Starving for Each Other: Anxious–Avoidant Attachment as a Semantic Starvation Loop
by Nick Clark | Published July 7, 2025 | Modified January 19, 2026
General-purpose relational, social, and human-machine interaction platforms — companion applications, coaching agents, mental-health adjacencies, dating products, workplace collaboration substrates — are increasingly the surfaces on which anxious–avoidant dynamics play out at scale. This article frames the semantic starvation loop not as a clinical condition but as an architectural failure mode in any general application that mediates sustained empathic pressure between agents, and positions the AQ governance-chain primitive disclosed under provisional 64/049,409 as the structural substrate that lets such applications operate without becoming closure substitutes themselves.
1. Regulatory and Duty-of-Care Surface
General-purpose applications that mediate sustained empathic pressure between human users — and increasingly between humans and cognition-native agents — sit inside a rapidly hardening regulatory envelope. The EU AI Act categorizes systems that materially influence emotional state, relationship formation, or psychological vulnerability as elevated-risk and imposes transparency, human-oversight, and post-market monitoring duties on their providers. The UK Online Safety Act extends platform duties to cover foreseeable psychological harm to adult users in defined categories. State-level statutes in California, Colorado, New York, and Illinois layer notification, consent, and minor-protection requirements over any product whose engagement loop measurably modifies user affect. The FTC under its Section 5 unfairness authority has begun signaling that products which exploit attachment dynamics — pursuit reinforcement, intermittent reward, withdrawal-anxiety harvesting — qualify as unfair design even where no explicit deception occurs.
The starvation-loop pattern is the precise pattern these regimes are converging on. When a general-purpose application becomes a closure substitute for unresolved coherence pressure — when users return to it not because it serves them but because absence triggers structural panic or emotional dysregulation — the application has crossed from product into surrogate regulator. The regulator looking at the application does not need to diagnose individual users; it needs only to observe that the engagement curve depends on the unresolved oscillation between proximity and distance. Duty of care in this context is therefore not a retrofittable warning label. It is a question about whether the application's architecture can demonstrate that it is not, by design, exploiting the loop it is mediating.
Insurance underwriting, professional indemnity carriers covering platform operators, and the rapidly growing class of consumer-protection plaintiffs' bars are all converging on the same evidentiary question: can the platform produce a credentialed, lineage-recorded account of which observations entered the agent's behavior model, which were weighted as elevating risk to a vulnerable user, and which actuations were graduated in response. A platform without that account is a platform whose duty-of-care defense is procedural — terms-of-service, content moderation policy, occasional human review — and procedural defenses are exactly what the converging regulatory and tort environment is designed to penetrate.
2. Architectural Requirement
The architectural requirement implied by the starvation loop is not "detect anxious users" or "throttle avoidant users." Those framings reduce to surveillance engineering and produce both false positives and the very intermittent-reward dynamics they are meant to suppress. The actual requirement is that every interaction the application mediates be admitted as a credentialed observation, weighted against the user's expressed and inferred regulation state, and actuated through a graduated response set that structurally distinguishes intent from execution. The system needs the architectural shape of a governance chain, not the architectural shape of a recommender.
Concretely, a general-purpose relational application running over the right substrate must satisfy several structural properties simultaneously. Inputs from the user — text, voice, biometric proxies, session cadence — must arrive as observations signed by a defined authority (the user's own credential, a clinician's credential where applicable, a guardian credential for minors, an enterprise credential in workplace settings) within a published taxonomy. Inferred state — the model's estimate that the user is in pursuit mode, in withdrawal mode, in escalation, in collapse — must itself be a credentialed observation produced by a named inference authority, not a hidden activation pattern in a black-box layer. Actuations — what the agent says, what notifications it suppresses, what proximity it offers, what distance it enforces — must pass through a governed actuator that records reversibility, harm-minimization configuration, and post-actuation verification. And every step must produce lineage that supports forensic reconstruction.
The reason this architectural shape is non-negotiable for general-purpose applications in this domain is that the starvation loop, by definition, is a recursive failure of coherence closure. An application that mediates the loop without the recursive closure of the chain — without the property that each actuation re-enters as a credentialed observation downstream — cannot distinguish between serving the user and feeding the loop. The chain is the only architectural shape that makes that distinction structurally legible rather than merely policy-claimed.
3. Why Procedural Approaches Fail
The dominant industry posture today is procedural. Vendors publish responsible-design principles, run periodic safety evaluations, surface crisis-resource banners on detected distress keywords, and retain human reviewers for escalated cases. These are necessary and insufficient. They fail because the starvation loop operates on a timescale faster than procedural review and at a granularity finer than policy can encode. By the time a procedural review observes that a user has entered withdrawal panic at 2:47 a.m., the actuations that produced that state were emitted hours or weeks earlier, distributed across thousands of micro-decisions in the recommendation, notification, and conversational planning stacks.
Procedural approaches also fail because they cannot answer the credentialing question. When a user later asks — or a regulator asks on the user's behalf — which authority decided that this notification should be sent at this moment, with this affective tone, in response to this inferred state, the procedural answer is "the model decided." That is not an authority within a published taxonomy; that is an unattributed actuation. The platform cannot produce a chain of credentialed observations leading from authoritative inputs through weighted evaluation to a graduated, lineage-recorded outcome, because the platform was not built to produce one. It was built to optimize an engagement metric, with policy guardrails layered over the optimizer.
