← OwnMyData.ai

Blog

Latest articles and insights

Retrieval-Augmented Generation Without Leaking the Corpus: Privacy Engineering for RAG Systems

A technical guide to RAG privacy: vector database leakage patterns, embedding layer access controls, prompt injection exfiltration and implementation guidance for 2026.

Dr. Patrick Fisher, PhD · July 11, 2026
Read Article →

Zero-Knowledge Proofs in Consumer Data Protection: From Cryptocurrency to Everyday Privacy

How zk-SNARKs and zk-STARKs enable proof of age, proof of income, and minimal disclosure in consumer data protection without revealing underlying personal data.

Dr. Patrick Fisher, PhD · July 8, 2026
Read Article →

Data Trusts as Governance Infrastructure for Collective Privacy

Data trusts use fiduciary law to govern collective data access. This technical guide examines legal mechanics across England, Canada and the US, ODI and Ada Lovelace frameworks, and PDAOS alignment.

Dr. Patrick Fisher, PhD · July 4, 2026
Read Article →

GDPR Article 22 and the Right Against Automated Decisions in the LLM Era

A technical analysis of GDPR Article 22 applied to LLM-driven decisions, covering sole automation thresholds, human-in-the-loop adequacy, and EU AI Act overlaps.

Dr. Patrick Fisher, PhD · July 1, 2026
Read Article →

Personal Data Asset Origination Systems and the Architecture of Digital Sovereignty

PDAOS gives individuals cryptographic origination control over personal data assets. Without origination control, data ownership is a downstream complaint right, not sovereignty.

Dr. Patrick Fisher, PhD · June 27, 2026
Read Article →

The NIST Privacy Framework: An Engineering Tool That Most Product Teams Never Open

The NIST Privacy Framework is a systems design tool most engineering teams never use. Here is how to map its five functions to real product decisions.

Dr. Patrick Fisher, PhD · June 24, 2026
Read Article →

Privacy-Preserving Record Linkage Across Institutional Boundaries: Cryptographic Protocols for Health Data

How hospitals and research institutions link patient records across boundaries using Bloom filters, HMAC tokenization and secure multiparty computation without pooling raw data.

Dr. Patrick Fisher, PhD · June 20, 2026
Read Article →

Consent Receipts and the Structural Failure of Click-Through Consent

Cookie banners and privacy notices are not meaningful consent. Consent receipts per the Kantara specification fix this with cryptographic audit trails.

Dr. Patrick Fisher, PhD · June 17, 2026
Read Article →

State Privacy Law Fragmentation: What Engineering Teams Actually Have to Build

Eight state privacy laws, different rights bundles and users who move. Here is what engineering teams actually need to build for multi-jurisdiction compliance in 2026.

Dr. Patrick Fisher, PhD · June 13, 2026
Read Article →

Model Cards and the Inconsistency of LLM Training Data Disclosure: An Audit of Foundation Model Documentation Practices

An audit of what Anthropic, OpenAI, Google and Meta actually document about LLM training data, and how it compares to the Mitchell et al. model card standard.

Dr. Patrick Fisher, PhD · June 10, 2026
Read Article →

GDPR Article 22 and the Right Against Automated Decisions in the LLM Era

Technical analysis of GDPR Article 22 applied to LLM-driven decisions in 2026: what 'solely automated' means, why human-in-the-loop designs fail and how the EU AI Act overlays.

Dr. Patrick Fisher, PhD · June 6, 2026
Read Article →

Retrieval-Augmented Generation Without Leaking the Corpus: Privacy Engineering for RAG Systems

RAG systems leak corpus content through vector reconstruction, prompt injection and metadata exposure. This guide covers privacy engineering patterns for secure retrieval-augmented generation.

Dr. Patrick Fisher, PhD · June 3, 2026
Read Article →

State Privacy Law Fragmentation: What Engineers Actually Have to Build

US state privacy laws create real engineering complexity. Here is what your team must build for CCPA, CPRA, Virginia CDPA, Colorado CPA, and five more active state privacy laws.

