunctions, reporting restrictions).

UK: Children Act 1989, Youth Justice and Criminal Evidence Act 1999, Safeguarding Vulnerable Groups Act 2006, GDPR Article 8 (child consent), ICO Age Appropriate Design Code. US: COPPA, state-level minor protection statutes, juvenile record sealing. EU: GDPR Articles 6(1)(f) and 8, national implementations. Each jurisdiction has materially different thresholds and mechanisms.

A structured metadata record that sits alongside NILP declarations and instructs AI pipeline operators to suppress identity-revealing information. The SOB declares: the applicable regime, the suppression scope (full identity, partial, specific elements), the duration (until majority, until court order varies, indefinite), and the verification mechanism.

CIP-NILP-Identity, CIP-NILP-Biometric, CIP-NILP-Performance, and CIP-NILP-Synthetic-Training fields all interact with the safeguarding overlay. Where a SOB is active, these fields must emit suppressed values rather than identity-revealing content. The CIP-AI-User field (v3.24) carries the safeguarding-suppressed:{regime-id} form specifically for this case.

Format: {regime-id}:{subject-category}:{suppression-scope}:{duration}. Regime IDs reference the jurisdictional regime mapping. Subject categories are minor, at-risk-adult, or identity-suppressed. Suppression scope is full, partial:{elements}, or specific:{field-list}.

A Premier League youth academy player (age 16) whose training footage is used by an AI motion-analysis vendor. The safeguarding overlay suppresses the player's identity from AI outputs while preserving the rights holder's (academy's) ability to declare and enforce rights over the footage. Demonstrates the asymmetric suppression pattern in practice.

GIPL policy wording treats safeguarding failures as Layer 2 claims (identity-rights claims with enhanced severity). Safeguarding breach creates an automatic uplift in AI-IP risk scoring. Underwriters assess safeguarding compliance as a distinct audit dimension.