Wesley Dean

DevSecOps Engineer, Author, and Mentor

I'm a technologist, author, and mentor who helps people and organizations move from complexity to clarity. Through consulting, writing, and workshops, I bridge the gap between technical and non-technical teams, translating risk into meaningful decisions and sustainable action. My work centers on leadership, connection, and disciplined execution, drawing on decades of experience to help teams build secure, reliable systems while strengthening trust, alignment, and shared understanding.

Picture of Wesley Dean wearing a gray hoodie

Latest 3 Posts ↓

View all posts →
Consent in the Age of AI (Part 2) image

9 min read

In the first part of this essay, I argued that many conversations about artificial intelligence become more understandable when we stop focusing exclusively on artifacts and begin focusing on the people connected to them. A photograph is not merely image data. A voice recording is not merely a sample. A body of writing is not merely a statistical pattern. Each artifact derives its significance from its connection to a human being. Once that connection is forgotten, it becomes remarkably easy to view people as resources rather than persons.

That observation naturally leads to a difficult question. If consent exists, what exactly is it protecting? At first glance, the answer appears straightforward. Consent protects privacy. Consent protects ownership. Consent protects information. While each of those answers contains some truth, they seem incomplete. The deeper I explored the subject, the more convinced I became that consent protects something even more fundamental: human dignity. Consent reminds us that another person's likeness, labor, voice, creativity, and identity are not ours to use simply because doing so would be useful, profitable, convenient, or technologically possible.

Artificial intelligence places unusual pressure on that principle because it dramatically expands what can be done with the artifacts people leave behind. A photograph can be transformed into thousands of new images. A voice recording can become synthetic speech. Years of writing can be analyzed, modeled, and reproduced in seconds. As these capabilities continue to improve, the central question shifts from what is possible to what is permissible. More importantly, it forces us to confront the uncomfortable reality that those two categories are not always the same.

That is where many of the most important consent questions begin. They emerge in the space between legality and ethics, between capability and stewardship, and between what we are allowed to do and what we ought to do.

The difficulty, of course, is that many of these uses may be legally permissible. I am not a lawyer, and I am not offering legal advice. I am also not suggesting that every uncertain use of data, voice, image, or text is unlawful. The law will answer some of these questions in time, and those answers will likely vary by jurisdiction, license, contract, context, and use case. My concern sits somewhere else.

A society can permit something by law while still recognizing that the action strains the boundaries of what is ethical, moral, humane, or wise.

That distinction matters because legal permission can become a hiding place. Once an action can be defended as permissible, the conversation often stops too early. Someone points to a license, a terms-of-service agreement, a public web page, a permissive repository, or the absence of a specific prohibition and the deeper question quietly disappears. The question is no longer whether the affected person understood, agreed, or retained meaningful agency. The question becomes whether the actor can survive scrutiny. That may be a useful legal strategy, but it is a poor moral framework. Human dignity deserves more than clever defensibility.

I think about this whenever I consider the difference between learning from someone's work and representing oneself as that person. I have placed work into the world under permissive licenses (e.g., BSD, Creative Commons) because I want people to benefit from it. These licenses reflect my values of teaching, mentoring, supporting, and being of service to others. I want someone to read an article and understand something more clearly. I want someone to use a code example and build something better. I want a community to grow stronger because people are willing to share what they know. Yet my decision to share my work never meant that I consented to having my name removed, my contribution obscured, my voice imitated, or my identity transformed into a product. The fact that something is available does not mean the person connected to it has vanished.

The concern becomes sharper as the use moves closer to representation. A model trained on public writing may raise questions about attribution, compensation, and licensing. A model prompted to write "in the style of" a living person raises a different kind of question. A system advertised as though it can respond as that person crosses another boundary still. Each step moves further from learning and closer to substitution. The work is no longer merely informing the system. Instead, the person is being approximated, simulated, and presented as though their judgment, presence, or authority can be reproduced without their participation.

That is where consent becomes inseparable from dignity. A person's writing style is not merely a pattern of words. It carries traces of experience, temperament, education, memory, conviction, suffering, and relationships. A person's voice is not merely an audio signal. It is how they comfort their spouse, teach their students, greet their friends, correct their children, encourage their colleagues, and move through the world as themselves. A person's likeness is not merely visual information. It is connected to their body, their history, their privacy, their reputation, and their place among others. When those things are treated as detachable assets, something deeply human is being flattened.

