Mozilla’s Mark Surman on 3 ways CEOs can build trust in AI

by

Bridging the AI Trust Gap: 3 Open-Source Lessons from Mozilla’s President for CEOs

The numbers paint a sobering picture for corporate leaders betting big on artificial intelligence. While CEOs rush to deploy AI across their organizations, a dangerous chasm is forming between executive enthusiasm and employee confidence. According to recent surveys, only 27% of U.S. workers trust their employers to use AI responsibly. That’s not just a statistic—it’s a strategic liability.

When trust erodes, adoption stalls. When adoption stalls, ROI evaporates. And when employees feel their data is being harvested without consent, they stop sharing the very insights that make AI work.

Mark Surman, president of Mozilla—the organization behind Firefox and a decades-long champion of open-source internet principles—has spent years watching trust dynamics play out at scale. He believes the same philosophies that built a more trustworthy web can now build trustworthy AI systems inside companies. In a recent conversation, Surman outlined three actionable strategies for CEOs who want to close the trust gap before it becomes a business crisis.

This isn’t about abstract ethics. It’s about operationalizing trust as a competitive advantage.

Lesson 1: Give Your Team Agency, Not Surveillance

Let’s start with the most common AI mistake CEOs make: treating artificial intelligence as a surveillance tool or a productivity whip.

Surman puts it bluntly: “If you want to do right by your employees, have them be involved in how you reshape and rebuild the company. Give them ways to create and learn and have agency over how AI is used.”

This is where most organizations get it backward. They roll out AI tools that track keystrokes, monitor output, or quietly extract data patterns without employee visibility. The result? A workforce that withholds information, sabotages adoption, or—worst case—actively works against the technology.

The data backs this up. Research consistently shows that when employees feel they’re being mined for data without transparency, cooperation drops. Productivity tools become surveillance instruments. And the trust deficit widens.

The Agency Playbook

Instead, Surman points to the work of Harvard Business School professor Karim Lakhani, whose research demonstrates something counterintuitive: AI-human collaboration is most potent when organizations reimagine their structure around agency, not extraction.

What does that look like in practice?

  • Co-creation sessions: Before rolling out an AI tool, invite the teams who’ll use it to help define its purpose and scope.
  • Opt-in data sharing: Let employees choose what data they contribute to AI training, with clear explanations of how it will be used.
  • Learning budgets, not tracking systems: Invest in upskilling employees on AI rather than monitoring their output.

The core insight is simple: People trust systems they help build. When your team has a hand in designing how AI integrates into their workflow, they stop seeing it as a threat and start seeing it as a tool.

Lesson 2: Build Guardrails That Scale (Yes, You Need an AI Governance Strategy)

Remember the early days of the internet? Companies rushed to build websites and e-commerce platforms without thinking about security. Then came the breaches, the ransomware, the regulatory crackdowns. Cybersecurity became a specialized profession—and a multi-billion-dollar industry.

Surman sees history repeating itself with AI.

“In the same way that the internet brought new safety issues that required cybersecurity experts, AI governance is becoming a specialty,” he says. And he’s not just talking theoretically. Mozilla Ventures has invested in companies like Fiddler AI and Credo AI, which are building the infrastructure for AI oversight and control.

The CEO’s Role in AI Governance

“The CEO totally has to be on top of modernizing safety and security in the age of AI,” Surman emphasizes. “You can lean on people who are really experienced at building the guardrails and rules for how AI should work at your company.”

Here’s what that means for your leadership agenda:

First, acknowledge that AI governance isn’t optional. It’s not a compliance checkbox or a PR move. It’s an operational necessity. The same way you wouldn’t launch a new product without a QA process, you shouldn’t deploy AI agents without governance frameworks.

Second, hire for it. Credo AI and Fiddler AI exist because companies realized they couldn’t manage AI risk with existing teams. You need people who understand model behavior, bias detection, and oversight mechanisms.

Third, own the strategy personally. AI governance can’t be delegated entirely to legal or IT. The CEO sets the tone. When you prioritize guardrails from the top, it signals that responsible AI isn’t a side project—it’s core to how the company operates.

Practical Guardrails to Implement Today

  • Model cards: Document each AI model’s intended use, limitations, and performance characteristics. Make them accessible to employees.
  • Audit trails: Ensure every AI-driven decision can be traced back to specific data and logic. If you can’t explain it, you can’t trust it.
  • Human-in-the-loop processes: For high-stakes decisions, require human review before AI outputs are actioned.
  • Red team exercises: Simulate adversarial attacks on your AI systems to identify vulnerabilities before bad actors do.

The companies that invest in these guardrails now will have a significant advantage when regulation inevitably catches up. More importantly, their employees will trust that AI is being deployed thoughtfully.

