AI ethics is an engineering discipline

The phrase "AI ethics" has been doing a lot of damage.

It sounds like a soft topic. Like something a company funds with a vague-sounding committee, a quarterly memo, and a slide in the board deck. It sounds like the part of AI work that happens after the real work — the engineering, the modeling, the deployment — is already done.

That framing is wrong. And it is going to be the most expensive misunderstanding of the next ten years.

AI ethics is an engineering discipline. It has measurable failure modes. It has operational frameworks. It has practices you either build into your system or you don't.

The companies that treat it as a compliance checkbox are setting up the next decade's most expensive scandals. The companies treating it as infrastructure will define the trust the rest of the field operates inside.

Maximum EU AI Act fine, as a share of global annual revenue. The largest tech fine ever, as a structural feature of the regime.

Where most named AI companies sit on the ethics maturity ladder in 2025. "Principles published, nothing enforced."

18mo

Median tenure of a hired "AI ethicist" without engineering authority. Most quit. The role is set up to fail.

The five categories of AI harm

Almost every real-world AI incident sits in one of these five. The framework is not complete. It is sufficient to make the conversation operational.

Pick a category to see the failure mode.

Each card opens what the harm looks like in practice, the kind of system it shows up in, and what the operational fix is.

Where ethics fails in real deployments

The failure mode is not usually that a company tried to do the wrong thing. It is that no one in the team owned doing the right one.

Six patterns that show up over and over:

No one was responsible for the ethics question. The PM owned the feature. The eng team owned the model. Legal owned the risk register. No one owned "should this exist?"
Evaluation was capability-only. The model was tested for accuracy, latency, and cost. It was not tested for harm.
The training data was a black box. Even the team that built the system did not know what was in it, who consented, or what biases came along.
The deployment was launched globally without local review. What was acceptable in one regulatory environment was a felony in another.
There was no kill switch. Once shipped, the system kept running long past the point where the team realized it was causing damage.
The user could not appeal. When the system made a decision the user disagreed with, there was no path back to a human.

Notice that none of these are technology problems. They are organizational problems. AI ethics, done well, is mostly about who owns what.

AI ethics is not a soft topic. It is the engineering discipline of building systems that survive contact with the public.

Ethics-washing vs. operational ethics

Most companies claim to do AI ethics. The honest comparison is what the work actually looks like on each side.

Ethics-Washing

What most companies actually do

Publish principles. Fairness, transparency, accountability. Beautiful. No enforcement attached.
Hire one "AI ethicist." Without budget, authority, or engineering background. They leave within 18 months.
Fund a research committee. Excellent papers. Zero effect on what ships next quarter.
Issue a press release about responsible AI — often timed within a quarter of a launch the public would object to.
Treat the ethics question as something legal handles after the model is trained.

Operational Ethics

What the companies who actually do it build

A trained, paid AI ethics function with both engineering and policy credentials.
Capability + consequence evals, run in parallel. Every release gets both.
Data provenance documentation for every dataset. Where it came from. Who consented.
Published model and system cards documenting intended use and failure modes.
A mandatory review process with the authority to block a launch — not advisory.
An audit trail that survives legal discovery. Because eventually, this is what gets subpoenaed.

The maturity ladder

Where a company sits on the AI ethics maturity ladder is the single best predictor of which side of the next decade's biggest scandals they will be on.

No function

AI ethics is "something legal handles." No internal function exists. The first incident is the wake-up call.

CATASTROPHIC RISK

Just hasn't surfaced yet.

Principles published

A page on the website. A press release. Nothing enforces it. This is where most named AI companies sit in 2025.

ETHICS-WASHING

Optics. No protection.

Committee + voluntary process

A committee meets monthly. Makes recommendations. The product team ships when it wants. Better than nothing. Not enough.

ADVISORY ONLY

Reviewable. Not blockable.

Mandatory review with authority

A reviewer with engineering credentials can block a launch. The reviewer is paid, trained, and trusted. A handful of companies are here.

REAL TEETH

Launches can be stopped.

Operational infrastructure

Ethics is built into the development pipeline. Evals run automatically. Documentation is generated. Reviews happen at gates that cannot be bypassed. Almost no one is here — yet.

INFRASTRUCTURE

It just runs.

Three frameworks worth knowing

If you are operating any AI at scale, you are now intersecting with at least one of three governance frameworks. Being able to map your system to them is the new minimum.

	EU AI Act	NIST AI RMF	ISO/IEC 42001
Type	Hard regulation (binding)	Voluntary framework (US)	International management standard
Approach	Risk-based tiers, conformity assessment for high-risk	Four functions: Govern, Map, Measure, Manage	Auditable management-system, similar to ISO 27001
Enforcement	Fines up to 7% of global annual revenue	None directly. Increasingly embedded in federal procurement.	Certification by accredited auditor. Increasingly required by procurement.
Who needs it	Anyone selling AI into the EU	US federal contractors, anyone aligning to state legislation	Enterprise sellers needing a portable trust signal

What this means for everyone in AI

The transition is already happening. The companies that close the operational AI ethics gap in 2025–2026 will define what trust in AI actually means. The companies that don't will be case studies.

That is the work the Building Trusted AI curriculum was built for. Three courses, three on-ramps:

AI Ethics & Provenance — the data side. Provenance, consent, bias detection, the regulatory landscape translated into actual policy.
Evals & Safety Testing — the engineering side. Building eval suites, red-teaming, drift monitoring, surfacing metrics non-technical stakeholders can act on.
AI Governance in Practice — the organizational side. Standing up the review function, model cards, audit trails, third-party AI vendor risk.

Available as a 2-hour Essentials drop-in, the full Building Trusted AI practitioner track, or the Trusted AI for Leaders executive edition.

That's the work. Come help us do it.

See the Building Trusted AI curriculum →