Responsible Use & Data Commitments

At a Glance

• You own your data. We do not sell customer data. We do not share customer data with third parties without written consent.
• Not for worker surveillance. Our platform is not for employee monitoring or productivity tracking.
  
• Human-in-the-loop, physics-grounded, explainable. Monitoring and AI remain measurement-first with human accountability.
  
• Local-first default. Raw waveforms default to staying on-site; exports and uploads are explicit choices.
  
• Control features are bounded and authorized. Even when EQ Resolve is deployed, AI proposes actions and human-authorized control systems decide
  

Scope: These commitments apply across the Energy Quotient™ platform from EQ Systems Inc., including EQ Wave™, EQ Sight™, EQ Syntropy™, EQ Resolve™, and EQ Forensics™.

Note: This document describes our current and intended practices and does not create warranties or expand contractual obligations. Specific deployments may have narrower or stricter terms as defined in their contracts. Where there is a conflict between this document and signed contracts, contracts govern. For binding commitments, refer to your signed agreement or contact us for our standard contract language at contracts@eq.systems.

Our Ethical Posture

Continuous waveform monitoring and diagnostics-first work is pro-safety and pro-evidence. “Measure before intervention” is an ethically strong stance in critical systems. It reduces guesswork, blame games, and repeated damage.

The core risks are data governance, security, and over-claiming certainty. Our philosophy (physics-grounded, waveform evidence, measurement-first) is the right anchor to avoid confident nonsense that triggers bad decisions.

What We Do Not Do

• No resale of customer data. Customer data is never sold to third parties.
• No autonomous AI control without authorization. AI provides recommendations; it does not autonomously execute equipment interventions. EQ Resolve implements control actions only under explicit customer authorization with bounded, testable algorithms and manual override.
  
• No claims of regulatory compliance unless contracted and validated. We design to support compliance expectations but do not claim NERC CIP, FDA, or other regulatory compliance unless explicitly contracted and validated.
  

Core Principles

Human-in-the-Loop

AI assists. Humans decide. Engineering judgment remains the final authority on mission-critical interventions, especially when safety or uptime is at stake.

• Separate observations (what the waveform shows) from inferences (what the system thinks it means) from recommended next tests
• Show confidence and evidence, not just conclusions
  
• Require explicit human decision before safety-critical actions
  

Physics-Grounded, Evidence-First

Waveform data is authoritative. AI orchestrates and interprets. It does not replace physics.

• Physics-based models remain authoritative (DAE formulations, power flow analysis)
• Show confidence and evidence, not just conclusions
  
• Full traceability: AI recommendation → waveform evidence → physical measurement
• No black-box predictions for critical decisions
  

Measurement Before Intervention

Diagnose with data, not assumptions. Validate before acting.

• Continuous waveform capture provides ground truth
• Root cause analysis based on measured correlation, not speculation
  
• Recommendation language: “next measurement to confirm” over “definitive fault”
  

Ethical Concerns & Mitigations

1. Surveillance and Misuse of Electrical Data

Concern: High-resolution power signatures can reveal operational patterns (shift schedules, machine utilization, production cadence, specific process events). In the wrong hands, this becomes worker surveillance, competitive intelligence, or pressure tactics in disputes.

Mitigations:

• Data minimization defaults: Store what you need, not everything, unless explicitly contracted
• Strong tenant and role-based access controls: Audit logs as first-class feature
  
• Clear contract language: “Not for employee monitoring,” “not for productivity surveillance,” “no resale,” “no third-party sharing without written consent”
  
• ‍Edge summarization mode: Option where only derived features leave the site, with raw waveforms staying local
  
• Verification on request: Customers may request reasonable verification of data handling practices, as contractually agreed
  

Contractual Commitment: EQ Systems Inc. does not use electrical monitoring data for employee surveillance, productivity tracking, or competitive intelligence gathering. Data collected is for power quality analysis, equipment diagnostics, and grid reliability only.

2. Cybersecurity and Critical Infrastructure Risk

Concern: Monitoring equipment near switchgear, plants, fabs, hospitals, data centers, or utilities becomes part of the attack surface. Even “only monitoring” systems can enable harm: data exfiltration, lateral movement, or operational disruption.

