Privacy-Aware Infrastructure in the AI-Native Era: An Asset Classification Case Study

As AI rapidly penetrates business operations, data privacy governance faces a fundamental contradiction: data fields are becoming more ambiguous, yet privacy protection requires increasingly precise decisions.

A classic example is a field named 'age'. When it appears in a user profile table, it represents sensitive personal information; but placed in an infrastructure caching config, it's just a mundane Time-to-Live value. The same field name demands entirely different governance treatments—a name alone cannot determine the privacy requirement.

This is the everyday challenge Meta describes in their case study on privacy-aware infrastructure in the AI-native era. The explosion of AI products compounds the problem: new data modalities (embeddings, multimodal inputs), rapid iteration, and evolving policy interpretations. Manual review can't keep up with the volume, and handing full decision-making to LLMs sacrifices auditability and stability.

A hybrid pattern: LLMs as teachers, not judges Meta's solution is not 'LLMs everywhere,' but a carefully designed four-step hybrid model:

1. Build rich context first: Gather metadata, lineage, and usage context before asking a model to reason.
2. Use LLMs for ambiguity and novelty: For new or unclear assets, LLMs provide interpretation and classification suggestions, handling cold-start.
3. Keep human-reviewed labels separate: Human-adjudicated labels serve as a gold standard, independent of model output, for downstream rule learning.
4. Distill to deterministic rules: Once behavior is validated, it's hardened into versioned, deterministic rules for routine enforcement.

The essence: in most common cases, the actual privacy decision is made by deterministic rules, not the LLM. LLMs act as scouts—they are called only for novel assets, and their judgments, once reviewed by humans, are distilled into rules. Over time, LLMs' direct role in production decisions shrinks.

This design has clear benefits: deterministic rules offer low latency, reproducibility, and auditability—exactly what’s needed for large-scale online enforcement. Meanwhile, LLMs' strength in handling ambiguity is applied only where it matters most.

Why this pattern matters This reveals a deeper trend in AI engineering: as AI systems move from experimentation to production, the requirement shifts from 'intelligence' to 'reliability.' In high-compliance domains like privacy, explainability and auditability often trump model flexibility.

Meta calls the overarching system 'Privacy-Aware Infrastructure' (PAI), comprising four layers: Understand (classify data), Discover (find relevant data flows), Enforce (apply retention/access constraints), and Demonstrate (provide verifiable compliance evidence). Asset classification sits at the foundational 'Understand' layer. If you can't even determine what the data is, downstream enforcement is built on quicksand.

What can you take away? Whenever you face a high-reliability, auditable AI classification task, consider this pattern: don't let AI make the final decision directly. A better path is to use AI to explore boundaries and identify patterns, then codify those patterns into human-vettable, machine-executable rules. Humans stay in the loop—not to review every case, but to approve rule promotions, ensuring controlled evolution of the overall system.

You might think LLMs will take over everything, but Meta's practice shows: in critical systems, don't hand the wheel to the model. The LLM is a brilliant apprentice—let it teach rules, not drive the car.