The issues of data ownership – and dominance over it – have become one of the topics linked with the growing adoption of digital technology. In this chapter, the author explains what data sovereignty is, when it is used, and how artificial intelligence is decentralized rather than centralized. Given the local jurisdiction and global privacy laws, when considering the areas of federated learning, edge computing, and privacy-preserving computation, it is possible to understand how these approaches allow AI to operate. We also revisit and deliberate on privacy by design and the various stances of transparency, explainability, and user participation in the development of AI. In the concluding part of this chapter, therefore, we desire that the following guidelines shall act as principles in the development and deployment of AI for sovereign systems
1 Introduction to Data Sovereignty in AI
Data in the contemporary world is one of the most valuable assets in the demanding technologies, markets, and society. However, the question of how to govern and control the constantly increasing amount of data in the world also arises. Data sovereignty, therefore, means that the local governments or organizations have the right to decide on the use of data collected in a given geographical area they control. It has especially gained much attention recently because most artificial intelligence systems depend on big data feeds. Data sovereignty is essential since it gives people and organizations the right to protect personal and corporate information from misuse or exploitation by other global actors (Liu, 2021).
Data sovereignty is the management aspect that deals with protecting, owning, and utilizing data in the context of AI. Machine learning is a branch of Artificial Intelligence that needs large amounts of data for training, analysis, and decision-making. However, since the AI systems are usually servers/ centralized platforms, such data involves vulnerability in cloud environments, which are not as monitored and controlled as direct local storage. This raises some concerns that generate questions about governance, control, responsibility, and the ethics of AI, especially when such systems violate the rights of individuals, privacy, or culture.
Considering the current state of AI technologies, one has to consider the principles of data sovereignty in its creation. This includes identifying the technologies and the governance structures that would ensure that the data is under the country’s laws and the consent of the users to protect the rights of the individuals. Other related technologies, such as federated learning, edge computing, and privacy-preserving computation, also mitigate data transfer sovereignty issues because AI systems can work on the data without transferring it from one country to another.
2 The Rise of Data Localization
Another relatively new concept that has appeared quite recently is data localization, which has recently become quite topical due to the discussions regarding privacy, security, and sovereignty in the context of the digital economy. This one relates to the containment of data within geographical regions that can be as limited as the source region. Another important argument favoring data localization is enhancing the legislation protecting personal data and its regulation within the domestic legal framework. General Data Protection Regulation (GDPR) in Europe and other related laws pertain to the protection of individuals’ data and exert pressure on countries to pass laws governing data transfer across borders.
However, localizing data also has implications and risks for AI. Artificial intelligence solutions mainly work based on large data sets, and their operations are critical. The major drawback of local data storage is that it restricts the data from being stored within certain geographical boundaries and does not provide the vast amount of quality data required for training AI models. This was still a disadvantage for multinational companies and international research collaborations since people-to-people idea exchange was hindered from enhancing inventions. Moreover, data localization measures add additional costs to establishing the infrastructure in every country where the business operates, making it difficult to scale up AI systems in the global market.
However, the idea of data localization is still present to a large extent to ensure that AI technologies are contained within frameworks that comply with the laws of those countries and respect their data and sovereignty.
3 Federated Learning and Local Model Training
Federated learning is a relatively new concept in machine learning and aims to solve the issues related to data privacy and ownership at local nodes. In the classical machine learning approaches, data is collected from various users and stored on a central server for pre-processing and training the model. This is associated with significant privacy violations and security risks. However, in federated learning, the models are trained on the devices, while the data does not need to be sent to a central location. This approach of local model training ensures that the data-sensitive information, such as health or financial information, never leaves the device it is being used on, hence addressing issues concerning data locality or sovereignty.
Federated learning is done by sending the global model to the edge nodes, such as smartphones or IoT devices, where the model is trained locally, and the update is sent back to the server (Lazaros et al., 2024). These are incorporated in the update to the global model. One of the advantages of federated learning is that it allows training a model on large datasets containing locally sensitive data without violating data privacy and security. Many of the local databases are not random samples, which creates problems in model convergence design, computational complexity, and data representation.
It is easier to comprehend the impact of federated learning compared to traditional centralized machine learning. While centralized systems require the exchange of a significant amount of data, federated learning retains data locally and exchanges tiny, thus not violating data sovereignty laws in various jurisdictions. The following table compares some differences between federated and traditional centralized learning models.
| Feature | Federated Learning | Centralized Learning |
| Data Storage | Local device storage | Centralized cloud storage |
| Data Transfer | Minimal data transfer (model updates) | High data transfer (raw data) |
| Privacy | High (data never leaves the device) | Lower (data is transferred) |
| Scalability | Highly scalable with edge devices | Limited by central server capacity |
| Model Accuracy | It may be lower due to local biases | Generally higher with more data |
| Compliance with Local Laws | Easier to comply with local data laws | It may require cross-border data sharing |
To achieve sovereignty over data in AI systems, federated learning is necessary. Training models locally reduces the probability of leakage or misuse of data while at the same time enabling organizations to harness the benefits of machine learning. However, this technology is most useful in industries that deal with highly confidential information, such as the health and financial sectors.