Dr. Patrick Fisher, PhD · May 30, 2026
Read Article →

Personal Data Asset Origination Systems and the Architecture of Digital Sovereignty

PDAOS establishes cryptographic origination control over personal data assets, addressing what access rights, property frameworks, data-labor and fiduciary models cannot.

Dr. Patrick Fisher, PhD · May 27, 2026
Read Article →

Federated Learning's Trust Assumptions and the Curious Server Problem

Federated learning is not automatically private. This technical analysis covers gradient leakage attacks, secure aggregation protocols, differential privacy integration and honest-but-curious server threat modeling.

Dr. Patrick Fisher, PhD · May 23, 2026
Read Article →

The NIST Privacy Framework as an Engineering Tool: Why Most Teams Leave It on the Shelf

The NIST Privacy Framework is a risk-mapping tool for engineers, not just compliance teams. Here is how to actually use it in 2026.

Dr. Patrick Fisher, PhD · May 20, 2026
Read Article →

The Invisible Data: Why Personal Data Ownership Matters in the AI Era

AI systems harvest invisible personal data at industrial scale. Dr. Fisher's PDAOS framework explains what gets taken, why the asymmetry is accelerating, and how to fix it.

Dr. Patrick Fisher, PhD · May 16, 2026
Read Article →

Differential Privacy: The Epsilon Problem in Public Deployments

A technical review of epsilon values in Apple, Google and Census Bureau differential privacy deployments, and why composition makes the problem worse than it appears.

Dr. Patrick Fisher, PhD · May 13, 2026
Read Article →

Zero-Knowledge Proofs in Consumer Data Protection: From Cryptocurrency to Privacy Engineering

How zk-SNARKs and zk-STARKs move from cryptocurrency into consumer privacy engineering, enabling proof of age and income without raw data disclosure.

Dr. Patrick Fisher, PhD · May 9, 2026
Read Article →

Consent Receipts and the Structural Failure of Click-Through Consent

Click-through consent produces compliance theater, not real agreements. Consent receipts per Kantara Initiative create verifiable, user-held records that actually hold.

Dr. Patrick Fisher, PhD · May 6, 2026
Read Article →

Model Cards and the Inconsistency of LLM Training Data Disclosure: What Foundation Model Developers Actually Document

An audit of foundation model training data disclosures against the Mitchell et al. model card specification reveals a consistent gap between stated and actual practice.

Dr. Patrick Fisher, PhD · May 2, 2026
Read Article →

Privacy-Preserving Record Linkage Across Institutional Boundaries: Cryptographic Protocols in Health Data Infrastructure

How hospitals and research institutions link patient records across boundaries using Bloom filters, HMAC tokenization and secure multiparty computation without pooling raw data.

Dr. Patrick Fisher, PhD · April 29, 2026
Read Article →

Decentralized Identifiers and the Limits of Self-Sovereign Identity

Technical review of W3C DIDs and verifiable credentials examining what self-sovereign identity solves, key challenges around recovery and revocation, and why ION and Sovrin diverged.

Dr. Patrick Fisher, PhD · April 25, 2026
Read Article →

Data Trusts as Governance Infrastructure for Collective Privacy in 2026

Data trusts create legally binding governance structures for collective privacy protection, moving beyond individual consent to enable community control over shared data assets through fiduciary relationships.

Dr. Patrick Fisher, PhD · April 22, 2026
Read Article →

Data Poisoning and the Hidden Cost of Scraped Training Sets

Data poisoning attacks exploit scraped training sets to corrupt foundation models. Nightshade and Glaze demonstrate how adversarial perturbations threaten model integrity beyond copyright concerns.

Dr. Patrick Fisher, PhD · April 22, 2026
Read Article →

Homomorphic Encryption at the Edge: Production Viability and Scheme Comparison in 2026

Homomorphic encryption reaches production viability in 2026. Compare CKKS, BFV, and BGV schemes across IBM HElib, Microsoft SEAL, and Zama frameworks for edge deployment.

Dr. Patrick Fisher, PhD · April 22, 2026
Read Article →