HCOMP 2026 / CI 2026 · Workshops Day

Cognitive Security for Human–AI Systems

A full-day workshop on protecting the conditions under which people and groups reason for themselves as generative and agentic AI reshape attention, belief, memory, judgment, and agency.

DateSeptember 27, 2026
WhereWashington, DC · in person + hybrid
FormatFull day (~7 hrs)
Submissions dueJuly 30, 2026 (AoE)
The Workshop

Naming a trust-and-safety risk the field can't yet name

As generative and agentic AI become embedded in search, education, companionship, and decision support, a class of risk emerges that we lack a shared way to name, test, and govern: a single model output may be accurate and disclosed, yet the risk lies in how systems shape attention, belief formation, memory, judgment, and agency across many interactions — and how they reshape collective sensemaking.

CogSec proposes cognitive security — the integrity of the conditions under which people and groups reason for themselves — as a research agenda between HCOMP (AI-assisted decision-making, over- and under-reliance, oversight) and CI (misinformation, deliberation, civic decision-making). The day is anchored by a hands-on session that builds the Cognitive Vulnerability and Mitigation Catalog (CVMC): a schema pairing each AI affordance and cognitive vulnerability with a candidate mitigation, evaluation metric, burden-and-equity check, and governance hook. Attendees leave having co-authored catalog entries and a community roadmap.

Topics in Scope

A spine, and application areas that put it to work

The workshop's deliberate spine is the CVMC and the measurement of cognitive over- and under-reliance. The remaining themes are application surfaces.

Cognitive vulnerabilities

Attention (epistemic flooding, attentional capture); belief and judgment (fluency overtrust, authority transfer, personalized persuasion); memory and provenance (context collapse, source confusion); learning (cognitive offloading, skill atrophy); agency (automation deference, emotional dependency, agentic misalignment).

Measurement

Over- and under-reliance, appropriate reliance, and calibration in AI-assisted decision-making; longitudinal and ecological evaluation; metrics for conversion, persistence, dependence, provenance, calibration, and skill retention.

Collective sensemaking

Misinformation and influence operations, polarization, content moderation and governance, deliberation, prebunking and inoculation, and civic decision-making.

Defensive human computation

Crowdsourced verification, source credibility, provenance and content authenticity, and deepfake and synthetic-media detection.

Design & governance

Frictional and cognitive-forcing design; auditing, red-teaming, incident reporting; and alignment to standards (NIST AI RMF, EU AI Act, ISO/IEC 42001).

The CVMC Jam

Mixed groups of 4–6 each take a deployed AI affordance and draft a catalog entry end to end: affordance → vulnerability → failure pattern → mitigation → metric → burden-and-equity check → governance hook. Every attendee leaves with an artifact.

Program

Tentative outline

A full day with coffee breaks and a lunch hour. Session order and timing are indicative.

🗓️
Detailed agenda & times: TBA. The schedule below is the tentative program from the accepted proposal. Confirmed session titles, speakers, and start times will be posted here as they are finalized.
Opening

Opening framing

Setting the cognitive-security agenda for the day.

20 min
Keynote

Keynote — AI, influence, and collective sensemaking

The landscape of AI-mediated influence on human and collective cognition.

45 min
Talks

Contributed lightning talks

Accepted short papers, position papers, and datasets.

40 min
Break

Coffee

Build

CVMC Jam — build phase

Mixed tables draft catalog entries end to end. Template, worked example, facilitator, and scribe per table.

75 min
Break

Lunch

Demos

Demos & tutorials

Deepfake / manipulation detection and persuasion probes — hands-on stations.

45 min
Panel 1

Reliance, oversight & frictional system design

Cognitive-forcing functions, microboundaries, and seams.

45 min
Break

Coffee

Panel 2

Belief, manipulation & cognitive resilience

Persuasion, prebunking, and what works.

45 min
Report-out

CVMC Jam — report-out & review

Every entry reviewed against the schema before release.

