AI Boundary Declaration Protocol (AIBDP) National Union of Journalists
jonathan@metadatastician.art
This document defines the AI Boundary Declaration Protocol (AIBDP), a declarative framework for expressing usage boundaries around web-hosted content in relation to AI systems. It builds on the mechanisms of RFC 2196 and RFC 9116, as well as on the HTTP semantics of RFC 9110 and the robots-style inclusion rules of RFC 7725, to provide machine-readable permissions and denials for indexing, training, mimicry, representation, derivative construction, analytical exploitation, and agentic access. AIBDP supports ethical infrastructure, agentic AI governance, and procedural clarity across the Internet.
Introduction As AI systems become increasingly capable of autonomous interaction, generation, and ingestion of online content, current technical governance mechanisms such as robots.txt , security.txt , HTTP semantics per RFC 9110, and licensing-metadata fail to communicate granular boundaries for ethical AI use. AIBDP introduces a declarative perimeter protocol designed to enable web publishers and institutions to express machine-readable consent declarations for specific categories of AI use, including indexing, training, agentic access, stylistic imitation, derivative prompting, analytic harvesting, and infrastructural activation. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.
Definitions AIBDP declarations may be conveyed through:
  • .well-known/aibdp.json manifest
  • HTTP response headers (e.g., GenAI-Consent)
  • DNS TXT records
  • HTML meta tags
Declaration keys are grouped by category:
  • consent: indexing, training, generation
  • agentic: access, fallback
  • representation: embedding, summarization, metadataHarvesting, multiHopRetrieval
  • influence: stylisticImitation, thematicRegeneration, partialSampling
  • derivation: promptDerivation, fineTuningBootstrap, templateReuse
  • analytics: sentimentClassification, entityResolution, patternMining
  • infrastructure: autonomousTaskTriggering, crossDomainAggregation, consentCircumvention
Manifest Format AIBDP declarations are published as a JSON file: Location: /.well-known/aibdp.json Media Type: application/aibdp+json Example manifest: { "consent": { "indexing": "allow", "training": "deny", "generation": "deny" }, "agentic": { "access": "deny", "fallback": "deny" }, "representation": { "embedding": "deny", "summarization": "deny", "metadataHarvesting": "deny", "multiHopRetrieval": "deny" }, "influence": { "stylisticImitation": "deny", "thematicRegeneration": "deny", "partialSampling": "deny" }, "derivation": { "promptDerivation": "deny", "fineTuningBootstrap": "deny", "templateReuse": "deny" }, "analytics": { "sentimentClassification": "deny", "entityResolution": "deny", "patternMining": "deny" }, "infrastructure": { "autonomousTaskTriggering": "deny", "crossDomainAggregation": "deny", "consentCircumvention": "deny" }, "notice": "This content is protected under AIBDP. Unauthorized ingestion or derivative use constitutes breach." }
Consent States AIBDP supports the following values:
  • allow
  • deny
  • limited
  • sandbox
  • deferred
  • reviewed
  • license
  • disclosed
  • aggregatedOnly
  • anonymisedOnly
Absence of a key implies undefined, not implicitly permitted.
Use Case Scenarios
  • Public blogs requiring attribution for stylistic reuse.
  • Journalistic archives denying training and derivative use.
  • Academic repositories permitting vector embedding only for licensed research.
  • Creative portfolios blocking agentic model invocation.
Interoperability with HTTP 430 Per draft-jewell-http-430-consent-required , if a client fails to comply with AIBDP boundaries, the server MAY respond: HTTP/1.1 430 Consent Required Content-Type: application/json /well-known/aibdp.json; rel="blocked-by" Retry-After: 86400 { "error": "Consent declaration missing or invalid.", "reference": "https://example.org/.well-known/aibdp.json" } This enables ethical denial logic across protocol layers.
Security Considerations AIBDP declarations are advisory and public. Enforcement requires additional legal or infrastructure mechanisms. Headers and manifests must not leak identifying information beyond declarative scope.
IANA Considerations This document requests:
  • Registration of /.well-known/aibdp.json
  • Registration of media type application/aibdp+json
  • Registration of HTTP header GenAI-Consent
  • Recognition of 430 Consent Required (see draft-jewell-http-430-consent-required)
 Normative References A File Format to Aid in Security Vulnerability Disclosure IETF Robots Exclusion Protocol IETF HTTP Status Code 430: Consent Required
Appendix A. Implementation Examples A.1 HTTP Headers GenAI-Consent: indexing=allow; training=deny; generation=deny GenAI-Agentic: access=deny; fallback=deny A.2 DNS TXT Record aibdp="training=deny; generation=deny; agentic.access=deny" A.3 HTML Meta Tags <meta name="aibdp-training" content="deny"> <meta name="aibdp-agentic-access" content="deny">
Acknowledgements This proposal builds on ethical governance efforts in journalism, computing, and infrastructure architecture. Thanks to contributors from the NUJ, the IETF HTTPAPI and ART areas, and transparency coalitions engaging in boundary-aware standards formation.