How this fits -- PAICE legal graph

How this fits: the PAICE legal graph

AI Incident Law does not stand alone. It is the fourth layer of a connected representation of AI law built by PAICE.work PBC: from the shared schema that names things, to the statutes that define obligations, to the records that verify conduct, to the cases that show what happens when obligations are breached.

Each layer answers a distinct question. Together they make the full chain programmable.

The four layers

1
Obligation-First
Upper schema -- shared IRI vocabulary used by all other layers.

"What do we call this kind of obligation, across every jurisdiction?"
2
EveryAILaw
AI obligation registry -- statutes, regulations, and the obligations they create, indexed by jurisdiction.

"Which laws apply to an AI hiring tool in Colorado, and what exactly do they require?"
3
PubLedge
Open civic recordkeeping -- protocol and templates for transparent, verifiable public records.

"What is the authoritative public record that proves this conduct occurred?"
4
AI Incident Law
Case and enforcement evidence -- curated corpus of litigation, tribunal records, and enforcement actions involving AI-related incidents.

"What did courts and agencies actually do when those obligations were breached?"

The anchor relationship

Included records in this dataset may carry an obligation_first_anchors field: a list of Obligation-First IRIs pointing to the specific obligation(s) from EveryAILaw that the incident implicates. For example, a hiring-algorithm discrimination case might anchor to https://everyailaw.com/obligation/bias-prevention.

This makes the graph traversable in both directions:

Obligation → Consequence: start at an EveryAILaw obligation, follow anchors to every AI Incident Law case where breach was alleged.
Consequence → Obligation: start at a case, read its anchors to learn which obligations the incident implicated.

Cross-graph query example: dated transcript from 2026-06-10

What follows is a reproducible recipe run on 2026-06-10 against all three published PAICE legal graph MCP servers. The question: "What obligations does an automated decision system used in Colorado trigger under state law, what is the authoritative public-record statute citation, and what is the public litigation record when those obligations are breached?"

1. Configure all three MCP servers

All three are published to npm. Add this to your agent client's MCP configuration (Claude Desktop, Cursor, or any MCP-aware client):

{
  "mcpServers": {
    "every-ai-law": {
      "command": "npx",
      "args": ["-y", "every-ai-law"],
      "description": "EveryAILaw AI obligation registry (layer 2)"
    },
    "publedge": {
      "command": "npx",
      "args": ["-y", "publedge"],
      "description": "PubLedge verifiable public-record protocol (layer 3)"
    },
    "ai-incident-law": {
      "command": "npx",
      "args": ["-y", "ai-incident-law"],
      "description": "AI Incident Law case and enforcement evidence (layer 4)"
    }
  }
}

The discovery manifest at /.well-known/mcp.json lists the full tool surface and the static JSON endpoints for clients that prefer HTTPS over stdio.

2. Find the live Colorado regulation (EveryAILaw)

Call list_regulations(jurisdiction="us-co") on the EveryAILaw MCP. Result: Colorado SB 26-189 (Colorado ADMT Act), enacted 2026-05-14, effective 2027-01-01. This regulation governs automated decision systems making consequential decisions in employment, housing, credit, healthcare, and other domains.

3. Pull the obligations SB 26-189 actually imposes (EveryAILaw)

Call get_regulation(id="colorado-sb26-189"). The regulation contains four provisions covering three distinct obligations:

transparency (Deployer Disclosures & Post-Adverse Notice; Developer Documentation)
record-keeping (Deployer Record-Keeping; Developer Documentation)
human-oversight (Consumer Correction & Human Review)

4. Pull the verifiable public-record statute (PubLedge)

Call get_legal-instrument(id="us-co-legislature-statute-2026-sb26-189") on the PubLedge MCP. Returns a hash-pinned plain-markdown record bound to the Semantic Arts gist ontology, with six precise C.R.S. section anchors mapping each obligation to a statute citation:

§6-1-1702 -- developer documentation duties
§6-1-1703 -- deployer record-keeping; 3-year retention
§6-1-1704 -- deployer consumer-notice obligation; consequential decisions
§6-1-1705 -- consumer rights; data correction; human review; 30-day post-adverse explanation
§6-1-1706 -- Attorney General enforcement; 60-day cure period; deceptive trade practices

PubLedge is the verifiable-records layer: every record is hash-anchored to its source, so a citation chain is reproducible months from now even if the originating site restructures URLs.

5. Search the AI Incident Law dataset for matching anchors

For each obligation, call search_records on the AI Incident Law MCP for matters whose obligation_first_anchors contain the EveryAILaw obligation IRI. Results from the 2026-06-10 run:

transparency: 1 anchored record. Moffatt v. Air Canada, 2024 BCCRT 149 -- a chatbot misstated bereavement-fare refund eligibility; the British Columbia Civil Resolution Tribunal held the airline liable and awarded C$650.88. The legal theory: a deployer is responsible for accurate disclosures even when delivered through an automated agent.
record-keeping: 0 anchored records. This is itself a finding -- no AI Incident Law matter has yet turned squarely on a record-keeping or audit-trail failure. SB 26-189 will create that cause of action starting 2027-01-01; the litigation record begins after that date.
human-oversight: 41 anchored records, including 37 attorney-sanction matters for AI hallucinated citations (the dominant cluster) plus structural cases: Cahoo v. SAS Institute (MiDAS automated fraud determinations) and Detroit v. RUGs (algorithmic Medicaid care-allocation cuts). Sanctions in the attorney cluster range from US$900 to US$94,704.

6. Synthesis

An automated decision system deployed in Colorado after 2027-01-01 will sit under three legally distinct obligations -- transparency, record-keeping, and human-oversight -- each backed by a precise C.R.S. citation (PubLedge), a defined regulatory provision (EveryAILaw), and a different volume of existing precedent (AI Incident Law). Transparency failures already have a clean civil-liability template (Moffatt v. Air Canada). Human-oversight failures have the deepest record, dominated by attorney professional discipline but with structural-case precedent in benefits administration. Record-keeping is the new frontier: no public matter yet, but the obligation is on the books and the burden of proof for compliance will fall on deployers.

A deployer can read this answer as a risk-shaped roadmap: where the litigation record is thick, expect plaintiff sophistication and well-developed standards of care; where it is thin, expect first-mover defendants to set the standard. The PubLedge layer ensures the underlying statute citations stay verifiable for the life of the litigation.

Why this matters

As of 2026-06-10, no other publicly available stack identified in the review could answer this query programmatically. DAIL, Fisher Phillips, McKool Smith, and Hogan Lovells trackers were human-browsable only -- no API, no structured obligation linkage. The PAICE legal graph is built so an agent can traverse from a specific regulation, to the obligations it creates, to the cases where those obligations were breached, in one session.

The recipe above is reproducible. Run it tomorrow against an updated dataset; you will get the same shape of answer with whatever new cases have been admitted since.

Agent discovery

Each layer publishes an agents.json that includes a graph_layer block naming its position, role, and the agents_json and mcp_discovery URLs of its upstream layers. An agent traversing one node of the graph can discover the whole graph from that single file.