Taking Care Of Data In The Agentic Age

Based on a panel discussion at MIT, the article delves into the significant challenges posed by AI agents to current data governance frameworks. Existing regulations like GDPR are proving inadequate because AI introduces novel methods of information extraction and new attack vectors for malicious actors. Experts, such as Khan, suggest a necessary shift from rule-based governance to more automated systems to contend with the rapid exploitation of vulnerabilities by AI. A key concern is the lack of transparency regarding employees' use of AI tools—often termed "shadow AI"—highlighting the need for organizations to identify and manage both sanctioned and unsanctioned AI tools and the tasks delegated to them. Furthermore, the article points out that security blind spots arise from the widespread consumption of commercial AI tools by employees and the inability of legacy security infrastructures to cope. The discussion also touches upon the integration of live data to create "living profiles" of individuals, underscoring the urgent demand for innovative approaches to safeguard personal information in this evolving technological environment.