System Design: Human-in-the-Loop Review Subsystem

Context

You are designing a human-in-the-loop (HITL) review subsystem for a large-scale safety platform that moderates user-generated content (UGC) across text, images, and audio (including live voice). Automated detectors (ML models and rules) generate “detections” with metadata (content IDs, model type, confidence, policy category, timestamps). Some detections require immediate enforcement; others need human review for accuracy, context, or policy interpretation.

Requirements

Design and explain the end-to-end HITL subsystem, covering:

1. How review tasks are generated from detections (schema, deduplication, aggregation, idempotency, sampling).
2. Triage into queues by severity with prioritization and dynamic aging.
3. Reviewer UI requirements and ergonomics, including audio-specific needs.
4. SLAs/SLOs per queue and breach handling.
5. Sampling and double-blind consensus to ensure quality; inter-rater agreement.
6. Gold-standard audits (honeypots), reviewer calibration, and performance scoring.
7. Escalation paths and requeueing logic for ambiguous or time-sensitive items.
8. Access control and privacy for sensitive audio and PII.
9. Audit logs and tamper-evident trail.
10. Feedback loop where reviewer decisions update model thresholds, rules, and training data.
11. Capacity planning for reviewers and backlog control during surges.

State reasonable assumptions where necessary and be explicit about trade-offs.