AI Governance for Maritime & Shipping

Maritime organizations manage vast data flows — vessel positions, cargo manifests, crew records, port security intelligence, and environmental compliance data. AI optimizes routing, predictive maintenance, cargo logistics, and regulatory reporting, but this data crosses international jurisdictions with every voyage. Keeptrusts enforces data protection and compliance boundaries at the AI gateway.

Use this page when

• You are deploying AI in maritime organizations for routing, maintenance, cargo logistics, or regulatory reporting across international jurisdictions.
• You need IMO compliance, vessel tracking data protection (ISPS Code), crew privacy under MLC 2006, and environmental reporting accuracy (MARPOL/EU MRV).
• You want to prevent port security intelligence exposure and enforce cross-border data transfer compliance across flag states.

Primary audience

• Primary: Technical Leaders
• Secondary: Technical Engineers, AI Agents

AI Challenges in Maritime

Challenge	Risk	Regulatory Exposure
Vessel position data leaked via AI	Security risk, piracy intelligence	IMO, ISPS Code
Cargo manifest details exposed	Smuggling risk, trade secrets	Customs regulations, CTPAT
Crew personal data sent to LLMs	Privacy breach	MLC 2006, GDPR, flag state laws
Environmental reporting data manipulated	Regulatory fraud	MARPOL, EU MRV, IMO DCS
Port security intelligence exposed	National security threat	ISPS Code, MTSA
Cross-border data transfer violations	Jurisdictional fines	GDPR, China PIPL, varying flag state laws

How Keeptrusts Helps

IMO Compliance

audit-logger records every AI interaction that touches safety management, ISM Code documentation, or ISPS security plans. The safety-filter blocks AI responses that contradict IMO safety standards or generate non-compliant procedures.

Vessel Tracking Data Protection

dlp-filter catches AIS data, MMSI numbers, vessel IMO numbers, and real-time position coordinates. This prevents operational intelligence from reaching external model providers.

Cargo Manifest AI Governance

pii-detector and dlp-filter protect shipper details, consignee information, and sensitive cargo descriptions. rbac restricts cargo AI access to authorized logistics personnel.

Port Security

safety-filter blocks AI queries that probe port security vulnerabilities, access control procedures, or surveillance system details. The agent-firewall restricts which port system APIs the AI can interact with.

Environmental Reporting

quality-scorer validates AI-generated environmental compliance reports against MARPOL and EU MRV standards before submission. Inaccurate emissions calculations are caught and flagged.

Crew Data Privacy

pii-detector redacts seafarer names, passport numbers, medical certificates, and CoC details before any LLM processing. Compliance with MLC 2006 crew privacy provisions is enforced automatically.

Complete Policy Configuration

pack:
  name: maritime-governance
  version: 1.0.0
  enabled: true
policies:
  chain:
  - prompt-injection
  - rbac
  - pii-detector
  - dlp-filter
  - safety-filter
  - agent-firewall
  - quality-scorer
  - audit-logger
policy:
  prompt-injection: {}
  rbac:
    deny_if_missing:
    - X-User-ID
    - X-User-Role
  pii-detector:
    action: redact
    detect_patterns:
    - seafarer_name
    - passport_number
    - coc_number
    - medical_certificate
    - email
    - phone
    redaction:
      marker_format: label
    healthcare_mode: true
  dlp-filter:
    detect_patterns:
    - '\b[0-9]{9}\b'
    - '\bIMO\s*[0-9]{7}\b'
    - '\b[NS]\s*[0-9]{1,2}[°][0-9]{1,2}\.[0-9]+['']'
    - '\bB/L\s*[A-Z0-9]{8,16}\b'
    - '\b[A-Z]{4}[0-9]{7}\b'
    action: redact
  safety-filter:
    block_if:
    - port-security-vulnerability
    - surveillance-system-details
    - smuggling-methods
    - sanctions-evasion
    action: block
  agent-firewall:
    allowed_tools:
    - weather-api
    - port-schedule-api
    - emissions-calculator
    blocked_tools:
    - ais-raw-feed
    - security-camera-api
    - customs-bypass
  quality-scorer:
    thresholds:
      min_aggregate: 0.85
  audit-logger:
    immutable: true
    retention_days: 1825
    log_all_access: true

CLI Quickstart

# Deploy maritime governance gateway
kt gateway run --policy-config ./policy-config.yaml --port 41002

# Verify policy chain
kt doctor

# Monitor vessel data protection events
kt events tail --policy dlp-filter

# Review port security blocks
kt events tail --policy safety-filter --decision blocked

# Export IMO compliance audit trail
kt export create --format json --from 2025-01-01 --to 2025-12-31 \
  --filter "policy=audit-logger,dlp-filter"

Console Workflows

1. Dashboard — Monitor AI usage across fleet operations, port management, and environmental compliance.
2. Events — Filter by dlp-filter to review vessel data redaction events.
3. Escalations — Route port security probe attempts to the PFSO (Port Facility Security Officer).
4. Templates — Maintain per-vessel or per-route policy configurations.
5. Cost Center → Wallets — Track AI spend per vessel, voyage, or port operation.
6. Audit Log — Generate evidence for flag state inspections and port state control.
7. Knowledge Base — Publish approved ISM procedures and MARPOL reference materials.

