Vinicius Santana Gomes

Vinicius Santana Gomes

The adoption of generative artificial intelligence in the public sector has been treated predominantly as a technological problem, with the expectation that productivity gains would follow from the availability of increasingly capable models. This paper argues, drawing on two auditable cases in the Brazilian Public Service, that the determining barrier to adoption observed in these units was not technological but training-related, and describes the four-layer structured pedagogical methodology developed by the author. The method was applied in two units with distinct institutional profiles: the Sectoral Internal Control Office of the Federal District Department of Health (SES/CONT) throughout 2024, and the Internal Control Unit of the Federal District Department of Economic Development, Labor and Income (UCI/SEDET) throughout 2025. In both cases, the official indicators from the Electronic Information System of the Federal District Government (SEI-GDF), verifiable by third parties, recorded substantial gains: average processing time fell by 18.2% at SES/CONT and by 50% at UCI/SEDET, with UCI also recording a 92% increase in technical-report production, the issuance of 288 formal recommendations to public managers, and the analysis of cases totaling USD 104.3 million in financial volume. In neither unit did internal control mechanisms identify any information-security incident, sensitive-data leakage, or formal compliance challenge from external oversight bodies during the period examined. The analysis is consistent with the hypothesis that the method is portable across agencies with distinct mandates, operates within protocols designed to comply with international and national data-protection law and with the principles of public administration, and is accessible to public entities under budget constraints, since it used free AI models.

Vinicius Santana Gomes

The governance of open-weight artificial intelligence (AI) models has been framed as a binary choice: openness as risk, restriction as safety. This paper challenges that framing, arguing that access restrictions, without governed alternatives, may displace risks rather than reduce them. The global concentration of compute infrastructure makes open-weight models one of the most viable pathways to sovereign AI capacity in the Global South; restricting such access deepens asymmetries while driving proliferation into unsupervised settings. This analysis proposes that hardware-layer governance, including chip-level attestation mechanisms such as FlexHEG, trusted execution environments, confidential computing, and complementary software-layer safeguards, offers a defense-in-depth alternative to the current binary. A threat model taxonomy mapping misuse vectors to hardware, software, institutional, and liability layers illustrates why no single governance mechanism suffices. To operationalize this approach, the paper argues that effective AI governance as a dual-use technology will likely require a multilateral institutional architecture functionally analogous, though not identical, to the role performed by the IAEA in the nuclear domain, with explicit safeguards against the co-option of hardware controls for domestic repression. The relevant policy question is how to make openness safer through technical and institutional design while addressing the transition realities of legacy hardware, attestation at scale, and civil liberties protection.