Join us at Binding Hook Live on October 27 at Underbelly Boulevard Soho in London
Join us at Binding Hook Live
Request an invite
Main Logo Expert commentary on tech and security

Enlightenment lessons for the AI age

Alejandro Leal 10 June 2025
Share On:
As AI penetrates into ever more areas of our lives, it is important to understand the sources of human and machine knowledge. Kant can help.
Main Top Image
Photo: Vinicius 'amnx' Amano / Unsplash

If we are to live and act responsibly in an age increasingly shaped by artificial intelligence (AI), we must answer: what can we know? In his well-known essay, ‘An Answer to the Question: What is Enlightenment?’ published in 1784, Immanuel Kant argues that:

‘Enlightenment is man’s release from his self-incurred tutelage. Tutelage is man’s inability to make use of his understanding without direction from another. Self-incurred is this tutelage when its cause lies not in lack of reason but in lack of resolution and courage to use it without direction from another. Sapere aude! “Have courage to use your own reason!” – that is the motto of enlightenment.’

At first glance, it may seem unusual, perhaps even anachronistic, to begin a discussion about AI and machine learning by invoking an 18th-century philosopher. Yet it is precisely in returning to the foundations of Western epistemology that we can begin to see more clearly the contours of our current predicament: defining the boundaries of human and machine knowledge, and governing the latter.

Kant was interested not only in what we know, but also in how we know and, more importantly, in the conditions that make knowledge possible. For Kant, knowledge does not come simply from experience or reason alone, but from the interplay between perception, what is given to us, and understanding, that which the mind contributes. 

According to Kant, the world as we encounter it, which he called ‘phenomenon’, must conform to the mind’s own mental structures. The world as it is in itself, the ‘noumenon’, remains inaccessible. An object only exists insofar as it is constituted by a subject. This stance, which Kant called transcendental idealism, is a reminder that knowing is conditioned. 

Among these conditions are Kant’s a priori forms of intuition, namely time and space, as well as his twelve categories of understanding, including causality, unity, and necessity. According to Kant, these innate modes of processing sensory data are not derived from experience but serve as the preconditions for having any experience at all. 

In a similar way, AI-based systems rely on models, data representations, and algorithmic assumptions that preconfigure what the system is capable of recognising or producing. Kant’s insights into the structured nature of knowledge offer a valuable framework for critically examining both the capabilities and the inherent limits of AI systems such as large-language models (LLMs). 

What LLMs lack

Shifting our gaze to LLMs, particularly how these models influence cybersecurity workflows, we find a strangely parallel situation. The Kantian subject possesses categories that make phenomenon possible, just as the AI model uses algorithms to structure and interpret input data. AI systems do not perceive reality. Like humans, they do not encounter noumenon. They model. They calculate. They represent.  

While there are intriguing resemblances between the Kantian mind and AI systems – both depend on internal structures to process and organise inputs – it is the differences between them that offer deeper insights.

 In the Kantian sense, LLMs do not possess transcendental structures; they lack the a priori forms of intuition, such as time and space, that serve as conditions of lived experience. What LLMs process are symbolic correlations – tokens and timestamps – not intuitive frameworks. Their ‘categories’ are not necessary conditions for cognition but probabilistic patterns derived from training data. These learned representations emerge from computational processes like backpropagation, not from the structure of human consciousness. 

For Kant, the human mind possesses ‘apperception’, the capacity to reflect on itself as the basis of experience. Human understanding arises not just from processing data but from reflecting on the conditions of knowledge itself. Critical reflection is a precondition of knowledge. AI, by contrast, has no inner sense of its limits, no critical awareness of its own knowledge structures. It does not know it knows. Or fails to know.

This absence of ‘knowledge’ becomes critical in domains like cybersecurity, where the cost of epistemic error is not philosophical – it’s operational. Here, the integrity of identity, trust, and access is central to the security of digital systems and the people using them. 

Despite these stakes, vendors are rapidly integrating generative AI (GenAI) and LLM agents into their workflows. These models are being asked to conduct complex tasks, analysing incidents, enhancing decision-making, suggesting playbook templates, detecting anomalies, enforcing dynamic authorisation, creating policies, and more. Without critical oversight, such delegation risks embedding unexamined assumptions into the core logic of access and control.

Human-in-the-loop

Although LLMs can perform a variety of tasks and serve as virtual assistants, they do not inherently prioritise truth like the Kantian subject does. However, as AI agents and LLMs take on greater roles in decision-making, there is an increasing temptation to treat their output as ‘epistemically neutral’. This means acting as though a machine’s score or recommendation simply reflects reality, rather than being a probabilistic guess structured by pre-existing assumptions. Such an approach risks blind trust in machine output. 

‘Never trust, always verify’ is the core principle of zero trust security. In zero trust, no user or system is trusted by default; access must be continuously verified. Similarly, only a human can question and critically reflect on the system from which AI’s judgment emerges. 

In cybersecurity, the pursuit of knowledge must take precedence over speed or automation, because, at its core, security is about protecting people, not just systems. Consequently, the cybersecurity profession has turned to a wide range of techniques such as AI guardrails, retrieval-augmented generation (RAG), access controls, and fine-tuned prompts to ground and impose order on unstructured data. For example, RAG reduces AI hallucinations by incorporating more information and basing responses on real, verifiable data. 

