IOSG says private AI is moving from theory to deployment as open models gain ground in cost and accuracy
IOSG argues that private AI is no longer a niche technical preference but an emerging requirement for enterprises and power users that do not want proprietary data, internal workflows, or high-value judgment calls exposed to model providers. In its report, the firm lays out how the privacy problem starts the moment a prompt leaves a user’s device and reaches a server in plaintext, and why contractual protections such as zero-data-retention terms can only go so far. The piece links that risk to corporate restrictions on ChatGPT, shadow AI leaks, and a series of legal cases in which user chats became discoverable evidence. The report also maps the trade-offs across today’s privacy stack, from contract-based retention promises and OHTTP relays to trusted execution environments, end-to-end encryption, fully homomorphic encryption, and local inference. Its central case study comes from Bridgewater’s AIA Labs and Thinking Machines, which showed that a fine-tuned open model, Qwen3-235B, beat frontier models on both accuracy and cost in financial judgment tasks. IOSG’s conclusion is narrow but clear: for execution-heavy agent workflows, trust-based setups still dominate because tool calls expose plaintext to downstream services; for high-value strategic reasoning and domain-specific alpha, verified private infrastructure around open models is becoming a practical path.