This is not merely a concern about famous people. In some ways, the ordinary cases matter more. A public figure may expect imitation, parody, criticism, and unwanted attention as part of public life. That does not eliminate their dignity, but it changes the expectations surrounding their public presence. Ordinary people often have no such expectation. Their photographs appear online because they attended a wedding, spoke at a conference, volunteered at an event, appeared in the background of someone else's post, or lived an ordinary life in an increasingly recorded world. They did not imagine that their face, voice, writing, or habits could become material for systems capable of generating new versions of them.

The same concern appears in data stewardship. A person may use an AI tool believing the exchange is transient, private, or limited to the immediate task. The system may not train on that prompt, yet the interaction may still be stored, logged, reviewed, retained, or processed in ways the person did not or could not fully understand (e.g., lack of access to the underlying systems, trade secrets). Again, that may be covered somewhere in a policy, agreement, or disclosure. It may even be operationally necessary for safety, reliability, abuse prevention, or support. The ethical obligation, however, does not disappear simply because the legal notice exists. If the person would be surprised by the use, that surprise is morally relevant.

Consent is not meaningful when it exists only as a technical defense. It must be connected to understanding, context, agency, and relationship. A person cannot meaningfully consent to every future use of their work, image, voice, or data merely because it was once public, once licensed, once uploaded, or once disclosed. Context shapes expectation. Purpose shapes permission. Relationships shape trust. When AI systems detach artifacts from their original contexts and recombine them at scale, they risk erasing the very conditions that made consent intelligible in the first place.

That is why I keep returning to the language of personhood.

The opposite of consent is not merely using someone; it is denying their personhood.

It is treating another human being as though their labor, likeness, voice, history, or identity exists chiefly for our benefit. It is replacing the question "What do I owe this person?" with the question "What can I get away with?" The first question belongs to stewardship. The second belongs to exploitation, even when exploitation arrives wrapped in innovation, efficiency, or legal permissibility.

When does our desire to benefit from another person begin to eclipse our obligation to respect them?

Learning from me is not the same as becoming me. There is a meaningful difference between using someone's work and representing oneself as that person. If someone copies one of my articles, I may dislike it. I may find it unethical. I may believe it violates the spirit of my generosity. Still, copying work is one kind of injury.

Creating a synthetic version of me is something else entirely.

When I publish an article, release code, write a book, or post online, I am not consenting for someone to create a machine that speaks as me, writes as me, answers questions as me, or presents itself as though it represents my thoughts, values, beliefs, or judgment. That crosses a deeper boundary.

A person's writing style is not merely a statistical pattern. A person's voice is not merely an audio sample. A person's likeness is not merely image data. A person's identity is not raw material for someone else's product.

This is where consent becomes more than licensing, privacy, or attribution. It becomes a question of personhood.

I am not arguing that AI should not exist. I use AI. I run local models. I have seen real value in these tools. I know they can help people write, code, research, learn, summarize, explore, and create. The issue is not whether AI can be useful. It can.

The issue is whether usefulness gives us permission to disregard the dignity of the people whose work, likeness, voice, data, and identity make that usefulness possible.

When AI systems ingest human artifacts without meaningful consent, they risk treating people as inputs rather than persons. They become training examples, vectors, tokens, image data, audio samples, writing patterns, behavioral signals, and market opportunities. Something is lost in that reduction.

Consent is one way we resist that loss.

Consent says: this person is not merely a resource. This person has agency. This person has boundaries. This person has a right to understand how they are being used and to object when that use exceeds what they reasonably agreed to accept.

That does not solve every technical problem. Revocation may be difficult. Attribution may be complicated. Jurisdictional boundaries may be messy. Bad actors may ignore the rules. Competitive pressure may reward those who move fastest and ask the fewest questions.

Those realities are serious, but they do not make the ethical question disappear. If anything, they prod us to explore, discuss, reflect, debate, and grow. They invite informed intent. They draw a straight line between our actions and our intentions and ask a difficult question: "Is this what we want?"

