menu_bookArticles · Reports · Whitepapers

Articles, reports & whitepapers.

Engineering-focused writing from the RuleMesh team. Regulatory explainers, technical whitepapers, and protocol proposals for teams implementing compliance.

Regulatory Briefing — EU AI Act

The AI Act Deadline Just Moved 16 Months. Three Obligations Didn’t.

The Digital Omnibus delays high-risk AI to December 2027 — but transparency, watermarking, and two new prohibitions still apply in 2026, mapped by actor role.

6 min readReadarrow_forward
Protocol Proposal · IETF Draft

We Proposed a New Web Standard So Systems Can Prove Compliance to Each Other

HCAP — the HTTP Compliance Authorization Protocol. A draft specification submitted to the IETF to move compliance verification out of email and into the HTTP layer.

9 min readReadarrow_forward
Technical Whitepaper 04-B

GDPR Is Not 99 Articles. It Is 7 Engineering Problems.

A practical framework for prioritising GDPR compliance — based on what the regulation actually requires from your systems.

12 min readReadarrow_forward
Regulatory Advisory 027

You Are Outside the EU. The GDPR Still Applies to You.

GDPR Article 27 — EU Representation for Non-EU Controllers and Processors.

8 min readReadarrow_forward
Compliance Advisory

Sending EU Data Outside Europe? Here Is What the GDPR Requires.

Under GDPR Chapter V, the transfer of personal data to a third country requires specific safeguards.

10 min readReadarrow_forward
White Paper — Technical Series 04

Agent-Agnostic Compliance: How Three AI Models Interpret Identical Regulatory Data via MCP

A technical study demonstrating that structured MCP data drives consistent compliance outcomes across Claude, Gemini, and GPT.

15 min readReadarrow_forward
Perspective — Agentic Trust

AI Agents Don't Earn Trust. Their Compliance Infrastructure Does.

What the CSA's Agentic Trust Framework says — and why the regulatory data layer, not the model, is where trust is actually earned.

11 min readReadarrow_forward