PDPA-Aware Data Product Canvas

Architecting Consent-Led AI Ingestion

Consent is not a checkbox — it is runtime metadata. Governance accelerates AI when it is designed as infrastructure.

Consent coverage

92%

+4.1% QoQ

AI-ready data products

+6 this quarter

Retrieval approval rate

76%

+2.8%

Blocked risky retrievals

184

Last 30 days

Audit-ready AI answers

98%

SLA: 99%

Immature AI Flow

Risky AI Ingestion: Fast, but Unprovable

Pre-PDPA

Raw Enterprise Data

Data Lake

Embeddings

LLM

User Answer

Unknown consent status

No lineage

Stale data

Cross-border ambiguity

No audit trail

Data leakage risk

Compliance bottleneck

PDPA-Aware Flow

PDPA-Aware AI Ingestion: Governed, Traceable, Scalable

Production-Grade

Raw Data

Governed Data Product

Consent + Lineage + Quality

Approved Retrieval

AI System

Audit Trail

Runtime consent metadata

Full source lineage

Freshness SLAs

Jurisdiction-aware

Immutable audit trail

Tenant-scoped access

Revocation within SLA

Architecture Flow Map

From data lake to governed AI substrate

Data products before embeddings.

Stage 1

Raw Data Sources

Origin systems

CRMTransactionsSupport ticketsApp eventsDocumentsLab recordsMerchant data

Stage 2

Governed Data Products

Contract-first datasets

PurposeOwnerLineageConsent scopeQualityJurisdictionExpiry

Stage 3

Consent + Lineage + Quality Gate

Runtime policy engine

Consent valid?Purpose allowed?Fresh?Lineage known?Cross-border?Tenant allowed?

Stage 4

Approved Retrieval Layer

Permissioned substrates

Vector DBRAG pipelineFeature storeKnowledge graph

Stage 5

AI System

Enterprise assistant

Permissioned data onlyTenant-scopedReason w/ citations

Stage 6

Audit Trail

Immutable provenance

WhatWhy allowedVersionJurisdictionApprover

Governed Data Product

Customer Transaction Data Product

dp.payments.customer_txn · v2.8

Consent ValidRisk: Medium

Data Owner

Payments Platform Team

Purpose

Fraud monitoring & customer support

AI Usage Allowed

RetrievalModel Training

Residency Rule

Singapore + approved ASEAN markets

Quality Score

94%

Lineage

Core banking → Lakehouse → Approved vector index

Revocation Handling

Removed from retrieval index within 4h SLA

Consent Scope

Risk assessment, fraud prevention, customer support

Policy Engine

Consent + Lineage + Quality Gate

7 checks · evaluated in 38ms

Consent exists
Customer consent on file (2025-03-12)
Pass
Purpose match
Fraud monitoring ∈ allowed purposes
Pass
Data freshness
Updated 6m ago · SLA < 24h
Pass
Cross-border transfer
SG → ID requires DPO review
Review
Sensitive attribute detected
PAN fragment in 0.4% of rows
Escalate
Retrieval permission
Tenant: grab-fin-ops · Approved
Pass
Training permission
Personal data — training prohibited
Blocked

Thesis

Enterprise AI becomes defensible at the data layer, not the model layer.

It becomes defensible when the data entering the model is consent-aware, lineage-rich, quality-scored, jurisdiction-aware, and audit-ready. Smarter models without governed substrates create faster liabilities.

—Consent is not a checkbox. It is runtime metadata.

—Data products before embeddings.

—Governance accelerates AI when designed as infrastructure.

—Every AI answer should prove what it was allowed to know.

Reasoning & Retrieval Trace

AI Answer Provenance

Human review

Query

“Can this customer be offered a credit limit increase?”

Retrieved Data Productdp.payments.customer_txn

Consent BasisCustomer support + risk assessment

Data Versionv2.8

JurisdictionSingapore (PDPA §13)

Retrieval Timestamp2026-06-02 09:41:22 SGT

Confidence87%

Final Answer StatusDraft recommendation only

Every AI answer proves what it was allowed to know.