Disclosure Tactics in Information Systems
- Disclosure tactics are strategic methods for managing selective information revelation, balancing full transparency with controlled omission to influence inferences and incentives.
- They use both informational changes (e.g., selective stopping, omitting moderate data) and rhetorical framing (e.g., authenticity and risk shifting) to achieve optimal outcomes.
- Advanced mechanisms incorporate timing, aggregation, and technical systems (e.g., TEE, smart contracts) to align disclosure practices with economic and AI governance objectives.
Disclosure tactics are strategic choices that govern how information is revealed, withheld, pooled, timed, framed, verified, or audited under asymmetric information. Across economic disclosure games, public-sector AI procurement, crowdfunding, data valuation, networked intermediation, and conversational AI, the central problem is not merely whether information is disclosed, but how disclosure changes inference, incentives, bargaining power, and downstream governance. The resulting literature treats disclosure as a mechanism-design object, a relational practice, and, increasingly, a technical property of socio-technical systems (Jiang, 2019, Kuehnert et al., 1 Apr 2026, Gausen et al., 27 Jan 2026).
1. Conceptual foundations
In the formal literature, disclosure tactics arise when a sender has verifiable but selectively revealable evidence and a receiver updates beliefs from both what is shown and what is omitted. In “Disclosure Games with Large Evidence Spaces,” evidence is a finite sequence of binary signals, and the sender can only disclose a left truncation. The relevant statistic is the maximal running difference
where . In truth-leaning equilibrium, the sender may disclose seemingly sub-optimal truncations, but any message used with positive probability contains the longest truncation that yields the maximal difference between good and bad signals. The tactic is therefore selective stopping rather than falsification: omission is constrained by the disclosure technology itself (Jiang, 2019).
“Inference from Selectively Disclosed Data” generalizes this logic to large datasets of hard evidence. A sender with type can drop observations to make the disclosed empirical distribution imitate the natural distribution of a more favorable state. The key object is the distinguishability factor
which determines how much data mass a lower state must sacrifice to mimic a higher state. The paper’s imitation equilibrium shows that optimal tactics are not arbitrary cherry-picking but disclosure of full datasets that could have arisen naturally under better states; outcomes that maximize the likelihood ratio are sufficient statistics for equilibrium disclosure (Gao, 2022).
A related but distinct formulation appears in “A Theory of Investors’ Disclosure.” There, an investor first learns initial evidence , may also learn additional evidence , takes a long or short position, and then decides what to disclose. The investor always discloses the initial evidence , but strategically discloses additional information only in the tails: extreme is revealed, while moderate is withheld because the investor’s objective is to maximize the absolute price change rather than the level of the price. This yields a two-tailed policy in which disclosure amplifies volatility and moderation is strategically suppressed (Lu et al., 2024).
Taken together, these models suggest that “disclosure tactics” are best understood as equilibrium responses to three primitives: the feasible message space, the receiver’s inferential model, and the sender’s payoff from belief change. This suggests that tactics are endogenous to the disclosure regime rather than reducible to generic transparency or secrecy.
2. Framing, audience, and strategic presentation
In applied settings, disclosure tactics often combine informational and rhetorical moves. “Disclosure or Marketing? Analyzing the Efficacy of Vendor Self-reports for Vetting Public-sector AI” studies the GovAI Coalition AI FactSheet and identifies three competing purposes: showcasing value, supporting quality assessment, and building long-term relationships. Vendors frequently used positive sales language, broad assurances, and business-value metrics in place of technically legible evidence. Empirically, among 39 completed FactSheets, 16 of 39 scored 3/3 on use and context limitations, while 22 of 39 scored 1/3 on training data and evaluation/testing; over half, 21 of 39, reported no numerical performance results at all. The paper characterizes recurring tactics as strategic framing, selective transparency, strategic ambiguity, risk shifting, and signaling governance maturity with minimal content (Kuehnert et al., 1 Apr 2026).
“How to Disclose? Strategic AI Disclosure in Crowdfunding” isolates similar dynamics under mandatory platform disclosure. Kickstarter’s policy requires a public “Use of AI” statement, but disclosure outcomes depend strongly on substantive and rhetorical signals. At the aggregate level, mandatory AI disclosure reduced funds raised by 39.8% and backer counts by 23.9% for AI-involved projects. Greater AI involvement amplified the negative effect, while high explicitness and high authenticity mitigated it; excessive positive emotional tone exacerbated it. The paper operationalizes rhetorical tactics through Aristotle’s logos, ethos, and pathos: explicitness, authenticity, and positive emotional tone. Its experiments show that explicitness reduces AI-washing and raises perceived competence, authenticity operates primarily through reducing AI-washing and then increasing competence, and excessive positivity increases AI-washing and lowers competence (Wang et al., 17 Feb 2026).
