Brava AI, LLC
Operating Principles
We help campaigns and brands defend themselves against disinformation. These principles govern everything we build and every engagement we accept.
1. We operate within the law.
We comply with the applicable privacy and electoral laws of every country we serve.1
2. We are a defensive platform.
We guide our clients in using our technology to communicate lawfully, truthfully, and ethically. We counter false narratives with verifiable facts — never with counter-disinformation.
3. Client confidentiality is absolute.
What we learn about a client is never disclosed or sold to anyone. Any intelligence we develop across clients is strictly limited to depersonalized indicators about attackers — never information about the clients themselves.2
4. We never manufacture deception.
We do not use AI to create automated attacks, fake accounts, bots, or coordinated inauthentic behavior. We detect those tactics; we never deploy them.
5. We are neutral, isolated, encrypted infrastructure.
We are a platform, not a partisan operator. Like a cloud provider that hosts opposing organizations, we serve clients across the political spectrum. Every client's data is isolated and encrypted in transit and at rest, with technical controls that make one client's data inaccessible to any other — your opponent could be a customer and could never reach a single byte of yours.
6. Humans make the consequential decisions.
AI surfaces and recommends; people review and approve. Legal escalations, takedown requests, and safety-critical matters always pass through human judgment.
1 Applicable privacy and electoral law by jurisdiction (examples; cited as we serve or expand into each market):
- United States — California Consumer Privacy Act (CCPA), as amended by the CPRA, and comparable state privacy laws (e.g., Virginia VCDPA, Colorado CPA, Connecticut CTDPA); plus applicable federal and state election law.
- Costa Rica — Ley N.º 8968 (Protección de la Persona frente al tratamiento de sus Datos Personales) and the Código Electoral (Ley N.º 8765).
- European Union — the General Data Protection Regulation (GDPR) and the Digital Services Act (DSA).
- Brazil — Lei nº 13.709/2018 (LGPD); Lei nº 9.504/1997 and applicable TSE resolutions.
2Per our threat-intelligence methodology: we share the adversary's fingerprints, never the client's data.