Ethics in AI
A plain-language guide to the core principles behind AI ethics, the major frameworks organizations reference, and how ethics differs from AI governance and binding law.
By Cody Maxwell · AI Governance Institute · Published July 2026 · Reviewed monthly
The short definition
AI ethics is the field concerned with the values that should guide the design, deployment, and use of artificial intelligence, independent of what any particular law requires. It asks questions that regulation alone cannot answer: Should an AI system make this decision at all? What does fairness mean when a model treats different groups differently? Who is owed an explanation when an algorithm affects their life? Ethics sits upstream of both governance and law. Governance translates ethical commitments into operational controls (bias testing, audit logging, human oversight procedures), and law sets the binding floor that organizations must meet (the EU AI Act, US state legislation, sector-specific regulation). An organization can be fully compliant with every applicable law and still make ethically questionable choices about how it uses AI. That gap is why ethics remains a distinct discipline rather than a subset of compliance.
Core ethical principles
Most AI ethics frameworks converge on a similar set of principles, even when their wording differs. Fairness addresses whether a system produces comparable outcomes across protected groups, and whether the training data or design choices introduce bias. Transparency and explainability address whether affected people, auditors, and regulators can understand how a system reached a given output, particularly for consequential decisions like lending, hiring, or medical triage. Accountability addresses who is responsible when an AI system causes harm, and ensures that responsibility cannot be diffused across a vendor, a model, and an internal team until no one owns the outcome. Privacy addresses how personal data is collected, used, and retained by AI systems, especially models trained on or processing sensitive information. Human autonomy and oversight address the degree to which people retain meaningful control over decisions that affect them, rather than deferring entirely to automated output. Safety and non-maleficence address the obligation to anticipate and prevent foreseeable harm before deployment, not just respond to it afterward.
Major ethical frameworks
Several frameworks have shaped how organizations think about AI ethics, predating most binding regulation. The UNESCO Recommendation on the Ethics of Artificial Intelligence, adopted in 2021 by all 193 UNESCO member states, is the first global normative instrument on AI ethics and centers human rights, human oversight, and environmental sustainability. The OECD AI Principles, first adopted in 2019 and updated in 2024, established values-based recommendations for trustworthy AI that later informed binding instruments including the EU AI Act. The European Commission's High-Level Expert Group published Ethics Guidelines for Trustworthy AI in 2019, built around seven requirements including human agency, technical robustness, and accountability, several years before the EU AI Act made comparable obligations legally binding. IEEE's Ethically Aligned Design initiative and the Asilomar AI Principles, drafted by AI researchers in 2017, reflect similar commitments originating from technical and academic communities rather than governments. None of these frameworks are themselves enforceable law, but they shaped the principles that later regulation formalized.
Ethics, governance, and law are three different layers
Confusing these three layers is one of the most common mistakes compliance teams make when standing up an AI program. Ethics is normative: it asks what an organization should do, based on values that may exceed what is legally required. Governance is operational: it is the set of policies, controls, and processes that translate ethical commitments (and legal obligations) into practice, such as bias testing procedures, model documentation standards, and escalation paths for high-risk decisions. Law is binding: it is the minimum floor set by regulators, enforceable through fines, injunctions, or other penalties, such as the EU AI Act's risk-tiered requirements or state-level algorithmic accountability statutes in the United States. A useful test: if a practice would be legal but the organization still would not want to defend it publicly, that is an ethics gap, not a compliance gap. Effective AI programs treat all three layers as connected but distinct, because meeting the legal minimum does not guarantee an organization has met its own ethical commitments, and having an ethics statement does not substitute for operational controls that actually enforce it.
Where ethical principles create practical tension
AI ethics principles frequently conflict with each other in ways that cannot be fully resolved, only managed and disclosed. Fairness itself is not one metric: a model can satisfy demographic parity (equal outcome rates across groups) while failing equalized odds (equal error rates across groups), and it is mathematically impossible to satisfy every fairness definition simultaneously when base rates differ across populations. Transparency can conflict with security and intellectual property: publishing full model details may help external auditors but also help adversaries craft attacks or competitors replicate proprietary systems. Human oversight can conflict with the efficiency gains that justify deploying AI in the first place, particularly for agentic systems designed to operate with minimal supervision. Privacy-preserving techniques like differential privacy or federated learning can reduce model accuracy, creating tension between privacy and performance. None of these tensions have a universal right answer. Organizations that acknowledge the tradeoff and document their reasoning are in a materially stronger position, both ethically and in front of a regulator, than those that pretend the tradeoff does not exist.
Operationalizing ethics inside a governance program
Ethical principles only matter if they change what an organization actually does. In practice, that means building ethics review into the AI lifecycle rather than treating it as a one-time statement of values. Many organizations stand up an AI governance committee with the authority to pause or reject high-risk use cases before deployment, not just after an incident. AI system risk classification, conducted before a system goes live, forces teams to document foreseeable harms, affected populations, and mitigations in writing. Bias and fairness monitoring, repeated on a schedule rather than once at launch, catches drift as models are retrained on new data. Override and escalation procedures ensure that when a system produces an outcome an engineer or reviewer finds ethically troubling, there is a defined process for raising it rather than relying on individual judgment calls. These practices map directly onto governance controls that compliance teams already build for regulatory reasons, which is precisely the point: an ethics program that cannot be operationalized through concrete controls will not survive contact with a real deployment decision.
Track the global AI governance landscape
AI Governance Institute monitors regulations, frameworks, guidelines, and enforcement actions across the EU, US, UK, and Asia-Pacific — updated daily.
Browse the directory →