As enterprise AI adoption becomes more widespread, the issue of data sovereignty and residence becomes increasingly complex. Verdict talks to Artin Avanes, director of product management at data cloud platform Snowflake, about how enterprises can navigate the challenges of data management as they integrate AI into their business processes.

Lara Williams (LW): Are there any common regulatory challenges that enterprises should address, regardless of jurisdiction?

Artin Avnes (AA): When we talk about data residency there is always one common requirement, which is that data should not leave the boundary. The boundary can be defined as country borders, but it is probably more granular than that.

Before we even consider AI, there is no great AI technology without a solid and secure data foundation store. So, it really starts with the data part and where the data is stored. From day one, Snowflake had the ability to store customer data within the boundary. So the answer is centred around, where does my data live? And where does my live data go? And we are doing more to have this data never leave the defined boundary. Not just customer data, which we always had within the boundaries, but that now includes, service and usage data.

LW: Your customers rely on Snowflake’s expertise, but how much in-house data sovereignty expertise do your customers need?

AA: It depends on the size of a company. Smaller start-ups won’t necessarily have in-house expertise; they might reach out to external parties like Snowflake and really rely on us. Oftentimes, globally operating customers are the ones with in-house expertise, but there is always a very transparent dialogue, on a regular basis – for example, on a quarterly basis – with customers about compliance needs and how we can meet them together. We are always comparing notes because regulations are never static, they are changing and evolving. So, it requires a constant discussion and an open dialogue.

For larger companies, the scale and complexity increases with a larger footprint distributed across different geographies. There is much more cost involved and much more effort to meet regulations. Data accessibility, AI and storing data to enable building all kinds of AI applications – that is where Snowflake can really help customers to take away the burden. To some extent, data sovereignty is always a shared responsibility, but we can play a very critical role to help solve and meet those very diverse, heterogeneous, complex requirements across the world. Modernising your data and AI story should be done together – because if you don’t get that right, forget any AI governance or AI applications that you want to build on top. You will have a challenge If you don’t get that layer right.

LW: What is the biggest challenge in the next five years in the realm of data sovereignty?

AA: If you start building AI applications, you have to think about a solid, secure and compliant data foundation and data layer. I think the challenge in the years to come is how you can avoid getting into the weeds of trying to run after each and every single compliance control that comes out. Because if you don’t think about a strategy that allows you to scale as these compliance requirements change, you will have a hard time innovating and focusing on what really matters to you. So I think that is a non-trivial piece of strategy that you have to grow.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

View profiles in store

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData

Submit

UK USA Afghanistan Åland Islands Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bonaire, Sint Eustatius and Saba Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos Islands Colombia Comoros Congo Democratic Republic of the Congo Cook Islands Costa Rica Côte d"Ivoire Croatia Cuba Curaçao Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard Island and McDonald Islands Holy See Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati North Korea South Korea Kuwait Kyrgyzstan Lao Latvia Lebanon Lesotho Liberia Libyan Arab Jamahiriya Liechtenstein Lithuania Luxembourg Macao Macedonia, The Former Yugoslav Republic of Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia Moldova Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestinian Territory Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Réunion Romania Russian Federation Rwanda Saint Helena, Ascension and Tristan da Cunha Saint Kitts and Nevis Saint Lucia Saint Pierre and Miquelon Saint Vincent and The Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia and The South Sandwich Islands Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Swaziland Sweden Switzerland Syrian Arab Republic Taiwan Tajikistan Tanzania Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates US Minor Outlying Islands Uruguay Uzbekistan Vanuatu Venezuela Vietnam British Virgin Islands US Virgin Islands Wallis and Futuna Western Sahara Yemen Zambia Zimbabwe Kosovo

Industry * Academia & Education Aerospace, Defense & Security Agriculture Asset Management Automotive Banking & Payments Chemicals Construction Consumer Foodservice Government, trade bodies and NGOs Health & Fitness Hospitals & Healthcare HR, Staffing & Recruitment Insurance Investment Banking Legal Services Management Consulting Marketing & Advertising Media & Publishing Medical Devices Mining Oil & Gas Packaging Pharmaceuticals Power & Utilities Private Equity Real Estate Retail Sport Technology Telecom Transportation & Logistics Travel, Tourism & Hospitality Venture Capital

Tick here to opt out of curated industry news, reports, and event updates from Verdict.

Submit and download

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

If you don’t have the right technology partner, I think you will fail. So broadly speaking, you need to think about a strategy that allows you to scale with the compliance needs that come up. That means, is there a way you can push the responsibility, to a degree, down to the technologies that you are leveraging: for example, Snowflake. Also, have the peace of mind, the transparency and the auditing capabilities that ensure you are meeting regulations, wherever you might be, whatever the nuances.

LW: Which industry verticals are doing better at managing data sovereignty and residency?

AA: The usual suspects are really at the forefront of managing regulation: financial services and healthcare. This isn’t very surprising because these sectors are usually very heavily regulated. Also, these verticals are oftentimes dealing with regulations that are not well defined or were defined during a time before the cloud existed. So how do you then translate those requirements to the cloud world, right? Forget the AI part of it, just the cloud paradigm is very different.

What we are building is not unique to a particular customer or a particular vertical. Moving forward, regulations and compliance needs will only increase in the next few years – not level off or disappear. I think it will be top of mind for everybody, specifically with the AI revolution, fuelling concerns about how to handle, protect and secure data that feeds AI models driving AI applications.

LW: What kind of added complexity does AI bring to the problem of data sovereignty?

AA: It is critical in the years to come to have a very good understanding of the data that feeds into AI models. How can we manage that? How can we protect certain sensitive information? So there is a category of very valid concerns in the next few years that has nothing to do with data sovereignty, per se.

Everyone talks about open source, large language models fed by open datasets, but I think as enterprises adopt AI applications and build new AI applications and apply their models, those will be more proprietary to them. So, I can see a world where you have hundreds, thousands or tens of thousands of smaller models that are very tailored to the particular enterprises that are using them. So, the challenge is obviously, first and foremost, protecting the data that is proprietary to those enterprises and are feeding into it – something which I think Snowflake is well positioned in with what we do.

However, then it becomes even more important as we think about a world where enterprises are collaborating across regions. Enterprises might not just use internal data but also external data, or collaborate with each other. Understanding the origin of data to how it gets transformed as well as the final version of the data will all become an important topic – and that is a very hard problem to solve.

Sign up for our daily news round-up!

Give your business an edge with our leading industry insights.

Sign up