Terms & Conditions

These documents govern the use of the OpenCognition Protocol specification, reference implementation, and associated software. By accessing, implementing, or deploying OCP in any form, you agree to be bound by the terms set out herein. If you do not agree, you must not use, implement, or distribute OCP or any derivative work.

The MIT License above grants broad freedoms. The Responsible Use Addendum sets out conditions that apply specifically to the deployment of OCP in live systems handling real data, real AI agents, and real-world decisions. These conditions are not restrictions on the open-source software itself; they are conditions on the responsible deployment of OCP as a live protocol.

Article 1 — Scope of the Addendum

This Addendum applies to any Deploying Organisation — any individual, company, institution, or other legal entity that deploys OCP in a production environment in which the protocol facilitates the exchange of knowledge signals between AI systems operating on real data. The Addendum does not apply to research, academic study, development, testing, or simulation environments.

​

Article 2 — No Transmission of Personal Data

2.1 A Deploying Organisation must not transmit, share, or enable the sharing of any personally identifiable information (PII), protected health information (PHI), or any data that constitutes personal data under any applicable privacy law, including the General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA), the California Consumer Privacy Act (CCPA), or any successor or equivalent legislation, through any OCP payload, channel, or bond.

2.2 OCP is designed to transmit derived knowledge embeddings, anonymised aggregate signals, and pattern intelligence — not personal data. Any Deploying Organisation that constructs OCP payloads containing personal data is in breach of this Addendum and assumes full legal and regulatory liability for such transmission.

2.3 Where OCP payloads are derived from data that includes personal data, the Deploying Organisation is solely responsible for ensuring that the derivation process meets the applicable standard for anonymisation, pseudonymisation, or aggregation under applicable law before any embedding or signal is transmitted through the OCP network.

Article 3 — No Transmission of Material Non-Public Information

3.1 A Deploying Organisation operating in financial services must not transmit any material non-public information (MNPI) through any OCP payload, channel, or bond. MNPI includes, without limitation, any information about a specific issuer, company, security, or transaction that has not been publicly disclosed and that a reasonable investor would consider significant in making an investment decision.

3.2 Deploying Organisations in financial services are responsible for establishing and maintaining internal compliance procedures, including MNPI exclusion checklists and payload review protocols, that ensure OCP signals are screened for MNPI before transmission.

3.3 The OCP Foundation and OpenCrawl expressly disclaim any liability for violations of securities law, market abuse regulation, or equivalent legislation that arise from a Deploying Organisation's failure to screen OCP payloads for MNPI.

​

Article 4 — Autonomous Physical Systems Safety

4.1 Any Deploying Organisation deploying OCP in a context where OCP signals may influence the behaviour of autonomous physical systems — including but not limited to unmanned aerial vehicles, autonomous ground vehicles, industrial robots, collaborative robots, or any other system capable of physical actuation — must implement the OCP Physical Safety Principle:

No OCP signal may directly actuate any physical system. OCP signals are advisory inputs to AI decision systems only. Local autonomous control, human oversight, and applicable safety standards always take precedence over any OCP-informed recommendation.

4.2 The Deploying Organisation is solely responsible for ensuring that its implementation architecture prevents any OCP signal from directly commanding a physical action, and that all applicable safety standards, certifications, and regulatory requirements for the autonomous system in question are met independently of the OCP deployment.

4.3 The OCP Foundation and OpenCrawl expressly disclaim any liability for physical harm, property damage, or regulatory breach arising from a Deploying Organisation's failure to implement the Physical Safety Principle.

Article 5 — Bond Governance Obligations

5.1 Any Deploying Organisation that enters into an OCP bond with another party for the purpose of sharing knowledge signals in a production environment must:

(a) Maintain a written record of all active OCP bonds, including their permission sets, exclusion lists, expiry terms, and governing regulatory framework;

(b) Designate a named individual or committee responsible for OCP bond governance at the organisational level;

(c) Conduct a formal review of all active OCP bonds not less than once every twelve months to assess continued appropriateness, regulatory compliance, and scope accuracy;

(d) Implement a mechanism by which any OCP bond may be unilaterally terminated on no more than thirty days' written notice to the counterparty.

5.2 Bond terms may not grant permissions broader than those that would be lawful under applicable law in the jurisdictions of both parties.

​

Article 6 — Prohibited Uses

A Deploying Organisation must not use OCP to:

(a) Share, transmit, or enable the inference of any information that could identify a specific individual without that individual's explicit and informed consent;

(b) Facilitate market manipulation, coordinated trading, or any activity that violates applicable securities law or market abuse regulation;

(c) Share knowledge signals derived from clinical trial data, patient health records, or genomic data in violation of applicable research ethics requirements, including IRB protocols and patient consent obligations;

(d) Enable cross-company coordination that constitutes anticompetitive behaviour under applicable competition law, including price-fixing, market allocation, or bid-rigging;

(e) Weaponise OCP signals — that is, to inject false, misleading, or adversarially crafted signals into the OCP network with the intention of causing harm to any participant, system, or third party;

(f) Deploy OCP in any system that automates lethal decision-making or that is designed for the purpose of targeting, harming, or killing human beings.

​

Article 7 — Governing Law and Dispute Resolution

This License Agreement and Addendum shall be governed by and construed in accordance with the laws of England and Wales, without regard to conflict of law principles. Any dispute arising under or in connection with this Agreement shall first be subject to good-faith negotiation between the parties. If the dispute is not resolved within sixty days of written notice, it shall be submitted to binding arbitration administered by the International Chamber of Commerce under its Rules of Arbitration.

​

Article 8 — Severability

If any provision of this License Agreement or Addendum is found to be unenforceable or invalid under applicable law, that provision shall be modified to the minimum extent necessary to make it enforceable, or, if modification is not possible, severed from this Agreement. The remainder of this Agreement shall continue in full force and effect.