Agefi Luxembourg - juin 2026

Juin 2026 43 AGEFI Luxembourg IA & Tech By Pascal HERNALSTEEN&Neha PAREKH* I n every AI acquisition, the same question surfaces too late: where did the training data come from, and did anyone have the right to use it that way? The answer determines whether the core asset of the deal is worthwhat themodel says it is. In 2026, it can also deter­ mine whether that asset sur­ vives regulatory scrutiny at all. The buildup of unveri­ fied datasets filledwith per­ sonal data and undocumented training cycles, what practitio­ ners now call privacy debt, has become a contingent liability that standard due diligence routinely fails to detect. The Technical Problem: Why Personal Data Integration Is Irreversible The relationship between personal data and artifi­ cial intelligence ismore than a storage action.When personal data is ingested into a large language model or aneural network, it becomes encoded into themodel’sweights: themathematical parameters, numbering in the billions formodern systems, that determine every output the model produces. This architecture has a direct legal consequence. Atraditional database allows a company to satisfy a righttoerasure request by locating and deleting a specific personal data record. A trained AI model does not. There is currently no reliable technical methodtoextractpersonaldatafromatrainedmodel without retraining the entire systemfromscratch. The Stanford HAI 2025 AI Index Report confirms this: selective unlearning at scale remains an un­ solved problem. The practical implication for deal teams is direct. Once a portfolio company’s model has been trained on personal data, the right to be forgotten cannot be guaranteed. That compliance gap can’t be closedpostacquisition. It is a structural feature of the technology that cannot be undone without destroying and rebuilding the model. The Legal Consequences: Purpose Limitation and Algorithmic Disgorgement TheGDPR’s purpose limitation principle sits at the centre of this problem. Article 5(1)(b) prohibits the processing of personal data for purposes incom­ patible with those for which it was originally col­ lected. Customer interaction logs gathered for CRM purposes cannot be repurposed as AI train­ ing data unless that specific usewas disclosed and consented to at the point of collection. The same framework applies under theCaliforniaConsumer Privacy Act and its successor regulations, which under regulations effective January 2026 mandate strict risk assessments for highrisk data process­ ing, building toward mandatory executivelevel certifications of compliance. When a target company has violated purpose lim­ itation at scale, regulators reach for a remedy pro­ portionate to the irreversibility of the harm: algorithmic disgorgement, also referred to as model deletion. Under the FTC’s 2026 AI Policy Statement, if training data was collected unlaw­ fully, theCommission canmandate the destruction of the entire model. The FTChas already exercised this power. In its en­ forcement action against Rite Aid, it required the destruction of all data, models, and derived algo­ rithms froma facial recognition systembuilt on im­ properly sourced data. For a company whose primary asset is that model, disgorgement is not just a fine. It erases the asset entirely, resetting years of development to zero. The EUAIAct compounds the exposure. Highrisk AI systems face mandatory conformity assess­ ments fromAugust 2026, with penalties reaching €35million or 7%of global annual turnover, mate­ rially above GDPR’s 4% ceiling. The DOJ’s 2025 Bulk Data Rules add a further layer: transfers of sensitive personal data to countries of concern can nowtrigger federal oversight or block a transaction outright, a constraint that affects any portfolio companyusing offshore data centres or thirdparty developers in certain jurisdictions. The SEC closes the circle. Its 2026 Examination Pri­ orities target AI governance disclosures directly, treating the failure to verifydata provenance not as a compliance oversight but as a failure to accurately price the asset for limitedpartners.AIwashing, the overstatement of proprietary model capabilities or dataset quality, now carries specific disclosure risk under the SEC’s February 2026 Staff Bulletin. Where Privacy Debt Hides in the Data Room The 2026 Thales Data Threat Report found that only 33% of organisations have complete knowl­ edge of where their own data is stored. That fig­ ure applies directly to acquisition targets. A company that cannotmap its owndata land­ scape cannot credibly represent the prove­ nance of its training sets. Privacy debt does not sit in the privacy policy folder. Deal teams need to look elsewhere: Marketing folders: pixel tracking re­ ports, audience lists, and behavioural data used for model training without explicit consent. R&D directories: data provenance records for training sets, or the ab­ sence of them. If provenance cannot be reconstructed, the liability cannot be quantified. Procurement records: thirdparty data licences that did not