These findings distinguish at least two broad classes of tactic. One class changes the informational content of the message, for example by omitting training data, pooling states, or replacing technical performance metrics with business outcomes. The other class changes how the same content is socially interpreted, through authenticity, explicitness, hedging, or promotional tone. A plausible implication is that disclosure regimes that ignore rhetoric may systematically overestimate the governance value of textual transparency.
3. Timing, aggregation, and relational disclosure
Several papers show that disclosure tactics are also shaped by who must agree, when disclosure opportunities arise, and whether silence itself is informative. In “Disclosure and Incentives in Teams,” team outcomes are verifiable, but disclosure is determined by a deliberation protocol that aggregates members’ individual decisions. Equilibrium behavior is equivalent to threshold strategies in which member 0 votes to disclose if and only if 1. A partial-disclosure equilibrium exists if and only if disclosure cannot be chosen unilaterally by all team members; if no member can unilaterally disclose, every partial-disclosure equilibrium is interior. The paper further shows that full disclosure maximizes incentives when effort is self-improving, whereas more consensual protocols can improve incentives when effort is team-improving (Onuchic et al., 2023).
“Entry and disclosure in group contests” studies a different aggregation problem. With best-shot technology, within-group disclosure reveals entrants and valuations inside the group but not across groups, allowing the highest-value member to become the sole active investor. For 2, within-group disclosure strictly raises aggregate investment relative to no disclosure, while the effect of full disclosure is ambiguous. Under an elasticity condition,
3
full disclosure raises aggregate investment above no disclosure; otherwise the effect can reverse (Boosey et al., 25 Mar 2025).
In dynamic environments, timing itself becomes a tactic. “Reputation and Disclosure in Dynamic Networks” introduces publicly observable disclosure clocks 4. When the clock is on, silence is informative and reputationally costly; when the clock is off, silence is mechanically uninformative. Along any expert–decision-maker path, Markov perfect Bayesian equilibria are ladder policies with finitely many posterior cutoffs, and clock-off windows eliminate knife-edge mixing. Under sufficiently high reputational stakes and low discounting, dynamic incentives rule out persistent suppression and guarantee eventual transmission of all verifiable evidence along the path, even when bias reversals would block static unraveling (Buhai, 28 Dec 2025).
The public-sector AI literature adds a relational interpretation to these timing and aggregation results. The GovAI FactSheet often failed as a standalone assessment tool, but vendors and agencies treated it as a “living artifact” and as a starting point for follow-up questions, negotiation, and trust formation. The paper accordingly reframes documentation as a relational artifact rather than a final evaluative instrument (Kuehnert et al., 1 Apr 2026). This suggests that disclosure tactics are often embedded in iterative interaction rather than exhausted by the first message.
4. Technical and infrastructural disclosure regimes
A large technical literature treats disclosure tactics as parameters of the mechanism itself. “Measuring the Hidden Cost of Data Valuation through Collective Disclosure” models disclosure as an Information Disclosure Game between a Data Union and a Data Consumer. The Data Union chooses a per-query privacy budget 5 and a per-point query cap 6, so the consumer’s cumulative spend is
7
with maximum per-point spend 8. Disclosure is progressive: repeated noisy views of data points are released under a Laplacian mechanism, and the consumer must spend privacy budget to denoise them. This converts the hidden cost of valuation into an explicit acquisition cost and changes how payouts are distributed across contributors (Mesana et al., 9 Oct 2025).
Threshold release systems make disclosure atomic rather than progressive. “ETHTID: Deployable Threshold Information Disclosure on Ethereum” addresses the problem that an arbitrary number of users want their messages disclosed if and only if all such messages are disclosed. It coordinates distributed key generation and threshold sharing through Ethereum smart contracts, and reports deployability with a council of more than 200 members with gas savings of 20–40% compared to ETHDKG (Stengele et al., 2021).
“NDAI Agreements” addresses the disclosure–appropriation paradox directly. An inventor with private information good 9 would disclose nothing in the baseline game because any positive disclosure can be expropriated. With TEEs and AI agents, disclosure and payment are delegated to tamper-proof programs. If the invention’s value is below a security threshold 0, the seller fully discloses inside the TEE and receives an efficient ex post transfer; if 1, the seller discloses only 2, so partial disclosure still improves outcomes over no disclosure. The paper further shows that budget caps and acceptance thresholds preserve most efficiency gains under agent errors (Stephenson et al., 11 Feb 2025).
A different but related infrastructure perspective appears in “Toward a Principled Framework for Disclosure Avoidance.” There, a Disclosure Avoidance System is evaluated not by a single privacy parameter but by seven principles: supports meaningful assessment of disclosure risk; supports meaningful assessment of the impact on availability and accuracy; can target protection to higher-risk individuals or groups; can target accuracy to higher-priority uses; tracks cumulative disclosure risk over time; is transparent; and is feasible. The paper distinguishes inherent features of a system from implementation decisions and frames all tactics within a triple tradeoff among availability, accuracy, and confidentiality (Hawes et al., 10 Feb 2025).
