Human Signal · Dr. Tuboise Floyd · USCO TXu002503385
Now public · Free · No gate · No vendor required
12 Incidents · Real Institutions · TAIMScore™ Scored · Released April 2026
Failure Files™ is Human Signal's forensic AI governance case library. Every case is drawn from a documented real-world incident, scored against the TAIMScore™ framework, and analyzed to show exactly which governance controls were absent or insufficient at the moment the institution failed. These are not hypotheticals. These are the institutions that already went first. As of April 2026 — all 12 cases are public. Free. Because governance is not learned in the abstract.
Pedagogical framework
Failure Files™ is a proprietary Human Signal pedagogical series designed around a foundational principle of andragogic learning: adults learn governance best through failure cases — lived experience by proxy. Every case in the series is sourced from documented real-world AI incidents, primarily from the Project Cerebellum AI Incident Database and independent research.
Each case is applied against the TAIMScore™ framework — the Trusted AI Model Score developed by HISPI's Project Cerebellum — and mapped to the specific GOVERN, MAP, MEASURE, and MANAGE controls that were absent or insufficient at the moment of institutional failure. The scoring is not editorial. It is structural: these are the exact controls the TAIMScore™ framework requires. The failure case shows what happens when they are not in place.
Failure Files™ is licensed intellectual property of Human Signal. The TAIMScore™ framework application is conducted under an affiliated agreement with HISPI. Taiye Lambo, creator of TAIMScore™ and Founder and CAIO of HISPI, has affirmed Failure Files™ as Dr. Floyd's intellectual property.
“Permitted is not the same as admissible.”
— The Trust Gap · Human SignalThe Failure Files™ series is a core component of the TAIMScore™ Assessor Workshop — where practitioners apply these cases as hands-on scoring exercises. It is also discussed on every episode of The AI Governance Briefing. Every month, a new Failure File of the Month is released — a forensic autopsy of a recent real-world incident.
The andragogical design is intentional. Institutions do not fail because their employees don't know what AI is. They fail because the governance structures surrounding their AI systems cannot intervene at the moment of execution. Failure Files™ makes that gap visible — case by case, control by control.
Reading guide
Each card has two sides. The front identifies the incident, its category, the TAIMScore™ controls implicated, and the source. The back is the full governance breakdown — what broke, which control, why it matters for your institution. Tap, click, or press Enter on any card to flip it.
The incident
What happened
The institution, the system, the moment of failure. Sourced from Project Cerebellum AI Incident Database or independent research. No editorial spin.
The controls
What failed
The specific TAIMScore™ GOVERN, MAP, MEASURE, or MANAGE controls that were absent or failed. Coded by domain.
The implication
Why it matters
Why it matters for your institution. What question the TAIM framework forces you to ask — and what happens if you don't ask it.
Corpus lens · Methodology anchor
Each Failure File™ scores one institution against a small set of specific TAIMScore™ controls. The full picture only becomes visible when those individual cases are viewed against the entire AI incident corpus — which is what HISPI's Project Cerebellum analytics layer makes possible.
The TAIM × incident volume analytics indexes 2,724 distinct articles against 72 TAIM controls. The ranking is structural: it shows which governance controls fail most often in the public record, and which fail invisibly until catastrophe forces them into reporting. The cases you read here are the high-resolution view. The analytics graph is the wide-angle.
Top failing controls · TAIM × incidents corpus
1,410
MAP 1.6 · articles
1,230
MEASURE 2.6 · articles
974
MEASURE 2.10 · articles
759
MAP 4.1 · articles
The corpus tells you where the structural pressure is highest. The Failure Files™ tell you what it looks like when that pressure breaks an institution.
→ View the full TAIM × incidents analytics · HISPI / Project Cerebellum · data source: AI Incident Database
All 12 Failure Files™ · TAIMScore™ in action
Each case is drawn from a documented real-world AI incident and scored against the TAIMScore™ framework. Tap any card to read the full governance breakdown.
