Imagine it is 2036. AI is the operating system across enterprises. Models are inferencing continuously, agents are retrieving and acting on enterprise data in real time, and hybrid cloud environments span edges, data centres, and sovereign zones across dozens of jurisdictions. In that world, the question that separates the enterprises in control from the ones that are not is deceptively simple: who actually governs the data?
Not where it lives. Not which cloud it runs on. Who controls it at every access point, across every environment, at every moment an AI system reaches for it.
That question leads, inevitably, to storage. Because storage is where control is either enforced or abandoned. The decisions being made about storage architecture today will determine whether enterprises in 2036 can answer that question with confidence, or discover, under regulatory scrutiny, that they never really could.
Digital sovereignty is widely treated as a location problem. It is beyond that. A rigourous approach spans three interdependent dimensions of ensuring data remains subject to the laws of the jurisdiction where it is generated (data sovereignty); keeping critical systems always-on and under direct client control (operational sovereignty); and preserving freedom of choice through open, interoperable architectures that prevent lock-in (technology sovereignty).
Together these pillars define not just where data lives, but who governs it and whether organisations retain genuine control over their infrastructure. And at the foundation of all three is storage.
AI Has Changed The Sovereignty Equation
Traditional analytics accessed data periodically and predictably. Modern AI systems rely on continuous data access across training, fine-tuning, inferencing, and retrieval-augmented generation (RAG). With always-on inferencing, every model query, API call, or retrieval operation becomes a potential sovereignty event. Data once considered “at rest” is now persistently active, read and processed in real time across hybrid cloud platforms where compute scales instantly.
The constraints have shifted as a result. Compute is increasingly elastic. The real governance risks now lie in data access, locality, and control. While sovereignty enforcement spans identity, network, and compute layers, storage is the most durable control point where AI systems physically interact with enterprise data, and where compliance must be mechanically enforced rather than assumed.
This forces a rethink of AI governance. Oversight can no longer stop at model behaviour or ethical use cases. It must account for how enterprise data is accessed and controlled at the infrastructure level. The operational principle that follows is straightforward: bring AI to the data, not data to the AI. Sovereignty-compliant environments must be designed so models operate within the boundaries where data is authorised to exist and not the other way around.
Where Sovereignty Breaks Without Storage Governance
Many enterprises assume that selecting the right cloud region or deploying sovereign data centres is sufficient. In practice, this breaks down quickly. Sovereignty applies across the entire data lifecycle of ingestion, processing, inferencing, backup, replication, archival, much of which is mediated through storage services spanning multiple cloud zones and operational domains.
Without sovereignty-aware storage governance, enterprises face risks that region selection alone cannot address like unintentional cross-border replication through default backup behaviour, cloud-hosted AI services querying datasets prohibited from leaving a jurisdiction, and metadata flows creating legal exposure even when primary workloads run in compliant regions.
As regulations mature, these gaps become increasingly costly. GDPR's data minimisation and transfer restrictions place direct obligations on how data is stored and replicated. The EU AI Act introduces traceability requirements for high-risk AI systems that extend into training datasets and retrieval pipelines. India's Digital Personal Data Protection Act (DPDP) imposes localisation obligations that storage architecture must physically enforce, policy declarations alone are insufficient.
Five storage capabilities are becoming foundational to sovereign AI environments. Physical data locality ensures data resides within approved boundaries regardless of where applications operate. Logical geo-fencing prevents accidental cross-border replication across the full data estate including snapshots, backups, and system metadata, which are among the most common sources of unintentional jurisdictional exposure. Access control and identity governance determines which users, applications, and AI systems can retrieve specific datasets, with immutable audit trails that regulators can verify. Sovereign encryption and key management ensures customer-owned, jurisdiction-bound keys keep data protected from external access or seizure, and jurisdiction-aware replication and disaster recovery ensures resilience without cross-border leakage preserving operational sovereignty even in the event of regional disruption.
The Risk Enterprises Are Not Seeing: Metadata, And Derived Intelligence
RAG has made storage the operational core of enterprise AI and introduced a sovereignty risk that most governance frameworks have not yet caught up with.
AI systems now retrieve enterprise knowledge from storage in real time to ground model outputs in organisational context. Every retrieval operation is a live data access event that must be governed. But there is a deeper issue: what might be called metadata embroidery.
AI systems generate embeddings, summaries, semantic tags, and vector indexes that encode the meaning of enterprise data, not just the data itself. These carry organisational intelligence: competitive insights, customer patterns, strategic context. If embeddings or vector indexes cross jurisdictional borders, the intelligence encoded in underlying data crosses with them, even if source data never moves. A sovereignty strategy that protects raw datasets but ignores their derived representations is incomplete by design.
The governance imperative is clear: every AI data access path must be evaluated for sovereignty risk, including paths that generate, store, and replicate AI-derived metadata. This requires storage governance to extend to vector indexes and embeddings as first-class sovereign assets and not afterthoughts.
Sovereignty Is An Infrastructure Commitment
This is where the three sovereignty pillars converge at the infrastructure level. Storage enforces data residency. It underpins always-on operational control. Built on open architectures, it preserves workload portability. Enterprises that make sovereignty operational at this layer — enforceable, auditable, and resilient — will hold a durable advantage as AI becomes more deeply embedded in core operations and as regulatory enforcement moves from framework to action.
Sovereignty enforced at the right layer is not a constraint on AI ambition. It is the foundation that makes AI ambition sustainable.
Sandeep Patil is IBM Distinguished Engineer (Storage) and CTO, ISDL Storage.
Disclaimer: The views expressed in this article are solely those of the author and do not necessarily reflect the opinion of NDTV Profit or its affiliates. Readers are advised to conduct their own research or consult a qualified professional before making any investment or business decisions. NDTV Profit does not guarantee the accuracy, completeness, or reliability of the information presented in this article.
Essential Business Intelligence, Continuous LIVE TV, Sharp Market Insights, Practical Personal Finance Advice and Latest Stories — On NDTV Profit.