5. AI systems: disclosure as behavior, artifact, and attack surface
Recent AI work treats disclosure both as a required behavior and as a leakage risk. “AI Disclosure with DAISY” studies author disclosure of AI use in research through a form-based tool that generates submission-ready statements. In a user study with 31 authors, unsupported disclosures had mean completeness 3 on a 0–6 scale, versus 4 for DAISY auto-generated disclosures and 5 for edited DAISY disclosures; the use of DAISY did not significantly reduce comfort with the statements. DAISY structures disclosure around six activity dimensions—ideation and brainstorming, coding assistance, analytical support, writing and drafting, figures and tables, and language editing and proofreading—and systematically improves reporting of location, extent, and responsibility (Ahmetoglu et al., 3 Apr 2026).
“Disclosure By Design: Identity Transparency as a Behavioural Property of Conversational AI Models” shifts attention from author self-report to model behavior. It argues that conversational systems should explicitly state that they are AI whenever directly asked about identity. In baseline settings, disclosure rates are often high, but they drop substantially in role-play and can be suppressed under adversarial prompting; under adversarial text prompts, all evaluated text models showed disclosure rates below 1.5%. The paper therefore treats identity transparency as a behavioral property that should be embedded in the model, not left to interface badges or provenance tools alone (Gausen et al., 27 Jan 2026).
The opposite problem—unauthorized disclosure by an agent—is studied in “Disclosure Audits for LLM Agents.” The CMPL framework models a black-box adversary that strategically extends a conversation to infer a protected attribute 6 from an agent with access to sensitive profiles and privacy directives. It measures leakage through both explicit entailment and implicit inference. In the InsClaim-FamHist scenario, the reactive adversary achieved up to 75% attack success rate and the sub-goals-based adversary up to 65%, while in the Interview Scheduling scenario baseline attacks produced 0% leaks and CMPL still achieved 35–45% attack success rate depending on target. The identified tactics include probing, general or broad queries, explicit target queries, side-channel leakage, diversions, hypotheticals, and appeals to authority (Das et al., 11 Jun 2025).
These works show that AI disclosure tactics now operate at three levels simultaneously: authoring practices, model self-identification, and adversarial extraction. A plausible implication is that future disclosure governance for AI will need to specify both authorized disclosures and prohibited conversational inferences.
6. Evaluation, misconceptions, and policy significance
A recurring misconception is that more disclosure is always better. The literature is more conditional. In public-sector AI procurement, voluntary public self-disclosure often creates an appearance of visibility without providing verifiability, so documentation alone frequently falls short as a risk-assessment tool (Kuehnert et al., 1 Apr 2026). In algorithmic pricing, disclosure rules change how Q-learning agents learn to collude: upper censorship outperforms full disclosure, and there is a profit reversal between no disclosure and full disclosure—when the discount factor is high, no disclosure yields higher profits than full disclosure, while when the discount factor is low, full disclosure performs better (Wang et al., 5 Jul 2026). In macro-style public information games, by contrast, worst-case welfare is strictly increasing in public precision if and only if full disclosure is optimal under some information costs, yielding a robust rationale for transparency in environments with positive welfare weight on coordinated responses (Ui, 2022).
A second misconception is that disclosure failures are always reducible to bad faith. Several papers instead identify structural constraints: competitive risk and FOIA exposure in public procurement, supply-chain opacity for vendors integrating foundation models, uncertainty about information endowment in investor disclosure, and the technical security threshold 7 in TEE-mediated bargaining (Kuehnert et al., 1 Apr 2026, Lu et al., 2024, Stephenson et al., 11 Feb 2025). This suggests that tactical ambiguity may reflect incentive incompatibility or missing infrastructure rather than mere deception.
Across the literature, the most stable policy conclusion is not “mandate full disclosure everywhere,” but “align disclosure regimes with purpose and mechanism.” Public procurement papers recommend layered governance in which documentation is complemented by audits, sandbox pilots, empirical testing, and peer networks (Kuehnert et al., 1 Apr 2026). AI disclosure tools like DAISY imply that structured elicitation can improve completeness without raising discomfort (Ahmetoglu et al., 3 Apr 2026). Identity transparency work implies that some disclosures should be embedded as hard behavioral constraints in models (Gausen et al., 27 Jan 2026). Privacy-auditing work implies that systems must be stress-tested against iterative multi-turn manipulation rather than only single-turn prompts (Das et al., 11 Jun 2025).
Disclosure tactics, in this synthesis, are neither peripheral rhetoric nor a purely legal afterthought. They are part of the architecture of information exchange itself: they determine what can be inferred, who bears risk, how trust is built, and whether transparency functions as accountability, bargaining leverage, persuasion, or leakage.