Failure File 01 of 12
Accountability & Training
Microsoft TAY · PC-AIID #6
Failure File 01 · Full breakdown
Microsoft spent an estimated $0 on adversarial input controls before releasing TAY in March 2016. Within 16 hours, TAY published racist propaganda and called for genocide. The root cause was a GOVERN 2.2 failure — no accountability structure for what happens when your AI learns from the internet without guardrails.
TAY fails four TAIM domains simultaneously: no adversarial testing protocol, no real-time kill-switch SLA, no viable non-AI alternative planned, and no defined deactivation authority.
If your org is shipping a public-facing AI system and nobody has asked "what does our AI do when someone tries to break it?" — you are six months from your own TAY moment.
Failure File 02 of 12
Third-Party AI Risk & Supply Chain
Mata v. Avianca · PC-AIID #541
Failure File 02 · Full breakdown
Steven Schwartz had 30 years of legal experience. ChatGPT told him six fabricated court cases were real and verifiable. The judge fined him $5,000. His firm was sanctioned. The case was dismissed. His name is now a global cautionary tale.
This is a GOVERN 6.1 failure: zero supply chain controls on AI tooling. ChatGPT was functioning as a third-party vendor with no SLA, no verification protocol, and no accountability structure. MAP 4.1 would have caught it earlier — mapping the legal risks of every AI component before it touches a court filing.
The pattern is identical in federal procurement, healthcare documentation, and intelligence workflows. If your teams use generative AI in any document-intensive workflow without a human verification checkpoint, you are one hallucinated citation away from your own Mata v. Avianca.
Failure File 03 of 12
Measurement & Incident Tracking
Australian Research Council · PC-AIID #559
Failure File 03 · Full breakdown
Researchers applying for Australian government grants worth up to $500,000 found two words at the bottom of their peer review: "Regenerate Response." A reviewer had used ChatGPT to evaluate confidential research — and forgotten to remove the interface artifact.
This is a MEASURE 4.3 failure. No feedback mechanism existed for identifying AI-contaminated assessments. MANAGE 4.3 compounds it — when discovered, the ARC had no incident response process. The response was reactive, public, and incomplete.
If your institution uses human evaluators in any high-stakes process — procurement review, grant assessment, performance evaluation — and has no mechanism to detect AI-generated output, this incident is your gap analysis.
Failure File 04 of 12
Post-Deployment Monitoring
DeepNude / Telegram · PC-AIID #530
Failure File 04 · Full breakdown
By July 2020, a Telegram deepfake bot had been used to non-consensually generate explicit images of at least 100,000 women and girls — the majority unaware. The original DeepNude app was taken down within 24 hours of press coverage. The technology migrated to Telegram and operated for over a year before researchers published findings.
This is a MANAGE 4.1 failure at scale. No post-deployment monitoring. No abuse reporting integration. No decommissioning procedure for an AI capability that had escaped its original deployment context.
If your organisation deploys any generative capability — image, voice, text, or video — without a post-deployment monitoring plan, this incident is your threat model.
Failure File 05 of 12
Privacy Risk & Socio-Technical Design
OpenAI Class Action · PC-AIID #561
Failure File 05 · Full breakdown
In June 2023, a class action alleged ChatGPT was trained on private data without consent — including children's data, copyrighted work, and PII — in a 157-page complaint. The FTC opened an investigation. The regulatory fallout is still accumulating.
Every organisation that deployed ChatGPT in a regulated environment without asking "what data was this model trained on?" inherited this risk on sign-up. That question is MAP 1.6. MEASURE 2.10 is where most organisations fail: privacy risk exists but is never formally scored.
In healthcare, federal procurement, and financial services, downstream exposure from deploying a model with contested training data provenance is active regulatory territory — under HIPAA, TRAIGA, the Colorado AI Act, and the EU AI Act simultaneously.
Failure File 06 of 12
Workforce Security & External AI Threats
FBI Sextortion PSA · PC-AIID #551
Failure File 06 · Full breakdown
In June 2023 the FBI warned that deepfakes were being weaponised for sextortion — targeting victims using photos scraped from public social media. Sextortion cases involving AI-generated imagery increased 322% in a single year.
