The End of Data Export: Why the Cloud is a Compliance Trap
Privacy is not a feature you bolt on at the end — it is infrastructure. For anyone with real capital at stake, the sharp risk is often not “using AI” in the abstract; it is routing the full ledger (positions, identifiers, broker notes) through systems whose defaults are long retention, broad subprocessors, and training-adjacent logging.
Sovereignty is Pocket Portfolio’s architecture philosophy — not a slogan layered on top of a conventional SaaS core. It means user-anchored truth for the portfolio story, cloud inference used as compute (models run where the keys point), and a deliberately small vendor footprint for that narrative: bounded context across the wire, stateless handling of the payload for Ask AI, and no server-side portfolio database that turns every prompt into durable ledger replica. The Sovereign Engineering serial is the engineering record of that bet.
How many fintech backends still look
The conventional pattern:
- Ingest everything — CSV or API sync into a central database (PostgreSQL or equivalent).
- Central API — the product server reads rows and powers dashboards.
- “Add AI” — paste summaries or raw rows into an LLM gateway, or sync user documents into a vector store.
Blast radius: one dump, one misconfigured replica, or one over-collection in logging, and the full history shows up in breach response, subpoena scope, and “why did you keep column X?” Compliance follows architecture — rarely the reverse.
Sovereignty on the wire (and why it is not “no cloud”)
Sovereignty does not mean we pretend servers do not exist. It means truth and retention follow the philosophy above — not the default SaaS pattern of centralizing everything “because we can.” Concretely for Ask AI:
| Layer | Typical SaaS stack | Sovereign Ask AI path |
|---|
| System of record | Vendor DB holds full ledger | User device + optional Drive; no server-side portfolio DB for chat |
| AI input | Often “enough rows to be dangerous” | Client-built bounded string: totals + top-N holdings (default path) |
| Server memory of prompts | Logs, caches, “improve the model” pressure | Stateless handler: payload drives one stream, not stored as portfolio rows |
Narrow cloud is how Sovereignty shows up in code: the API behaves like a pure function on portfolio text for that request — prompt in, stream out — without a portfolio row store on our side for that inference path.
The stateless boundary in app/api/ai/chat/route.ts
The route begins with an explicit comment that matches the implementation:
/**
* Stateless: request payload (message, context, attachedContent) is used only
* to build the LLM prompt and stream the response. No database write or cache
* of the payload; only analytics/quota metadata are persisted.
*/
Request path: message, context, and optional attachedContent are folded into the model prompt for this request only. They are not appended to a durable chat_logs-style table of portfolio narrative.
Operational writes: quota and product analytics need identifiers and flags, not paragraph-long portfolio text. On success the handler records a toolUsage document whose metadata includes fields such as uid, tier, isPaid, hadAttachment, provider — not the context body:
await db.collection('toolUsage').add({
toolType: 'pocket_analyst',
action: payload.action,
metadata: {
uid: payload.uid,
tier: payload.tier ?? null,
isPaid: payload.isPaid ?? false,
hadAttachment: payload.hadAttachment ?? false,
provider: payload.provider ?? null,
status: payload.status ?? null,
errorCode: payload.errorCode ?? null,
},
timestamp: Timestamp.now(),
});
That is telemetry, not a ledger replica of what you asked. Free-tier quota also touches Firestore (aiUsage) as counts and period, not your CSV.
Sovereignty versus residency
- Sovereignty — the architecture philosophy: the sensitive financial narrative is not our row-level system of record for inference; cloud inference is bounded and stateless for that payload; we shrink what must sit in the vendor center.
- Residency — “Our database is in EU-West.” A different question (where bits are stored). It can coexist with Sovereignty, but it does not replace it: you can meet a region checkbox and still run a central ledger + full-prompt retention story Sovereignty rejects.
Where this architecture stops
- Paid attachments: if someone includes file text, that text is in the prompt for that turn. It still is not “our portfolio database,” but it does cross the wire for that request — the same transparency you would expect when any file is sent to a model.
- Regulation: a stateless inference path narrows what you retain; it does not substitute for sector-specific certifications or counsel-led privacy work. Architecture supports the story; it does not replace the paperwork.
Why persistence is leverage — and liability
Every column you keep is a column you must justify, protect, and delete on a schedule. Sovereign design chooses forgetfulness of the portfolio payload for the inference hop: a smaller vendor system than one that remembers every turn as product of record. That is the compliance trap this philosophy sidesteps for analyst-grade Q&A — not “no server,” but no server-side ledger replica for the chat path.
Part 1 of Sovereign Engineering.
Read the full Sovereign Intelligence book or try the app.