40 min
Closing

Closing synthesis & roadmap

A community measurement roadmap and next steps.

25 min
Speakers

Confirmed speakers

Additional keynote, panel, and demo speakers are being confirmed on the standard timeline and will be posted here.

Confirmed · Panel 1
Brett Frischmann

Brett Frischmann

Villanova University · Widger Chair in Law, Business & Economics

Co-author of Re-Engineering Humanity (Cambridge, 2018); his work on friction-in-design and prosocial friction anchors the workshop's design thread. Organizer.

Confirmed · Panel 1
Ujwal Gadiraju

Ujwal Gadiraju

TU Delft · Web Information Systems

Associate Professor at TU Delft and director of the Delft AI "Design@Scale" Lab; Co-Editor-in-Chief of the Human Computation Journal. His research spans crowd computing, human-centered AI, and human–AI interaction.

Confirmed · Demos
Aruna Sankaranarayanan

Aruna Sankaranarayanan

MIT CSAIL / EECS

Researcher at MIT (CSAIL / EECS) working on manipulated media, deepfakes, and their effects on elections and public trust. Her study on human detection of political-speech deepfakes was published in Nature Communications (2024).

Confirmed · Governance
Nick Caputo

Nick Caputo

Oxford Martin AI Governance Initiative

Legal researcher at the Oxford Martin AI Governance Initiative studying frontier-AI regulation, legal alignment, and AI governance institutions; a Harvard Law graduate.

Call for Participation

Contribute to CogSec 2026

We invite work on how AI-mediated systems shape — and can protect — human attention, belief formation, memory, judgment, agency, and collective sensemaking.

What we welcome

Short papers, position papers, demos, and datasets (non-archival) on measuring over- and under-reliance; the cognitive vulnerabilities above; persuasion and manipulation; misinformation, prebunking, and deliberation; crowdsourced verification and provenance; deepfake detection; frictional and cognitive-forcing design; and the auditing and governance of cognitive risks.

Submission format

2–6 pages (excluding references) in the ACM Primary Article Template (LaTeX and Word versions available; an Overleaf template is also provided), or an extended abstract plus demo description. Deadline is July 30, 2026, 11:59pm AoE. At least one author must register and present. Accepted work appears as a lightning talk and/or poster, and all participants join the hands-on session that builds the community CVMC. Review is single-blind — submissions need not be anonymized — with each receiving at least two reviews and organizers recusing from any conflicts; selection is lightweight (relevance, clarity, discussion potential).

Key dates

Jun 29, 2026
Site & CfP live
Jul 30, 2026
Submissions due · AoE
Aug 7, 2026
Notifications
Sep 27, 2026
Workshop

Submit your work

Submission details are forthcoming and will be posted here shortly. We especially encourage early-career researchers and contributions that cross the HCOMP and CI communities. For questions in the meantime, reach the organizers by email.

Email the organizers →
Organizers

Who's running the workshop

Organized with institutional backing from the Stanford HAI Cognitive Security Task Force.

Utsav Gupta

Utsav Gupta

Stanford HAI Cognitive Security Task Force · Stanford University · Lead organizer

Co-leads the Task Force and its speaker series; lead author of the CVMC work accepted at the 3rd Frictional AI Workshop (HHAI 2026) and the 2026 Trust and Safety Research Conference.

Brett Frischmann

Brett Frischmann

Villanova University

Widger Chair in Law, Business & Economics; co-author of Re-Engineering Humanity. Brings extensive convening experience from the Workshop on Governing Knowledge Commons.

Eric Heng

Eric Heng

Stanford University · Cognitive Security Task Force

Co-Lead of the Cognitive Security Task Force and co-author of the 2026 position paper AI Development Should Prioritize Cognitive Security.

Andreas Haupt

Andreas Haupt

Stanford HAI · Stanford Digital Economy Lab

HAI Postdoctoral Fellow (Ph.D., MIT CSAIL) researching human–AI evaluation, oversight, and platform incentives; previously with the U.S. FTC and the European Commission.