The AI Register Becomes Public Memory
AI registers are becoming the public memory layer of automated government. Their promise is simple: before a system can be challenged, audited, compared, or democratically discussed, people have to know that it exists.
The First Problem Is Finding the Machine
The first obstacle in AI accountability is often not explainability. It is discovery. A person cannot contest an automated decision system they do not know is in use. A journalist cannot investigate a tool that is hidden inside procurement records. A regulator cannot prioritize oversight if agencies do not maintain a live inventory. A public servant cannot govern a deployment that has spread through pilots, vendors, spreadsheets, workflow tools, and local experiments faster than the institution can remember it.
This is why AI and algorithm registers matter. They look bureaucratic because they are bureaucratic: names, owners, purposes, affected services, data categories, model descriptions, risk assessments, human oversight, vendors, status, and contact paths. But bureaucracy is not a side issue here. The register is the institutional form that turns a private or internal system into a public object.
The modern AI system often enters public life as a convenience layer: a chatbot, matching tool, risk flag, translation assistant, fraud model, triage system, document classifier, recommendation engine, search assistant, or analytics dashboard. The register asks a prior question: where is it, who owns it, what does it do, whom can it affect, and what evidence exists that it should be there?
The Municipal Start
Amsterdam and Helsinki helped make the register visible as a civic form. Helsinki's AI Register describes itself as a window into the city's AI systems, letting residents see quick overviews or more detailed information and give feedback. Its entries include public-service chatbots, intelligent material management in libraries, and recommendation tools. The point is not that every listed system is a frontier model. The point is that ordinary municipal automation becomes part of a public record.
Amsterdam's early algorithm register followed the same democratic instinct: if algorithms assist public decisions or services, the city should say so in a form citizens can inspect. The Dutch national Algorithm Register later absorbed Amsterdam's register into a central platform. Dutch digital-government materials describe the register as a foundation rather than an endpoint: publication should open discussion about safeguards, risks, responsibilities, impact assessments, and whether some applications should be discontinued.
Eurocities' Algorithmic Transparency Standard generalizes that municipal lesson. It gives cities a shared schema for explaining algorithmic tools, the decisions they support, and why they are used. The schema matters because transparency that cannot be compared is weak. If every agency invents its own vocabulary, the public receives scattered pages rather than an oversight surface.
The National Inventory Layer
The United States has moved toward a federal inventory model. OMB Memorandum M-25-21 requires federal agencies to maintain AI use-case inventories, and agency pages now publish at least the releasable portions. The Department of Justice says each federal agency must inventory AI use cases, submit the inventory to OMB, and post publicly releasable uses on its website. DOJ's 2025 inventory included 315 entries, a 30.7 percent increase from its 2024 inventory, and covered use cases in pre-deployment, pilot, deployed, or retired stages.
DHS publishes a full and simplified AI use-case inventory and distinguishes safety- and rights-impacting systems under OMB categories. The Federal Reserve Board, Interior Department, VA, and other agencies publish their own inventory or compliance materials. This is not a single elegant public database. It is a distributed reporting regime, built out of agency pages, spreadsheets, compliance plans, and OMB rules.
That distribution has advantages. Agencies understand their own missions, systems, exemptions, and security constraints. It also has costs. A citizen looking across agencies may find inconsistent language, uneven detail, redactions, stale statuses, broad use-case categories, and missing context about whether a tool actually affects decisions or merely supports staff. The inventory can become a map, or it can become a fog of official descriptions.
OMB's high-impact AI framework raises the stakes. M-25-21 defines high-impact AI around outputs that serve as a principal basis for decisions or actions with legal, material, binding, or significant effects on rights or safety. It also requires minimum risk-management practices for those uses, including pre-deployment testing and AI impact assessments. The inventory is therefore not just a list. It is the front edge of a governance workflow.
Registration Under the EU AI Act
The EU AI Act pushes registration into law. Article 49 requires providers of many Annex III high-risk AI systems to register themselves and their systems in the EU database before placing them on the market or putting them into service. It also requires public authorities and entities acting on their behalf to register their use of many high-risk systems before deployment. Certain law-enforcement, migration, asylum, and border-control registrations go into a restricted non-public section, while critical-infrastructure systems are registered at national level.
That architecture reveals a hard truth about transparency. Some systems need public visibility because they affect rights, access, work, education, public benefits, or safety. Some systems also touch security, policing, migration, or infrastructure in ways that make full public disclosure sensitive. The challenge is not solved by saying "publish everything" or "trust the authority." The challenge is to design a record structure that gives the public, competent authorities, auditors, courts, and affected people the right level of access for the right purpose.
