Sovereignty: data, compute, policy

For most of this course we have stayed close to the ground — what a model can do for a TB scan, what a fraud system catches, how a remittance corridor moves money. This chapter steps back and asks the harder question: what does Nepal, as a country, need to own in the AI stack, and what can it safely rent?

Three answers — data, compute, and the rules of the road. Each one has a specific shape.

Data sovereignty

A country’s data is, increasingly, its terrain. Land records, health records, education records, voter rolls, court files, telecom mobility — together these describe the country in a way that no foreign team can replicate without access. If Nepal lets this data drift into foreign hands without thought, three things happen: the country loses the ability to ask questions about itself that depend on this data; foreign firms will build products for Nepal using data Nepali firms cannot access; and the citizens whose data it ultimately is have very little say in how it gets used.

The fix is not to refuse all foreign access. The fix is to set the rules under which access happens, who can access, for what purposes, with what oversight, and where the data physically sits. A workable Nepali data-sovereignty position would distinguish:

Public, non-sensitive data — already published government statistics, anonymised public corpora. Free movement is fine.
Sensitive aggregate data — anonymised telecom mobility, aggregated remittance flow, public health surveillance. Permissible under explicit, audited frameworks for research and public-good use.
Personal data — citizen records, health records, court records. Strict consent, strict purpose limitation, and a default towards local processing.
Strategic data — defence, critical infrastructure, sensitive geographic information. Default to remaining in country.

Compute sovereignty

Compute is the hardest of the three to take a position on, and the easiest to get wrong.

The honest case for not building domestic compute at scale is strong. AI compute is global; the leading providers are American and Chinese; the cost of building competitive infrastructure inside Nepal is enormous; the foreign currency cost of training is not high enough to justify the capital expenditure for sovereignty alone. By this argument, Nepal should rent compute from whichever provider is cheapest and good enough, and put its money into talent and products.

The case for some domestic compute is also real. Citizen data may not be permitted to leave the country for political or legal reasons that have nothing to do with AI. A national health AI dataset will need a place to live. Regional disaster-response AI cannot reliably depend on foreign-cloud connectivity during an event. And the geopolitics of being entirely dependent on US-listed cloud providers is, to put it mildly, not stable forever.

A reasonable middle path: build, or partner to build, a modest national AI infrastructure — measured in tens of GPUs, not thousands — focused on (i) hosting sensitive citizen data that cannot leave, (ii) running the inference for nationally-deployed public-good AI services, (iii) being available to Nepali researchers at no cost or low cost as a public good. Training of frontier models stays foreign; everything that touches citizen data and runs at public-service scale stays domestic.

Policy sovereignty

Of the three, the rules of the road are most clearly Nepal’s to set, and most clearly under-set today.

Five rule-shaped questions the country will have to answer in the next few years, whether or not it does so deliberately:

Personal data protection — a comprehensive data-protection law of the kind India’s DPDP Act provides, suitably localised. Without this, every other rule in the stack rests on sand.
AI-in-decision-making — when an automated system decides about a citizen (loan, visa, medical referral, school admission), what right does the citizen have to know, contest, and seek human review?
Foundation-model use in government — under what conditions may government workers use foreign LLMs, with what data, with what audit trail?
Algorithmic procurement — when a ministry buys an AI tool, what disclosure, testing, and accountability framework applies to the vendor? The country should not learn the importance of this from a public scandal.
AI in safety-critical sectors — health, transport, energy, financial services. Each will need a sector-specific overlay.

None of these is technically hard. All require political will and the readiness to set rules ahead of incidents rather than after them.

What “sovereignty” should not mean

Two failure modes worth naming.

Sovereignty as protectionism. A weak version of this argument treats every foreign AI product as a threat and tries to wall the country off. This fails in two specific ways: it cuts Nepali users off from genuinely useful tools, and it creates rent-seeking opportunities for whoever gets the domestic monopoly. Neither serves the country.

Sovereignty as paperwork. A different failure mode is to write rules without the institutional capacity to enforce them. Comprehensive data-protection law with no regulator and no audit power is worse than no law at all — it provides false reassurance. The sequence has to include both the rule and the institution.

Check your understanding

Quick check

—

Which framing of “AI sovereignty” for Nepal is most likely to produce a country that benefits from AI while keeping meaningful control of decisions that affect its citizens?

Refuse all foreign AI services to protect the domestic market.
Accept all foreign AI services to access the best technology fastest.
A layered framework: tiered data rules by sensitivity, modest domestic compute for sensitive workloads, comprehensive policy on personal data and algorithmic decisions, paired with the institutional capacity to enforce the rules.
Wait for the EU and India to set their rules and copy them whole.

Quick check

—

Why is comprehensive data-protection law without a regulator and audit capacity often described as worse than no law?

The law confuses citizens and lawyers.
A law without enforcement creates false reassurance — citizens, vendors, and the state all assume protections are in place that in practice cannot be verified or enforced, while no actual incentive to comply exists. The same harms occur as without the law, but disguised.
It is too expensive to publish.
Foreign vendors refuse to operate in any country with data-protection law.

What comes next

Sovereignty is a country-level frame. The next section is the human-level frame: where does the talent come from, who funds the work, and what do credible Nepali AI founders actually need?