1. Prohibited use
You may not use any EMILIA Protocol service, SDK, or interface to:
- Violate any applicable law, regulation, or sanctions regime, including export controls administered by OFAC, BIS, or equivalent authorities.
- Infringe intellectual property, privacy, or publicity rights of any third party.
- Process or transmit information you do not have lawful authorization to process or transmit.
- Probe, scan, or test the vulnerability of any system or network without express written authorization from the owner; this includes systems run by us. Coordinated security research is welcomed via the policy at /security.
- Bypass or attempt to bypass the protocol's authorization mechanisms, replay handshakes, forge signoffs, or otherwise undermine the integrity properties the protocol exists to enforce.
- Use the services to authorize, facilitate, or evade detection of fraud, money laundering, sanctions evasion, or terrorist financing.
- Operate the services on behalf of, or for the benefit of, parties subject to comprehensive sanctions in jurisdictions including Cuba, Iran, North Korea, Syria, the Crimea region of Ukraine, the so-called Donetsk and Luhansk People's Republics, or any individual or entity on the OFAC SDN list.
- Use the services to operate critical-safety systems where service degradation could cause physical harm — life support, transportation control, weapons-control systems — without an explicit written agreement covering that deployment.
2. Restricted high-risk uses
Some uses are permitted only with prior written agreement and additional safeguards. These include:
- Authorization of state-sanctioned surveillance, mass-data-collection programs, or social-scoring systems prohibited under EU AI Act Article 5.
- Authorization of automated decisions producing legal or similarly significant effects on individuals where no meaningful human review is provided. (EP is designed to support human-in-the-loop accountability; using it to launder accountability away from a human is contrary to the protocol's purpose.)
- Use in the operation of weapons systems, autonomous lethal-force decisioning, or military targeting infrastructure.
- Use as a primary control in any setting where regulatory authority requires a different control (e.g., where bank regulations require a specific dual-control workflow that EP would replace rather than augment).
Contact legal@emiliaprotocol.ai before deploying any restricted use.
3. Brand and trademark
The EMILIA Protocol name, logos, and brand assets are owned by EMILIA Protocol Foundation. You may use them to refer to the protocol in good faith — for example, "powered by EMILIA Protocol", "EP-compliant", "EMILIA Protocol verifier" — provided you do not imply endorsement, partnership, or certification we have not given. Don't reuse our marks for products that compete with the hosted service or that misrepresent your relationship with us.
4. Reporting violations
If you become aware of a violation of this policy by any party using EMILIA Protocol services, please report it to legal@emiliaprotocol.ai. For security vulnerabilities (including in third-party deployments of the open-source runtime) follow the disclosure process at /security.
5. Enforcement
We may investigate, suspend, or terminate access in response to suspected violations. Where we identify content or activity that violates this policy on the hosted service, we may remove the content and notify the affected customer. We cooperate with lawful requests from competent authorities consistent with the Privacy Policy.
6. Changes
We update this policy as needed. The "Effective" date above changes when we do.