Tier 1 · Decide1.415 min

The data question, first

Backlit pink cosmos flowers with dew on the petalsAgents at Work — CC BY 4.0

There’s one habit that does more to keep you out of trouble than anything else in this course, and it belongs at the very front of building an agent, not the end. Before you think about what the agent will do, ask what it will touch: whose data is in play, where does it go, and who can reach it once it leaves your hands? This is the sharp end of Anchor 3 — whose data, and whose call — and it’s the single habit that has saved me the most grief.

You’ll know this question from Working with Claude — the custody question, asked before you paste anything into a chatbot. Agents make it bigger, for two reasons.

Why an agent raises the stakes

First, an agent doesn’t only see what you hand it. Connect it to your systems — the shared drive, the inbox, the customer database — and it can reach data on its own, far more than you’d ever paste by hand. Whatever you connect is the blast radius.

Second, it acts unwatched. When you paste a CV into an assistant, at least you’re sitting there. An agent that screens applications overnight is moving other people’s personal information around while no one is looking. The custody question stops being a one-time check at the keyboard and becomes a property of the whole setup: what can this thing reach, what does it send onward, and where does that land?

What the law actually says (New Zealand)

You don’t need to be a lawyer, but three points from the Privacy Act change how you’ll build:

This is general education, not legal advice — but the shape of it is simple: the data question is a legal question, not just a courtesy.

A note on Māori data

If your agent would touch information about Māori individuals, whānau, hapū or iwi, treat that as needing a conversation, not a solo call. Māori data sovereignty — the principle that Māori data sits under Māori governance — is a live obligation, and the people it belongs to are the ones to decide what appropriate use looks like. An agent quietly ingesting that data overnight is precisely the kind of decision that shouldn’t be made by default.

The discipline

Before you connect an agent to anything or point it at a pile of files, write down three lines:

If you can’t answer those, you’re not ready to build the agent — you’re ready to have the conversation that decides whether you should.

Picture the first agent you’d actually build. List every place it would need to reach. Now: which of those holds other people’s information — and whose permission would you need before an agent could read it unattended?

Where this leads

Question six from the triage — whose data, whose call — turns out to be the hinge the whole course swings on. It’s why the Recruiter is our sharpest case, why “identity-blind” is a design principle in Tier 2, and why some work stays human however clever the tools get. Tier 1 was about deciding. Next, in Tier 2, we start designing — scoping an agent so it can only reach what it should, and building the gate where a person decides.

Marking this lesson complete saves your progress on this device — no account, no tracking.

Shared freely, in good faith. If it's been of value, a koha toward development and running costs is warmly welcomed.

Leave a koha →

Useful? Share this lesson with a colleague.