Posts in this Series

  1. Consent in the Age of AI (Introduction)
  2. Consent in the Age of AI (Part 1)
  3. Consent in the Age of AI (Part 2)

Read More

Bash Shell Script Usage Generation based on Doxygen Comments

3 min read

In a post on Documentation and AI , I advocated for the use of Doxygen-style comments when developing and maintaining shell scripts to preserve intent, contracts, interfaces, edge-cases, and context information. An AI wouldn't need to reinterpret how a block of Bash shell script code worked every time it ran. Doing so would provide a pathway by which subtle changes in understanding could be introduced, much like what happens in a telephone game.

Another benefit of that structured documentation technique is the ability to generate usage information for shell scripts. This allows you to automatically generate what is displayed when someone runs your_script.bash --help without having to maintain that help screen yourself.

So, I put together a tool that can accept one or more Bash shell scripts as inputs, generate the help text, and then inject that help text back into the script. Along the way, the incoming Bash shell scripts are minimized so that the finished version is tighter and no longer carries the full volume of inline documentation.

Since my scripts typically have two lines of comments for every line of code, this results in shipped scripts having about one-third the size of the heavily-documented versions.

This tooling -- which can be run via Docker or installed directly -- is intended for use in a CI/CD setting. I write something in my_script.src.bash and it produces my_script.bash when a commit is pushed to the upstream repository.

The tool can be found on GitHub at wesley-dean/bash_usage_help_generator or on DockerHub at wesleydean/bash_usage_help_generator

Full Example

This is an example of how the tool works.

Input: example.src.bash

#!/usr/bin/env bash

## @file example.src.bash
## @brief Example CLI tool
## @details
## This script demonstrates usage help generation.
##
while getopts "h" option ; do
  case "$option" in
    h) usage_help ; exit 0 ;; ##- display usage help
  esac
done

printf 'Hello\n'

Run

bash_usage_help_generator.bash example.src.bash

Output: example.bash

#!/usr/bin/env bash
## @cond GENERATED_USAGE_HELP
usage_help() {
  cat <<'__BASHLIB_USAGE_HELP__'
## Usage

`example.bash` [-h]

# file example.src.bash

## Brief

Example CLI tool

## Details

This script demonstrates usage help generation.

## Options

* `-h`: display usage help

__BASHLIB_USAGE_HELP__
}
## @endcond
while getopts "h" option ; do case "$option" in h) usage_help ; exit 0 ;;esac;done;printf 'Hello\n';

Explanation

The tool takes the original script, example.src.bash, extracts the comments, and then writes example.bash to the same directory as example.src.bash. The written file is minified -- which isn't very obvious in this example -- and has the help text injected near the top of the script.

Resources

I also recommend adding the following to your Bash shell scripting pipelines:

Read More

Consent in the Age of AI (Part 1) image

7 min read

The first time I seriously considered using artificial intelligence in my professional work, the answer was already decided.

No.

The decision was not mine to make. At the time, I was working on federal projects with significant security and compliance requirements. Public large language models (LLMs) were prohibited. That meant that we couldn't paste source code into prompts, upload documentation, or use project artifacts as context for retrieval systems. Even projects built largely upon open-source software were subject to the same restrictions. While developers across the industry were experimenting with AI-assisted coding, summarization, and research, our path was considerably narrower. The technology was simply too new, and too many questions remained unanswered.

At the time, I viewed those restrictions primarily as a security matter. That was certainly how most discussions were framed. Once information leaves a system, control becomes difficult to maintain. Data can be copied, logged, replicated, retained, backed up, and transferred in ways that are not always visible to the person who originally submitted it. A vendor might truthfully state that information would not be used for model training while still leaving dozens of important questions unresolved. Where would the data be stored? Who would have access to it? How long would it remain? What protections existed against misuse? These were practical questions, and they deserved practical answers.

Yet over time I began to notice something interesting. Security perspectives explained much of the concern, but not all of it. Compliance perspectives explained some of it. Risk management perspectives explained some of it. Data governance perspectives explained some of it. Each framework illuminated part of the picture, yet none seemed capable of explaining why the issue felt important even in situations where no obvious harm existed. A public document submitted to an AI system might contain no secrets, and an open-source repository might contain no protected information. A conference presentation might already be available to anyone willing to watch it online. The discomfort remained.

That lingering discomfort eventually led me to a question I had not considered before. What exactly was I trying to protect?

Read More

28 more posts can be found in the archive.