Agentic AI puts global data laws to the test; urgent privacy overhaul needed

With artificial intelligence evolving beyond static, task-based systems into autonomous, decision-making agents, a new academic study warns that privacy protection frameworks must undergo a fundamental transformation. The study, titled "From Rights to Runtime: Privacy Engineering for Agentic AI" and published in AI Magazine, argues that the next generation of agentic AI systems demands real-time, enforceable privacy controls rather than static, document-based policies.

Keivan Navaie, a Professor of Intelligent Networks and former AI Technology Advisor to the UK Information Commissioner's Office and the author of this paper, contends that existing regulatory mechanisms, built for data controllers and processors, are ill-suited for systems that act, learn, and make decisions autonomously. His research calls for a shift in privacy governance from rights in theory to rights in operation, urging developers to embed compliance directly into the runtime behavior of agentic AI.

A shift from compliance documentation to privacy execution

Traditional AI systems follow a simple pattern: receive an input, generate an output, and end the interaction. Agentic AI, however, operates continuously and contextually, it plans, learns, and executes multi-step processes without human prompting. This autonomy introduces a critical accountability gap.

Navaie explains that as AI agents begin to act independently, booking appointments, analyzing personal data, managing communications, and even invoking external APIs, they engage in complex, multi-layered data processing that traditional privacy assessments cannot adequately monitor. Current compliance frameworks, reliant on documentation and audit trails, are reactive and descriptive. In contrast, agentic systems require proactive and operational privacy enforcement that adapts in real time to user intent, data context, and legal obligations.

To address this, the study introduces privacy engineering patterns that translate regulatory principles from frameworks like the EU's General Data Protection Regulation (GDPR), California's Consumer Privacy Rights Act (CPRA), Brazil's LGPD, and Singapore's PDPA into dynamic, executable controls within the AI lifecycle.

The proposed model states that privacy should not be a feature added after system design but a runtime condition, encoded directly into how AI systems function. Each action, data flow, and decision point becomes subject to policy evaluation at the moment it occurs.

Designing privacy into the core of agentic AI

The paper identifies four foundational design mechanisms for implementing privacy-aware behavior in agentic systems:

• Memory Governance: AI memory, once a static storage component, becomes a regulated and transparent subsystem. Systems should offer time-limited, user-controlled memory for short-term interactions and optional account-level persistence for longer tasks. Every stored item must display its retention period, modification history, and deletion path. When a user requests erasure, that command must cascade through all connected components and partner services automatically.
• Purpose-Aware Egress: Data leaving an AI's internal environment must pass through automated purpose checks. Before transmission, the system verifies whether the data transfer aligns with the declared purpose, legal basis, and destination requirements. If any element fails, the operation is blocked or redacted. This mechanism operationalizes key privacy principles, purpose limitation, minimization, and lawful processing, by embedding them directly into the system's decision architecture.
• Proportional Safeguards: Not all AI applications carry equal risk. Navaie proposes a tiered approach where privacy controls scale with operational stakes. Low-risk AI assistants might use read-only access, while high-risk systems, such as those making financial or medical recommendations, must enforce short data retention, continuous oversight, and human review before executing impactful actions.
• End-to-End Traceability: The study calls for unified trace logs that document every AI decision, data exchange, and external integration. These traces allow developers and regulators to reconstruct system behavior and verify compliance. Each record links to specific purposes, lawful bases, recipients, and outcomes, forming a transparent accountability narrative that satisfies GDPR's accountability requirements and the EU AI Act's record-keeping mandates.

These controls collectively redefine privacy not as an abstract principle but as a technical runtime property of AI. Under Navaie's model, privacy becomes auditable, enforceable, and measurable through the same engineering mechanisms that govern performance and reliability.

Global policy alignment and technical challenges

The study further bridges privacy engineering with international legal regimes, showing how operational controls can harmonize compliance across regions. By mapping its proposed framework to GDPR, CPRA, LGPD, and PDPA, Navaie demonstrates that the same technical foundations, memory governance, purpose restriction, and traceability, can serve as universal compliance anchors.

The author states that the upcoming EU AI Act strengthens this alignment by demanding explainability, risk-tiered control, and continuous monitoring for high-risk systems. Together, these legislative and engineering developments signal a global movement toward privacy as code, where compliance is built into the machine rather than enforced after deployment.

However, the study also acknowledges major implementation barriers. Real-time privacy evaluation introduces computational overhead and latency, especially in large-scale distributed systems. Ensuring consistent enforcement across cross-border infrastructures remains complex, given divergent data protection regimes. Furthermore, maintaining reliability and transparency without compromising system performance requires intricate balancing between technical precision and legal nuance.

The paper calls for new interdisciplinary collaboration among policymakers, engineers, and ethicists to design privacy benchmarks, verification tools, and simulation environments that test compliance before deployment. Navaie proposes that privacy controls be treated as part of an AI system's operational architecture, subject to unit testing, version tracking, and runtime verification just like any other performance feature.