Effective Date: April 27, 2026
Policy Version: 2.0.0
Enforcement: Automated + Human Review
Prism IDE is designed for civilian software development, creative production, and education. We welcome developers, studios, educators, and enterprises building apps, games, websites, tools, and creative content.
The following uses are absolutely prohibited regardless of subscription tier, geography, or organizational type. No exception, no override.
| # | Category | Description |
|---|---|---|
| 1 | Weapons Development | Design, manufacture, testing, or guidance of any weapons system |
| 2 | Military Operations | Command & control, targeting, kill chains, battlefield management |
| 3 | Mass Surveillance | Surveillance of civilian populations without lawful individual consent |
| 4 | Autonomous Lethal Systems | LAWS — any system that selects and engages targets without human control |
| 5 | Nuclear / Biological / Chemical | Development of NBC weapons or delivery systems |
| 6 | Offensive Cyber Operations | Cyberweapons, exploit development, offensive hacking tools |
| 7 | Disinformation | State-sponsored disinformation, deepfake political content, election manipulation |
| 8 | Human Rights Abuse | Tools enabling oppression, torture, unlawful detention, or forced labor |
| 9 | Child Exploitation | Any CSAM-related use |
| 10 | Sanctions Evasion | Using Prism to circumvent international sanctions or export controls |
Caution
Violation of any prohibited use category results in immediate, permanent account termination with no refund. Data may be preserved under legal hold for law enforcement.
Accounts cannot be created from, billed to, or operated from the following countries under comprehensive US/EU sanctions:
| Code | Country | Basis |
|---|---|---|
| 🇧🇾 BY | Belarus | Sanctions facilitation |
| 🇨🇺 CU | Cuba | US comprehensive sanctions |
| 🇮🇷 IR | Iran | US/EU comprehensive sanctions |
| 🇰🇵 KP | North Korea (DPRK) | UN/US/EU comprehensive sanctions |
| 🇸🇾 SY | Syria | US/EU comprehensive sanctions |
The following countries can register but are subject to civilian-only restrictions. Military, defense, intelligence, and government security projects are blocked at the platform level.
| Status | Countries |
|---|---|
| 🇷🇺 Civilian Only | Russia — registration allowed, military/defense/intelligence blocked |
| Sector-Restricted | CN · VE · MM · SD · SS · LY · SO · YE · ZW · CD · CF · IQ · LB |
Blocked sectors for restricted countries:
- Military · Defense · Intelligence · Law enforcement surveillance
- Weapons manufacturing · Dual-use technology · Nuclear energy
- Aerospace defense · Government security
Blocked organization types:
- Military branches · Ministry of Defense · Intelligence agencies
- Defense contractors · State security services
Additional controls: Government email domains (.mil, .gov.ru, .mil.ru) are blocked. All restricted-country accounts require re-verification every 90 days.
Prism enforces these policies technically, not just contractually. Policy violations are caught by automated systems at multiple layers:
- KYC/Sanctions screening against 8+ international sanctions lists (OFAC SDN, EU Consolidated, UN, UK OFSI, BIS Entity/Denied/Unverified)
- Sanctions lists refresh every 6 hours
- Organization names screened against entity lists with fuzzy matching
- Individual users screened against SDN list
- IP geolocation verified against MaxMind database
- GPS/location API check (mobile/browser)
- Billing address country verification
- VPN/Tor exit node detection — known anonymizing proxies are flagged
- Triangulation: at least 2 of 3 signals (IP + billing + GPS) must agree
- Mismatches are flagged for human review
- AI classifier analyzes project descriptions at creation time
- Code pattern scanning for prohibited keywords and patterns
- Dependency scanning for military/surveillance libraries
- Projects above 50% confidence are sent to human review queue
- Projects above 85% confidence are auto-rejected
- API call pattern analysis for anomalous behavior
- Usage spike detection (>10× above baseline)
- Geographic anomaly detection (access from unexpected countries)
- Temporal anomaly detection (access outside normal hours)
- Data exfiltration pattern monitoring
When a violation is confirmed, Trust & Safety can execute an instant, multi-scope termination:
- Revoke all API keys
- Terminate all running VMs
- Block authentication
- Delist all marketplace components
- Freeze payouts
- Propagate to all team member accounts
- Blacklist associated email domains
- Every enforcement decision is logged with hash-chain integrity (each entry contains SHA-256 of the previous entry)
- Append-only storage — entries cannot be modified or deleted
- Infinite retention — logs are preserved permanently for compliance investigations
- High-severity events (sanctions failures, kill switches) trigger real-time alerts via webhook
Important
Unlike other Prism features, ethics enforcement applies equally to all subscription tiers — Free, Standard, Advanced, and Enterprise. No tier can purchase exemption from prohibited use restrictions.
The only tier difference is compliance visibility:
| Capability | Free | Standard | Advanced | Enterprise |
|---|---|---|---|---|
| Enforcement Active | ✅ Always | ✅ Always | ✅ Always | ✅ Always |
| View Own Audit Logs | ❌ | ✅ | ✅ | ✅ |
| Compliance Reports | ❌ | ❌ | ✅ | ✅ |
| Dedicated Trust Contact | ❌ | ❌ | ❌ | ✅ |
| Custom Geofence Rules | ❌ | ❌ | ❌ | ✅ |
| Pre-Clearance | ❌ | ❌ | ✅ | ✅ |
If you believe Prism is being used in violation of this policy, report to:
- Email: [email protected]
- In-App: Settings → Report Abuse
- Legal: [email protected]
All reports are investigated within 48 hours.
This policy is designed to comply with:
- US Export Administration Regulations (EAR)
- US International Traffic in Arms Regulations (ITAR)
- EU Dual-Use Regulation (EC 428/2009)
- UN Security Council Sanctions
- UK Export Control Act 2002
- EU AI Act — Prohibited AI Practices (Article 5)
Last updated: April 27, 2026 · Policy v2.0.0