Categories
DTQ Data Trust Quotients Events

Report: AI Memory and Data Retention- How Much Should Machines Be Allowed to Remember?

Categories
DTQ Data Trust Quotients Events

Report: AI Memory and Data Retention- How Much Should Machines Be Allowed to Remember?

A report on the closed-door leadership dialogue hosted by DTQ (Data Trust Quotient), bringing together CISOs, risk advisors, and AI governance leaders to examine whether enterprises can truly delete what an AI system has learned.

About the Platform: DTQ

DTQ — the Data Trust Quotient — is a leadership dialogue platform focused on AI governance, privacy, and data security. The series brings together the people directly responsible for these decisions: Chief Information Security Officers (CISOs), data protection leads, and AI governance practitioners, for candid, closed-door conversations about where the industry is heading.

This session opened with the discussion around a real-world flashpoint: a U.S. court order compelling OpenAI to preserve all ChatGPT conversations — including those users had deleted — as part of its ongoing copyright litigation with The New York Times. The episode illustrated how, once a machine has “remembered” something, true deletion becomes a far harder problem than most organizations assume.

The Panel

The discussion was steered by a moderator and featured three senior practitioners spanning cybersecurity, enterprise IT, and risk advisory:

RolePanelist & Profile
ModeratorMohit Sharma — Cybersecurity Advisor, Baker Hughes. Works in industrial and operational technology, where questions of what gets logged, stored, and retained carry real operational consequences.
PanelistAniruddha Mehta — Partner, Risk Consulting, EY. Advises organizations on data privacy, the DPDP Act, and AI/data risk governance as regulation evolves.
PanelistVinod Nair — CISO, leading cybersecurity and IT infrastructure across large enterprise and SAP environments, bringing a practitioner’s view of enterprise data governance at scale.
PanelistRohit Ponnapalli — Global CISO, Envoy Global. Over 14 years building security from the ground up, including running information security for 30,000 people across 11 locations and architecting security operations centers for state governments and India smart-city projects.

Session Report

Opening Question: Who Wins — Privacy Law or Algorithmic Memory?

Moderator Mohit Sharma framed the central tension: privacy laws are built on the principle that individuals can be forgotten, while AI systems are built on the principle of learning from what they remember. He asked the panel directly — in one line, can a company truly forget a person today?

“This is the illusion of absolute erasure in Gen AI. The right to be forgotten, codified under Article 17 of GDPR and Section 12(3) of India’s DPDP Act, grants data principals the right to demand erasure — but generative AI systems store data in two distinct states: explicit storage and implicit parametric storage. Erasing from explicit storage (vector databases, caches, logs) is technically feasible. Erasing from implicit parametric storage — the billions of weights inside a trained model — is practically impossible, because no single data point resides in an isolated, identifiable location.”

— Aniruddha Mehta, Partner – Risk Consulting, EY

Mehta outlined four technical paths organizations can use to bridge this gap:

  • Exact unlearning — deleting clearly targeted data outright.
  • Approximate unlearning — offering no absolute guarantee of erasure, but relying on probabilistic reduction of a data point’s influence.
  • Concept-level / cohort unlearning — removing influence at the level of a defined group (e.g. by department or team), which is easier to isolate and action.
  • CSA architecture (shared, isolated, sliced, and aggregated training design) — a more efficient, consent-aligned design for targeted retraining.

His conclusion: the tension between contextual utility and legal liability is best managed not as a fight between privacy and AI, but through responsible AI design as the operating principle.

Panelist Vinod Nair added a regulatory-timeline perspective, noting that India’s IT Act 2000 was followed by the IT Rules 2021 and that the DPDP Act is expected to come into force around May 2027. He stressed the need to track evolving model architectures — autoregressive LLMs, masked language models, sequence-to-sequence and retrieval-augmented models — and to embed standard data-loss-prevention (DLP) practices directly into AI deployments.

Rohit Ponnapalli, Global CISO at Envoy Global, offered a starkly practical view: with prompts, chat histories, and retrieval-augmented (RAG) models now layered across every tool and vendor in an enterprise, organizations frequently have no reliable way of knowing where their data actually resides — making proof of deletion nearly impossible at scale.

