Earned trust and reversible delegation
A delegation control where successful use can expand scope and a single action contracts it instantly, with the non-agent channel always available at equal service quality.
Agents that can hold standing delegation and act over time are now widely available, and as government lets citizens delegate more to them, the amount of authority a citizen has handed over deepens. That authority has to track the citizen's actual experience: expanding on demonstrated good use, and contracting the instant they have a bad experience or simply change their mind, without penalty or loss of service.
Government needs delegation to an agent to expand only on demonstrated use and to contract the moment a citizen wants it to, with the agent demoted when it crosses a boundary, revocation at least as easy as granting it, and no service degradation for the citizen who pulls it back.
A trust history must never be a precondition for service access, and every user starts at the most conservative delegation level regardless of any system-side trust assessment. Users set their own delegation preferences independently of system recommendations. The non-agent pathway has to carry genuine parity rather than a degraded 'fallback' experience, since a slower or thinner exit turns the right to revoke into a penalty for revoking.
Earned trust and always-revocable consent are shown as an expand-and-contract delegation control with a guaranteed-parity exit.
No surface has been built yet; the approach above is the brief for one.
- Emerging Headline
Structured earned-trust frameworks exist, but they are built for enterprise contexts (agents operating within organizations), not citizen-facing services.
- Frontier
Adapting them for government-citizen interactions, where the power asymmetry differs from employer-employee or business-customer relationships.
CSA Agentic Trust Framework maturity model (2026). The Intern/Junior/Senior/Principal model treats trust as progressive and evidence-based: agents earn greater autonomy through demonstrated trustworthiness, not time served, and can be demoted when they violate trust boundaries.
Open banking consent revocation. Under PSD2, consumers retain "full control over that consent, including the right to revoke it at any time," establishing that delegated authority is always revocable and revocation must be at least as easy as granting it.
OAuth / delegated-authority patterns. Software delegation models use graduated scope reduction with temporal decay; least privilege keeps agents at minimum necessary permissions; the On-Behalf-Of pattern maintains explicit chains of delegated authority rather than opaque impersonation.
High transferability. Pairing trust that an agent earns through use with delegation a citizen can revoke instantly maps directly to government AI agents, and both halves have precedent (earned-trust maturity models in enterprise governance, instant revocability in open banking). A citizen who has successfully used an agent to check payment dates might let it pre-fill a renewal form. If the pre-fill contains errors, they should be able to narrow the agent's scope at once or exit to a non-agent channel entirely.
Key design requirement: revoking delegation must never result in service degradation. A citizen who chooses not to use the AI agent must receive the same service quality and timeliness as one who does. Otherwise, graduated delegation becomes graduated coercion.
Where this goes wrong is a person caught in an erroneous automated process with no exit. Instant, penalty-free revocability and conservative defaults give that person a way to withdraw the agent and reach a human without losing service.