Mitigations:

• Secure-by-default posture: Least privilege, signed updates, measured boot (where feasible), strict key handling, minimal open ports
• Hostile environment design: Short-lived tokens, mutual authentication, strong device identity, revocation capability, alerting
  
• Security baseline documentation: Published security architecture and lightweight vulnerability disclosure process
  
• Air-gap support: On-premises deployment supported with no required external dependencies
  
• Fiber optic isolation (where applicable): Electrical separation from monitored systems supported in standard architectures
  
• Utility-grade expectations: We design with NERC CIP concepts in mind where relevant; formal control mappings available only when contractually required
  

Commitment: EQ Systems Inc. treats security as a first-class design requirement. Supported deployment models include isolated and offline-friendly operation, minimal attack surface design, and transparency on security architecture for critical infrastructure applications.

3. Automation Bias and Over-Trust in AI

Concern: AI outputs can become “the truth.” People may stop checking electrical reality or use AI conclusions as substitute for engineering judgment.

Mitigations: See Core Principles above. AI recommendations are hypotheses to test, not conclusions to trust blindly. The UI distinguishes measured data from AI interpretation, shows confidence with evidence, and requires human confirmation before safety-critical actions.

4. Blame and Conflict Escalation

Concern: In power disputes (utility vs facility, OEM vs integrator, maintenance vs operations), data becomes a weapon. If output is seen as partisan or opaque, it can inflame conflict.

Mitigations:

• Chain-of-custody logging: Tamper-evident audit trail for forensic-grade case
• Neutral language: Avoid “fault” phrasing; use “observed correlation,” “likely contributors,” “next measurement to confirm”
• Defensible exports: Raw waveform snippets, timestamps, calibration metadata, instrumentation setup notes
• Third-party verification: Data format supports independent analysis by customer's engineers
• Clear instrumentation documentation: Full transparency on measurement accuracy and limitations

Commitment: EQ Systems Inc. provides neutral, evidence-based diagnostics. Our goal is to identify root causes, not assign blame. All data and analysis methods are fully auditable.

5. Dual-Use Considerations

Concern: “Continuous sensing + intelligence” can be repurposed for coercive control in some settings: authoritarian monitoring of critical facilities, leverage over smaller suppliers, etc.

Mitigations:

• Deployment-context diligence: We conduct due diligence appropriate to the customer and sector
• Contractual use restrictions: Specify permitted use cases and prohibit misuse
• Right-to-terminate clause: EQ Systems Inc. reserves right to terminate service for misuse
• No anonymous deployments: Clear accountability for who deploys and controls the system

Policy: We reserve the right to refuse or terminate service for use cases inconsistent with our mission.

6. Control and Actuation (EQ Resolve)

Concern: Monitoring is ethically easier than active control. Once closing control loops, we inherit safety engineering duties: failure modes, bounded actuation, rollback, and accountability.

Critical Distinction: AI diagnoses and recommends; it does not autonomously control. EQ Resolve implements control actions only under explicit customer authorization, responding to human operators or authorized control systems (BMS, SCADA), with bounded authority, manual override, safe-state defaults, and complete audit trails.

Commitment: We do not deploy “black box” AI that autonomously controls critical infrastructure.

Data Governance

Data Ownership

• Customer data remains customer property: EQ Systems Inc. does not claim ownership of waveform data, facility operational data, or derived diagnostics
• No resale: Customer data is never sold to third parties
  
• No competitive use: Data from one customer is not used to benefit competitors
  

Data Retention

• Configurable retention periods: Customers control how long data is stored
• Right to deletion: Customers can request full data deletion at any time
  
• Post-contract purging: Customer data deleted within 90 days of contract termination unless the customer requests longer retention, retention is required for legal or compliance reasons, or data remains in encrypted backups until normal backup rotation
  

Data Access

• Role-based access control (RBAC): Customers define who within their organization can access data
• Audit logging: All data access is logged with user identity, timestamp, and action
  
• EQ access restrictions: EQ Systems Inc. employees do not access customer data without explicit permission and documented business need (e.g., technical support ticket)
  
