India AI Impact Summit 2026

aligning-ai-governance-across-the-technology-stack

6 min read

TRACK:Safe and Trusted AI
SPEAKERS
  • Aparna Bawa, Zoom Communications
  • David Zapolsky, Amazon
  • Jason Oxman, Information Technology Industry Council
  • Jay Chaudhry, Zscaler
SESSION OVERVIEW

This high-level CXO panel will explore how AI governance frameworks can be aligned across the entire technology stack—from semiconductors and compute infrastructure to AI models, applications, and deployment. Panelists will discuss risk-based, interoperable approaches that support innovation while clearly defining roles across the AI value chain. The session will highlight practical governance challenges and opportunities for global coordination, with a focus on collaboration between like-minded partners.

VIDEO RECORDING

Aligning AI Governance Across the Technology Stack

Abstract

The panel examined how AI governance can be harmonised across the entire technology stack—from semiconductor and compute layers to AI models, applications, and deployment. Panelists highlighted the perils of fragmented national regulations, the need for risk‑based yet flexible frameworks, and the tension between protecting citizens and fostering global innovation. Real‑world examples from Zoom, Amazon, Zscaler, and DeepL illustrated how governance decisions shape product design, security architecture, and cross‑border data flows. The discussion concluded with forward‑looking ideas on what a successful global AI‑governance outcome could look like a year from now.

Detailed Summary

  • Moderator opened by stressing the dual challenge: managing AI‑related risk while supporting global innovation and interoperability.
  • The panel was positioned as a “high‑level CXO” group representing different layers of the AI stack (semiconductor, cloud, SaaS, translation).
  • Goal: explore how governments can partner with industry to reduce fragmentation, align responsibilities, and build trust in AI systems that scale globally.

2. Why Global Alignment Matters – Perspectives from the Panel

2.1 Jay Chaudhry (Zscaler) – The “why” of alignment

  • Key Insight: In a world where corporations operate in ~50 countries, divergent national AI rules create operational friction.
  • Risk of Over‑Alignment: Too much uniformity can stifle innovation; too little governance can cause security gaps.
  • Core Argument: A balanced, risk‑based approach is needed—enough governance to protect citizens, but not so burdensome that it kills innovation.

2.2 Aparna Bawa (Zoom) – Cross‑border data flows & trade‑offs

  • Personal Context: Indian‑American background; observed stark “have‑and‑have‑not” contrasts during COVID (e.g., PPE shortages vs. California toilet‑paper stockpiling).
  • Argument: Unrestricted cross‑border data flow is essential for platforms like Zoom; restricting it hampers citizen progress.
  • Trade‑off: Privacy & security are “table‑stakes”; nevertheless, the current patchwork of privacy laws (U.S. state‑level) is inefficient.
  • Desired Outcome: A common framework with shared norms, while respecting national sovereignty.

2.3 David Zapolsky (Amazon) – Global services rely on open skies

  • Business Illustration: Amazon’s ecosystem (e‑commerce, cloud, satellite internet, media) depends on free flow of goods, data, and infrastructure.
  • Regulatory Concern: Premature or vague AI regulation (e.g., Colorado’s comprehensive AI law, EU’s “high‑risk” definitions) creates uncertainty and delays adoption.
  • Recommendation: Identify high‑risk use‑cases (decisions affecting life, health, civil rights) and regulate those rather than attempting a “unified field theory” of AI rules.

2.4 Jarek Kutulowski (DeepL) – Global language & agentic AI

  • Business Premise: DeepL’s mission is global communication; a transparent, common‑layer framework helps both translation and emerging agentic‑AI services.
  • Governance Gap: As AI agents become capable of autonomous actions across borders, the trust and safety requirements become more complex.
  • Call to Action: Governments need to co‑design policies that accommodate both translation and agentic scenarios, ensuring trust while preserving regional nuances (e.g., privacy).

3. The Role of Security & Trust – A Deeper Dive

  • Jay reiterated that AI is powerful but dangerous; without security overlays across the five AI‑governance pillars (application → model → data), malicious actors could weaponise AI (e.g., data poisoning, ransomware).
  • Zscaler’s “zero‑trust cloud‑based architecture” challenges traditional regulator expectations (e.g., requirement for firewalls).
  • Lesson: Regulators must understand modern security models (zero‑trust) to avoid stifling innovative security solutions.