“Every department has multiple third-party vendors, and every tool has AI built in already. Where do you even delete the data — your laptop, your AI models, or your vendor’s systems? We have no idea where the data resides with all this AI in place.”

— Rohit Ponnapalli, Global CISO, Envoy Global

Ponnapalli proposed grounding AI memory governance in privacy-by-design and zero-trust principles, layered across three planes: strategy (how long data should be retained), tactics (how AI models and third parties are onboarded), and operations (data mapping). His view: if an organization can achieve reliable data mapping, retention controls and purpose definition become possible — and roughly 90% deletion success is achievable even in the AI era.

Categorizing AI Memory by Risk

Moderator Sharma turned the discussion toward practice: should session memory, user memory, organizational memory, and training data be treated as different risk categories — and what should be kept?

Mehta proposed a four-part risk-utility framework for classifying data before deciding how it should be governed:

Data ClassAI UtilityRegulatory RiskRecommended Action
Interaction / informal data (logs, raw text)Low long-term valueHigh — unsolicited PII riskAggressive erasure; automated TTL protocols
Inferred / analytical data (behavioral profiles, risk flags)High — personalization, automationSevereCohort-level unlearning; purpose-bound grouping
Demographic / trend data (anonymized)High — fairness tuning, model stabilityLow, if irreversibly anonymizedRetain under audit; verify re-identification resistance
Sensitive financial / health dataFraud detection, diagnosticsMaximum — sector and cross-border lawsFederated architecture; strict access controls; segregate memory from weights

Vinod Nair built on this with an enterprise security lens, identifying three foundational controls: a documented data inventory and classification system, enforced identity controls, and encryption that is never standardized indefinitely — since static encryption algorithms become predictable targets over time. He also called for regular red-team exercises, defined playbooks for memory abuse or model leakage, and clear deletion workflows tied to defined retention periods.

He further distinguished organizational memory needs by seniority and exposure: persistent profiles tied to senior executives (e.g. a CIO or CEO) require separate, higher categorization and protection than standard user or session memory, given the greater risk of profiling or targeted leakage.

Should AI Remember Everything It Can?

Sharma posed a pointed question to Ponnapalli, whose background spans smart-city and public-sector systems: just because a system can remember something, does it mean it should?

“Just because you have unlimited data storage, you should not keep storing the data. There should be a boundary to what you want to store.”

— Rohit Ponnapalli, Global CISO, Envoy Global

Ponnapalli illustrated the point with a consumer example — automated calls nudging customers to complete abandoned cart purchases — to show how easily “customer experience” framing can stretch the boundary of acceptable data use. He recommended segregating storage by data type (PII versus service-quality or analytics data), applying regulation-driven retention periods (citing seven years as a common standard for PII in his sector), and using DLP and DSPM tooling to maintain visibility into where data is flowing and which systems are using it.

He also offered a candid status check on enterprise AI maturity: most organizations remain at the proof-of-concept stage, with AI largely permitted to read data — but not yet trusted to write, execute, or delete it autonomously.

Board-Level Governance and Accountability

As the discussion moved toward governance at the top of organizations, Mehta argued that overseeing AI memory has moved beyond a technical concern into a fiduciary duty for boards, particularly where AI informs credit decisions, financial crime monitoring, and forecasting.

“A company may execute a delete query on a relational database to satisfy a regulatory audit, but if the AI system continues to make automated decisions based on hidden patterns learned from those deleted records, the board remains exposed to severe legal, financial, and reputational jeopardy.”

— Aniruddha Mehta, Partner – Risk Consulting, EY

He set out three governance imperatives for boards:

  • Demand algorithmic transparency and explainability — rejecting black-box systems for critical operations, and ensuring decisions can be traced back to the parameters and data that drove them.
  • Implement responsible AI checkpoints — maintaining an enterprise-wide inventory of all AI models (built, deployed, or procured), with mandatory Data Protection Impact Assessments (DPIAs) before deployment and risk-tier classification across the AI lifecycle.
  • Enable human accountability in agentic systems — building clear boundaries, accountability mechanisms, and human-in-the-loop overrides directly into system architecture as AI moves from flagging issues to acting on them autonomously.