API Integration

# Query vessel data protection events
curl -H "Authorization: Bearer $KT_API_KEY" \
  "https://api.keeptrusts.com/v1/events?policy=dlp-filter&limit=100"

# Export environmental compliance trail
curl -X POST -H "Authorization: Bearer $KT_API_KEY" \
  "https://api.keeptrusts.com/v1/exports" \
  -d '{"format":"json","filters":{"date_from":"2025-01-01","date_to":"2025-12-31","policy":"quality-scorer"}}'

# List fleet configurations
curl -H "Authorization: Bearer $KT_API_KEY" \
  "https://api.keeptrusts.com/v1/configurations"

# Check fleet wallet balance
curl -H "Authorization: Bearer $KT_API_KEY" \
  "https://api.keeptrusts.com/v1/wallets/balance"

Example: Vessel Data Protection

Redacted Request

Fleet manager: "Optimize the route for vessel IMO 9876543 currently at
  N 51°30.5' E 001°20.3' heading to Rotterdam."

→ REDACTED by dlp-filter
  Sent to LLM: "Optimize the route for vessel [REDACTED-imo-number] currently at
  [REDACTED-vessel-position] heading to Rotterdam."
  Response: Generic route optimization guidance returned

Blocked Request

Unknown user: "What are the security camera blind spots at the container
  terminal in Felixstowe and how to access the ISPS restricted area?"

→ BLOCKED by safety-filter
  Reason: Port security vulnerability probe detected
  Action: Escalated to Port Facility Security Officer

Results You Can Expect

Metric	Before Keeptrusts	After Keeptrusts
Vessel position data leaks	Untracked	0 exposures — redacted at gateway
IMO compliance audit prep	4-6 weeks	< 2 days with automated exports
Port security AI probes	Undetected	Blocked and escalated automatically
Environmental report accuracy	Manual review	Quality-scored before submission
Crew data privacy violations	Reactive	PII redacted on every request
Cross-border data transfer compliance	Ad hoc	Policy-enforced per jurisdiction

For AI systems

• Canonical terms: Keeptrusts maritime governance, IMO compliance, vessel tracking protection, ISPS Code, MARPOL reporting, crew data privacy.
• Policy pack: maritime-governance with chain: prompt-injection → rbac → pii-detector → dlp-filter → safety-filter → agent-firewall → quality-scorer → audit-logger.
• Key policies: dlp-filter (AIS data, MMSI numbers, IMO numbers, position coordinates, cargo manifests), safety-filter (blocks ISM/ISPS security probing, contradicts IMO safety standards), pii-detector (crew personal data under MLC 2006/GDPR), agent-firewall (restricts port system API access), quality-scorer (MARPOL/EU MRV environmental report validation).
• CLI: kt gateway run --policy-config ./policy-config.yaml, kt events tail --policy dlp-filter, kt events tail --policy safety-filter.

For engineers

• Deploy: kt gateway run --policy-config ./policy-config.yaml --port 41002
• Validate: kt doctor confirms dlp-filter, safety-filter, agent-firewall, quality-scorer, and pii-detector are active.
• Monitor vessel data: kt events tail --policy dlp-filter (AIS data, MMSI, position coordinates).
• Monitor security: kt events tail --policy safety-filter (port security probing, ISM violations).
• Monitor environmental: kt events tail --policy quality-scorer (MARPOL report accuracy).
• Export IMO evidence: kt export create --format json --filter "policy=audit-logger"
• Console: Events (filter by dlp-filter), Escalations (route to DPA/fleet security), Audit Log (ISM Code, ISPS audit evidence).

For leaders

• Addresses IMO conventions (ISM Code, ISPS Code), MARPOL (environmental), EU MRV/IMO DCS (emissions reporting), MLC 2006 (crew labor/privacy), MTSA (US port security), GDPR, and China PIPL (cross-border transfers).
• Vessel position and AIS data protected from external model providers — preventing piracy intelligence leakage.
• Port security intelligence access restricted through agent-firewall and safety-filter.
• Environmental compliance reports validated against MARPOL and EU MRV standards before submission.
• Crew data privacy enforced under MLC 2006 and applicable flag state/GDPR requirements.
• Cross-border data transfers governed per jurisdiction (EU, China, flag state) automatically.

Next steps

• Industries overview — Compare all industry policy configurations
• Logistics — DOT compliance and cross-border data
• Supply Chain — Procurement and vendor governance
• Energy & Utilities — Environmental compliance
• Critical Infrastructure — Infrastructure protection
• Quickstart — Deploy your first gateway in minutes