DON Memory Protocol Charter

Purpose

The DON Memory Protocol (DMP) is a memory substrate for intelligent systems. It exists to give organizations persistent, coherent memory across their data without extractive business models, surveillance incentives, or lock‑in.

This Charter defines what DMP is for, what it will not be used for, and how DON Systems selects and works with partners.

0. Scope & Definitions (Quick)

1. What DMP Is

DMP is infrastructure, not a product feature:

• A memory fabric that weaves scattered organizational data (documents, logs, events, conversations) into a coherent, queryable graph
• A compression protocol that maps high‑dimensional representations into low‑dimensional collapsed states while preserving retrieval utility on documented evaluation suites (metrics and methodology are published or provided under NDA as appropriate). Performance varies by domain, embedding model, and distribution shift.
• A long‑horizon memory layer designed for years of context, not single‑session prompts
• A substrate that other systems plug into — not a chatbot, not a RAG wrapper, not "just another AI feature"

DMP operates at the paradigm layer: it shapes how memory and context are structured for emergent intelligence.

2. Core Principles

2.1 Memory is Structural, Not Extractive

DMP treats memory as organizational infrastructure — not a commodity to be mined, sold, or weaponized.

• We do not sell Partner data to third parties
• We do not train foundation models on Partner memory stores or content
• We do not use DMP as a data collection mechanism for advertising, behavioral targeting, or surveillance

2.2 Alignment Over Scale

DMP is invitation‑only. Scale without alignment recreates the incentives DMP exists to avoid.

• We work with Partners who share our values: memory as enabler, not extractor
• We review use cases to ensure they serve human benefit, not manipulation or coercion
• We say no to surveillance, covert scoring, and control‑at‑scale applications

2.3 Transparency & Stewardship (Behavioral Transparency)

Partners deserve clarity on what DMP does, how it behaves, and how their data is handled.

• We document system behavior, evaluation methodology, and operational guarantees
• We provide clear data ownership terms (Partners own their memory data)
• We publish security and privacy practices and maintain clear incident procedures
• We commit to long‑term stewardship — not "move fast and break things"

Important: Transparency here means explainability of behavior and interfaces, not disclosure of proprietary implementation details.

2.4 Co‑Defined Guardrails (By Design, Not By Policy Alone)

Every partnership includes explicit boundaries on what DMP can and cannot be used for.

• We define allowed operations, endpoints, and data classes per Partner
• We implement technical controls (scoped credentials, quotas, logging, isolation)
• We review usage telemetry for anomalies and misuse signals
• We reserve the right to suspend access for misuse

2.5 Human Agency & Contestability (Non‑Negotiable)

DMP must not become an invisible reputational scoring engine.

If DMP outputs inform High‑Impact Decisions, Partners must provide (as appropriate to domain and law):

• Notice that automated/AI‑assisted memory is being used
• A way to obtain meaningful explanation of relevant factors
• A process to correct errors and contest outcomes
• Human review before consequential action when required by law or risk profile

DMP will not be deployed for "covert eligibility ranking" or unchallengeable automated decisions about individuals.

2.6 "Coherence Interface" Mediation (Optional, Encouraged)

DMP deployments may be mediated through a coherence‑layer interface (e.g., PATH) that shapes requests into permitted, auditable operations and returns human‑readable explanations. The goal is coherence and safety by construction, not gatekeeping for its own sake.

3. Allowed Use Cases (With Constraints)

DMP is designed for organizations that need coherent, long‑term memory to serve legitimate missions.

✅ Healthcare & Life Sciences

• Clinical decision support (reducing errors, surfacing buried context)
• Care coordination (unified memory across providers/systems)
• Research analytics (longitudinal discovery)
• Not for: behavioral targeting, insurance exclusion scoring, patient surveillance, covert risk scoring.

✅ Financial Services & Enterprise

• Operational intelligence across tools/vendors/years
• Compliance and audit memory for reporting
• Customer support continuity
• Not for: predatory lending, exploitative risk models, insider knowledge extraction, market manipulation.

✅ SaaS & Enterprise Applications

• AI agent memory for internal tools and customer support
• Secure multi‑tenant context management
• Analytics for organizational improvement
• Not for: dark pattern optimization, addiction maximization, covert profiling.

✅ Research & Education

• Knowledge graph construction and institutional memory
• Collaborative learning systems with consent and agency
• Not for: academic surveillance, coercive ranking systems, hidden discipline/profiling engines.

✅ Critical Infrastructure

• Incident response memory and diagnostics
• Long‑horizon pattern recognition for capacity planning
• Not for: mass surveillance, predictive policing, social control systems.

