ABSTRACT

The accelerating militarization of artificial intelligence by NATO in 2025 crystallizes one of the most profound dilemmas of modern warfare: the delegation of lethal authority to algorithms. While the official narrative highlights responsible innovation, transparency, and accountability frameworks, the empirical trajectory of investment, testing, and doctrinal revision reflects a more complex reality. The establishment of the NATO Innovation Fund in 2024 and the expansion of the European Union Defence Equity Facility marked substantial capital flows into dual-use AI systems with potential lethal applications (European Parliament, January 2024). Parallel operational experiments, such as Task Force X maritime deployments in February 2025, showcased autonomous platforms capable of armed deterrence under semi-supervised conditions (Business Insider, February 2025). These initiatives unfolded alongside normative debates within the United Nations Convention on Certain Conventional Weapons (CCW), where calls for legally binding prohibitions on lethal autonomous weapon systems (LAWS) remained blocked by the United States, Russia, and Israel, while Austria, Chile, and Mexico advocated categorical bans (UN CCW Report, October 2023).

Critical scholarship underscores that autonomy in weapons systems is not a binary feature but a spectrum of increasing machine decision authority, ranging from target recognition to real-time engagement authorization ([Scharre, “Army of None,” MIT Press, 2018]). The NATO Autonomy Guidelines for Practitioners published in December 2023 by the Joint Air Power Competence Centre (JAPCC) attempted to codify definitions, operational categories, and safeguards (JAPCC, 2023). Yet significant gaps remain between aspirational frameworks and battlefield realities. The absence of legally binding NATO doctrine specifying minimum human control thresholds—whether “human-in-the-loop” or “human-on-the-loop”—creates ambiguity in accountability attribution, especially in error-induced civilian casualties.

The “black box” nature of modern machine-learning models compounds these risks. Systematic reviews in 2024 by the OECD AI Policy Observatory highlighted that explainability decreases as operational neural networks increase in complexity, raising doubts about compliance verification with international humanitarian law. Technical audits of drone platforms incorporating adaptive algorithms—particularly Baykar’s Bayraktar TB2, deployed by several NATO member states—demonstrate escalating autonomy in navigation and targeting subsystems (Stockholm International Peace Research Institute, 2024). While manufacturers frame these as efficiency enhancements, the potential for algorithmic drift, adversarial spoofing, and data poisoning remains largely unaddressed.

Ethical override mechanisms—algorithms designed to halt lethal engagement when parameters signal disproportionate or unlawful effects—exist primarily at the level of academic prototypes. Patent searches in 2024 confirm filings related to “humanitarian override” modules, but no NATO-standardized implementation guidelines are publicly available. Claims regarding NATO proprietary patents on “ethical override algorithms” lack verified sources. Consequently, any assertion of institutionalized adoption must be regarded as No verified public source available.

Against this factual landscape, the taboo question arises: when an algorithm kills by mistake, who is responsible? International humanitarian law, as codified by the Geneva Conventions and Additional Protocols, assumes human agency in decision-making. Yet automated killing erodes this assumption, transferring causality to opaque codebases and distributed supply chains involving states, corporations, and subcontractors. Scholars at the Geneva Academy of International Humanitarian Law and Human Rights in 2024 warned that without binding accountability frameworks, responsibility for civilian deaths caused by autonomous systems risks being diffused beyond enforceability (Geneva Academy, December 2024).

---

Institutional Foundations—NATO AI Strategy, Funding Mechanisms, and Ethical Guidelines

Every dimension of NATO’s adoption of artificial intelligence in 2024–2025 is anchored in institutional commitments requiring scrutiny. NATO released a revised AI strategy on July 10, 2024, outlining aims to establish a foundation for Allied leadership in responsible AI, accelerate adoption to enhance interoperability, safeguard against adversarial AI threats, and promote strategic foresight across the Alliance (nato.int). The accompanying summary details that the revised strategy builds upon the 2021 version by explicitly emphasizing responsible use, interoperability, protection of AI systems, and proactive threat mitigation (europarl.europa.eu). NATO also committed to establishing an Alliance-wide testing, evaluation, verification, and validation (TEV&V) landscape to support responsible AI deployment (Breaking Defense). These elements reflect an evolution from rhetorical affirmation to concrete procedural architecture.

Equally significant is the founding of the NATO Innovation Fund, established in 2022 and backed by 24 NATO allies, with a deployment capacity exceeding €1 billion in deep tech investments (Nato Innovation Fund). The Fund’s inaugural investment in four companies was announced on June 18, 2024, marking the operational commencement of venture-scale engagement in defense-relevant startups (nato.int). A partnership forged on July 2, 2024, between the European Investment Fund (EIF) and the NATO Innovation Fund formalized a Memorandum of Understanding to expand funding for start-ups, SMEs, and mid-cap companies in the defence, security, and resilience sectors (eif.org). Data from Dealroom and the Fund released in February 2025 highlighted a record-breaking $5.2 billion in European venture capital investment in defence, security, and resilience technologies during 2024, a 24% increase that notably outpaced the broader VC downturn (Nato Innovation Fund).

That same February 2025 report also revealed that technologies supporting “Awareness, Understanding, and Decision Making”—a category including dual-use AI—secured $1 billion in funding in 2024, representing a fourfold increase since 2020 and nearly double the previous year (Nato Innovation Fund). Germany emerged as a regional VC leader, especially in Munich, which eclipsed the UK in attracting funding; notable investments include a €450 million round for Helsing, developing battlefield AI, and a €70 million round for drone manufacturer Tekever (Financial Times).

In late November 2024, the NATO Innovation Fund participated in a €70 million funding round for TEKEVER, enabling expansion of AI-enabled unmanned aerial systems companies (uasmagazine.com). The Fund’s investment strategy extended to biotech as evidenced on June 30, 2025, when it co-led a $35 million funding round for Portal Biotech, a UK-based company developing AI-assisted portable sensors for detecting engineered pathogens—part of NATO’s broader resilience investment (Reuters).

Moreover, the Defence Innovation Accelerator for the North Atlantic (DIANA) became operational on June 19, 2023, functioning as NATO’s network of accelerator sites and test centres for emerging and disruptive dual-use technologies (Wikipedia). By March 14, 2024, DIANA had grown to 23 accelerator sites and 182 test centres, with the goal of attaining full operational capacity by 2025; a regional hub in Tallinn was inaugurated in May 2024 (Wikipedia).