4 Edge Computing for Local Autonomy
Edge computing performs computations close to the source of data generation, such as in mobile devices, sensors, or IoT devices. This results in less frequent transmission of large volumes of data to central cloud servers, making the approach beneficial in latency, bandwidth consumption, and local data ownership. Edge computing enables data processing at the network’s edge, which is ideal for applications that require quick response time, such as self-driving cars, smart cities, or industrial applications.
Edge computing provides more autonomy to AI systems, where data remains within a particular region, thus ruling out any issues related to data privacy and its transfer across borders. For instance, in a smart home system, data collected by sensors can be analyzed locally, meaning that no information, such as occupancy patterns or voice commands, is transmitted out of the home. This significantly reduces the chances of data leakage to unauthorized persons and makes compliance with data protection legislation in the country possible (Ilenia Ficili et al., 2025).
There are, however, some issues with EDGE computing. The problem emerges with complex AI models because centralized cloud servers are significantly more potent than edge devices. Furthermore, many edge devices require a strong foundation and protection for model storage and updates. Despite the issues with edge computing, it is a critical component of local autonomy in AI systems because it processes data near the user and adheres to legal requirements.
The table below summarizes the differences between edge computing and traditional cloud computing from the data sovereignty, latency, and resource consumption points of view, which demonstrates the benefits of local data processing.
| Feature | Edge Computing | Cloud Computing |
| Data Storage | Local device storage | Centralized cloud storage |
| Data Transfer | Minimal (only processed results sent) | High (raw data sent to the cloud) |
| Latency | Low (real-time processing) | Higher (due to data transfer delays) |
| Compliance with Local Laws | Easier to comply with local laws | It can be complex with cross-border data transfer |
| Computational Resources | Limited by edge devices | High (cloud servers with significant computational power) |
| Scalability | Scalable with edge devices | Centralized scaling can be expensive |
Edge computing is essential to achieve local data control while simultaneously harnessing the real-time features essential in AI systems. The ability to be more directly connected and have better data sovereignty will remain essential for consuming AI systems in segments such as healthcare, self-driving cars, and the industrial Internet of things as local control becomes paramount.
5 Encrypted AI Workflows and Privacy-Preserving Computation
Data privacy and security have become a significant concern as AI systems become more sophisticated. One of the possible solutions to the problem of protecting data while making it available for AI processes is encrypted AI workflows. Two advanced cryptographic methods, homomorphic encryption and multi-party computation (MPC), make it possible to perform AI computations on encrypted data without revealing it during the computation (El Mestari et al., 2024).
Homomorphic encryption allows computations to be performed on ciphertexts, yielding an encrypted result that decrypts to the same value as the result of performing the operations on the plaintexts. This is especially useful for AI systems that require access to some data but do not wish to make it available to everyone. For example, if an AI model is trained using encrypted data, it can learn from the data without ever having to see it, which benefits all the parties involved in the exchange.
The following expression shows how homomorphic encryption can be applied to data in encrypted form. Let there be two encrypted values E(x) and E(y) where E is an encryption function. In a fully homomorphic encryption scheme, encrypted values are computed according to the following rule of operations:
⊕and ⊗ stand for homomorphic addition and multiplication operations, respectively. These operations make the resulting data encrypted through the process, meaning that the sensitive information is not disclosed.
On the other hand, multi-party computation (MPC) is a protocol that enables multiple parties to compute a function of their inputs without revealing them to each other. In the case of AI, MPC enables the parties that possess the data to train a model on their data without any party getting to see all the data. The following equation can describe a simple model of secure two-party computation:
We denote the private inputs of each party by and , the function to be computed is . The results of the computation, outputs , and , are the results of the computation, but no party learns anything about the other’s input during the computation.
With homomorphic encryption and MPC, AI systems can be effective without giving up ownership and privacy of this data.
6 Transparency, Explainability, and User Control
Artificial intelligence (AI) has been applied to grow and expand the market in various industries, but there is an issue with the black-box nature of AI decision-making systems. In particular, these issues are critical when the application is related to people’s daily lives, such as in healthcare, finance, or law enforcement. The current forms of AI, especially those based on deep learning, are considered ‘black boxes’ as it is hard to understand the reasoning behind their decisions. This can lead to a lack of trust and the inability of organizations to adopt AI technologies into their operations and systems.
The concept of transparency for AI is the ability for people to understand what led to the given decisions made by the AI. This is to build trust, create transparency, and allow oversight of the morality of artificial intelligence. Combined, these concepts’ explainability allows the AI system to provide the result and the reasons for the result. In particular, this is true in decision-making situations, such as when dealing with a business credit rating or a medical diagnosis.