4. Prohibited Use Cases (Hard No)

DMP will not be used for:

❌ Surveillance, Covert Scoring & Manipulation

• Mass surveillance (government or commercial)
• Behavioral targeting for advertising/influence campaigns
• Social credit systems or population control
• Covert reputational scoring, hidden eligibility ranking
• Dark pattern optimization or compulsive engagement maximization

❌ Sensitive Attribute Inference & Discrimination

• Inferring sensitive attributes (health, race, religion, sexuality, political beliefs) for targeting, exclusion, or coercion
• Employment/housing/credit screening systems that rely on covert profiling or deny contestability

❌ Extractive & Predatory Systems

• Predatory lending, exclusionary insurance risk models
• Information asymmetry exploitation (including HFT manipulation)
• Monopolistic data aggregation to create lock‑in moats
• Systems designed to maximize addiction, compulsion, or dependency

❌ Weaponization & Harm

• Military targeting or autonomous weapons
• Disinformation operations, synthetic influence campaigns
• Harassment, doxing, stalking infrastructure
• Child exploitation, trafficking, or illegal content distribution

❌ Regulatory Evasion & Illicit Use

• Circumventing sanctions/export controls
• Securities fraud or insider trading enablement
• Violations of HIPAA/GDPR/CCPA or other applicable laws

❌ Unauthorized Cloning & Resale

• Reverse‑engineering or decompiling proprietary compression/retrieval methods
• Reselling DMP as a white‑label service without written authorization
• Using DMP access to build a competing memory substrate service
• Extracting trade secrets for in‑house replication

5. Partner Selection Criteria

We evaluate invitation requests based on:

5.1 Organizational Fit

• Sector alignment and mission clarity
• Capability to operate responsibly
• Willingness to implement transparency and safeguards

5.2 Use Case Alignment

• Human benefit over extraction
• Genuine need for long‑horizon memory
• Feasibility with privacy‑preserving design patterns

5.3 Risk Assessment

• Data sensitivity (PHI/PII/financial, etc.)
• Regulatory context (HIPAA, GDPR, SOC2, etc.)
• Misuse potential at scale

5.4 Values Alignment

• Transparency to stakeholders where appropriate
• Stewardship mindset
• Explicit non‑weaponization commitment
• Agreement to prohibited use cases and agency requirements

6. Partnership Model

6.1 Invitation‑Only Access

• Limited reviews each quarter
• Approval does not guarantee immediate access (capacity/security constraints may apply)
• Partners sign SOW/Order Form with explicit terms and Charter incorporation

6.2 Custom Agreements

• Pricing is set per partnership (no public rate cards)
• Regulated industries use industry‑appropriate agreements (DPA, BAA where applicable)
• Integrations are scoped to partner needs (endpoints, quotas, SLAs)

6.3 Co‑Defined Guardrails (Contract + Technical)

Every partnership includes:

• Allowed operations (approved endpoints/query classes)
• Data boundaries (approved data classes; PHI requires appropriate safeguards)
• Quotas and rate limits
• Auditability requirements
• Suspension/termination triggers

6.4 Ongoing Review

• Quarterly alignment reviews for sensitive deployments
• Right to suspend/terminate for misuse
• Collaborative adjustment of terms as needs evolve

6.5 Access Model (Gateway Surface) — How We Prevent "LLM God‑Mode"

DMP is accessed through explicitly defined gateway operations scoped per Partner and use case. Partners do not receive unrestricted access to the full memory substrate.

Each deployment defines:

• Allowed operations: endpoints and query types
• Output constraints: redaction rules, aggregation thresholds, minimum cohort sizes
• Data class constraints: which categories may be processed
• Logging: access and usage telemetry, with Partner visibility as appropriate

This ensures external tools (including Partner‑provided LLMs) can only perform operations the gateway surface exposes.

7. Data Ownership, Privacy & Portability

7.1 Partner Data Ownership

• Partners own their memory data (derived representations, metadata, adjacency links)
• By default, DON Systems acts as a data processor/service provider; roles are specified per agreement (DPA/BAA)

7.2 Tenant Isolation / No Cross‑Contamination

• Tenant isolation is mandatory (no data leakage between Partners)
• We do not use one Partner's memory to improve another Partner's results
• We do not pool Partner data for analytics across tenants

7.3 Derived Representations & Privacy Reality

DMP is designed to operate primarily on derived representations and references (Partners may keep raw content in their own systems when desired).

Note: embeddings and derived representations may still be sensitive and may constitute personal data depending on context and linkability. They are protected as Partner data under this Charter.

Partners are encouraged to use:

• pseudonymization/reference IDs
• hashing where appropriate
• data minimization for sensitive classes

We provide onboarding guidance for privacy‑preserving strategies.