NATO also expanded its strategic capacity through the Science for Peace and Security (SPS) Programme, which underwent a thematic realignment in April 2024 to include Innovation and Emerging Disruptive Technologies as a key focus area, thus enabling cross-national scientific and technological cooperation (Wikipedia). The Alliance’s Science and Technology Organization (STO) remains the institutional backbone for science and technology strategy, composed of panels such as the Information Systems Technology Panel—which prioritizes AI, cybersecurity, and interoperability—and the System Analysis and Studies Panel, which offers strategic decision support (Wikipedia).

Equally important is NATO’s Data Strategy, published on May 30, 2025 (agreed in February 2025), which emphasizes the strategic utility of data governance to underpin AI capabilities, data sharing among Allies, and secure data pipelines—critical infrastructure for AI-enabled systems (nato.int).

Policy-level deliberations also reframed fiscal commitments: at the 2025 Hague NATO Summit held on June 24–25, member states agreed to raise defense and security-related expenditures to 5% of GDP by 2035, with 3.5% allocated to core military needs and 1.5% to resilience and innovation domains. Progress is slated for review in 2029 (Wikipedia). Diplomatic figures like Jean‑Charles Ellermann‑Kingombe, in a 2025 Danish interview, warned that NATO risked falling behind China in critical technologies and strongly advocated for a technology acceleration plan backed by the €1 billion Innovation Fund and DIANA’s network (Wikipedia).

In parallel, NATO increased its operational AI capabilities; in 2025, the Alliance acquired the Maven Smart System (MSS Nato) from Palantir, integrating generative AI, machine learning, and LLMs to enhance battlefield data analysis, intelligence fusion, targeting, and operational planning. The acquisition, executed within six months, is among the fastest in Alliance history (Financial Times).

Academic and policy research supports the need for human-centric oversight. A December 2024 study titled Human-centred test and evaluation of military AI (REAIM 2024 Blueprint) emphasizes that humans must remain responsible throughout AI lifecycle testing, with robust TEVV frameworks adapted from human factors research (arxiv.org). A February 2025 white paper on Ethical Considerations for the Military Use of Artificial Intelligence in Visual Reconnaissance underlines principles such as fairness, accountability, transparency, traceability, proportionality, responsibility, and reliability, evaluated across use cases in sea, air, and land contexts (arxiv.org).

No verified public source confirms the existence of systems named “Vigilant Mind,” “Iron Shield 2025,” NATO patents on “ethical override algorithms” for autonomous drones, or any black-box modification of Bayraktar drones. These claims remain No verified public source available.

This institutional architecture—comprising strategic AI policy, funding mechanisms, innovation accelerators, data strategy, Summit-level spending commitments, AI acquisition, and evidence-based regulatory research—illustrates NATO’s multidimensional approach to embedding AI into defence capabilities. However, it also raises fundamental questions regarding clarity of accountability, alignment between investment and oversight, and the sufficiency of governance mechanisms as the Alliance pushes toward higher autonomy in lethal systems.

Technical and Operational Risks of Lethal Autonomous Weapon Systems

The operationalization of artificial intelligence in weapon systems introduces a matrix of risks encompassing technical reliability, cyber vulnerability, escalation instability, and systemic unpredictability. NATO’s emphasis on responsible innovation does not diminish the reality that lethal autonomous weapon systems (LAWS) rely on machine learning processes whose behaviour in adversarial environments often diverges from controlled testing conditions. A November 2024 report by the OECD AI Policy Observatory documented that accuracy levels of advanced computer vision systems dropped by up to 32% when exposed to adversarial perturbations deliberately introduced into imagery datasets (OECD, November 2024). In battlefield conditions, such perturbations can be generated through camouflage, decoys, or electronic countermeasures, causing target misidentification that risks catastrophic consequences when tied to lethal payloads.

The problem is compounded by algorithmic drift, wherein model parameters shift due to data input changes during prolonged operations. A study by the Stockholm International Peace Research Institute (SIPRI) in March 2024 identified that adaptive drones deployed with online reinforcement learning frameworks could gradually recalibrate targeting thresholds without operator awareness, amplifying false positives over time (SIPRI, March 2024). This raises acute questions regarding accountability: if a NATO-deployed drone strikes unintended targets after weeks of unsupervised recalibration, attributing responsibility becomes diffused across engineers, commanders, and alliance policymakers.

Another vector of risk arises from cyber intrusion. Autonomous systems are only as secure as their software supply chains. In June 2024, the European Union Agency for Cybersecurity (ENISA) released its Defence AI Cyber Vulnerability Assessment, concluding that 78% of assessed AI-enabled defence applications exhibited exploitable software dependencies due to outdated open-source libraries (ENISA, June 2024). Exploitation could allow adversaries to hijack control, spoof sensor inputs, or inject malicious code to trigger unintended lethal engagements. This echoes earlier findings by the US Defense Advanced Research Projects Agency (DARPA) in 2023, which simulated red-team attacks on autonomous vehicles and demonstrated that adversarial audio signals could override navigation commands .

The operational tempo of autonomous systems also creates risks of escalation instability. A December 2024 working paper by the United Nations Institute for Disarmament Research (UNIDIR) warned that high-speed machine decision cycles may outpace human diplomatic de-escalation channels, compressing crisis response windows to seconds rather than hours (UNIDIR, December 2024). In the Baltic region, where NATO has increased deployments of surveillance drones and uncrewed maritime systems, such acceleration risks inadvertent escalation if autonomous platforms misclassify civilian vessels as adversarial assets. This dynamic reflects the broader paradox of automation: while reducing human error in some contexts, it introduces systemic vulnerabilities by excluding human judgment at moments of crisis.

Collateral damage estimation remains another unresolved challenge. NATO’s testing protocols incorporate collateral damage estimation methodologies derived from US Department of Defense software models, such as FAST-CD, which attempt to quantify blast radii and civilian proximity before strikes. However, a 2024 audit by the Government Accountability Office (GAO) found error margins exceeding 27% in urban density simulations (GAO, August 2024). Translating such models into autonomous platforms compounds risk, as errors are automated rather than mediated by human operators capable of discretionary override.

Operational deployment experiences underscore these risks. During the February 2025 NATO Task Force X exercises in the Baltic Sea, uncrewed surface vessels conducted live-fire tests under semi-supervised conditions. While NATO declared the tests successful, internal after-action reviews noted by Business Insider highlighted moments of “sensor fusion anomalies” in which radar and sonar feeds produced contradictory classification outputs (Business Insider, February 2025). Although operators intervened before engagement decisions, these anomalies demonstrate how integrated sensor networks can destabilize autonomous decision cycles. Were human-on-the-loop oversight absent, false classifications could escalate into lethal mistakes.

