The Shift to On-Device AI Processing
Artificial intelligence is moving from the cloud to the edge. Apple Intelligence, Google’s on-device AI features, Microsoft’s Copilot+ PCs with Neural Processing Units (NPUs), and similar initiatives from every major technology company are bringing AI processing directly onto laptops, phones, and tablets. This shift means that AI models, training data, inference results, and AI-generated content are increasingly stored locally on devices rather than exclusively in cloud data centres.
From a data destruction perspective, this trend creates significant new challenges. The data that AI systems process, learn from, and generate on local devices adds layers of complexity to an already complex disposal landscape. Organisations that have established data destruction practices for traditional files and databases now need to consider AI-specific data types that behave differently and may be stored in unexpected ways.
What AI Data Exists on Local Devices
On-device AI systems create and store several categories of data that did not exist on devices a few years ago. AI models themselves, whether pre-trained or fine-tuned locally, occupy storage space and may encode information from the data they were trained on. Research has demonstrated that large language models can memorise and reproduce training data, meaning a locally stored model could contain fragments of the data it processed.
Personalisation data is a major component of on-device AI. Apple Intelligence learns your writing style, communication patterns, and preferences. Google’s on-device models learn your search habits, photo categorisation preferences, and app usage patterns. Microsoft’s Recall feature (when enabled) captures screenshots of everything displayed on screen at regular intervals to enable AI-powered search of your activity history.
AI-generated content including summaries, suggestions, drafts, and responses is stored locally. These generated outputs may contain or reflect sensitive information from the source material they were created from. A locally generated AI summary of a confidential document contains the key points of that document.
Cache and inference data from AI operations may persist on device storage. When an on-device AI model processes a document, email, or image, intermediate results and processed outputs may be cached for performance reasons. This cached data can contain processed versions of sensitive information.
Vector databases and embedding stores used by local AI applications convert text and images into numerical representations (embeddings) that enable semantic search and retrieval. These embeddings can potentially be used to reconstruct or infer the original content, creating a non-obvious data persistence mechanism.
Why Standard Deletion Is Insufficient for AI Data
AI data is distributed across device storage in ways that standard file deletion does not address. Model weights may be stored in application-specific directories. Personalisation data may be embedded in system databases. Vector stores may exist in locations that are not visible through normal file browsing. Cache files from AI operations may be scattered across temporary directories.
Even when AI applications provide options to delete personalisation data or clear AI history, these deletion functions may not meet data destruction standards. They may remove the user-facing data while leaving underlying model weights, cached embeddings, or system-level records intact.
The proprietary nature of many AI implementations means that understanding exactly where and how AI data is stored on a device requires reverse engineering or manufacturer documentation that may not be publicly available. This opacity makes it difficult to verify that AI-related data has been completely removed.
Implications for Device Disposal
For organisations disposing of devices with on-device AI capabilities, the safest approach remains full disk sanitisation using NIST 800-88 compliant methods. A complete disk wipe destroys all data regardless of how it is stored, including AI models, personalisation data, embeddings, and cache files. This approach bypasses the complexity of trying to identify and selectively delete AI-specific data types.
Simple factory resets or operating system reinstallations may not adequately address AI data. Some AI data is stored in areas of the device storage that survive standard reset procedures, particularly on devices with dedicated AI processing hardware that may have its own storage.
For devices with dedicated NPUs or AI accelerators, consider whether these components have their own storage that requires separate attention. As AI hardware becomes more integrated into device design, the storage architecture becomes more complex, with data potentially residing on multiple chips within the same device.
Policy Considerations for AI-Enabled Devices
Organisations should update their IT asset disposal policies to address AI-specific data considerations. This includes recognising that AI-enabled devices may contain data types that were not contemplated when existing policies were written, and specifying that full disk sanitisation is required for all AI-capable devices regardless of the perceived sensitivity of the AI data.
Consider whether AI features should be enabled on company devices in the first place. Features like Microsoft Recall, which create comprehensive records of user activity, significantly increase the data footprint on each device and the potential impact of improper disposal. The productivity benefits of these features should be weighed against the increased data destruction obligations they create.
Employee training should address the data implications of on-device AI. Staff who understand that their device’s AI features are learning from and storing representations of everything they do are more likely to take data destruction seriously when devices are being replaced or returned.
Looking Ahead
The trend toward on-device AI is accelerating. Each generation of devices will have more AI capability, more local model storage, and more personalisation data. The data destruction challenge will grow in parallel. Organisations that begin addressing AI-specific disposal considerations now, rather than waiting for a breach to highlight the gap, will be better prepared for the increasingly AI-rich device landscape of the future.