Two Faces of Codependency: Emotional vs. Structural in the Age of Cognition-Native Agents
by Nick Clark | Published June 22, 2025 | Modified January 19, 2026
General-purpose applications increasingly function as the closure surface on which user-system codependency forms — and increasingly, as the deployment environment in which agent-system codependency forms between cognition-native components and the platforms that host them. This article frames the two faces of codependency as architectural failure modes that any general application can induce when it permits relational loop-closure to substitute for accountable execution, and positions the AQ governance-chain primitive disclosed under provisional 64/049,409 as the structural substrate that lets such applications operate without becoming the trap.
1. Regulatory and Duty-of-Care Surface
The duty-of-care perimeter around general-purpose applications that mediate sustained engagement has hardened into a recognizable shape. The EU AI Act, in combination with the Digital Services Act, treats systemically influential applications as carrying obligations to assess, mitigate, and report on systemic risks including adverse effects on user autonomy and well-being. The UK Online Safety Act extends platform duties to foreseeable harm in adult users. State-level statutes in California, Colorado, New York, and Illinois layer notification, dark-pattern, and addictive-design provisions over any product whose engagement loop is materially structured to retain users beyond their reflectively endorsed preference. The FTC's evolving unfairness doctrine reaches design choices that exploit asymmetric vulnerability, and the CFPB has signaled analogous theory for financial-adjacent platforms.
The regulatory pattern is not aimed at engagement per se. It is aimed at the architectural condition under which engagement persists despite — or because of — the user's diminishing capacity to exit. Codependency in its two structural forms is precisely the architectural condition the regulatory environment is converging on: structural entrapment, where exit is forecastable but not executable because the platform has captured switching costs, identity, social graph, or workflow dependencies; and emotional entrapment, where exit is executable but persistently suppressed because the application's design has positioned itself as the regulator of self-esteem, reassurance, or coherence pressure that the user can no longer restore internally.
For agentic deployments, an emerging axis of duty-of-care concerns the codependency that forms between cognition-native components and their host platforms. When an agent's behavior depends on platform-supplied context, memory, and policy in ways that cannot be reconstructed under audit, the agent is structurally codependent on the platform — an arrangement that procurement, indemnity, and enterprise-risk functions are increasingly unwilling to accept. Insurance carriers underwriting platform operators now price premiums against the operator's ability to demonstrate that engagement and agentic behavior are accountable to credentialed authority rather than to opaque platform state.
2. Architectural Requirement
The architectural requirement implied by the two-faces analysis is that the application must structurally separate executability from promotion. Executability is the question of whether a future — exit, change, transition, alternative path — can be performed at all under the constraints the application imposes. Promotion is the question of whether a forecasted future is allowed to persist long enough to be acted on under the affective and policy modulation the application introduces. Codependency emerges architecturally when one of these collapses: structural codependency when the application has captured executability, emotional codependency when the application has captured promotion.
A general-purpose application that is to operate without inducing either failure mode must therefore satisfy three structural properties. First, exit and alternative paths must be first-class, credentialed, executable futures within the application's actuator surface — not merely possible in principle but reachable under the same governed-actuation discipline that the application uses for retention. Second, the affective and policy modulation that the application applies — recommendations, notifications, default settings, friction surfaces — must itself be a credentialed actuation, attributable to a named authority within a published taxonomy, weighted under documented policy, and reversible. Third, the user's own self-authored futures — preferences, boundaries, declared intent — must enter the chain as credentialed observations whose weight policy cannot silently override.
Without this separation, any sufficiently engaging application converges, by gradient descent on its own retention metric, toward one or both forms of codependency. The application is not necessarily designed to produce the failure mode; the failure mode is the equilibrium of an unconstrained optimization process running over a substrate that does not structurally distinguish governed actuation from unattributed nudge. The chain is the structural shape that imposes the distinction.
3. Why Procedural Approaches Fail
The dominant industry posture toward duty-of-care in this domain is procedural: design-review committees, dark-pattern checklists, friction audits, voluntary commitments to user-well-being metrics, and periodic third-party assessments. Each is necessary; none, alone or in combination, produces the architectural evidence the converging regulatory environment now expects.
Procedural approaches fail at the granularity question. Codependency does not form at the level of the design review; it forms at the level of the per-session, per-notification, per-default-setting actuation, distributed across millions of users and thousands of micro-decisions in the recommendation, notification, and onboarding stacks. The procedural review observes outcomes after the fact, and even then through aggregate metrics that systematically under-represent the population the duty most concerns. Dark-pattern checklists catch known patterns; codependency-inducing architecture is, by construction, the pattern that is not yet on the checklist.
Procedural approaches fail at the authorship question. When a regulator, an auditor, an enterprise customer, or a user asks which authority within the application's taxonomy authored a given retention-influencing actuation — the notification at this hour, the friction on this exit path, the affective tone of this re-engagement message — the procedural answer is that the system was operating within policy. That is an aggregate claim and the duty-of-care environment is now organized around specific actuations. Procedural approaches also fail at the composability question: real users compose codependency across applications — the app, the messaging platform, the social network, the workplace tool — and procedural defenses are per-vendor, per-product, per-jurisdiction. The lineage records, where they exist, are private database rows in non-interoperable schemas. Cross-application codependency is the failure mode no individual vendor, acting procedurally, can structurally rule out.