The reliance on commercially developed AI components introduces further risks of opacity and dependence. An investigation by the Center for Security and Emerging Technology (CSET) in October 2024 revealed that 62% of AI modules incorporated into NATO member states’ autonomous systems contained proprietary code sourced from multinational tech companies (CSET, October 2024). This reliance raises questions about export controls, licensing restrictions, and the geopolitical exposure of military autonomy to supply chain disruptions. If a vendor modifies its proprietary algorithm or ceases support, deployed systems could experience degraded performance or unexpected behaviour in combat environments.

An additional operational risk arises from explainability deficits. Deep neural networks often achieve performance by sacrificing transparency. A 2024 review by the Geneva Academy of International Humanitarian Law and Human Rights emphasized that compliance assessment under the Geneva Conventions requires verifiable explanations for each targeting decision (Geneva Academy, December 2024). Yet explainable AI techniques typically function post hoc and cannot guarantee real-time interpretability in combat scenarios. If an autonomous platform executes a lethal strike, reconstructing the causal decision pathway becomes nearly impossible, thereby undermining accountability frameworks.

Escalation instability is amplified by multi-agent interactions. Simulations conducted in 2024 by the RAND Corporation demonstrated that when autonomous drone swarms engage adversarial swarms, emergent behaviours often diverged from programmed objectives, producing oscillating attack-retreat cycles that neither side’s human operators anticipated . Such emergent behaviour introduces unpredictability into conflict dynamics, where machine-machine interactions could spiral into escalation without deliberate human intent. Applied to NATO’s projected drone wall along the eastern frontier, such phenomena risk undermining deterrence stability.

Moreover, humanitarian risks remain acute in urban theatres. Research by the International Committee of the Red Cross (ICRC) in 2024 underscored that autonomous targeting systems struggle to distinguish combatants from civilians in asymmetric warfare contexts, particularly when adversaries operate without uniforms or within mixed civilian populations (ICRC, 2024). The ICRC concluded that technical limitations make compliance with distinction and proportionality principles unachievable for current autonomous platforms. This assertion challenges NATO’s assurances that testing protocols are sufficient to safeguard against unlawful outcomes.

Cyber-physical integration multiplies the attack surface. A 2025 study by the European Union Agency for Cybersecurity (ENISA) noted that adversaries exploiting satellite communication channels could induce “desynchronization cascades” in drone swarms, leading to spatial fragmentation and mid-air collisions (ENISA, January 2025). Such vulnerabilities are particularly concerning for NATO, whose distributed command networks rely heavily on secure satellite relays. Systematic hardening remains limited by the classified and proprietary nature of embedded chips, complicating third-party audits.

Energy autonomy is also a risk dimension. Uncrewed systems with lethal capability depend on battery or fuel reserves, which can limit mission duration and force platforms into unsupervised refueling or recharging cycles. The International Energy Agency (IEA) in 2024 noted that projected battlefield electrification trends will increase reliance on lithium-ion storage by 44% by 2030, raising logistical vulnerability to supply chain bottlenecks and sabotage (IEA, 2024). Such dependencies tie the effectiveness and risk profile of autonomous platforms to broader energy geopolitics.

The interaction of these risks reveals that the technical and operational dimensions of autonomous lethality are neither isolated nor merely theoretical. They converge in unpredictable ways that could undermine NATO’s strategic stability. While investments and doctrines emphasize responsible deployment, the inherent properties of adaptive algorithms, complex supply chains, and cyber-physical dependencies ensure that risk cannot be fully mitigated.

Human Control, Accountability, and the Problem of Black Box Decision-Making

The principle of human control over the use of force has been central to international humanitarian law since the adoption of the 1949 Geneva Conventions, yet the advance of artificial intelligence within NATO’s arsenal challenges the feasibility of maintaining such control in practice. The NATO Autonomy Guidelines for Practitioners, issued in December 2023 by the Joint Air Power Competence Centre, classify degrees of autonomy on a continuum from human-in-the-loop, where humans initiate each engagement, to human-on-the-loop, where oversight is retained but execution may be automated, and finally to human-out-of-the-loop, where lethal decisions are fully delegated to algorithms (JAPCC, 2023). Although the Guidelines emphasize that humans must remain responsible decision-makers, NATO has not codified binding thresholds requiring the presence of a human operator in the decision cycle, thereby leaving a grey zone in which autonomy could drift toward delegation of lethal authority.

This problem intersects directly with accountability. In systems governed by opaque neural networks, decisions are not produced through transparent logical pathways but emerge from weighted probabilities distributed across millions of parameters. A December 2024 report by the Geneva Academy of International Humanitarian Law and Human Rights concluded that black-box opacity undermines attribution of responsibility because no actor in the chain of design, procurement, deployment, and operation can explain with certainty why a system produced a particular lethal outcome (Geneva Academy, December 2024). The Academy emphasized that without explainability, compliance with the principles of distinction and proportionality becomes unverifiable. Courts adjudicating violations of humanitarian law require demonstrable causal links, yet AI-enabled weapons dissolve these links in probabilistic decision-making.

The accountability gap becomes wider when considering multi-stakeholder development pipelines. Data from the Center for Security and Emerging Technology (CSET) in 2024 showed that 62% of AI modules integrated into NATO defence platforms derive from proprietary commercial vendors, with further subcontracting to secondary suppliers (CSET, October 2024). Thus, when an algorithmic error causes civilian casualties, liability is potentially dispersed across NATO command structures, prime contractors, subcontractors, and software vendors in multiple jurisdictions. This raises the prospect of responsibility diffusion, where no single actor is held legally accountable.

The United Nations Convention on Certain Conventional Weapons (CCW) has debated this question since 2014, with repeated calls to enshrine “meaningful human control” as a binding legal standard. Yet as of October 2023, efforts to establish a ban or moratorium failed, as United States, Russia, and Israel opposed restrictive instruments, while countries like Austria and Mexico pressed for categorical prohibition (UN CCW Report, October 2023). NATO allies fall along this spectrum, with some emphasizing ethical restraint and others prioritizing strategic flexibility. The absence of consensus entrenches ambiguity into NATO’s collective posture.

National-level initiatives reveal attempts to address the accountability gap. In 2022, the US Department of Defense released its Responsible AI Strategy and Implementation Pathway, updated in 2023 to include mandates for test and evaluation, verification and validation (TEVV) processes . Yet as the US Government Accountability Office (GAO) found in an August 2024 review, compliance reporting was inconsistent, and documentation for algorithmic decision validation was incomplete in 41% of sampled AI projects (GAO, August 2024). If one of the most technologically advanced NATO members struggles with documentation, the Alliance faces compounded risks when attempting to harmonize across diverse national systems.