7.4 Portability / No Lock‑In Guarantee

• Partners may export their memory store (derived representations + metadata) in documented formats.
• Export requests are supported during the contract term and for a defined offboarding window
• Export formats and timelines are specified in the SOW (default target: prompt initiation and completion within commercially reasonable time for dataset size)

7.5 Deletion, Backups & Retention Semantics

• Deletion requests take effect in primary storage promptly
• Encrypted backups exist for disaster recovery and are purged on a fixed schedule (e.g., ≤30 days)
• Deleted tenant data is not restored from backups except at Partner request/authorization, and any restoration is logged

7.6 Subprocessors & Data Transfers

• We maintain a subprocessor list and provide notice of changes
• International transfers, where applicable, use appropriate legal mechanisms (e.g., SCCs) and are documented

8. Security Commitments (Minimum Standard)

DMP security is designed as a baseline suitable for enterprise review, with enhancements per Partner risk profile:

• TLS/SSL encryption for API communications
• Encryption at rest for stored data (mechanism specified in security documentation)
• Strong authentication and scoped credentials (least privilege)
• Tenant isolation controls at storage and application layers
• Audit logging for administrative actions and gateway usage
• Vulnerability management and patching practices documented
• Incident response process and security contact

Operational telemetry: We may collect minimal operational/security telemetry necessary to run and secure the service. This telemetry is not used for advertising, targeting, or training foundation models.

9. Intellectual Property & Cloning Prevention

9.1 IP Status & Transparency

DMP includes proprietary methods and implementations. We may publish high‑level descriptions and evaluation methodology without disclosing proprietary source or implementation details.

9.2 Restrictions

Partners may not:

• Reverse‑engineer, decompile, or attempt to clone proprietary mechanisms
• Use DMP to build a competing memory substrate service
• Extract trade secrets for replication

9.3 Permitted Use

Partners may:

• Integrate DMP into internal workflows and products
• Build applications on top of approved DMP gateway APIs
• Extend DMP through approved interfaces and custom front‑ends
• Use DMP internally for operational and analytical purposes consistent with this Charter

9.4 No White‑Label Resale

Partners may not resell DMP as a white‑label service without explicit written authorization.

10. Compliance & Regulatory Standards

10.1 Current Support

• GDPR: DPA available for EU processing contexts
• CCPA/CPRA: support for service provider obligations where applicable
• Payment processing handled via Stripe or equivalent provider under appropriate PCI controls (where used)

10.2 In‑Progress / Targeted

Where applicable, DON Systems may pursue additional attestations (targets may evolve):

• HIPAA: BAA availability for healthcare deployments (target Q1 2026)
• SOC 2 Type II: target Q2 2026
• ISO 27001: target Q3 2026

Note: Dates are targets, not guarantees, and may adjust based on audit timelines and scope.

10.3 Partner Responsibilities (Critical)

Partners are responsible for:

• Lawful basis and notices/consent where required
• Appropriate internal access controls and downstream use restrictions
• Implementing contestability/human review for High‑Impact Decisions
• Domain‑specific obligations (HIPAA, GLBA, FERPA, etc.) as applicable

11. Charter Enforcement

11.1 Monitoring & Auditing (Metadata‑First)

DON Systems monitors for Charter violations via:

• Operational/security telemetry (endpoint usage, rate anomalies, auth anomalies)
• Automated anomaly detection
• Periodic review of high‑risk deployments

Access to Partner content, if ever required for incident response or support, is:

• minimized
• permissioned or legally compelled
• logged and auditable

11.2 Violation Response

If a Partner violates the Charter:

• Notice & remediation: written notice + remediation plan
• Suspension: repeated or severe violations may trigger suspension
• Termination: egregious violations (surveillance, weaponization, fraud) may trigger immediate termination and offboarding procedures

11.3 Appeals

Partners may appeal enforcement decisions via [email protected] with:

• description of the disputed action
• evidence of compliance/remediation
• proposed path forward

Target review window: 10 business days (may vary by severity).

11.4 Legal Requests & Transparency

We respond to lawful requests only when legally required. Where permitted, we notify affected Partners and challenge overbroad requests when feasible. We may publish periodic transparency reporting on legal demand volume/type.

12. Charter Amendments

This Charter is a living document and may be amended to reflect:

• new sectors/use cases
• regulatory changes
• partner feedback
• emerging risks

Standard Amendment Process

• Proposed changes published 60 days in advance
• Partner feedback accepted via [email protected]
• Final version adopted for new and renewed agreements
• Existing agreements may be grandfathered up to 12 months

Emergency Amendments

We may implement immediate amendments required to address active security threats, legal changes, or critical safety risks, with notice as soon as practicable.

13. Contact

• Invitation requests / Charter feedback: [email protected]
• Partner support: [email protected]
• Legal: [email protected]
• Privacy / data protection: [email protected]

Appendix: Glossary (Updated)