// PROVENANCE
No black boxes.
Provenance is the property that every claim in a report can be traced to the source passage that produced it. Not “according to public reporting.” A specific document, a specific passage, a date, and an assessment of source reliability. Because The Watch operates exclusively on the open record, every source we cite is also independently verifiable. A customer who doubts a citation can go read the source.
This page describes what we mean by provenance, how we maintain it, what a customer can audit, how data is handled, and what provenance does not do.
What provenance is and isn’t
In intelligence work, provenance covers two related properties. The first is source attribution: every assertion is tied to an identifiable source. The second is the chain of inference: when a judgment builds on top of an assertion, the steps from source to judgment can be reverse-engineered. A claim with provenance can be argued with. A claim without it has to be taken on faith.
Most AI products break this property in predictable ways. They summarize across sources without preserving which sentence came from which source. They generate prose that smooths over the seams between retrieved evidence and pretrained knowledge. They produce “citations” that point to a document but not to the passage, leaving the reader to find the relevant claim themselves.
How we maintain it
Every report runs through a five-stage structured pipeline: sourcing, verification, tradecraft, audit, and formatting. Each stage is human-led and AI-enabled. The agents that operate inside the platform run narrowly-scoped procedures developed by former senior intelligence officers on our team. They do not generate prose freely. They harvest, extract, cross-check, and format under constraints. Every machine-produced output is reviewable, auditable, and subordinate to human tradecraft.
The five stages each leave artifacts. Sourcing produces a coded source corpus profiled for category mix, recency, and entity concentration. Verification ties every claim back to at least one source passage. Tradecraft applies the analytic standards from ICD 203 and the sourcing standards from ICD 206. Audit profiles the sourcing of the analysis itself: where the evidence is thin, where it is concentrated, where reasonable analysts could weigh it differently. Formatting produces the final report and the citation registry that travels with it.
// THE AUDIT SURFACE
Sustainment exposure under sustained operations.
Inventory disclosures across the relevant industrial base indicate that sustained operations would draw down four classes of munitions faster than current production rates can replenish them[1]. The effect is most pronounced in long-lead-time categories where production cycles are measured in quarters rather than weeks [2].
Programmatic decisions over the prior eighteen months have shifted allocation toward replenishment [3], but the lag between obligation and delivery means the effect of those decisions will not register in inventory positions until 2027 at the earliest [4].
CONFIDENCE / MODERATE · ALT HYPOTHESIS NOTED IN APPENDIX B
What a customer can audit
Each report ships with its citation registry. Every footnote in the report points to the source, with the document title, publisher, date, URL or identifier where applicable, and the assessment of source reliability that informed the judgment. The registry is the audit surface. A customer who wants to verify any claim follows the citation. A customer who wants to challenge a judgment names the source and the inference; we work through it together.
Data handling
The Watch processes three classes of data and handles each differently.
Public sources from the open record are retrieved during the run, used to produce the report, and cited in the registry. We do not redistribute source material. If a source becomes unavailable after the run, the citation persists with its retrieval information.
Customer-provided corpora, the documents, datasets, and internal research a customer brings into a project, are processed under the customer’s contractual terms. They are not used to train models. They are not blended into other customers’ work.
Customer-generated questions and the analytic discussion around them are treated as the customer’s analytic property. They are not surfaced across customers.
Provenance does not make analysis correct. It makes analytic error visible, locatable, and correctable.
What provenance does not do
Provenance does not make analysis correct. A claim with full source attribution can still be wrong. The source can be wrong. The inference from the source can be wrong. The analyst can have weighed sources poorly. Provenance does not eliminate any of these. It makes them visible, locatable, and correctable.
A product that markets provenance as a substitute for analytic judgment is selling magic. The point of provenance is the opposite. It puts the burden of judgment squarely on the analyst, and gives the reader the tools to push back. The customer who can name the source they think is misweighted, the inference they think is wrong, the alternative they think was not given enough air, is the customer the system was built to serve.
// AUTHORED BY