• Data minimization: Only data necessary for contracted services is collected
  

Data Portability

• Open data formats: Customers can export data in standard formats; format availability depends on deployment and data class (e.g., Parquet for waveform data)
• No lock-in: System design supports customer migration to alternative platforms if needed
  
• API access: Programmatic access to customer data via RESTful API (coverage expanding as platform matures)
  

Third-Party Sharing

• Explicit consent required: EQ Systems Inc. will not share customer data with third parties without written consent
• Subprocessors disclosed: List of any third-party services (cloud hosting, etc.) provided in contract
  
• Customer control: Customers can reject specific subprocessors if desired
  

Security Commitments

Infrastructure Security

• Isolated deployment support: On-premises operation supported with documented offline update procedures
• Minimal open ports: Default configuration uses outbound-only communication
  
• Encrypted communication: TLS 1.2+ for all network traffic (TLS 1.3 where supported)
  
• Strong authentication: Support for multi-factor authentication, API token rotation, and short-lived session tokens where deployed
  

Vulnerability Management

• We maintain a security contact (security@eq.systems) and respond to vulnerability reports
• Patch commitment: We prioritize security patches and notify customers of issues affecting deployed systems
  
• Responsible disclosure: We work with security researchers following responsible disclosure practices
  

Compliance Readiness

• Critical infrastructure security design: Designed to support security expectations for critical infrastructure (segmentation, least privilege, auditability). We do not claim NERC CIP compliance unless explicitly contracted and validated.
• NIST Cybersecurity Framework: Architecture aligned with CSF principles
  
• Third-party assessment: We intend to pursue an independent security assessment in 2026 as business and customer requirements warrant
  

Responsible AI Practices

Model Scope and Limitations

EQ Syntropy AI outputs are diagnostic hypotheses tied to waveform evidence. Our AI identifies patterns, correlates events, and suggests likely root causes. These are engineering recommendations, not licensed professional engineering sign-off.

For applications requiring formal engineering certification (e.g., expert witness testimony, regulatory filings, equipment warranty claims), we provide:

• Licensed Professional Engineer (PE) review when explicitly contracted
  
• Detailed forensic reports with supporting waveform data for independent verification
• Expert witness support (available separately)

We do not provide licensed engineering sign-off as a standard product feature. Our platform accelerates diagnostics and provides decision support; final engineering judgment and regulatory responsibility remain with the customer or their designated licensed professionals.

Error Monitoring and Calibration

• Engineering review: AI-generated diagnostics reviewed by qualified engineers before formal forensic reports (licensed PE review for regulated applications)
• Customer feedback: Mechanism for customers to flag incorrect or misleading AI conclusions
  
• Continuous improvement: Model updates based on real-world validation, not just simulation
  

Human Oversight

• Training data diversity: Models trained on diverse facility types, equipment manufacturers, and grid conditions
• Error monitoring: Regular evaluation for systematic errors across different equipment types or operational contexts
  
• Calibration and drift detection: Ongoing validation that confidence scores match real-world accuracy
  
• Feedback loops: Customer corrections incorporated to improve model accuracy
  

Accountability and Governance

Designated Point of Contact

• Responsible use lead: Kevin Davies (Founder & CEO) is the designated point of contact for responsible use questions and concerns
• Escalation path: Employees or customers can raise ethical concerns directly to leadership via contracts@eq.systems
  
• Review cadence: Responsible use policy reviewed periodically and before major product changes
  

Customer Input

• Pilot program feedback: Early customers provide input on data governance and ethical use practices
• Policy updates: Customer feedback incorporated before significant policy changes
  
• Use case evaluation: New use cases reviewed for ethical implications and alignment with principles
  

Continuous Improvement

• Incident learning: Internal process for documenting and learning from ethical issues or near-misses
• External input: Periodic engagement with industry experts and academic advisors as company grows
  
• Transparency commitment: We share updates on responsible use practices with customers and stakeholders
  

Contact

• For security vulnerabilities or technical security questions: security@eq.systems
• For responsible use, data governance, or contract questions: contracts@eq.systems
• For general inquiries: info@eq.systems

This document is a living commitment. We welcome feedback from customers, partners, and the broader community on how we can strengthen our responsible use practices.