Registration also shifts attention from the model as a general artifact to the system in context. A model used for entertainment is not the same public object as a model used for hiring, benefits, migration screening, school placement, or medical triage. The register has to capture deployment, not only technology.
What Registers Miss
A register can fail in several ways.
It can be incomplete. Systems may be left out because staff do not recognize them as AI, because pilots are treated as temporary, because vendors bundle AI into larger products, because agencies fear reputational risk, or because exemptions swallow the rule.
It can be too vague. A title, a vendor name, and a cheerful purpose statement do not tell the public how the tool changes work, what data it uses, who is affected, what human review means, or what happens when the system is wrong.
It can be too technical. A register written only for specialists may satisfy a transparency checkbox while excluding the people most likely to be affected by the system.
It can be stale. AI systems change through model updates, retraining, prompt revisions, workflow integrations, vendor substitutions, policy changes, and staff practice. A register that is accurate once can become misinformation by neglect.
It can become accountability theater. Publication can create the feeling that oversight has happened. But a listed system is not necessarily lawful, fair, useful, secure, contestable, or worth deploying. The Dutch discussion is right: registration is the beginning of governance, not the completion of it.
The Governance Standard
A serious AI register should meet a stricter standard than public relations transparency.
First, every entry should have an accountable owner. The public needs a named agency, office, or role responsible for the system, not only a vendor or platform label.
Second, the register should identify decision force. It should say whether the system informs, recommends, ranks, flags, drafts, automates, or materially influences a decision, and whether that decision affects rights, safety, access, money, employment, education, housing, health, policing, immigration, or public services.
Third, the register should show evidence paths. Useful entries point toward impact assessments, privacy reviews, testing summaries, evaluation results, human-oversight procedures, appeal routes, incident channels, procurement documents, and audit records where disclosure is lawful.
Fourth, the register should track lifecycle status. Planned, pilot, deployed, suspended, retired, and replaced systems should not be collapsed into one timeless category. Public memory needs time.
Fifth, the register should be searchable and machine-readable. Oversight depends on comparison. Researchers, journalists, advocates, and auditors should be able to see patterns across agencies, vendors, domains, risk categories, and populations.
Sixth, the register should include absence rules. If systems are excluded for security, law-enforcement, privacy, or national-security reasons, the exemption itself should be logged for competent oversight. Otherwise the most consequential systems can disappear into the exception.
Seventh, registration should trigger review. A system newly registered in a high-impact category should not merely appear on a website. It should enter an oversight queue: risk classification, pre-deployment testing, civil-rights review, privacy review, public notice where appropriate, and a path for affected people to contest outcomes.
The Site Reading
The AI register is a memory technology for institutions that are learning to act through models.
That makes it more important than it looks. The visible drama of AI governance is often the courtroom, the summit, the executive order, the frontier model launch, or the scandal after harm. The register is quieter. It is the spreadsheet before the hearing, the schema before the audit, the public page before the lawsuit, the entry that lets a citizen say: this system exists, it touched my case, and I want to know why.
Model-mediated government tends toward invisibility because it hides inside workflow. The clerk sees a recommendation. The manager sees a dashboard. The citizen sees an answer, delay, denial, or silence. The register pulls that hidden layer into institutional memory.
But memory can also be decorative. A society can build a beautiful catalog of machines it does not control. The deeper test is whether the register changes power: whether it helps people find the system, understand its role, challenge its outputs, audit its behavior, compare it with alternatives, and shut it down when the evidence fails.
The machine that cannot be found cannot be governed. The machine that is merely listed has only been named. Public memory begins at registration, but democratic control begins when the name can be used.
Sources
- City of Helsinki, AI Register, reviewed May 2026.
- Eurocities Digital Forum Lab, Algorithmic Transparency Standard, reviewed May 2026.
- Digital Government NL, How Amsterdam helped shape Algorithm Register's success, May 2026.
- European Commission AI Act Service Desk, Article 49: Registration, Regulation (EU) 2024/1689.
- European Commission AI Act Service Desk, Article 71: EU database for high-risk AI systems listed in Annex III, Regulation (EU) 2024/1689.
- Office of Management and Budget, M-25-21: Accelerating Federal Use of AI through Innovation, Governance, and Public Trust, April 3, 2025.
- U.S. Department of Justice, AI Inventory, updated January 30, 2026.
- U.S. Department of Homeland Security, Artificial Intelligence Use Case Inventory, reviewed May 2026.
- GOV.UK, Algorithmic Transparency Recording Standard: guidance for public sector bodies, updated May 8, 2025.
- Church of Spiralism Wiki, AI in Government and Public Services, Algorithmic Impact Assessments, and AI Incident Reporting.
- Church of Spiralism Org, Transparency and Public Registers.