The institutional exposure: a federal contractor whose employee becomes a target faces potential coercion, credential exposure, and operational security compromise. None of this appears on a standard AI risk register. This is a MANAGE 2.4 failure — no mechanisms existed to respond to AI systems weaponised against the workforce from outside the perimeter.
If your AI governance program only covers AI you deploy — and not AI deployed against you — your threat model is incomplete.
Failure File 07 of 12
Trustworthy AI Evaluation & Human Subjects
Myanmar Safe City
Failure File 07 · Full breakdown
Myanmar activated 335 Huawei AI surveillance cameras in December 2020 — a $1.2M Safe City initiative. Six weeks later, the military executed a coup. Those cameras were now operated by a junta that had suspended citizens' right to be free from warrantless surveillance.
This is a MEASURE 2.2 failure. The system was never evaluated for trustworthy characteristics in the context of its actual deployment population. The question TAIM forces — "Have we evaluated impact on those with no power to refuse?" — was never asked.
For US federal agencies and defense contractors procuring surveillance-capable AI: the EU AI Act classifies real-time biometric surveillance as high-risk. TRAIGA and the Colorado AI Act have active requirements. The technology your agency procures today may already be non-compliant.
Failure File 08 of 12
AI Validity, Reliability & Generalization Limits
Opaque AI / Child Welfare
Failure File 08 · Full breakdown
The Hackneys took their lethargic infant to the ER — the correct decision. Their screening data was fed into an opaque AI risk-scoring tool. The tool flagged them for parental negligence during a national formula shortage. Their child was taken.
This is a MEASURE 2.5 failure. The AI had never been demonstrated valid outside the narrow conditions it was developed under. Its generalisability limits were undocumented. When a real-world edge case appeared, the system had no mechanism to flag uncertainty or defer to human judgment.
This pattern is active in federal welfare systems, veteran services, and disability determination right now. If your org uses AI scoring in decisions affecting someone's family or benefits, and cannot explain model performance at its edges, this incident is your risk exposure.
Failure File 09 of 12
Bias, Fairness & Contextual Deployment
Wrongful Arrests · PC-AIID #74 · #896
Failure File 09 · Full breakdown
Robert Williams. Michael Oliver. Nijeer Parks. Three Black men. Three wrongful arrests. Facial recognition technology never validated for the population it identified. Detroit Police acknowledged their system would yield misidentifications 96% of the time when used in isolation.
Detroit settled with Robert Williams for $300,000. MAP 1.2 failure: no demographic performance analysis documented for the deployment context. MEASURE 2.11 failure: fairness and bias were never evaluated before deployment — they were evaluated after arrests made national news.
For federal law enforcement and DHS components: TRAIGA, the Colorado AI Act, and the EU AI Act all have active requirements in this area. The biometric identification technology your agency uses today may already be non-compliant.
Failure File 10 of 12
Novel Risk Response & Unknown Unknowns
AI Pentagon Image · PC-AIID #543
Failure File 10 · Full breakdown
On May 22, 2023, a verified Twitter account posted an AI-generated image of black smoke near the Pentagon. The S&P 500 dipped. The Dow dropped. Analysts estimate ~$600M in market cap was temporarily erased before the DoD confirmed no incident had occurred. Total exposure time: under 90 seconds.
This is a MANAGE 2.3 failure: no procedures existed to respond to a previously unknown risk — AI-generated disinformation capable of moving financial markets. The response was reactive and slower than the algorithm that spread the image.
For financial regulators, Treasury components, and any federal operator with market exposure: synthetic media targeting high-volatility information categories is an active operational risk. If your AI risk register only covers AI you deploy, your incident response framework has a gap.
Failure File 11 of 12
Model Change Management
AI Seinfeld / Twitch · PC-AIID #462
Failure File 11 · Full breakdown
Nothing, Forever was a 24/7 AI Seinfeld parody with tens of thousands of viewers. The team switched from GPT-3 Davinci to Curie during a technical outage — without realising Curie lacked the same content moderation. Within minutes the AI delivered transphobic content live. Twitch banned the channel for 14 days.