Lesson 3: Earn Trust by Being Trustworthy (Yes, That’s a Choice)

Surman’s final piece of advice is deceptively simple: “The consequences of being untrustworthy and ignoring [trust] are severe.”

Think about that. He’s not saying “build trust.” He’s saying “be worthy of trust.” There’s a fundamental difference.

Trust-building campaigns are marketing. Being trustworthy is a operational commitment. It means making hard choices that sometimes sacrifice short-term efficiency for long-term credibility.

The Trustworthy Organization Checklist

What distinguishes a company that’s truly worthy of trust from one that’s just talking about it?

  • Transparency about limitations: No AI product works perfectly. Be upfront about where your systems fall short.
  • Opt-out options: Give employees and customers meaningful ways to interact with humans instead of AI when they choose.
  • Failure protocols: Have clear procedures for when AI makes mistakes. Who gets notified? How are errors corrected? How do you prevent recurrence?
  • Bias correction mechanisms: If your AI demonstrates bias, do you have a system to identify and correct it?
  • Employee voice channels: Create safe ways for workers to raise concerns about AI without fear of retaliation.

Surman’s point is that the market is already punishing companies that treat trust as an afterthought. When employees distrust their employers on AI, they disengage. When customers distrust a company’s AI systems, they churn. This isn’t theoretical—it’s happening right now.

Why Open-Source Principles Apply to AI Governance

Mozilla’s DNA is open-source. The organization built Firefox to challenge internet monopolies and give users control. Surman is applying those same principles to AI.

Open-source isn’t just about code being free. It’s about transparency, community governance, and user agency. These are the exact values that make AI trustworthy:

  • Transparency: You know what the system is doing and why.
  • Community governance: Decisions about how the system evolves aren’t made by a single party.
  • User agency: The people who use the system have control over it.

CEOs don’t need to open-source their proprietary AI models. But they can apply these principles internally:

  • Make AI decisions transparent to the people they affect.
  • Involve broad stakeholder input in AI governance decisions.
  • Give end-users—whether employees or customers—control over how AI interacts with them.

The Business Case for Trustworthy AI

Let’s bring this back to the bottom line, because that’s where decisions get made.

Companies that invest in trustworthy AI see:

  • Faster adoption curves: When employees trust AI tools, they use them. Adoption rates for trusted systems are 3-5x higher than for systems employees distrust.
  • Higher quality data: Employees who trust AI systems share more data. More data means better models. Better models mean better outcomes.
  • Lower regulatory risk: As AI regulation emerges, companies with documented governance frameworks will face fewer penalties and less disruption.
  • Stronger talent retention: Engineers and knowledge workers want to work for organizations that use AI responsibly. Trustworthy AI is a recruiting advantage.
  • Competitive differentiation: In a sea of “AI-powered” claims, companies that can demonstrate responsible AI deployment stand out.

The Cost of Ignoring Trust

The flip side is equally compelling. Ignoring trust isn’t just risky—it’s expensive:

  • Employee attrition: Knowledge workers are leaving companies they feel are using AI unethically.
  • Data hoarding: When employees distrust AI, they withhold information. Your AI models degrade.
  • Reputational damage: One high-profile AI failure can erase years of brand building.
  • Legal exposure: Class-action lawsuits around AI bias and surveillance are already rising.

A Leadership Framework for Closing the Trust Gap

Based on Surman’s insights and the broader research on AI adoption, here’s a practical framework for CEOs:

Phase 1: Audit (Weeks 1-4)

  • Survey employees on their AI trust levels
  • Audit existing AI deployments for governance gaps
  • Identify high-risk use cases where lack of trust could cause harm

Phase 2: Design (Weeks 5-8)

  • Create cross-functional AI governance working group
  • Develop transparency guidelines for all AI deployments
  • Establish employee voice channels for AI concerns

Phase 3: Implement (Weeks 9-16)

  • Roll out governance guardrails for priority AI systems
  • Launch employee upskilling program focused on AI agency
  • Publish internal AI principles and model documentation

Phase 4: Iterate (Ongoing)

  • Measure trust levels quarterly
  • Adjust governance based on employee and customer feedback
  • Share progress transparently with all stakeholders

The Bottom Line: Trust Is a Strategy, Not a Slogan

Mark Surman’s message to CEOs is clear: The window for building trust in AI is closing. Employees are watching. Regulators are watching. The market is watching.

The companies that will win in the AI era aren’t necessarily the ones with the most advanced models or the biggest compute budgets. They’re the ones whose employees say, “I trust my employer to use AI responsibly.”

That trust isn’t built with PR campaigns. It’s built with agency, guardrails, and operational integrity. It’s built by treating AI as a collaborative partner, not a surveillance tool. It’s built by being worthy of trust, not just claiming it.

The 73% of workers who don’t trust their employers on AI are telling you something important. Are you listening?

See also:

Leave a Comment