AI sovereignty - Divisive or just inconvenient?
There has been much discussion about the use of the word sovereign when describing many products and services, especially in the computer software space, none more than in Artificial Intelligence.
Many contest that the word sovereign can be divisive, limiting or undefinable. I disagree. I believe that the word has simply become inconvenient to most.
Let me explain through an Australian lens, but it is applicable to any nation.
There are many ways to measure the sovereignty of a company. The obvious is who owns the company? Are the shareholders majority Australian legal entities or Australian citizens? Is the Board located in Australia? Does it have foreign influence? Does the company report to an overseas parent? Does it pay all its taxes in Australia?
The above is just the question of ownership. However, sovereignty goes well beyond that, right down to operations.
Is the product built here in Australia? Or was part (or all) of the build carried out overseas by non-sovereign resources (for reasons of ownership or cost saving)?
It is here that the sovereign becomes an 'inconvenient truth' for the vast majority of AI product and service providers.
Our reliance on overseas software companies is so big that very few want to tackle the behemoth marketing budgets and lucrative sponsorship dollars of these companies and so we shy away from the term sovereign and default to even less defined terms like 'domestic' or 'agency'.
The complexity of AI sovereignty
Many believe that AI creates greater complexity for sovereignty than in other industries. I don't believe it does. Sovereignty of the supply or value chain is the same for sovereignty as it is for the manufacture of any product.
Let's consider the layers of AI sovereignty.
The base layer – data centres. Where your data lives is important. Sovereignty in AI starts with where your data is held and processed. Is the data centre you have chosen located here in Australia and are the failover sites also in Australia? Does the company you chose have sovereign ownership and employ Australian staff?
The enablement layer – servers and GPUs. Clearly Australia does not have significant scale electronics manufacturing in this country (at this time) and so we must purchase physical hardware from offshore companies. But who is managing those servers for you? Unless you purchase your own servers and mount/maintain them in a sovereign data centre then you have a potential sovereign vulnerability. If you outsource the acquisition, installation and/or management of your servers and GPUs, then again you need to ensure that the company has sovereign ownership.
We are only two layers in and already almost every company in Australia will have failed. Many companies use international hyperscalers for data storage. Companies like Microsoft, Amazon, Google and more are not sovereign, nor will they ever be. All the hyperscalers sell the concept of a secure cloud. This is a nice way of saying that it is highly likely that your data is replicated offshore somewhere for redundancy.
"But .." I hear many of you shout, about to tell me that you have a signed agreement with the hyperscaler that they will never replicate your data offshore. That's a good start however you will note above that I called out the difference between data being stored and data being processed.
When a user inferences AI, the request must go to a GPU to be processed. Again, many of the hyperscalers use AI factories located around the world for pooled efficiency. Thus, your inference (possibly with attachments or corporate data) is being processed offshore. That offshore location may not have the same strict data privacy rules as Australia.
If you are one of the few who has also signed an agreement with the hyperscaler to only utilise GPUs installed in Australia, well done. But the rabbit hole goes deeper. Around 7 years ago the US enacted its US CLOUD Act. Australia has become a signatory to that Act. The US CLOUD Act allows US authorities to compel any US-based company to grant access to any server it owns or leases anywhere in the world.
So, if you are dealing with a hyperscaler, you are at risk of the US authorities simply looking in any of your servers. Unless all your data is deeply encrypted you have a possible exposure point.
Very inconvenient for the hyperscalers, so best not to talk about sovereignty.
The intelligence layer – foundational models. Australia already has some wonderful foundational models in image generation, medicine, agriculture, mining and more. We are a nation of educated and experienced AI resources despite what some may say. The algorithm behind google maps was developed here in Australia.
However, what Australia lacks is sovereignty in the generative AI darling field of large language models (LLM). Simply downloading a copy of a commercial model or a so-called open-source model to a local server is not a sovereign solution. Yes, this includes using OpenAI in an Azure cloud as outlined above.
Australia has zero visibility on how offshore models have been built. We do not know what data they were trained on; if that data was sourced ethically; how the data was curated; what bias has been introduced and so much more. Further, we have little to no ability to direct, coerce or influence the owners of this technology to share such information with us.
In July of this year the US president signed an executive order mandating how model builders should treat DEI bias, essentially settling a cultural agenda for the entire world. Australia needs to stay in control of AI models, or it risks losing its vernacular, culture and values.
You should also consider where the current LLM models are inferenced. If you build a custom GPT or similar, where in the world is the GPU that will handle the inference of your app?
The user layer – applications of AI. The application layer of AI is arguably Australia's frontrunner in sovereignty. There are some amazing AI application builders in this country making great user interfaces for a host of different styles and use cases of AI.
The builders who are sovereign owned (as discussed before) and that build all of their tools onshore using Australian resources could claim sovereignty. However, many utilise offshore resources immediately giving up sovereignty.
Using offshore resources to lower cost is convenient, so the word sovereignty becomes very inconvenient.
An inconvenient truth
There are many software vendors that would prefer that we do not discuss sovereignty because it is terribly inconvenient for them.
To come close to being sovereign they would need to ensure their solutions were hosted on Australian servers in Australian data centres. They would have to be willing to share exactly how their products were built and make this auditable.
Most importantly they would need a local entity operating under a Deed of Sovereignty to ensure local operations were not influenced by global company policy, and ideally not parented in the USA due to Cloud Act provisions.
Extremely inconvenient – but for certain users and applications it is absolutely critical to insist on sovereign AI solutions.
Sovereignty in our systems must stay at the forefront of innovation and be a part of robust conversation for Australia (or any nation) to realise the ongoing benefits this new technology can deliver.