Audience Q&A Highlights

The moderator relayed several audience questions from the chat for rapid-fire responses:

  • Do we need dedicated standards for AI memory and retention, similar to information security standards? Vinod Nair: Yes — existing frameworks such as ISO/IEC 27001 and 42001 provide a starting control criteria, but organizations need specific, auditable controls mapped to applicable regulations (IT Act, DPDP, and sector-specific clauses) to track AI-specific risks such as RAG pipeline design and vector database/cache access.
  • How should AI data governance be embedded into vendor relationships? Aniruddha Mehta: Treat data protection policy as a core part of vendor assessment and re-assessment, the same way sectors like pharma conduct vendor risk reviews before deployment.
  • Is compliance ever a fixed, one-time state? Rohit Ponnapalli: No — there is no such thing as point-in-time compliance. An organization can be compliant at the moment of an audit and fall out of compliance shortly after as systems and data continue to evolve, which is why governance must be continuous and unbiased.
  • If advising a startup building AI with persistent memory, what is the first question founders should ask? Rohit Ponnapalli: Start with the basics — what data is being collected, and specifically what is the AI being asked to remember (PII, behavioral data, business intelligence)? Then stress-test the downside: what happens if this data leaks, and what would that cost the business in trust, customers, or survival?

Key Insights

  • Complete erasure from a trained AI model is not currently achievable — deleting a source record removes it from explicit storage, but its statistical “fingerprint” can remain embedded in the model’s parametric weights.
  • Four technical approaches — exact unlearning, approximate unlearning, cohort-level unlearning, and federated (CSA) architecture — offer practical, if imperfect, paths to manage this gap.
  • Not all AI memory carries equal risk. A four-tier data classification framework (interaction data, inferred/analytical data, anonymized trend data, sensitive financial/health data) helps determine the right retention and governance response for each.
  • Most organizations cannot currently map where their data — or its AI-driven derivatives — actually reside across departments, vendors, and embedded AI tools, making provable deletion a major operational gap.
  • Responsible AI governance must operate at three levels simultaneously: strategic (policy and retention limits), tactical (model and vendor onboarding), and operational (data mapping and controls).
  • Boards are increasingly exposed to fiduciary liability when AI systems continue to act on patterns learned from data that has technically been deleted from source systems.
  • As AI moves toward agentic, autonomous action, human-in-the-loop oversight and clear accountability boundaries must be designed into system architecture from the outset — not added afterward.
  • Compliance is not a fixed, point-in-time state; with AI systems continuously evolving, governance and audit processes must be continuous and unbiased.
  • Regulatory timelines are tightening — India’s DPDP Act is expected to be enforced around May 2027 — making early investment in data classification, vendor assessment, and retention controls a near-term priority rather than a future concern.

Closing Note

The session closed with the panel agreeing that the boundaries of “responsible AI” are still being actively written, and that the conversation — including several audience questions that could not be addressed live — is expected to continue in a follow-up DTQ session. The discussion underscored a consistent theme across all four speakers: as AI systems become more persistent and context-aware, remembering and forgetting are no longer purely technical actions — they are business, security, and governance decisions that boards, CISOs, and risk leaders must own together.

Categories
DTQ

Is Your Data Really Yours? Ownership in the Digital Age

Categories
DTQ

Is Your Data Really Yours? Ownership in the Digital Age

Every fiber of our global infrastructure carries a silent currency in today’s digital world. It is data, not gold or solely fiat money. A vast, unseen ocean of data is created by every click, pause made while browsing, GPS point, and heart-rate variation recorded by a smartwatch.

Data is becoming one of the most precious resources in the world’s AI-driven digital economy. However, as this “Big Data” and “Generative AI” era progresses, a basic question becomes more pressing than before: Who actually owns and controls this data? Although people are the main creators of data, the ability to use, profit from, and control that data has mostly been concentrated in the hands of a small number of strong individuals.

