Open Data Infrastructure
Foundation for AI Needs Policy-as-Code in the Data Layer
Why AI systems need machine-checkable data policy at runtime, not policy documents outside the path.
Policy that lives outside the data path has a timing problem. It is visible during review meetings, then invisible at the exact moment an agent asks for data.
The practical problem
AI systems increase the number of data access decisions that happen at runtime. A human analyst may request a dashboard once. An agent may call tools repeatedly, assemble context from multiple products, and adapt its next request based on the previous answer.
That pattern needs machine-checkable policy. Open Policy Agent describes policy as code for authorization and decisioning. In the data layer, that means policy should be evaluated where data access happens, not only described in governance documentation.
Runtime policy has to see data context
A policy decision for AI should know the principal, agent, tool, data product, table, columns, purpose, freshness requirement, and downstream action. Without that context, policy becomes a yes-or-no gate with no understanding of the data contract.
Policy-as-code also creates evidence. Teams can review the rule, test the rule, version the rule, and attach the decision to lineage or evaluation traces.
Core idea: The foundation for AI is not a better policy document. It is policy that runs in the same path as the data request.
The ODI foundation
Open Data Infrastructure should make policy portable across engines and catalogs. The policy engine does not need to own every table. It needs shared identifiers, catalog context, and decision evidence that can survive tool boundaries.
This matters when teams want multiple query engines, catalogs, and agent tools. The policy model should not restart from zero every time a new engine joins the stack.
What breaks first
- Policy is approved in documentation but not enforced at query or tool-call time.
- Agents receive data through application code that bypasses catalog policy.
- Rules cannot inspect purpose, freshness, lineage, or data product context.
- Policy decisions are not attached to evaluation traces or incident evidence.
Questions to ask
Ask where policy is evaluated, what context it receives, how decisions are versioned, and whether denied access creates useful explanations. Ask whether policy can follow data across engines instead of living inside one platform.
For adjacent context, read policy enforcement in open data systems, AI-ready data infrastructure, and catalog-neutral governance controls.
Sources to start with
These primary sources anchor the technical claims in this guide.
- Open Policy Agent documentation
- NIST AI Risk Management Framework
- Model Context Protocol specification
- OpenLineage documentation
AI does not need more policy theater. It needs policy that can answer at runtime.