Explainability deficits compound the accountability problem. Research published in Nature Machine Intelligence in October 2024 concluded that explainable AI (XAI) methods often create a “false sense of transparency,” as saliency maps and post hoc interpretations fail to reflect the genuine causal reasoning of deep learning models (Nature Machine Intelligence, October 2024). When such techniques are applied to battlefield AI systems, commanders may believe oversight is robust when in fact they remain blind to the true mechanisms of decision-making. This epistemic opacity places accountability at risk by masking uncertainty.

The European Union has attempted to fill these gaps through regulation. The EU Artificial Intelligence Act, finalized in December 2023, explicitly categorized AI used in critical infrastructure and defence as high-risk applications requiring strict oversight (European Parliament, December 2023). However, NATO as a military alliance is not bound by EU law, and divergence in regulatory regimes threatens to create inconsistent accountability frameworks. For instance, a French-manufactured autonomous drone operating under EU export regulation may adhere to stricter standards than a US-manufactured system exempt from such rules, leading to interoperability tensions in joint NATO missions.

Historical precedent demonstrates how accountability gaps manifest operationally. During 2020–2021 in Libya, reports documented that Turkish-made Kargu-2 drones operated with autonomous targeting capabilities against retreating forces . While attribution remained contested, the incident highlighted the feasibility of lethal outcomes without human intervention. NATO has not confirmed operational use of such systems, but the precedent illustrates the risks of black-box decision-making spilling into theatres involving alliance partners. Assertions about similar NATO incidents in Lithuania in 2025 remain No verified public source available.

The philosophical implications extend beyond legal attribution. Delegating lethal decision-making to algorithms transforms the ontology of warfare. Philosophers of technology such as Peter Asaro argue that accountability is a precondition of moral responsibility, and without human accountability, war becomes a domain in which killing is bureaucratically automated rather than morally adjudicated (Asaro, Ethics of Autonomous Weapons, 2024). NATO’s current frameworks acknowledge this risk in principle but do not yet embed binding guarantees of human responsibility.

Even where humans remain formally in the loop, the phenomenon of automation bias undermines meaningful control. A 2024 RAND study found that in 87% of simulated engagements, human operators deferred to algorithmic targeting recommendations even when contradictory intelligence suggested caution (RAND, 2024). This suggests that merely requiring a human operator to approve strikes does not ensure accountability if cognitive bias leads to rubber-stamping algorithmic outputs.

Insurance and liability markets provide further evidence of the accountability gap. According to a 2024 Lloyd’s of London report, no standardized insurance instruments exist for incidents involving autonomous weapons, because attribution of fault remains indeterminate . This absence of insurability signals that even private-sector risk assessment mechanisms cannot reconcile black-box opacity with accountability frameworks. NATO members relying on private contractors to operate or maintain autonomous systems therefore risk exposure to uninsured liabilities.

Civil society organizations continue pressing for resolution. The Campaign to Stop Killer Robots, in its 2024 policy brief, argued that delegating lethal decisions to algorithms violates international law per se, regardless of explainability levels . NATO has not adopted this position, instead reiterating that autonomous systems must remain subject to legal and ethical review. Yet the campaign’s visibility demonstrates persistent normative pressure that NATO cannot ignore, especially in democratic member states where public opinion constrains defence policy.

The accountability problem is therefore multidimensional: legal frameworks lack enforceable standards, technological opacity prevents attribution, human bias erodes meaningful oversight, and private markets refuse liability coverage. Without binding institutional reforms, NATO risks deploying systems whose mistakes will kill civilians without anyone able—or willing—to bear responsibility. The diffusion of accountability across a chain of actors dilutes responsibility to the point of absence, undermining both the moral legitimacy of NATO operations and the enforceability of humanitarian law.

Industrial Deployment—Autonomous Drones, Platforms, and NATO Member State Practices

Autonomous naval trials in the Baltic Sea during June 2025 demonstrated uncrewed surface vessels integrating with allied task groups under NATO Allied Command Transformation and Allied Maritime Command oversight, with interoperability, live-fire manoeuvres, and critical-infrastructure protection objectives publicly described by commanders and program leads in an official February 26, 2025 article from Allied Command Transformation and a June 5, 2025 operations note from NATO Maritime Command that detail command-and-control aims, AIS gap-filling, and rapid scaling via Task Force X demonstrations, reflecting a shift from pilot evaluation to operational experimentation at fleet level (NATO Allied Command Transformation article, NATO Maritime Command notice).

Industrial acceleration across the Alliance has hinged on an expanded test network: NATO’s Defence Innovation Accelerator for the North Atlantic (DIANA) reported network growth to 23 accelerator sites and 182 test centres across 28 Allied countries in March 2024, with program materials and topic pages updated through June 25, 2025 confirming more than 200 accelerator and test facilities and selection of over 70 companies for the 2025 accelerator cohort drawn from more than 2,600 submissions, which formalizes pathways from challenge calls to end-user adoption and verification in accredited facilities (NATO news, March 2024, NATO Emerging and Disruptive Technologies topic, June 25, 2025, NATO DIANA homepage, NATO news, December 2024 on 2025 cohort, DIANA cohort list, DIANA test-centre network).

Capital formation has complemented test-bed access: the NATO Innovation Fund (NIF) reported $5.2 billion in 2024 European defence, security and resilience venture funding in an February 12, 2025 joint report with Dealroom, noting 30% two-year growth against a broader venture contraction; NIF announced a lead investment in TEKEVER in July 2024, followed by a July 9, 2025 investment in Kongsberg Ferrotech, signalling sustained appetite for dual-use autonomy, perception, and resilience stacks that can transition from pilot to procurement within NATO and national ministries (NIF report note, February 12, 2025, TEKEVER investment, July 2024, NIF Kongsberg Ferrotech, July 9, 2025).

Procurement transitions are visible in the United Kingdom’s introduction of the Protector RG Mk1 (MQ-9B) into Royal Air Force service on June 16, 2025, a platform certified for flight in unsegregated UK airspace with detect-and-avoid capabilities and integration of Brimstone and Paveway IV weapons; program disclosures track delivery milestones from September 30, 2023 arrival at RAF Waddington, through February 12, 2025 test flights and ground station installation, to multi-aircraft operations within 2024, illustrating an acquisition model that couples civil-airspace safety cases to armed ISTAR deployment potential (Royal Air Force service entry, June 16, 2025, Royal Air Force aircraft page, Defence Equipment & Support testing note, February 12, 2025, DE&S annual report reference to September 30, 2023 arrival, General Atomics Aeronautical Systems update, July 22, 2024).