4. Responsibility Across the Stack – From Users to Enterprises

4.1 Aparna Bawa on Product‑Development Trade‑offs

  • User‑centric View: Zoom balances innovation (rapid feature rollout) with risk management (security, privacy).
  • Tiered Controls: Provides toggles for enterprise administrators (waiting rooms, passcodes) while empowering consumer users with optional security features.
  • Education Angle: Emphasises training users (e.g., not feeding personal data into LLM prompts) and enterprise policies (Zoom will not use customer content for training).

4.2 David Zapolsky on Upstream Governance Impact

  • Amazon Bedrock: Offers a secure, multi‑model environment where customers retain ownership of their data and can apply guardrails (toxicity, bias filters).
  • Enterprise‑first Mindset: Amazon’s upstream governance (model testing, bias mitigation) cascades downstream to customer‑level controls, enabling safe AI adoption at scale.

4.3 Jarek Kutulowski on Agentic AI Governance

  • Escalating Stakes: Transition from simple translation to critical domains (e.g., R&D documentation for drugs).
  • Trust Layer: Need for transparent outcomes and flexible governance that can adapt to varying use‑case criticality.

5. Risk‑Based vs. Prescriptive Regulation – Panelists’ Experiences

SpeakerExample of Flexible (Risk‑Based) ApproachExample of Over‑Prescriptive Pitfall
JayZscaler’s zero‑trust model – regulators had to be educated rather than forced into firewall‑centric compliance.Over‑regulation could “kill innovation” (e.g., blanket AI bans).
AparnaZoom’s user‑choice toggles allow enterprises to opt‑in/‑out of AI features, matching risk appetite.If privacy laws become uniformly stringent, they would limit cross‑border collaboration (e.g., restricting data flow).
DavidAmazon’s guardrails on Bedrock let each enterprise set its own risk thresholds.Colorado and EU early AI statutes create uncertainty; companies hold off launches until clarity arrives.
JarekDeepL’s tiered trust framework supports both low‑risk translation and high‑risk agentic actions.Rigid “high‑risk/low‑risk” classifications without practical guidance cause implementation delays.

6. Forward‑Looking Vision – What Panelists Want to See in a Year

SpeakerDesired Governance Milestone (1‑year horizon)
JayProactive security standards that curb AI‑enabled ransomware and nation‑state threats before regulations become overly restrictive.
AparnaInclusive AI rollout that brings AI tools to low‑bandwidth, rural communities (e.g., farmers in Karnataka) and demonstrates tangible socio‑economic uplift.
DavidConvergence on an international AI‑governance consensus (e.g., ISO‑42001‑style standards) that harmonises risk‑based regulation globally.
JarekCross‑border collaboration framework enabling seamless multilingual cooperation irrespective of language or geography, reinforcing DeepL’s mission.

7. Closing Remarks & Transition

  • Moderator thanked panelists, highlighted the blend of philosophical and practical insights, and invited the audience to recognise the speakers.
  • Brief photo‑session and informal goodbyes concluded the segment.

Key Takeaways

  • Global coordination is essential: Fragmented national AI rules impede multinational operations and increase compliance costs.
  • Risk‑based, flexible frameworks outperform blanket prescriptive regulations; they protect citizens while preserving innovation.
  • Security must be baked into governance: Zero‑trust architectures and AI‑specific threat models (e.g., data poisoning, ransomware) are critical for trustworthy AI deployment.
  • User choice and tiered controls (as demonstrated by Zoom) enable enterprises and consumers to balance convenience, privacy, and safety according to their risk appetite.
  • Upstream governance (model development, testing, guardrails) cascades downstream—Amazon’s Bedrock illustrates how platform‑level safeguards empower safe enterprise AI use.
  • Agentic AI raises new governance challenges; translation‑focused firms like DeepL must extend trust and transparency mechanisms to autonomous agents.
  • Consensus standards (e.g., ISO‑42001) are a clear path forward, offering a common language for regulators and industry across borders.
  • Inclusivity matters: Deploying AI tools to underserved regions (rural India, low‑bandwidth areas) can spur both social good and market growth.
  • Proactive security measures against AI‑enabled attacks can prevent over‑reaction by governments that would otherwise stifle innovation.

These points capture the core insights from the panel and provide a concise reference for stakeholders interested in aligning AI governance across the technology stack.

See Also:

Graph View

Backlinks