1. Ownership vs. Control: The Great Digital Divide

In the real world, “ownership” is a simple idea. When you own a car, you retain the keys, control who drives it, and keep the money you make when you sell it. This reasoning breaks down in the digital sphere.

Although people may have the “right to be forgotten” or the right to access their data under legal frameworks like the California Consumer Privacy Act (CCPA) or the General Data Protection Regulation (GDPR), legal ownership does not equate to actual authority. The technical keys are in the hands of platforms.

The Access Gap

A firm controls the interface you use to engage with your data, even if they agree that it “belongs” to you. You may be able to download a ZIP file containing your social media history, but you don’t have the infrastructure to use that information. In the meanwhile, the platform trains algorithms that forecast your next purchase or political inclination using the same data in real-time. As a result, there is an asymmetric ownership situation in which the corporation owns the functional utility while the user has a nominal title.

2. The Data Extraction Economy: Monetization Behind the Curtain

The current state of the economy is one of data extraction. This approach views user data as a raw resource that has to be extracted, processed, and sold, much like oil or iron ore. The main problem is that this extraction takes place at scale, giving the people creating the value almost no visibility.

The Issue of Value Exchange

The majority of internet services are advertised as “free.” We don’t pay a monthly membership fee to utilize social networks, email, and search engines. But our digital imprint is the price. This information feeds:

• Targeted Advertising: Creating psychological profiles to attract the highest bidder.

• Predictive analytics: Providing lenders, retailers, and insurance businesses with information.

• Product Development: Improving features that keep you on the platform longer by using your behavior.

A significant economic imbalance results from this. The combined data of billions of users is worth trillions to the platforms, yet the data of a single user may only be worth a few pennies. The person continues to be a “perpetual contributor” to a profit-making machine in which they do not own any shares.

3. AI and Data Leverage: From Storage to Intelligence

The stakes of the data debate have been drastically altered by the development of artificial intelligence. Data is now being converted into intelligence rather than only being kept in passive databases.
AI’s Alchemy
An AI model does more than simply “remember” the facts when it is fed enormous volumes of human-generated data. It picks up behaviors, subtleties, and patterns. Through this process, businesses may transform unprocessed data into:

  • Automation: Using models trained on human input to replace human labor.
  • Influence: Optimizing algorithms to influence human behavior in a particular way.
  • Competitive Advantage: Data monopolies result from companies with the biggest datasets creating a “moat” that no upstart can penetrate.

There are serious ethical concerns with this change. Does the “intelligence” that an AI learns from your speech patterns, medical history, or artistic output still belong to you in any way? As of right now, the answer is categorically no. The controller receives all of the creator’s economic worth.

4. The Consent Illusion: Why Privacy Policies Fail

Everybody has seen the “I Agree” button. For most, it’s a barrier that has to be overcome as soon as feasible. This is known as the Consent Illusion, which is the notion that we can make an educated and powerful decision about our digital life by just pressing a button.

Why Conventional Mechanisms Don’t Work

  • Complexity by Design: Privacy regulations are sometimes written in complex “legalese” that is incomprehensible to the general public. A person would need weeks to study the privacy policies of all the services they use in a year, according to research.
  • Take-it-or-Leave-it Dynamics: Consent is seldom specific. You are frequently completely prohibited from using the service if you disagree with the conditions. This is a digital ultimatum rather than “consent” in a world where social and professional engagement is required.
  • Symbolic Compliance: Rather from seeing consent as a commitment to user openness, many firms view it as a checkbox for legal departments.

5. Building Trust in the AI Era: A New Framework

The social contract of the internet is starting to break down as the divide between data controllers and producers grows. We need to rethink responsible governance in order to avoid a complete breakdown of confidence.

The Foundations of Conscientious Governance

  • Radical Transparency: Businesses need to start “showing” users instead of just “notifying” them. Dashboards that display in real time how AI models are using their data should be available to users.
  • Data Portability: The capacity to relocate is a sign of true ownership. My data and the “reputation” or “intelligence” it has developed should be easily transferable if I decide to switch platforms.
  • Collective Oversight: Models that approach data as a common resource need to be investigated. In order to regain some of the power lost to individual extraction, data trusts or “data unions” may enable groups of individuals to bargain with platforms collectively.

