Data sovereignty sounds like an ideology. It is actually a practical question: when a record about your life is created, who ends up holding it, and what can you do with it?
For the last twenty years the answer has been simple. The platform holds it, and you can do almost nothing with it. This essay is about why that answer is changing, why AI is what changes it, and what owning your data would actually require in practice.
The platform era, stated plainly
The deal that built the consumer internet was straightforward: free services in exchange for data. It was not a scam. Search, maps, email, social feeds, and streaming genuinely improved most people's lives, and most people took the deal knowingly enough.
But the deal had a structural feature that mattered more than anyone noticed at the time: the data never came back. Your purchase history taught Amazon's recommendation engine. Your listening history built Spotify's model of your taste. Your searches, your routes, your messages, your photos — each one made a platform's picture of you sharper, and each one stayed on the platform's side of the wall.
You can request an export under GDPR, and platforms will comply. What you get is a zip file of raw JSON — technically your data, practically useless. The export satisfies the regulation without transferring any of the value. The value was never in the individual records. It was in the accumulated, organized understanding of you. That part is not in the zip file.
Call this the platform era: the period where the picture of you was an asset, and you were the only party who could not hold it.
What AI changed
For most of the platform era, this asymmetry was annoying but tolerable. The picture of you was used to rank ads and recommend products. Losing access to it cost you little.
AI assistants change the stakes, because context is the difference between a generic assistant and a useful one. Ask an assistant with no context for a dinner recommendation and you get a list of popular restaurants. Ask one that knows you are vegetarian, that you cooked Thai food three times last month, and that you are trying to spend less on dining out, and you get an answer worth having. The same model, the same question — the entire difference is the context.
The major AI products know this, which is why they are all building memory. ChatGPT remembers facts about you across conversations. Claude can maintain memory across projects. Every assistant is racing to accumulate the deepest picture of its users, because the deepest picture wins.
Here is the concrete stake: after a year of daily use, your AI assistant may hold the most complete profile of you that has ever existed — your projects, your health questions, your finances, your writing style, how you make decisions. And that profile has the same property your Amazon purchase history had. It lives on the platform's side of the wall. Switch assistants and you start from zero. The assistant knows you; you cannot port what it knows.
In the platform era, lock-in meant losing your playlists. In the AI era, lock-in means losing the accumulated understanding of you — the thing that made the assistant useful in the first place. That is a much stronger lock, and it is being built right now, mostly without discussion. We wrote more about this specific problem in AI Will Remember You. The Only Question Is Who Holds the Memory.
Ownership is a property argument, not a privacy argument
It is worth being precise about what the argument is, because data sovereignty is usually framed as privacy, and privacy framing undersells it.
Privacy says: I want less known about me. Ownership says: what is known about me should be mine to hold and use. These are different claims. You can want your context fully known to an assistant you trust — that is the whole point of context — while still insisting that the record of it belongs to you rather than to whichever company happened to collect it.
The closest analogy is not secrecy. It is property. When you buy a house, the deed goes to you, not to the real estate agent who arranged the sale. Nobody finds this controversial. Yet when a platform mediates the creation of a record about your life, the record goes to the platform by default, and we have all been trained to find that normal.
The system change worth pushing for is simple to state: data should flow from platforms to people, not only the other way. Not because platforms are villains — most are not — but because the person the data describes is the only party with a permanent stake in it. Companies get acquired, pivot, and shut down. You are the one constant in your own data.
What ownership practically requires
Ownership is easy to say and hard to build. If you follow the idea to its engineering conclusions, it requires three properties, and all three are load-bearing.
1. Encryption under a key only you hold. If your data sits in a database that a company can read, you do not own it — you are trusting a custodian, which is exactly the arrangement we started with. Real ownership means the data is encrypted on your device before it is stored anywhere, with a key derived from something only you know. The custodian holds ciphertext it cannot read. This is not a policy promise that can be quietly amended; it is an architectural fact that holds even if the company is acquired, subpoenaed, or breached. It also has a real cost: if you lose your key and your recovery phrase, nobody can reset it for you. Ownership includes the responsibility part.
2. Portability in a format other software can use. A right to export raw JSON is not portability, as anyone who has opened one of those GDPR zip files knows. Portability means your data is organized, readable, and exportable in formats that other tools — including AI assistants — can actually consume. The test is simple: can you take your data somewhere else and have it be worth something when it arrives?
3. Revocable, granular sharing. Ownership without the ability to share would just be hoarding. The useful version is selective: this service gets my food preferences and dietary restrictions, that one gets my purchase history, neither gets my health notes, and I can cut either one off at any moment and know the access actually ends. Sharing that cannot be revoked is not sharing — it is surrender with better branding.
Miss any one of the three and the whole thing collapses back into the platform era. Encryption without portability is a locked box you cannot move. Portability without encryption means every export is an exposure. Sharing without revocation recreates the one-way flow we were trying to fix.
The honest objections
There are two serious objections to all of this, and they deserve straight answers.
The first: most people do not care. This is true today, and it was equally true of every consumer shift before it mattered. People did not care about owning their phone number until number portability existed and switching carriers became painless; then everyone used it. Caring follows capability. Nobody demands what they cannot imagine having. The question is not whether people care about data ownership in the abstract — it is whether they will use it once it is as easy as the alternative and visibly better, because their AI actually knows them everywhere.
The second: the platforms will never allow it. But the platforms do not need to allow it. The data already leaks out to you in small, legally mandated ways — email receipts, exports, statements — and, more importantly, the interface layer is opening up. Open protocols now let an AI assistant read context from a source the user controls rather than only from the platform's own memory. The walls do not need to be torn down. They need to be routed around, one standard interface at a time.
Where Personal Hub fits
Personal Hub is our attempt at the infrastructure ownership requires — a personal data layer built on exactly the three properties above.
Your vault is encrypted on your device. Your key is derived from your password and never leaves your browser. We store ciphertext; we cannot read your vault. The encryption code is open source, so this is a checkable claim rather than a marketing one — the details are on our security page, including an exact accounting of what is and is not encrypted.
Portability and sharing run through export and through Personal MCP, which lets any AI assistant that speaks the Model Context Protocol read the fields you choose to share — and only those — with access you can revoke at any time. Raw export of everything you have stored is free on every plan, permanently, because charging to leave would contradict the entire premise.
The platform era was not a conspiracy. It was a default — the path of least resistance for twenty years of software. Defaults change when a better one becomes available and easy. Owning your data is about to become both.