The cost efficiency of AI and data sovereignty are at odds, forcing global organizations to rethink their enterprise risk frameworks.
For more than a year, the generative AI narrative has focused on feature races, often measuring success by number of parameters or flawed benchmark scores. However, the boardroom conversation has undergone some necessary modifications.
While the appeal of low-cost, high-performance models provides an attractive path to rapid innovation, hidden liabilities associated with data residency and state influence are forcing a re-evaluation of vendor selection. China-based AI research lab DeepSeek has recently become the focus of industry-wide debate.
According to Bill Conner, a former advisor to Interpol and GCHQ and current CEO of Jitterbit, the initial reception for DeepSeek was positive. Because DeepSeek challenges the status quo by proving that high-performance, large-scale language models don’t necessarily require Silicon Valley-sized budgets.
This efficiency was understandably appealing to companies looking to reduce the huge costs associated with generative AI pilots. Connor observes that these “reported low training costs have undoubtedly reignited the industry debate about efficiency, optimization, and ‘good enough’ AI.”
AI and data sovereignty risks
Enthusiasm for discount performance is colliding with geopolitical realities. Operational efficiency cannot be separated from data security. This is especially true if that data facilitates a model hosted in a jurisdiction with a different legal framework regarding privacy and state access.
Recent disclosures about DeepSeek have changed the calculus for Western companies. Connor highlighted “recent U.S. government revelations showing that DeepSeek not only stores data in China, but actively shares it with national intelligence agencies.”
This disclosure moves the issue beyond standard GDPR or CCPA compliance. “The risk profile extends beyond typical privacy concerns and into the realm of national security.”
For corporate leaders, this poses unique dangers. LLM integration is rarely a standalone event. This includes connecting models to your own data lakes, customer information systems, and intellectual property repositories. When the underlying AI models have “backdoors” or require data sharing with foreign intelligence agencies, sovereignty is removed, companies are effectively circumventing their own security perimeters, and any cost-efficiency benefits are erased.
“Deep Seek’s ties to military procurement networks and suspected export control evasion tactics should be important warning signs for CEOs, CIOs, and risk managers alike,” Connor warns. The use of such technology can inadvertently expose companies to sanctions violations and supply chain compromises.
Success is no longer just about code generation and documentation summaries. It is about the provider’s legal and ethical framework. Especially in industries such as finance, healthcare, and defense, ambiguity around data lineage is unacceptable.
Technical teams may prioritize AI performance benchmarking and ease of integration during the proof-of-concept stage, overlooking the geopolitical origins of the tools and the need for data sovereignty. Risk professionals and CIOs must enforce governance layers that examine not only the “what” but also the “who” and “where” of the model.
Governance cost efficiency for AI
The decision to adopt or ban a particular AI model is a matter of corporate responsibility. Shareholders and customers expect their data to be kept secure and used only for its intended business purpose.
Connor frames this explicitly for Western leadership, saying, “For Western CEOs, CIOs, and risk people, this is not a question of model performance or cost efficiency.” Rather, “it’s a matter of governance, accountability and fiduciary responsibility.”
Companies “cannot justify integrating systems where the impact of the location, intended use, and state of the data is fundamentally opaque.” This opacity creates unacceptable liability. Even if a model offers 95% of the performance of a competitor at half the cost, regulatory fines, reputational damage, and potential intellectual property loss can quickly erase those savings.
The DeepSeek case study serves as a guide for auditing your current AI supply chain. Leaders need to have complete visibility into where model inference occurs and who holds the keys to the underlying data.
As the market for generative AI matures, trust, transparency, and data sovereignty may outweigh the appeal of cost efficiency.
See also: SAP and Fresenius build a sovereign AI backbone for healthcare
Want to learn more about AI and big data from industry leaders? Check out the AI & Big Data Expo in Amsterdam, California, and London. This comprehensive event is part of TechEx and co-located with other major technology events such as Cyber Security & Cloud Expo. Click here for more information.
AI News is brought to you by TechForge Media. Learn about other upcoming enterprise technology events and webinars.