6. The Implications: A Society Divided?

The issue over data ownership has far-reaching implications for our society’s structure in addition to individual privacy.

  • For Individuals: Individuals are seeing an increase in “digital fatigue.” People get resigned because they are aware that they are being tracked but feel unable to stop it.
  • For Organizations: As customers grow more “data-literate” and demand higher standards, companies that emphasize ethical data usage will probably have a long-term competitive edge.
  • For legislators: Regulation needs to advance more quickly than technology. Laws must cover both the collection of data and the use of the intelligence it yields.

A future of data feudalism, in which a few number of “lords” (platforms) possess the digital land and the “peasants” (users) labor the land for free while supplying the data that keeps the estate functioning, is possible if we do not address these power disparities.

7. Future Directions: Reclaiming the Digital Self

A change from possession to power is necessary to move forward. We can demand the authority to control how our data is used, even if we may never really “possess” it in the same sense that we do tangible objects.

The Road to Self-Empowerment

  • User-Centric Models: Creating systems with privacy as the “default” setting rather than a hidden choice.
  • Ethical AI Standards: Ensuring that the rights and dignity of the data producers are respected when compiling AI training sets.
  • Monetization Participation: Investigating “Micro-payments” or “Data Dividends” in which users get a cut of the money made from their data.

Conclusion: Data as a Human Extension

Data is a digital extension of who we are, not only an asset or a commodity. It stands for our relationships, our health, our ideas, and our movements.

The lesson for the digital era is straightforward: Ownership is more about having a seat at the table than it is about possessing a copy of the file. People continue to be constant contributors to a system that makes money off of their lives without giving them agency in the absence of significant accountability and transparency.

In order to ensure that the digital era benefits everyone, not just the select few who own the servers, the challenge for the next ten years is to close the gap between data creation and data governance.

Reach out to us at open-innovator@quotients.com or drop us a line to delve into the transformative potential of groundbreaking technologies. We’d love to explore the possibilities with you.

Categories
DTQ Data Trust Quotients

Report Virtual Session- Is Your Data Really Yours: Ownership in the Digital Age

Categories
DTQ Data Trust Quotients

Report Virtual Session- Is Your Data Really Yours: Ownership in the Digital Age

In an era where data is frequently termed the “new oil,” a critical question remains largely unanswered: who truly owns the drill, and more importantly, who owns the oil once it leaves the ground? On May 15, 2026, a high-impact virtual session titled “Is Your Data Really Yours: Ownership in the Digital Age” brought together a panel of global cybersecurity luminaries to dismantle the “consent illusion” and redefine the landscape of data stewardship.

The virtual session explored the uncomfortable truth that while users may generate data, they often lose control of it the moment it enters the complex enterprise ecosystem. As organizations rush to deploy Generative AI (GenAI) at breakneck speeds, the panel argued that the industry is facing a crisis of accountability that transcends traditional technical boundaries.

The Distinguished Panel

The dialogue featured four sharp minds, each bringing a unique perspective from the front lines of global cybersecurity and technology architecture:

  • Dr. Lopa Mudraa Basuu: A recognized visionary leader and former VP at JPMorgan Chase.
  • Harpreet Singh: A Managing Director with 25+ years of expertise in architecting technology solutions.
  • Sanjeev Ojha: Practice Director and a leading expert in Identity and Access Management (IAM) and Zero Trust.
  • Tausif Kazi: A Principal Analytics Consultant and platform

The “Consent Illusion” and the Transparency Gap

The session opened with a sobering look at current statistics. Host highlighted that 4 out of 5 global internet users feel they have lost all control over their personal information. This “consent illusion” is fueled by lengthy, incomprehensible terms of service that users click through out of necessity, not understanding that their data is being replicated across analytics engines, third-party platforms, and cross-border infrastructures.