authorise AI training use, and vendor agreements with de­ velopers in restricted jurisdictions. Technical architecture documentation: evidence ofwhether themodel canprocess deletion requests at scale, and whether data flows from collection through the training pipeline have been mapped. Atarget that cannot produce clean answers across all four is carrying undisclosed liability. The rep­ resentations and warranties covering regulatory compliance are directly exposed. The Privacy Data Room as Operational Solution The privacy data room is the operational response to this problem.Where a traditional data roomdoc­ uments financial, legal, and commercial due dili­ gence, the privacy data roomdocuments the chain of title for data assets: where training data origi­ nated, under what legal basis it was processed, what consent framework governed its collection, andhowthe companyhandles ongoingdata rights requests. Inpractice, it comprises four components. First,AI ImpactAssessments for eachmodel inpro­ duction, documenting the training data sources, processing purposes, and applicable consent. Second, chainoftitle records for model weights, establishing clean provenance fromdata collection through to the trained system. Third, automated audit logs proving the company can process personal data deletion and access re­ quests at scale, a prerequisite under both GDPR and the EUAI Act. Fourth, a data flow map tracing how personal data moves from the point of collection through the training pipeline to the final model output. Buyers’ counsel in 2026 request this documenta­ tion as standard. A seller that cannot produce it faces a valuation adjustment and faces a deal that stalls, or worse, collapses. For midmarket portfo­ lio companies where a fulltime chief privacy offi­ cer is not yet economically justified, a fractional governancemodel deployed acrossmultiple port­ folio companies has become the standard solution. PE firms that standardise the privacy data room build across the portfolio reduce both the cost per company and the execution risk at exit. How to Avoid the Trap: A Practical Framework The shift required is from reactive compliance to proactive governance. Privacy debt compounds silentlyduringtheholdperiodandsurfacesviolently at exit. Thewindow to address it is during diligence and in the first hundred days postacquisition. At acquisition: Extend technical due diligence to cover data provenance explicitly. Request training data documentation, not just privacy policies. Ver­ ify that thirdparty data licences coveredAI train­ ing use. Assess whether the target can reconstruct the chain of title for itsmodels. Where provenance cannot be established, price the remediation cost into the deal or walk away. During the hold: Commission a data flow map­ ping exercise. Build the privacy data room in par­ allel with the commercial data room. Implement data minimisation strategies: reducing the per­ sonal data footprint lowers both regulatory expo­ sure and cybersecurity insurance premiums, which in 2026 carry specific AIrelated exclusions unless the company can demonstrate adherence to frameworks such as NISTAI RMF 1.1. At exit preparation: Treat the privacy data room as a transaction asset, not an administrative obli­ gation. ValidateAI ImpactAssessments, test dele­ tion request processing at scale, and confirm EU AI Act conformity for any highrisk systems be­ fore the buyer’s counsel requests it. Privacy debt that surfaces during buyer due dili­ gence lands at the top of the liquidation waterfall, paid out before the preferred return and before carried interest. In a compressed exit, it can elimi­ nate the GP’s carry entirely. The underlying prin­ ciple is simple. Personal data that enters an AI model does not leave it. The right to be forgotten, which GDPR enshrines as a fundamental right, becomes technically im­ possible to guarantee once training has occurred. Deal teams that understand this before signing the SPAare in a position to price it, manage it, and ul­ timately protect the exit. Those that discover it during buyer due diligence are not. * Pascal Hernalsteen is a Luxembourgbased operating partner and independent consultant specialising in fund services M&A, postacquisition integration, and AIFM governance. He has built three licensed AIFM management companies from the ground up across Luxembourg and the United States. Neha Parekh is a global data protection and privacy attorney, and founder of AustinData Advisors in Austin, Texas. She advises pri­ vate equity and venture capital firms onAI governance, data prove­ nance, and regulatory risk across the investment lifecycle. Privacy Debt: The Hidden Liability That AI Deals Cannot Afford to Ignore Horus, le logiciel comptable qui vous fera vraiment gagner du temps Une solution innovante pour fiduciaires et PME Logiciel basé sur l’IA, complet et intuitif Gain de temps de 40% 100% synchronisé avec Falco , notre application de facturation électronique (conforme Peppol) Conforme aux exigences luxembourgeoises SCANNEZ POUR UNE DÉMO www.horussoftware.be