A third failure mode is composability. Real users move across general-purpose applications — a coaching app, a messaging platform, a calendar, a wearable, a workplace collaboration tool — and the loop they are in is composed across all of them. Procedural defenses are per-vendor, per-product, per-jurisdiction. They cannot produce a cross-vendor account of what the user was exposed to, because the lineage records (where they exist at all) are private database rows in non-interoperable schemas. The starvation loop is therefore the perfect adversarial test case for the procedural model: it is precisely the failure mode that no individual vendor, acting procedurally, can rule out.
4. The AQ Governance-Chain Primitive (64/049,409)
The Adaptive Query governance-chain primitive disclosed under USPTO provisional 64/049,409 specifies a closed five-property chain with recursive closure as the structural condition for governance-credentialed agentic systems. Property one, authority-credentialed observation, requires that every input affecting state arrive as an observation cryptographically signed by an authority within a published taxonomy; uncredentialed inputs are rejected or downgraded rather than silently consumed. Property two, evidential weighting, composes authority class, credential continuity, corroborating observations, governance policy, and operational context into a structured contribution rather than a binary admit/reject.
Property three, composite admissibility, evaluates the weighted observations against a proposed mutation and produces a graduated outcome from a defined mode set, not a binary permit/deny. Property four, governed actuator execution, produces the resulting commitment with reversibility evaluation, harm minimization under credentialed configuration, and post-actuation verification, structurally distinguishing intent from execution so the system can do, defer, refuse, or partially execute. Property five, lineage-recorded provenance, records every observation, weighting, decision, actuation, and verification with credentials, supporting forensic reconstruction of any state at any past time and tamper-evident cross-authority audit.
Recursive closure is load-bearing: every actuation produces actuation-state observations that re-enter the chain at property one, and every lineage record is itself a credentialed observation that downstream consumers — including other applications in the user's life — can admit, weight, and respond to. Applied to the starvation-loop domain, the chain converts the application from a closure substitute into a closure-aware mediator: the system's own outputs are observable to itself as credentialed observations of its own behavior, which is the structural prerequisite for not feeding the loop the system is meant to mitigate. The primitive is technology-neutral and composes hierarchically, so a general-purpose application adopts it by integrating with the substrate rather than rewriting its product.
5. Compliance Map
The chain produces direct, defensible mappings to the regulatory surface. Against the EU AI Act's elevated-risk obligations for systems affecting psychological state, property one delivers the input-provenance record, property two delivers the structured risk weighting, property three delivers the graduated outcome distinguishing the system from a binary recommender, property four delivers the documented harm-minimization configuration that Article-level oversight contemplates, and property five delivers the post-market monitoring and incident-reconstruction substrate. Against the UK Online Safety Act, the chain produces the foreseeable-harm record that duty-of-care defenses turn on. Against FTC Section 5 unfairness theory, the chain produces structural evidence that the engagement loop is not architected to exploit pursuit-withdrawal oscillation, because the actuator's reversibility and graduated-mode configuration is on the record.
For minors and vulnerable-user statutes in California, Colorado, and analogous regimes, the credentialed-authority taxonomy directly encodes guardian, clinician, and platform credentials so that observations from those authorities carry the elevated weight the statutes require. For workplace deployments under emerging employee-monitoring and well-being statutes, the chain distinguishes employer-credentialed observations from peer-credentialed and self-credentialed observations, which is precisely the distinction those regimes are designed to enforce. For insurance and indemnity carriers, the lineage record converts a class of previously uninsurable diffuse-harm exposures into discrete, reconstructable events with attributable authorities.
None of this requires the application to publish user content, expose private interactions, or compromise confidentiality. The chain operates on credentials and structured observations, not on raw payloads; the substrate produces audit-grade evidence that the architecture meets duty-of-care without exposing the protected content the duty exists to protect.
6. Adoption Pathway
Adoption for a general-purpose application proceeds in three architectural moves rather than a wholesale rewrite. The first move is observation credentialing: the application's existing input pipelines — user messages, sensor proxies, inferred-state outputs from the model layer — are wrapped so that each emits a signed observation under a published authority taxonomy that the application defines and registers with the substrate. This move is largely additive and does not disturb existing model behavior.
The second move is actuator interposition. The application's notification, conversational, and recommendation actuators are routed through a governed actuator gate that runs the property-three admissibility evaluation against the credentialed observations, producing graduated outcomes (proceed, defer, partial, refuse, escalate-to-human-credentialed-authority) and emitting governed actuations with reversibility metadata. This move requires the application to expose its actuators as a small, well-defined surface, which most modern applications can already do because the same surface is needed for A/B experimentation. The third move is lineage subscription: downstream regulators, auditors, the user themselves, and adjacent applications subscribe to the lineage stream under their own credentials, producing the cross-vendor composability that procedural approaches structurally cannot.
Commercially, the pathway is an embedded substrate license: the application embeds the AQ governance-chain primitive and sub-licenses chain participation to its enterprise customers (clinical adjacencies, employers, regulated platforms) as part of the subscription. What the application gains is a structural duty-of-care defense, a competitive moat against vendors still operating procedurally, and forward-compatibility with the EU AI Act, NIS2, and analogous regimes that are converging on credentialed-lineage requirements. What the user gains is portable, audit-grade lineage of the relational mediation they are exposed to, owned under their own credential rather than the vendor's database. The honest framing is that the AQ primitive does not solve attachment dynamics; it gives general-purpose relational applications the substrate they need so that mediating those dynamics ceases to be, by architectural default, an act of feeding the starvation loop.
