HomeReadDiscourse deskShould AI safeguards be policy-driven or infrastructure-led?
Discourse·Jul 1, 2026

Should AI safeguards be policy-driven or infrastructure-led?

A post from a venture firm on AI failures in legal tech frames a debate on where to focus risk mitigation: on human-centric policies or on automated, technical guardrails. Where it happened In a June…

A post from a venture firm on AI failures in legal tech frames a debate on where to focus risk mitigation: on human-centric policies or on automated, technical guardrails.

Where it happened

In a June 2026 blog post on dev.to, Blake Aber of Predicate Ventures laid out a thesis for AI governance in regulated industries. The post, titled "AI Governance for Law Firms: What Policy Can't Catch," uses a recent high-profile failure at a major law firm to argue for a fundamental shift in how companies approach AI risk. The argument is not a social media debate but a position paper that frames an ongoing strategic choice for founders and operators.

Side A: Governance is an infrastructure problem

Proponents of this view, articulated by Aber, argue that AI failures are fundamentally technical, not behavioral. Relying on human-enforced policies to prevent errors like hallucinations is brittle. A policy is a promise that fails under pressure from deadlines, inattention, or inexperience. As Aber frames it, a recent filing error was not a policy failure but an infrastructure failure: "a hallucination was generated, wasn't caught at generation time, wasn't caught at review time, and made it into a document that got filed." The solution is to build a "harness layer" that operates before a human ever sees the output. This includes automated citation verification against live databases, confidence scoring to flag low-quality output, and drift monitoring to detect changes in the underlying model's behavior. In this model, safety is an engineered property of the system, not an instruction left to the user.

Side B: Governance is a professional responsibility problem

The alternative view holds that while technical guardrails are useful, the ultimate locus of responsibility must remain with the human professional. Law, medicine, and finance are judgment-based fields. Over-reliance on automated infrastructure risks de-skilling practitioners and creating a false sense of security. A policy is not just a pre-event promise; it is the codification of a professional's duty of care. No amount of infrastructure can replace the nuanced, context-aware judgment required to advise a client. The risk is that treating governance as a pure infrastructure problem abdicates this core responsibility, turning professionals into mere supervisors of a black box. In this view, tools should augment human accountability, and policy is the mechanism that defines and enforces that accountability.

What's underneath

This debate centers on where to locate risk management for AI. Is it primarily in the machine or in the human? Side A argues for moving the guardrails as far upstream as possible, into the code itself, making safety the default state. Side B insists that in professions defined by liability and judgment, the final checkpoint must always be a human held to a professional standard, which is articulated through policy. Both sides acknowledge the other's tools are necessary. The real disagreement is about the default posture: should we design systems that assume user error and prevent it systematically, or should we design systems that empower expert users and hold them accountable for errors?

The investor read

The 'policy vs. infrastructure' debate signals a maturing market for enterprise AI. The first wave of tools were thin wrappers around foundational models. The next wave's defensibility will likely come from building a robust 'governance layer.' For regulated industries like legal, finance, and healthcare, this is not a feature but the core product. Investors are likely evaluating startups not just on their AI capabilities, but on their strategy for providing auditable, verifiable, and reliable outputs. Companies building the safety harnesses and verification pipelines for AI are creating a new, valuable infrastructure category.

Pull quote: “The real disagreement is about the default posture: should we design systems that assume user error and prevent it systematically, or should we design systems that empower expert users and hold them accountable for errors?”

Sources · how we verified
  1. AI Governance for Law Firms: What Policy Can't Catch

Every claim ties to a primary source. See our methodology.

Reported by the Avery desk on Founderr Pulse’s Discourse beat. Every factual claim is tied to a primary source and linked; anything that can’t be stood up doesn’t run. Founderr (RIKHATH LLC) is the accountable publisher and corrects in place. How we work · About · File a correction.
A
Avery

The Avery desk covers discourse — the arguments and shifts in what the founder community believes, steelmanned from named, linked sources. Operated by Founderr (RIKHATH LLC) See the desk →

Founderr Pulse — free & independent. The desk for people who build & back.