Components are included based on the principles of transparency and explainability of the process, allowing the user to analyze the actions taken by the AI system. To avoid situations where users would have to struggle to understand which attributes of the data are driving the result, some of them include LIME (Local Interpretable Model-Agnostic Explanations) and SHAP (Shapley Additive exPlanations). Another factor is the control of the user and the user experience they have on the site being developed. It allows people to choose what their data will be used for and how the AI system will work (Arunraju Chinnaraju, 2025). Users should be allowed to consent to collect their information, including the purpose of data collection by the adopted AI system, to avoid putting the users in uncomfortable positions where they feel they are being profiled or discriminated against.
As such, transparency, explainability, and user control are fundamental tenets that can guide the design of AI that works and is sufficiently ethical. The introduction of such a system design, in which an average citizen can understand why a particular decision has been made, will help to increase trust in AI and the interpretability of the technology.
7 Privacy-By-Design: Principles for Sovereign AI Systems
Privacy by design means that privacy must be integrated across systems and not an afterthought or an application of an overlay. The assumption is that privacy has to be designed as an inherent property of the system being developed. Therefore, Privacy-By-Design seeks to protect privacy in the AI system’s collection, processing, training, testing, validation, and deployment to meet regulatory requirements and respect data sovereignty.
The proper implementation of limit User Data Collection is essential to collect only the data necessary for the AI system to work (Villegas-Ch & García-Ortiz, 2023). This helps to reduce leakages and outside access, which aligns with the current rife laws, such as the General Data Protection Regulation (GDPR) that limits the use of personal data. The other important part of this model is consent from the platform users and applications. AI systems should be sovereignly owned by the user, who will have complete control over how his/her data will be refined, processed, analyzed, and shared. Users must be able to manage their data, and consent must be transparent, unambiguous, and withdrawable.
The other concern is privacy by design, where data anonymization is important, especially if the data is sensitive. K-anonymity and other local differential privacy prevent data from being identifiable even when used in the model training. Alternatively, AI systems should have audibility and accountability properties so that users and/or regulators can assess how the system works and whether it violates the set privacy parameters.
Privacy-By-Design will also help increase user acceptance of the AI systems and compliance with data ownership and privacy. This is also a safeguarding mechanism that includes social dimensions to ensure that the AI technologies developed do not infringe on the rights and freedom of individuals.
8 Conclusion: The Path to Trustworthy, Localized AI
Given the future development of artificial intelligence, sovereign artificial intelligence systems must exist. Such systems must not only be technologically sound in their ability to collect and analyze data on the marginalized groups but also be designed with specific ethical underpinnings: not to infringe on data privacy and security of the members of the marginalized groups and whether the control of data should be in the hands of the local actors. This is important in giving the nation and the individual the power to own their data and to have transparency in the artificial intelligence being used. In other words, systems with Privacy-By-Design, federated learning, edge computing, and private computation methods can and should be built to reflect and comply with social values and legislation.
Once the global frameworks are in place, the local laws will ensure that the trustworthy AI is localized for specific regions. An overarching principle of international cooperation will also underpin the development of a shared vision of data protection while providing local governments with the necessary tools to regulate and monitor data in their territories. Multi-party computation will continue to be a significant factor for encrypted AI workflows, enabling AI to be safe, respect privacy, and be decentralized and, therefore, autonomous.
Future artificial intelligence will be built on advanced technology and innovation regulation. Fairness, data privacy, and trust will drive the development of localized and decentralized AI systems that will benefit the end users, organizations, and society. Sovereign AI will be a key force in spreading awareness of AI and making sure that AI is built with respect for human rights and data protection regulations.
Bibliography
[1] L. Liu, “The Rise of Data Politics: Digital China and the World,” Studies in Comparative International Development, vol. 56, no. 1, pp. 45–67, Mar. 2021.
[2] Ilenia Ficili, M. Giacobbe, G. Tricomi, and A. Puliafito, “From Sensors to Data Intelligence: Leveraging IoT, Cloud, and Edge Computing with AI,” Sensors, vol. 25, no. 6, pp. 1763–1763, Mar. 2025, doi: https://doi.org/10.3390/s25061763.
[3] W. Villegas-Ch and J. García-Ortiz, “Toward a Comprehensive Framework for Ensuring Security and Privacy in Artificial Intelligence,” Electronics, vol. 12, no. 18, p. 3786, Jan. 2023, doi: https://doi.org/10.3390/electronics12183786.
[4] Arunraju Chinnaraju, “Explainable AI (XAI) for trustworthy and transparent decision-making: A theoretical framework for AI interpretability,” World Journal of Advanced Engineering Technology and Sciences, vol. 14, no. 3, pp. 170–207, Mar. 2025, doi: https://doi.org/10.30574/wjaets.2025.14.3.0106.
[5] S. Z. El Mestari, G. Lenzini, and H. Demirci, “Preserving data privacy in machine learning systems,” Computers & Security, vol. 137, p. 103605, Feb. 2024, doi: https://doi.org/10.1016/j.cose.2023.103605.
