JIT
← Notebook

AI is humanized compute

AI isn't a new domain, it's compute grown up enough to act. Treat it like staff: a broad junior, always inside a human accountability tree, carrying its own papers.

In my last piece I sketched six pillars for modern IT, and then I cut the sixth. AI was on the list; it shouldn’t have been. Not because AI doesn’t matter, but because a pillar is a resource domain, and AI isn’t one. AI is compute that grew up. It reasons, it decides, it acts. It’s humanized compute — and the moment you see it that way, the governance stops being mysterious. You already know how to manage a fast, well-read, slightly reckless newcomer. You’ve hired juniors before.

Humanized means human-shaped, not human-friendly

Let me defend the word before someone takes it away. Humanized doesn’t mean warm and fuzzy, and it isn’t marketing. Its real definition is plain: something that looks and feels human but isn’t. AI is trained on human language and human logic, so it is humanized by construction. The tool I use to make AI drafts sound like me is literally called humanize, for exactly this reason. That’s humanized+1: humanizing output that was already humanized. Don’t flinch at the word because of sentiment. It’s the precise one.

It’s a junior in every field you point it at

Start an agent on a new domain and you’ve hired a bright junior on day one. Vast reach, read everything, retains nothing that ever hurt. No scar tissue, no accountability, no instinct for the landmine that isn’t in the docs. That’s not an insult; juniors are how every senior started. But you’d never hand a day-one junior prod, a tier-0 account and the keys, then leave the building. You scope them, you review their work, you let them earn rope. Same species of trust, same controls. I’ve written before about expert hands, junior judgment; humanized compute is that permanently. Expert reach, junior judgment, on every new task you point it at.

The accountability never leaves the tree

A junior’s mistakes are the senior’s problem. That doesn’t change when the junior is made of matrices. Every AI sits in an accountability tree: a human puts a lead AI in charge, that AI delegates to sub-agents, those spawn their own. Human → AI → sub-AI → sub-AI, turtles all the way down. The rule is the one every org already runs: the layer above answers for the layer below.

Human owner always accountable puts it in charge Lead AI a junior, put in charge Sub-agent narrower scope Sub-agent narrower scope Sub-sub-agent …and down it goes Accountability flows up every edge. The human root owns all of it.
Take the human out of the loop and you don't remove the accountability, you just fix it at the root: whoever put the top agent in charge owns everything below it.

Take the human out of the loop and you don’t remove the accountability, you just pin it to the root. Whoever put the top agent in charge owns everything it does, and everything its agents do. There is always a human at the root of the tree. If there isn’t, that’s not autonomy, that’s an orphan, and orphans are incidents waiting for an owner. This is the whole reason I care about securing the agent token chain: the delegation has to be provable, or the tree is just a story.

Where it resides decides which laws it obeys

Here’s the compute half people skip. Treat the thing like any other person, and one of the first questions about a person is: where do you live? Your residence sets your law. It’s identical for a digital worker. An agent running on a US hyperscaler lives under US reach, and the CLOUD Act doesn’t care that your company sits in Bruges. Run the same agent on European compute and it answers to EU law, GDPR, the AI Act. “Data residency” undersells it: this isn’t only where the bytes sit, it’s where your worker lives and works, and therefore whose subpoena can reach it. So pick the jurisdiction on purpose. It’s the same reason I build like I’ll have to leave — sovereignty is a design input, not a footnote.

An actor needs papers

If AI is an actor in the digital world, it needs identification in the digital world. Not a name in a config file, a real verifiable identity: a credential that says which agent this is, what tier it holds, and who it answers to, signed so it can’t be forged. Every action it takes should carry its papers, cryptographically, so any move can be traced back up the tree to the human at the root. That’s the whole difference between an accountability tree you can draw and one you can audit.

We already do this for people. Short-lived certificates instead of standing secrets is exactly why nobody holds an SSH key around here. Agents get the same treatment one class up: a workload identity, a verifiable credential, a signature on the work — the practical spine under giving an AI agent the keys safely. Papers are how a junior becomes a trusted colleague, and how a digital actor becomes traceable. It’s also just the next honest step. The harder we identify our agents, the more we admit what they already are: identities, becoming actors.

Treat AI as staff, not software: a junior with vast reach and no scar tissue, whose work is always some human’s responsibility, whose residence sets its laws, and whose every action carries its papers.

That’s why AI doesn’t get a pillar. It’s humanized compute — an actor standing at the crossing of Compute, the substrate it runs on, and Identity, the actor it became. Which is oddly good news, because you don’t need a new discipline for AI governance. You need the one you already run for people: least privilege, tiering, joiner-mover-leaver, an owner for every account, papers for every action, pointed at a new kind of hire. AI governance is just IAM for a colleague made of compute. Manage it like staff and most of the fear evaporates. Manage it like software and you’ll keep getting surprised by a junior you handed the keys and left alone.