The data question, first
Agents at Work — CC BY 4.0
There’s one habit that does more to keep you out of trouble than anything else in this course, and it belongs at the very front of building an agent, not the end. Before you think about what the agent will do, ask what it will touch: whose data is in play, where does it go, and who can reach it once it leaves your hands? This is the sharp end of Anchor 3 — whose data, and whose call — and it’s the single habit that has saved me the most grief.
You’ll know this question from Working with Claude — the custody question, asked before you paste anything into a chatbot. Agents make it bigger, for two reasons.
Why an agent raises the stakes
First, an agent doesn’t only see what you hand it. Connect it to your systems — the shared drive, the inbox, the customer database — and it can reach data on its own, far more than you’d ever paste by hand. Whatever you connect is the blast radius.
Second, it acts unwatched. When you paste a CV into an assistant, at least you’re sitting there. An agent that screens applications overnight is moving other people’s personal information around while no one is looking. The custody question stops being a one-time check at the keyboard and becomes a property of the whole setup: what can this thing reach, what does it send onward, and where does that land?
What the law actually says (New Zealand)
You don’t need to be a lawyer, but three points from the Privacy Act change how you’ll build:
- The prompt counts. The Privacy Commissioner has said plainly that your security duty covers the information you type into an AI tool. Feeding a customer’s or applicant’s details into a public LLM — one that may keep the data or train on it — isn’t a grey area; it’s the thing the security principle is about. (This is why “we just pasted the CVs into ChatGPT” is the sentence that should stop a recruiter cold.)
- Collect only what’s needed. You shouldn’t feed an agent identifying detail the task doesn’t require. If the job is “sort by skills”, it doesn’t need the name, the photo, or the date of birth.
- Where it goes matters. Handing personal information to another service — especially one overseas — can be a disclosure you need a reason for. Whether a given setup crosses that line is genuinely unsettled ground, which is exactly why you decide it before switching the agent on, not after.
This is general education, not legal advice — but the shape of it is simple: the data question is a legal question, not just a courtesy.
A note on Māori data
If your agent would touch information about Māori individuals, whānau, hapū or iwi, treat that as needing a conversation, not a solo call. Māori data sovereignty — the principle that Māori data sits under Māori governance — is a live obligation, and the people it belongs to are the ones to decide what appropriate use looks like. An agent quietly ingesting that data overnight is precisely the kind of decision that shouldn’t be made by default.
The discipline
Before you connect an agent to anything or point it at a pile of files, write down three lines:
- Whose data does this touch — mine, or someone who trusted me with it?
- Where does it go once the agent has it — which services, whose infrastructure, whose laws?
- What would make me comfortable — anonymising it, keeping it on tools I control, or simply not handing this particular data over at all?
If you can’t answer those, you’re not ready to build the agent — you’re ready to have the conversation that decides whether you should.
Picture the first agent you’d actually build. List every place it would need to reach. Now: which of those holds other people’s information — and whose permission would you need before an agent could read it unattended?
Where this leads
Question six from the triage — whose data, whose call — turns out to be the hinge the whole course swings on. It’s why the Recruiter is our sharpest case, why “identity-blind” is a design principle in Tier 2, and why some work stays human however clever the tools get. Tier 1 was about deciding. Next, in Tier 2, we start designing — scoping an agent so it can only reach what it should, and building the gate where a person decides.
Shared freely, in good faith. If it's been of value, a koha toward development and running costs is warmly welcomed.
Leave a koha →