Dr. Lopa Mudraa Basuu argued that the digital economy is predominantly engineered around “data leverage,” where the user is often the product rather than the customer. She noted that once data enters a corporate ecosystem, ownership becomes “largely theoretical” because the visibility for the user is almost non-existent.

Identity—The New (and Only) Perimeter

Sanjeev Ojha provided a deep dive into the shifting architecture of the enterprise. In a world of cloud-native and AI-driven environments, the traditional “castle and moat” security model is obsolete. Identity is no longer just a control layer; it is the foundation of security itself.

A particularly pressing concern raised by Ojha is the rise of “Agentic AI”—autonomous systems that can elevate their own permissions or access data without direct human awareness. He warned that many organizations are currently “not yet ready” for this shift. To combat this, he proposed a robust lifecycle management approach:

  1. Discovery: Identifying all identities (human and non-human) in the system.
  2. Governance: Assigning a “human in the loop” to manage the lifecycle of these autonomous agents.
  3. Guardrails: Implementing centralized systems like Identity Threat Detection and Response (ITDR) to take feeds from endpoints, XDR, and SIEM servers.

Architecting for Resilience, Not Just Compliance

Harpreet Singh challenged the audience to rethink the “Mahakum style” of operations—large-scale, high-velocity systems where security is often an afterthought. He emphasized that security should not be a “review gate” that slows down innovation but a “product requirement” integrated from the start.

One of the most effective tools in this arsenal is Multi-Factor Authentication (MFA) and Role-Based Access Control (RBAC). Singh broke down the three pillars of MFA:

  • Knowledge: Something you know (e.g., a password).
  • Possession: Something you have (e.g., a hardware token or phone).
  • Inherence: Something you are (e.g., biometrics).

However, the panel agreed that technical controls are insufficient if the architecture doesn’t allow for visibility into traffic and proactive threat prevention.

The Leadership Crisis and the $50 Billion Risk

Perhaps the most provocative segment of the session involved the role of leadership in the age of AI. Dr. Basuu noted that she is less worried about “insecure technology” and more worried about leadership teams deploying AI at a velocity that exceeds their governance maturity.

The financial stakes are astronomical. Sharma cited numbers from IBM Security and legal analysts suggesting that more than $50 billion in cumulative data is currently under “extraction risk” due to active copyrights and privacy lawsuits related to AI training. Despite this, 83% of organizations reportedly have no technical controls to prevent employees from uploading confidential data into public AI tools.

The “Employee as the Weakest Link” Myth

Dr. Basuu offered a strong critique of the common cybersecurity trope that “employees are the weakest link.” She argued that if an employee is the weakest link, it is actually a failure of organizational governance and security deployment.

“Employee needs to be the strongest link of your security,” she stated. This requires unlearning old processes and moving toward a culture where security is part of every role’s responsibility—from the junior scientist to the payroll consolidator. Training must move away from “once a year” compliance checks to a daily “injection” of security awareness.

Conclusion: From “Everyone’s Responsibility” to “My Responsibility”

The session concluded with a powerful call to action. Vijay Pukale (Varij) summarized the shift needed in corporate culture: “Let’s break the myth that security is everyone’s responsibility. From now, we can say that security is my responsibility“.

The consensus among the speakers was clear: reclaiming data ownership in the digital age requires a three-pronged approach:

  1. Ethical Stewardship: Organizations must treat user data with the same dignity and protection they would their own proprietary secrets.
  2. Technological Guardrails: Implementing Zero Trust and advanced IAM to govern the “wild west” of agentic AI.
  3. Leadership Accountability: Slowing down AI deployment enough to ensure that ethical and legal governance can keep pace with innovation.

As the “picture perfect panel” concluded, the sentiment was that while one hour was not enough to solve the crisis of digital ownership, it provided the necessary blueprint for a more secure, accountable future.

Data Trust Quotients (DTQ) is a strategic ecosystem architect that aims to bridge gaps between industry, startups, and investors. DTQ blends data privacy, governance, and cutting-edge AI to accelerate transformative breakthroughs in different domains.