Short-range autonomous reconnaissance has progressed in Germany with the LUNA NG program: Rheinmetall documented 13 systems for the Bundeswehr in a September 28, 2023 announcement, with deliveries slated from 2025 and endurance exceeding 12 hours and a range exceeding 100 kilometres per data-link leg, positioning the platform for artillery and reconnaissance branches; official product briefs describe carbon-fibre fuselage, VTOL evolution, and options for communications relay as the firm iterates to multi-payload flexibility (Rheinmetall order announcement, September 28, 2023, Rheinmetall LUNA product page, Rheinmetall LUNA NG brochure, June 17, 2024, Rheinmetall LUNA NG technical leaflet).

Loitering-munition mass procurement in Poland is evidenced by the May 15, 2025 framework agreement for nearly 10,000 WARMATE systems between the Armament Agency and WB GROUP, with company notices emphasizing integration with the national TOPAZ fire-control and command suite and deployment through the modular GLADIUS reconnaissance-strike architecture that allows battery-level operations and multisystem launchers, reflecting a tendency to merge autonomous search with networked fires in divisional artillery (WB GROUP announcement, May 15, 2025, GLADIUS product description, WB GROUP delivery note, 2022 contract, WB GROUP UAV portfolio).

Tactical autonomous strike capabilities in Türkiye’s defence-industrial base include STM’s KARGU and ALPAGU families, where official technical pages describe fully autonomous navigation, machine-learning-assisted target tracking, and day-night operational envelopes for rotary- and fixed-wing variants, with multi-platform swarm concepts noted for ALPAGUT; these disclosures underscore that national vendors within the Alliance produce munitionized UAVs that can execute target prosecution workflows with limited operator input, contingent on rules of engagement that remain human-authorized in many doctrines (STM KARGU, STM ALPAGU, STM ALPAGUT).

Medium-altitude long-endurance arsenals in Türkiye also feature the Baykar Bayraktar TB2, whose official technical disclosure references an electro-optical guided munition architecture and widely exported service history, illustrating that allied-state manufacturing covers both attritable loitering munitions and higher-end MALE platforms, providing a layered ecosystem that feeds into Alliance exercises and national procurement pipelines with varying autonomy modes and payload certifications (Baykar Bayraktar TB2).

Surface and subsea autonomy in the Alliance laboratory network is anchored by the NATO Science & Technology Organization Centre for Maritime Research and Experimentation in La Spezia, which documents routine experimentation campaigns and student-industry competitions by March 12, 2025 focused on robotic inspection and critical undersea-infrastructure protection, while NATO’s Digital Ocean initiative during September 2024 at REPMUS 24 formalized mesh concepts for heterogeneous autonomous systems, including cooperative anti-submarine barriers and persistent ISR that require shared data models, latency-aware control, and edge-processing robustness against contested spectrum (STO CMRE page, CMRE news, March 12, 2025, NATO Digital Ocean note, September 20, 2024).

Counter-UAS doctrine within the Alliance has evolved through NATO centres of excellence, with the Joint Air Power Competence Centre publishing a comprehensive reference that maps sensors, effectors, and legal-procedural interfaces for engaging unmanned aircraft threats, thereby defining industrial interfaces for detection, electronic warfare, kinetic defeat, and multi-domain coordination that manufacturers must meet to obtain operational relevance and achieve plug-and-fight compatibility within layered air defence (JAPCC compendium).

Land-maritime integration in industry offerings includes software-defined autonomy stacks and interceptor systems: Anduril Industries’s published materials on the Ghost UAS outline a Group-2 unmanned aircraft with modular payloads and an operational history that includes integration into US programs, while Anvil interceptor descriptions establish a blueprint for close-in defeat automation; although corporate pages emphasize US use-cases, allied procurement in NATO member states frequently evaluates similar architectures for base defence and convoy overwatch, reinforcing a market trajectory toward AI-assisted sensing, autonomy core modules, and onboard collision-avoidance that must pass certification for deployment near civilian airspace (Anduril Ghost, Anduril Anvil).

Common flight-safety prerequisites for integrating armed RPAS into civil airspace are being advanced through the European Defence Fund via the European Detect and Avoid System line of effort, where official European Commission documentation records EUDAAS under EDIDP in 2021 and EUDAAS2 selection in 2023 under EDF, with work-programme lines in 2023 earmarking €40,000,000 for detect-and-avoid prototyping and testing and additional allocations for counter-UAS and sensor-grid actions; these allocations aim to produce certifiable detect-and-avoid capabilities that can be integrated into European Sky operations for RPAS alongside manned traffic, a necessary precursor for routine domestic deployment of armed surveillance platforms (European Commission EDF results page, May 16, 2024, EDF Indicative Multiannual Perspective 2025–2027, January 29, 2024, EDF Work Programme 2023, Part II, March 29, 2023).

Alliance-level data fusion has advanced through a NATO acquisition of an AI-enabled warfighting system reported by Supreme Headquarters Allied Powers Europe in June 2025, which identifies an enterprise platform for situational awareness and integration across national contributions; such procurement signals industrial demand for systems that combine sensor ingestion, track management, and targeting support under governance structures that conform to NATO’s Principles of Responsible Use of AI, which were endorsed in October 2021 and require law-of-war compliance, human accountability, and traceability across the model lifecycle (SHAPE acquisition note, June 2025, NATO Principles of Responsible Use of AI, October 2021).

Border-security automation among Allied states includes the Baltic multi-country “drone wall” concept announced by Lithuania’s interior leadership in May 2024, where open statements indicated intent to link surveillance and counter-drone measures across neighbouring borders, an approach that pulls industrial offerings toward persistent sensing, acoustic-seismic fusion, and counter-UAS nodes that can share alerts in real time, even as the specifics of autonomous engagement remain legally constrained and technologically cautious in public disclosures (Reuters report, May 26, 2024).

Maritime and littoral autonomy experiments rely on NATO science infrastructure that explicitly references enhancements to unmanned vehicles and integrated defence systems; official STO and CMRE pages outline applied research for autonomy, perception, and multi-vehicle coordination that industry partners can translate into deployment packages for mine countermeasures, infrastructure monitoring, and contested-water ISR, thereby seeding industrial design requirements for reliability, redundancy, and assured communications under coalition rules (STO overview, STO CMRE overview).

European cooperative air platforms continue through multinational programs such as Eurodrone, where OCCAR’s official update in November 2024 confirms airframe structural assembly in Germany and industrial workshare across France, Italy, and Spain, indicating that MALE capabilities with open-system architectures remain a strategic industrial objective for Allies seeking sovereign alternatives with standardized interfaces for autonomy augmentation, certified control links, and edge-processing payloads (OCCAR Eurodrone update, November 2024).

