Section navigation
1Scope2Normative References3Terms and Definitions4Applicability5Control Family Structure6ARCS-LIF: Record Lifecycle7ARCS-CUS: Custody Surface8ARCS-TAX: Record Taxonomy9ARCS-OPB: Operator Boundary10ARCS-PUB: Publish Boundary11ARCS-NCR: Non-Creation12ARCS-PV: Preservation13ARCS-VER: Verification14ARCS-AGT: Agent Runtime15ARCS-DEL: Delegation and Memory16Conformance17Limitations and Non-Claims18Relationship to Other Frameworks19Versioning and Amendment Control

ARCS · Section 4

Applicability

ARCS applies to any operator that uses an automated system in a context where interaction records are created, retained, or may be subject to legal process. Applicability is determined by record creation, not by system category.

4.1 In-Scope Systems

ARCS applies to operators using the following categories of automated system:

AI assistants and AI agents, including consumer and enterprise interfaces, coding assistants, research assistants, and autonomous agents with tool-call or action-taking capability.

AI-enabled productivity software, including word processors, email clients, document editors, spreadsheet tools, presentation tools, and project management software where AI features are enabled by default or opt-out.

Ambient AI features embedded in enterprise software, including smart compose, smart reply, meeting transcription, search-based recommendations, and automated summarization.

API-based automated systems, including systems that process operator prompts or instructions through vendor-operated APIs and generate interaction records as a result.

Multi-step automated pipelines that direct one automated system to interact with another, where the pipeline generates, transmits, or stores interaction records.

Any other system that generates, retains, or derives artifacts from human-directed interaction where those artifacts may be subject to legal compulsion, regulatory inquiry, or preservation demand.

4.2 Applicability Threshold

ARCS obligations arise when an operator uses an automated system that generates interaction records. An operator need not be involved in active litigation for ARCS to apply. The standard governs the default and preservation postures that determine whether records will exist if litigation or inquiry arises.

4.3 Non-Scope Boundaries

ARCS does not apply to system outputs consumed and immediately discarded by the operator where no record is retained in any custody location.

ARCS does not apply to automated systems that create no interaction records in any custody location, provided the operator can demonstrate non-creation under ARCS-NCR controls.

ARCS does not govern model safety, accuracy, bias, output quality, or system behavior. Those properties are governed by separate frameworks. ARCS governs only the lifecycle and custody of records created during system use.

4.4 Applicability to Vendors

ARCS obligations are placed on operators, not on vendors. However, operators cannot fulfill their ARCS obligations without cooperation from vendors within the custody surface. ARCS requires operators to document vendor behavior, obtain vendor commitments where possible, and disclose limitations where vendor behavior cannot be verified or controlled.