AI Systems Struggle with Growing Sovereignty Requirements
Organizations Face Challenges in Implementing Private and Sovereign AI
The increasing demand for private and sovereign artificial intelligence (AI) has created complexities for enterprises seeking to deploy AI solutions. According to a recent report by NTT DATA, nearly 35% of chief AI officers (CAIOs) identify enabling private and sovereign AI as their biggest barrier to adoption.
Governance, Security, and Compliance Obligations
This requirement necessitates significant changes to infrastructure, emphasizing the importance of governance, security, and compliance obligations within defined boundaries. Private AI focuses on controlling access to sensitive data and maintaining its presence within organizational boundaries, whereas sovereign AI extends this concept by dictating where data resides, how it is moved between regions, and which locations can process it.
- Private AI: controls access to sensitive data and maintains its presence within organizational boundaries
- Sovereign AI: dictates where data resides, how it is moved between regions, and which locations can process it
Challenges Ahead
As AI continues to evolve, private and sovereign approaches test enterprise readiness, pushing companies to go beyond mere regulatory compliance and risk mitigation. Instead, they need to develop an operating foundation that enables AI to operate seamlessly across various markets, jurisdictions, and business environments.
Addressing Challenges
Organizations are translating private and sovereign AI demands into operational models and architecture, incorporating these requirements into infrastructure and governance decisions early in the deployment planning phase. Furthermore, they are developing operating environments that support the transition from pilot projects to broader deployments within regulated settings.
- Translate private and sovereign AI demands into operational models and architecture
- Incorporate requirements into infrastructure and governance decisions
- Develop operating environments for seamless transitions
C-Suite Executives Emphasize the Need for Sovereignty
About 98% of C-suite executives emphasize the necessity of establishing a private domain that safeguards proprietary intellectual property and sensitive data through a general AI model that cannot be trained publicly. Nearly every organization is reevaluating how to integrate AI into legacy environments, citing the need for design changes to accommodate multiple jurisdictions, each with unique data, regulatory, and infrastructure constraints related to private and sovereign AI.
Risks and Concerns
Data privacy and sovereignty across regions and environments are identified as the top security or compliance governance concern by 57% of CEOs, who rank them as a significant risk for their organizations. Infrastructure, data, and model design occupy central positions in sovereignty strategies, prompting organizations to separate data from intelligence and implement hybrid architectures that reserve controlled environments for sensitive data, predictable performance, and regulatory oversight, reserving lower-risk workloads for alternative environments.
- Data privacy and sovereignty: top security or compliance governance concern
- Infrastructure, data, and model design: key components of sovereignty strategies
- Hybrid architectures: separate data from intelligence and regulate
Implementation and Confidence Gaps
Most organizations acknowledge that AI must operate within controlled and compliant environments, with many still determining how to develop scalable architectures and operating models to meet these demands. Private and sovereign AI conditions contribute to complex execution and confidence gaps, particularly in industries such as public sector organizations, healthcare, natural resources, and manufacturing, where failure has significant consequences.
A Leader’s Approach to Governance
AI leaders, however, take a more structured approach to governance, embedding it from the outset of AI initiatives, adopting centralized governance structures