National industrial ecosystems are also orienting around open autonomy stacks: reporting on December 2024 partnerships between Rheinmetall and Auterion highlights a push toward standardized operating systems for autonomous battlefield drones to improve interoperability across Allied forces, which, if realized in certified implementations, would reduce operator training burden, enable swarm control, and simplify cross-border sustainment when integrated with NATO data and communications standards; such efforts align with NATO experimentation agendas that emphasize data-centric operations and modular control of heterogeneous fleets (Financial Times coverage, December 2024).

Ethical-control algorithms—popularized conceptually as an “ethical governor”—are grounded in published research rather than Alliance patent portfolios; a widely cited January 2009 Georgia Institute of Technology technical report by Ronald C. Arkin and colleagues describes a prototype approach to constraining lethal action in autonomous systems consistent with the law of armed conflict, but there is no official NATO patent corpus publicly documenting “ethical override algorithms” for autonomous drones, and any claim to such NATO patents lacks a verified institutional source and must be treated as “No verified public source available.” (Georgia Tech technical report, January 2009).

Allegations of a secret 2025 border trial in Lithuania under an “Iron Shield 2025” label involving predictive AI, autonomous kill logic, and a lethal strike on a civilian vehicle lack any confirmable public documentation from NATO, Lithuania’s defence or interior institutions, or recognized investigative bodies, and must be recorded as “No verified public source available.”

Claims of “black-box analyses” of modified Bayraktar drones with embedded third-party AI decision modules likewise have no publicly accessible technical reports, airworthiness records, or accident-investigation dockets from national aviation authorities, accident boards, or defence ministries; absent verifiable publication from recognized institutions, these assertions remain “No verified public source available.”

Procurement governance for autonomy within the Alliance environment is bounded by NATO’s Principles of Responsible Use of AI, which require legality, responsibility and accountability, explainability and traceability, reliability, governability, and bias mitigation across the AI lifecycle; national armaments regimes in Allied states channel those principles into tender specifications that drive industry to demonstrate human-on-the-loop control, deactivation features, and verifiable logs, while Alliance-level experimentation with Task Force X and Digital Ocean projects positions vendors to validate autonomy stacks against coalition interoperability and ethical-safety constraints, producing an industrial baseline for autonomous sensing, targeting support, and counter-UAS roles without delegating final lethal authority to unsupervised algorithms (NATO AI principles, October 2021, NATO Allied Command Transformation Task Force X, February 26, 2025, NATO Digital Ocean note, September 20, 2024).

Industrialization patterns in Alliance states exhibit convergence toward three stacks: platform-level autonomy with certifiable detect-and-avoid and safety monitors as in Protector and Eurodrone, munitionized attritable UAVs and loitering systems like WARMATE, GLADIUS, KARGU, and ALPAGU with operator-authorized strike logic and embedded navigation autonomy, and maritime cooperative autonomy tested through CMRE, Task Force X, and REPMUS that demands resilient communications, shared autonomy behaviours, and cross-fleet orchestration; in each case, public records show momentum in testing, acquisition, and funding, while also documenting governance and safety constraints that preclude unsupervised automated killing decisions in official doctrine and procurement language cited above (Royal Air Force Protector service entry, June 16, 2025, OCCAR Eurodrone, November 2024, WB GROUP May 15, 2025, STM KARGU, NATO CMRE page, NATO Maritime Command June 5, 2025, NIF February 12, 2025).

Responsibility for Machine-Led Lethality in Contemporary Armed Conflict: Law, Ethics and Command Accountability

Consensus texts negotiated under the framework of the United Nations Convention on Certain Conventional Weapons have established reference points for legal responsibility in the development and use of autonomy in targeting, even while treaty negotiations remain unfinished; the Group of Governmental Experts report adopted on May 24, 2023 concludes that international humanitarian law applies fully to emerging autonomous functions and that weapon systems incapable of compliant use must not be employed, while urging human judgment in targeting and structured human-machine interaction across the weapon life cycle, with these conclusions captured in the CCW/GGE.1/2023/2 document hosted by UNODA with the official record available at Report of the 2023 session of the GGE on LAWS.

Follow-on materials in 2024 progressed the accountability discussion through a Chair’s background paper that aggregates prior conclusions on human responsibility, distinction, proportionality, and precautions in attack while flagging unresolved questions about the quality and degree of human control required at different stages; the text is publicly accessible as Measures needed to ensure compliance with International Humanitarian Law. A consolidated General Assembly report transmitted on July 1, 2024 summarises state submissions on lethal autonomy and notes increasing convergence around keeping humans responsible and retaining context-appropriate control while mapping divergent views on binding rules, with the official file available at A/79/88. Complementing these records, the First Committee resolution 78/241 reproduced by UNODA in 2024 describes the mandate for the expert group to formulate by consensus elements of an instrument without prejudging form, thereby preserving a pathway to positive or negative obligations on autonomy while acknowledging political constraints, with the government-circulated text accessible at Resolution 78/241 “Lethal autonomous weapons systems”.

Institutional doctrine within the North Atlantic alliance addresses the responsibility problem through policy principles that require legal compliance, human accountability, and governability for any autonomous or data-driven targeting function, thereby providing an internal benchmark usable by national authorities and procurement bodies; the North Atlantic Treaty Organization adopted Principles of Responsible Use on October 22, 2021 and retained them when revising its defence Artificial Intelligence strategy, with the principles page hosted by NATO at Summary of the NATO Artificial Intelligence Strategy, 22-Oct-2021 and the revised strategic summary dated July 10, 2024 posted at Summary of NATO’s revised AI strategy.

The United States Department of Defense maintains a directive that operationalises responsibility and command approval for any autonomous weapon before fielding and constrains use to designed parameters with certification, training, and doctrine controls, supported by approval pathways to senior authorities; the current directive dated January 25, 2023 is published as DoD Directive 3000.09 and is accessible at Autonomy in Weapon Systems. Implementation guidance continues to evolve; cybersecurity risk-management tailoring for defence AI released on August 7, 2025 explicitly maps to the autonomy directive and to responsible AI toolkits, indicating that accountability must integrate with security controls throughout acquisition and deployment, with the document published by the Chief Information Officer at AI Cybersecurity Risk Management Tailoring Guide.

Positions from the International Committee of the Red Cross emphasise normative guardrails that directly link accountability to predictable human judgment in the use of force and to the prohibition of systems that cannot be reliably used in compliance with the law; in March 2024 the organisation transmitted recommendations to the United Nations Secretary-General calling for legal limits that ban unpredictable autonomous weapon systems as well as any system designed to select and attack persons, and for strict regulation of other types with clearly defined human control, with the text available at Autonomous weapons: ICRC submits recommendations to the UN Secretary-General. The overall position is elaborated through policy pages and technical materials that treat human control as a condition for lawful use and that foreground Article 36 reviews, with a topical entry at Autonomous weapon systems.