Just as Kant insists the mind imposes order on sensory input, these mechanisms ensure that an LLM’s engagement with tools or data isn’t chaotic but follows a defined and more structured path. However, these techniques do not provide LLMs with true ‘knowledge’; rather, they simulate the imposition of structure on experience. They define how LLMs can access, structure, and interpret the world.

In a 1981 interview, French philosopher Michel Foucault noted that Kant’s article on the Enlightenment marked a turning point in modern philosophy by linking thought to its own time. Just as in Kant’s time, we must now ask: in what conditions can knowledge be possible? Kant would not ask us to reject machine knowledge, but to remain aware of its limits. In the end, humans must remain the final arbiter of meaning and truth.

avatar
Alejandro Leal

Related

Featured image
Binding Edge
Announcing the AI-Cybersecurity Essay Prize Competition
Max Smeets 4 November 2024
Read more arrow
Featured image
Binding Edge
Reading between the lies: using leak sites to analyse ransomware trends
Janina Inauen / Max Smeets 1 November 2024
Read more arrow
Featured image
Binding Edge
The AI-Cybersecurity Essay Prize Competition: Winning Essays Out Now
Max Smeets 14 February 2025
Read more arrow

Terms and Conditions for the AI-Cybersecurity Essay Prize Competition

Introduction

The AI-Cybersecurity Essay Prize Competition (the “Competition”) is organized by Virtual Routes (“Virtual Routes”) in partnership with the Munich Security Conference (“MSC”). It is sponsored by Google (the “Sponsor”). By entering the Competition, participants agree to these Terms and Conditions (T&Cs).

Eligibility

The Competition is open to individuals worldwide who are experts in the fields of cybersecurity and artificial intelligence (“AI”). Participants must ensure that their participation complies with local laws and regulations.

Submission Guidelines

Essays must address the question: “How will Artificial Intelligence change cybersecurity, and what are the implications for Europe? Discuss potential strategies that policymakers can adopt to navigate these changes.”

Submissions must be original, unpublished works between 800-1200 words, excluding footnotes but including hyperlinks for references.

Essays must be submitted by 2 January 2025, 00:00 am CET., through the official submission portal provided by Virtual Routes.

Only single-authored essays are accepted. Co-authored submissions will not be considered.

Participants are responsible for ensuring their submissions do not infringe upon the intellectual property rights of third parties.

Judging and Awards

Essays will be judged based on insightfulness, relevance, originality, clarity, and evidence by a review board comprising distinguished figures from academia, industry, and government.

The decision of the review board is final and binding in all matters related to the Competition.

Prizes are as follows: 1st Place: €10,000; Runner-Up: €5,000; 3rd Place: €2,500; 4th-5th Places: €1,000 each. The winner will also be invited to attend The Munich Security Conference

Intellectual Property Rights

The author retains ownership of the submitted essay.

By submitting the essay, the author grants Virtual Routes exclusive, royalty-free rights to use, reproduce, publish, distribute, and display the essay for purposes related to the Competition, including but not limited to educational, promotional, and research-related activities.

The author represents, warrants, and agrees that no essay submitted as part of the essay prize competition violates or infringes upon the rights of any third party, including copyright, trademark, privacy, publicity, or other personal or proprietary rights, breaches, or conflicts with any obligation, such as a confidentiality obligation, or contains libellous, defamatory, or otherwise unlawful material.

The author agrees that the organizers can use your name (or your pseudonym) and an image of you in association with your essay for purposes of publicity, promotion and any other activity related to the exercise of its rights under these Terms.

The organizers may remove any essay-related content from its platforms at any time and without explanation.

The organizers may block contributions from particular email or IP addresses without notice or explanation.

The organizers may enable advertising on its platforms and associated social media accounts, including in connection with the display of your essay. The organizers may also use your Material to promote its products and services.

The organizers may, at its sole discretion, categorise Material, whether by means of ranking according to popularity or by any other criteria.

Data Protection

Personal information collected in connection with the Competition will be processed in accordance with Virtual Routes’ Privacy Policy. Participants agree to the collection, processing, and storage of their personal data for the purposes of the Competition.

Liability and Indemnity

Virtual Routes, MSC, and the Sponsor will not be liable for any damages arising from participation in the Competition, except where prohibited by law.

Participants agree to indemnify Virtual Routes, MSC, and the Sponsor against any claims, damages, or losses resulting from a breach of these T&Cs.

General Conditions

Virtual Routes reserves the right to cancel, suspend, or modify the Competition or these T&Cs if fraud, technical failures, or any other factor beyond Virtual Routes’ reasonable control impairs the integrity or proper functioning of the Competition, as determined by Virtual Routes in its sole discretion.

Any attempt by any person to deliberately undermine the legitimate operation of the Competition may be a violation of criminal and civil law, and, should such an attempt be made, Virtual Routes reserves the right to seek damages from any such person to the fullest extent permitted by law.

Governing Law

These Terms and Conditions are governed by the laws of the United Kingdom, without regard to its conflict of law principles. Any dispute arising out of or in connection with these Terms and Conditions, including any question regarding its existence, validity, or termination, shall be referred to and finally resolved by the courts of the United Kingdom. The participants agree to submit to the exclusive jurisdiction of the courts located in the United Kingdom for the resolution of all disputes arising from or related to these Terms and Conditions or the Competition.