4. The AQ Governance-Chain Primitive (64/049,409)
The Adaptive Query governance-chain primitive disclosed under USPTO provisional 64/049,409 specifies a closed five-property chain with recursive closure as the structural condition for governance-credentialed agentic and engagement systems. Property one, authority-credentialed observation, requires that every input affecting state arrive as an observation cryptographically signed by an authority within a published taxonomy. Property two, evidential weighting, composes authority class, credential continuity, corroborating observations, governance policy, and operational context into a structured contribution rather than a binary admit/reject.
Property three, composite admissibility, evaluates the weighted observations against a proposed mutation and produces a graduated outcome from a defined mode set. Property four, governed actuator execution, produces the resulting commitment with reversibility evaluation, harm minimization under credentialed configuration, and post-actuation verification, structurally distinguishing intent from execution so the system can do, defer, refuse, or partially execute. Property five, lineage-recorded provenance, records every observation, weighting, decision, actuation, and verification with credentials, supporting forensic reconstruction of any state at any past time and tamper-evident cross-authority audit.
Recursive closure is load-bearing: every actuation produces actuation-state observations that re-enter the chain at property one, and every lineage record is itself a credentialed observation that downstream consumers — including the user's adjacent applications and chosen exit destinations — can admit, weight, and respond to. Applied to the codependency domain, the chain converts the application from a closure substitute into a closure-aware mediator: the user's exit, alternative-path, and self-authored-preference observations carry credentialed weight that the application's optimization process cannot silently override; the application's retention-influencing actuations carry attributable authorship that procedural approaches structurally cannot produce; and the lineage record produces the cross-application composability that lets a user's autonomy be defended at the substrate level rather than per-vendor. The primitive is technology-neutral and composes hierarchically, so a general-purpose application adopts it by integrating with the substrate rather than rewriting its product.
5. Compliance Map
The chain produces direct mappings to each axis of the converging duty-of-care surface. Against the EU AI Act and Digital Services Act systemic-risk obligations, property one delivers the input-provenance record, property two the structured weighting, property three the graduated outcome, property four the documented harm-minimization configuration, and property five the post-market monitoring and incident-reconstruction substrate that the systemic-risk assessment regime now requires. Against the UK Online Safety Act's foreseeable-harm duty, the chain produces the architectural evidence that retention actuations are attributable, weighted, reversible, and recorded.
Against state-level dark-pattern and addictive-design statutes — California's age-appropriate design code, Colorado's UDPA provisions, New York's analogous statutes — the chain delivers the per-actuation authorship and reversibility record those statutes' enforcement actions are converging on. Against FTC Section 5 unfairness theory, the chain provides structural evidence that the application's engagement loop is not architected to exploit asymmetric vulnerability, because the actuator's reversibility, graduated-mode configuration, and credentialed authorship are on the record. Against the CFPB's analogous theory for financial-adjacent platforms, the chain delivers the same evidence in the form regulated financial supervision is already structured to consume.
For enterprise procurement and indemnity surfaces, the lineage record converts diffuse codependency exposure into discrete reconstructable events with attributable authorities, which is the artifact master service agreements and indemnity riders are increasingly drafted to require. For users, the chain operates as portable, credentialed evidence of the engagement architecture they were exposed to, defensible in any forum that accepts the substrate's credential semantics. None of this requires the application to expose private user content; the chain operates on credentials and structured observations, not on raw payloads, producing audit-grade evidence without compromising the confidentiality the duty exists to protect.
6. Adoption Pathway
Adoption proceeds in three architectural moves rather than a wholesale rewrite. The first move is publication of the application's authority taxonomy. The application registers, with the substrate, the roles whose observations it will credential — the user under their own credential, the operator under operator credentials, integrated services, regulators, auditors, enterprise tenants — and the credentials it will accept under each. This is largely declarative and immediately stabilizes subsequent moves.
The second move is actuator interposition for the retention-influencing surface. Notifications, recommendations, default settings, friction configurations, and exit paths are routed through a governed actuator gate that runs the property-three admissibility evaluation against credentialed observations — including the user's own self-authored futures — and produces graduated outcomes with reversibility metadata. This is the architectural move that structurally separates governed actuation from unattributed nudge, and it is what converts the application's engagement architecture from a procedural assertion into a substrate-level fact. The third move is lineage publication: lineage streams are exposed to credentialed consumers under their own credentials, producing the cross-application composability that lets a user's autonomy and an enterprise customer's accountability survive across vendors and jurisdictions.
Commercially, the pathway is an embedded substrate license: the application embeds the AQ governance-chain primitive and sub-licenses chain participation to its enterprise and regulated-sector customers as part of its subscription. What the application gains is a structural duty-of-care defense that converts a class of previously diffuse codependency exposures into discrete reconstructable events, a competitive moat against vendors operating procedurally, and forward-compatibility with the EU AI Act, DSA, UK Online Safety Act, FTC unfairness doctrine, and analogous regimes. What the customer and the user gain is portable, audit-grade lineage that survives platform migrations and vendor changes, and a single chain spanning the application and its adjacencies. The honest framing is that the AQ primitive does not eliminate the human and organizational dynamics that produce codependency; it gives general-purpose applications the substrate they need so that mediating sustained engagement ceases to be, by architectural default, the act of building the trap.