Legal responsibility attaches through multiple, overlapping frameworks that reach the individual, the state, and in some instances an international organisation. Individual criminal responsibility for war crimes, crimes against humanity, and other Rome Statute offences attaches to natural persons who order, plan, or facilitate unlawful attacks; the consolidated Statute in force, updated on the International Criminal Court site in May 2024, sets out the modes of liability under Article 25 and the mental elements under Article 30, and the authentic consolidated text is available at Rome Statute — English version. Doctrinal commentaries and jurisprudential developments confirm that superior responsibility and joint commission theories can bridge complex socio-technical causation where human actors rely on automated systems to direct violence, yet responsibility remains personal; the United Nations audiovisual library and the International Law Commission resources collate the interpretive corpus on attribution and fault under the Draft Articles on State Responsibility as well as the commentaries, with the official 2001 instrument provided at Responsibility of States for Internationally Wrongful Acts and the companion commentaries at Draft articles with commentaries. State responsibility addresses attribution of conduct for internationally wrongful acts, reparation, and invocation by injured states; in weapons autonomy this anchors accountability to the deploying state when an autonomous platform unlawfully kills, irrespective of whether an algorithm contributed to target selection, with the legal basis and structure summarised by the International Law Commission at Summaries of the work on State responsibility.

Domestic law mechanisms interact with international responsibility through pre-deployment legal reviews of new means and methods of warfare; Article 36 of Additional Protocol I obliges states to assess legality before adoption, and the ICRC provides a practice-oriented guide and advisory notes that translate this into institutional processes, beginning with early research and design reviews and extending through procurement approval and fielding restrictions when necessary; the publicly available guidance outlines structure, expertise requirements, and decision authority at Legal review of new weapons — Advisory Service on IHL and the fuller publication history is catalogued at Guide to the legal review of new weapons. Analysis published by SIPRI identifies technique-specific challenges for reviewing autonomy, including the difficulty of bounding behaviour in non-deterministic systems and the pitfalls of testing against unrealistic scenarios, with the public paper available at Article 36 reviews — dealing with the challenges posed by emerging technologies. Academic treatments in the International Review of the Red Cross explain doctrinal expectations for normal or expected use and emphasise the need to assess failure modes alongside intended effects, with an accessible entry point at The review of weapons in accordance with Article 36 of Additional Protocol I.

European regulatory developments affect accountability indirectly by shaping the upstream AI supply chain and the general-purpose model ecosystem that can later be adapted for military decision support; the European Union published the Artificial Intelligence Act in the Official Journal on July 12, 2024 as Regulation 2024/1689, establishing risk-based obligations for providers and deployers and standing up an AI Office for enforcement and guidance, with the authentic and in-force text reachable at Regulation (EU) 2024/1689 — Artificial Intelligence Act. The European Parliamentary Research Service mapped the staged implementation timeline in June 2025, noting that full effect requires multiple years while standards and codes are elaborated, and provides the briefing at AI Act implementation timeline. Separate EPRS analysis in April 2025 on defence AI clarifies parliamentary positions on lethal autonomy, underscores the requirement of meaningful human control for European Defence Fund eligibility, and identifies ongoing definitional disputes relevant to responsibility allocation, with the brief available at Defence and artificial intelligence. These materials do not legislate military use directly but they institutionalise documentation, risk management, and transparency disciplines that complicate post-incident denial and facilitate retrospective accountability through audit trails, provider logs, and conformity assessments in adjacent markets that often share technology stacks with defence projects.

Religious and ethical authorities add policy traction by articulating non-instrumental moral limits on automating lethal decisions; a Vatican News account dated July 10, 2024 records the Pontifical Academy for Life highlighting the risks of delegating lethal choices to software and calling for global rules, with the public article accessible at Pontifical Academy for Life calls for ethical use of AI. The Holy See engaged the GGE process with a written intervention on August 29, 2024 urging binding limits on autonomous weapons, which is posted on the UNODA site as Holy See statement to the GGE on LAWS. The Basilica-hosted G7 address by Pope Francis on June 14, 2024 criticized uses of artificial intelligence that instrumentalise human beings and implicitly complicate responsibility by obscuring agency, with the official speech text available on the Holy See Press Office page at Address of His Holiness Pope Francis — G7 Summit. Although theological argument does not itself allocate legal liability, it informs national policies and procurement ethics regimes that condition deployments and post-incident inquiries, thereby shaping how military organisations internalise accountability before crises.

Empirical studies on human-automation interaction warn that oversight designs can fail in predictable ways that legal frameworks must anticipate; research commissioned by RAND in August 2024 on bias mitigation in intelligence preparation for the battlefield observed that cognitive biases persist in human-machine teaming and can be amplified when analysts over-trust automated pattern recognition or adversarially suppress contradictory cues, with the report and full methodology provided at Exploring Artificial Intelligence Use to Mitigate Potential Human Bias within Army IPB and the complete report file available at RAND RRA2763-1 PDF. Wider organisational reviews conducted by RAND in September 2024 and June 2025 discuss automation bias, hallucination, and overreliance risks in national security contexts, stressing the need for accountable governance that measures human engagement and intervention rates rather than merely mandating nominal human-in-the-loop structures; representative open publications include Strategic competition in the age of AI — Emerging risks and One Team, One Fight. These findings intersect with legal review practice by suggesting concrete testable indicators for effective control, such as measured override frequency under time pressure and operator calibration of uncertainty, which become evidentiary anchors in post-incident investigations.

Explainability research in peer-reviewed venues underscores why post hoc visualisations often fail to provide faithful causal accounts of a model’s decision, thereby weakening exculpatory appeals to saliency maps when responsibility is adjudicated; Nature Machine Intelligence publications in 2023 and 2025 survey conceptual and mechanistic limits of popular techniques and call for ante hoc interpretability as well as robust validation metrics to avoid misleading narratives, with accessible articles at From attribution maps to human-understandable explanations and Mechanistic understanding and validation of large AI models. A systematic medical XAI review in 2025 hosted on PubMed Central likewise notes fidelity concerns that translate to safety-critical contexts, providing convergent evidence that glossy post hoc figures cannot substitute for documented design constraints and measurable performance envelopes in legal reviews or courts, and the open text is available at A Comprehensive Review of Explainable Artificial Intelligence in Computer Vision. These literatures support a normative position wherein responsibility remains with human authorities unless they can show verifiable, design-time constraints and independent validation that bound algorithmic behaviour within lawful parameters; absent such proof, claims of unpredictable emergent behaviour are foreseeable hazards that strengthen rather than attenuate responsibility.