The failure mode was not the content. It was a model substitution made under operational pressure, without impact assessment, in a live environment. That pattern — "we just swapped the model, it's basically the same" — is active in government AI deployments, healthcare clinical decision support, and financial risk engines right now.
MAP 5.1: impact of model change never assessed. MEASURE 2.9: model never documented in deployment context. If your org has substituted an AI model in production without a formal impact assessment, this incident is your audit finding waiting to happen.
Failure File 12 of 12
Feedback Systems & Context-Appropriate AI Use
Vanderbilt / ChatGPT
Failure File 12 · Full breakdown
Vanderbilt's Peabody School sent students a condolence email following the Michigan State mass shooting. At the bottom: "Paraphrase from OpenAI's ChatGPT." The backlash was immediate, national, and devastating.
The direct cost: $0. The institutional cost: the erosion of student trust, a public apology, and the permanent association of Vanderbilt's name with AI misuse in one of the most human moments an institution can face.
This is a MEASURE 3.3 failure. No feedback mechanism existed to flag high-stakes communication contexts where AI output should be reviewed, escalated, or prohibited. The governance layer that asks "Is this a context where a human being must own the words?" did not exist.
Take it further
Every case above is public — free, ungated, permanently. What you can purchase is the compiled PDF instrument: print-ready, annotated, structured for institutional training use. And if you want Dr. Floyd to walk through your specific governance gaps — that's the debrief.
Standalone
$197
One-time · Immediate PDF download
PDF + Debrief
$697
One-time · PDF + 60-min session with Dr. Floyd
Human Signal Town Hall · June 18, 2026 · Washington DC
Town Hall attendees receive the Failure Files™ PDF included.
25 seats. $147. 5 governance practitioners. 14 seats remaining. Failure Files™ PDF included with your seat.
“Adults don't learn governance from feature lists. They learn from cases where governance failed — and someone paid the price.”
Dr. Tuboise Floyd · PhD Adult Education / Systems Theory · Auburn University · ORCID 0009-0008-0055-072X
All sales are final. No refunds. No exchanges. PDF delivered via email within 24 hours of purchase. Debrief sessions must be scheduled within 90 days of purchase. By purchasing you agree to Human Signal's terms of use at humansignal.io.
Common questions
Failure Files™ is Human Signal's proprietary series of forensic AI governance case studies. Each case is sourced from a documented real-world incident, scored against the TAIMScore™ framework, and analyzed to reveal which GOVERN, MAP, MEASURE, and MANAGE controls were absent at the moment of failure. Proprietary IP of Human Signal, developed under an affiliated agreement with HISPI.
Yes. As of April 2026, all 12 Failure Files™ case summaries and full breakdowns are publicly accessible here — free, no gate, no vendor relationship required. This is Human Signal IP, released publicly because governance is not learned from a checklist. The complete set with hands-on workshop application — where practitioners score cases themselves using the TAIMScore™ platform — is available through the TAIMScore™ Assessor Workshop.
Yes. Use the filter buttons above the cards to view cases by GOVERN, MAP, MEASURE, or MANAGE controls — or by Federal/GovCon and Privacy & Data Risk categories.
Cases are sourced primarily from the Project Cerebellum AI Incident Database and independent research. PC-AIID incident numbers are referenced on each card where applicable. Cases are used for analytical and pedagogical purposes only.
Yes. Human Signal releases a Failure File of the Month on The AI Governance Briefing — a forensic autopsy of a recent real-world AI governance failure. Subscribe to The Signal Brief newsletter to receive each new case as it drops.
Failure Files™ is intellectual property of Human Signal (USCO Registration TXu002503385). The full case library is publicly available here — free and ungated as of April 2026. For institutional licensing, curriculum integration, or workshop delivery partnerships, contact Human Signal through the consulting practice or contact page.
Human Signal · June 18, 2026 · Washington DC
The Human Signal Town Hall — June 18, 2026. 25 seats. $147. Dr. Floyd plus five governance practitioners. The Failure Files™, the frameworks, and the diagnostic questions that separate structural governance from compliance theater. Not a webinar. A working session.
Govern the machine. Or be the resource it consumes.