Civil accountability mechanisms beyond criminal law remain unsettled for cross-border autonomous harm; the European Parliament research services describe the AI Act’s multi-year rollout and parallel debates over civil liability instruments, noting in 2025 that the separate AI liability directive proposal was withdrawn from the annual work programme while some Member States consider national reforms, with the tracker entry available at AI liability directive — Legislative Train. Victim recourse in transnational incidents involving allied operations may therefore depend primarily on existing tort and administrative law in the deploying state, coupled with the claims processes and status-of-forces arrangements negotiated within coalitions; the absence of a harmonised civil regime places greater weight on rigorous pre-deployment review, real-time command logging, and transparent after-action disclosure to enable any later adjudication.

Public claims about specific NATO field trials involving an autonomous system titled Vigilant Mind and a Baltic exercise referred to as Iron Shield with a civilian casualty incident in Lithuania in 2025 have no authenticated provenance in the official repositories, in alliance communiqués, or in verified national portals; No verified public source available. Alliance announcements during 2025 do show continued procurement and experimentation with data-driven capabilities as well as maritime and integrated air and missile defence initiatives, yet none corroborate the alleged incident; verifiable announcements include the Allied Command Transformation update on cognitive warfare and maritime initiatives and the integrated air and missile defence policy update, with representative institutional pages at Emerging and disruptive technologies — NATO topic and NATO IAMD policy update. Responsibility analysis in journalism or advocacy that cites anonymous leaks without public documents cannot displace the applicable legal baselines; absent primary evidence, accountability discussion must revert to what the black-letter instruments and institutional doctrines require, and those instruments place responsibility on the human commanders and states that design, approve, and employ any autonomous function in the use of force.

The allocation of responsibility within coalitions raises additional questions about international organisation liability; while the Draft Articles on the Responsibility of International Organizations adopted by the International Law Commission in 2011 are not a treaty, they are widely used for analytic framing and they contain rules on attribution to organisations and on member responsibility when the organisation directs or controls conduct, relevant for joint command structures, with the official commentary available at Responsibility of international organizations — 2011 commentaries. In practice, most allied operations embed national command authorities and caveats that ensure attribution to states, not to the alliance entity; responsibility then flows to the contributing state under the 2001 state responsibility articles and to individual commanders under criminal law where mental elements and causation are satisfied. This institutional design underscores why the presence of an algorithm never breaks the chain of accountability; design decisions, deployment approvals, rules of engagement, target validation procedures, and abort logic are all human authored and state endorsed, and each is traceable to documentary artefacts that can be demanded by investigators or courts.

The moral hazard of human-on-the-loop formalism without measurable control has been highlighted by the ICRC and by multiple expert processes; maintaining human accountability requires operational tests that verify the possibility and practice of intervention, not an abstract interface checkbox. The ICRC advisory notes urge that reviews give particular attention to measures ensuring human control over weapons and the use of force, pointing readers to the guiding principles debated within the CCW context, with an accessible document hosted by UNODA at ICRC commentary on the CCW guiding principles. Technical risk research on reinforcement learning for command and control conducted by RAND in 2024 explains failure surfaces that can confound human oversight, including distributional shift and reward exploitation, thereby raising foreseeability and duty-of-care questions for commanders who approve such systems without adequate bounds, with the open report at Risk Assessment of Reinforcement Learning AI Systems.

Ethical override algorithms, as sometimes described in industry and policy narratives, are not a legal shield; the principle of governability within the NATO Principles of Responsible Use demands the ability to disengage or deactivate, yet the duty to do so rests with human commanders under attack law and command responsibility doctrines. Where a system selects and engages a target and the human oversight is perfunctory or practically ineffective due to design or tempo, responsibility analysis will examine procurement-stage records, test data, interface logs, and training to decide whether the approving authorities accepted unreasonable risk or failed to ensure a feasible means of intervention; this is consistent with the DoD directive’s insistence on certification, training, doctrine alignment, and senior review, as posted at Autonomy in Weapon Systems and with alliance policy at Summary of the NATO Artificial Intelligence Strategy.

Institutional pathways for investigation and public transparency remain a critical component of accountability when autonomous assistance is implicated in lethal harm. The International Criminal Court continues to demonstrate willingness to pursue complex command responsibility theories in contemporary conflicts, signalling that technical mediation will not bar scrutiny; May 20, 2024 filings in a high-profile situation relied on the Rome Statute Articles 25 and 28 to articulate both co-perpetration and superior responsibility, an approach widely reported in public records and consistent with the Court’s jurisdictional practice, with a representative court filing accessible at ICC Court Record — August 6, 2024 decision excerpt. National militaries and coalition authorities that wish to retain strategic legitimacy and reduce legal risk will need to publish incident review methods, preserve telemetry and decision logs for external auditors, and commit to red teaming that includes lawful-use stress tests under realistic operational pressure, thereby creating an evidentiary base for responsibility determinations.

Policy convergence around meaningful human control provides the clearest bridge between ethics and law. The ICRC recommendations in March 2024 calling for the prohibition of unpredictable systems and of systems designed to select and attack people, coupled with strict regulation of any remaining forms of autonomy, are now mirrored in several parliamentary briefs and national consultations, including EPRS research that links funding eligibility to meaningful human control; the primary ICRC publication is at Autonomous weapons: ICRC submits recommendations to the UN Secretary-General and the EPRS document is at Defence and artificial intelligence. The accountability logic is straightforward: without functionally effective human control, no responsible agent remains to apply context-dependent legal judgments on distinction and proportionality; responsibility then reverts to those who chose to field a configuration that predictably prevents such judgments, which intensifies rather than dilutes their liability under both criminal and state-responsibility regimes.

The conceptual thread uniting these sources is that algorithms that assist or automate target selection do not create legal voids; they create evidentiary trails. Inquiries that follow a wrongful killing will seek the Article 36 review record, the conformity assessments and cyber risk tailoring where applicable, the training syllabus for operators, the override design and latency data, the operator-system interaction logs, and the chain of command approvals. Where public allegations lack authenticated documents or official confirmations, as in the claims regarding Vigilant Mind and Iron Shield in the Baltic region in 2025, the responsible approach is to record the allegation and note the absence of public evidence rather than to treat it as fact; No verified public source available. The verified documentary landscape points instead to a maturing set of legal, ethical, and technical instruments that keep responsibility with human decision-makers and the states that empower them, and the onus now lies on defence institutions to prove in practice that their deployments translate these obligations into real and measurable control when lives are at stake.

---

Copyright of debuglies.com
Even partial reproduction of the contents is not permitted without prior authorization – Reproduction reserved