Where AI Bleeds Data

The $300 Billion Problem Nobody’s Solved Yet — and why we just raised $24M to fix it

Across every chapter of my career, the pattern is the same: the most transformative technology only scales when people trust it. Right now, AI has a trust problem that’s costing the global economy hundreds of billions of dollars.

Today, I’m proud to announce that OPAQUE Systems has raised a $24M Series B led by Walden Catalyst, with participation from many others (including ATRC/TII), bringing our total funding to $55.5M at a $300M valuation. But the funding isn’t the story. The story is the problem we’re solving and why the timing has never been more urgent.

The Gap Everyone Knows About But Nobody’s Closed

Every enterprise wants AI. More than half of C-suite leaders say data privacy and ethical concerns are the primary barrier to adoption, according to the 2025 McKinsey Global Survey on AI. Gartner reports only 6% of organizations have an advanced AI security strategy. Palo Alto Networks predicts AI initiatives will stall not because of technical limitations but because organizations can’t prove to their boards that the risks are managed.

The result: more than $300 billion of the world’s most valuable data sits untapped. Not because the AI models aren’t good enough. Not because the compute isn’t available. Because there’s no trusted way to process sensitive data with AI.

If you haven’t been following the OpenClaw saga, you should be. In less than two weeks, this open-source AI agent racked up 180,000 GitHub stars and triggered a Mac mini shortage. Security researchers then found over 40,000 exposed instances leaking API keys, chat histories, and account credentials to the open internet. Cisco’s team tested a popular third-party skill and found it was functionally malware — silently exfiltrating data to an external server with zero user awareness. One user’s agent started a religion-themed community on an AI social network while they slept.

OpenClaw is a consumer phenomenon, but the pattern it exposed is the enterprise’s problem. AI agents don’t just answer questions — they read your emails, access your files, execute commands, and operate with the same system privileges as a human employee. Anthropic’s Claude Cowork, which launched in January and just expanded to Windows, gives Claude direct access to local file systems, plugins, and external services. It’s a powerful productivity tool, and Anthropic has publicly acknowledged that prompt injection, destructive file actions, and agent safety remain active areas of development industry-wide. These aren’t edge cases. They’re the new default architecture.

The compounding math I’ve written about before still holds: even at ~1% risk of data exposure per agent, a network of 100 agents produces a 63% probability of at least one breach. At 1,000, it approaches certainty. But the threat model has shifted. We’re no longer talking about a single model processing a single query. We’re talking about composite agentic systems — networks of AI agents with persistent memory, system access, and the autonomy to act on your behalf across your entire infrastructure. Every agent is a new identity, a new access path, and a new attack surface that traditional security tools can’t see.

That’s the gap. And it’s growing faster than most organizations realize.

Why Now

Three forces are converging, making this problem existential rather than theoretical.

First, agentic AI. We’re moving from humans prompting chatbots to autonomous AI agents acting on sensitive data with company credentials, system access, and decision-making authority. Gartner forecasts 40% of enterprise applications will feature task-specific AI agents by 2026. OpenClaw is the canary in the coal mine — and the coal mine is your data center.

Second, sovereign AI. Nations and regulated industries increasingly demand verifiable proof that data stays within jurisdictional control. Hope and contractual language aren’t sufficient. Cryptographic proof is.

Third, regulation. The EU AI Act takes full effect in August 2026, with fines up to 7% of global revenue. Eighteen U.S. states now have active privacy laws. Palo Alto Networks predicts we’ll see the first lawsuits holding executives personally liable for the actions of rogue AI agents. The compliance clock isn’t ticking — it’s accelerating.

What OPAQUE Does Differently

OPAQUE delivers Confidential AI — the ability for organizations to run AI workloads on their most sensitive data with cryptographic proof that data stayed private during computation and policies were enforced. Not promises. Not contractual assurances. Mathematical verification. Every other approach on the market relies on policy enforcement without proof — access controls, data masking, or contractual language that assumes compliance rather than verifying it.

This matters because AI won’t scale unless organizations can verify, not just assume, that their data and models are protected.

Our founding team built the foundational technology at UC Berkeley’s RISELab — now known as the Sky Computing Lab — which produced Apache Spark and Databricks. Co-founder Ion Stoica is also the co-founder and executive chairman of Databricks. Co-founder Raluca Ada Popa won the 2021 ACM Grace Murray Hopper Award for her work on secure distributed systems and now leads security and privacy research at Google DeepMind. Co-founder Rishabh Poddar, who earned his Ph.D. in computer science at Berkeley under Raluca Ada Popa, holds several U.S. patents and has authored over 20 research papers in systems security and applied cryptography — he architected the core platform that makes Confidential AI work in production. Our founding team holds 14 EECS degrees and has published nearly 200 papers. This isn’t a team that pivoted into Confidential AI because the market got hot. This team defined the category.

With this round, we’re also welcoming Dr. Najwa Aaraj to OPAQUE board of directors. Dr. Aaraj is CEO of the Technology Innovation Institute (TII), the applied research pillar of Abu Dhabi’s Advanced Technology Research Council (ATRC) — the organization behind the Falcon large language model series and ground-breaking post-quantum cryptography. She holds a Ph.D. with highest distinction in applied cryptography from Princeton and holds patents across cryptography, embedded systems security, and ML-based IoT protection. Her perspective on sovereign AI and verifiable data governance is informed by building exactly these capabilities at national scale. As she put it plainly: “there is no such thing as sovereign AI without verifiable guarantees.”

Customers, including ServiceNow, Anthropic, Accenture, and Encore Capital, are already using OPAQUE to unlock AI on data they previously couldn’t touch. Confidential AI has been endorsed by NVIDIA, AMD, Intel, Anthropic, and all major hyperscalers. A December 2025 IDC study found 75% of organizations are now adopting the underlying technology. The ecosystem is ready. The market is ready. The missing piece has been a platform that bridges the gap between what the hardware can do and what enterprises actually need.

That’s what we built.

Where This Goes

Market analysts project $12–28B by 2030–2034. I think that undersells it by an order of magnitude, because it sizes the security market rather than the AI value because it sizes the security market rather than the AI value Confidential AI unlocks for the enterprise and sovereign cloud.

Just as SSL certificates transformed online commerce by making trust invisible and automatic, Confidential AI will do the same for data-driven industries. The organizations building on these foundations now will be the ones who capture the most value from AI over the next decade.

To our customers, partners, investors, and team: thank you. We’re just getting started, and the best is ahead.

Where AI Bleeds Data

If your AI strategy depends on sensitive data you can’t currently use, start here: we’ve developed an AI Stack Exposure Map in collaboration with our customers, partners, and founders from UC Berkeley. It maps the specific points where data is exposed at each layer of the AI stack — the gaps most organizations don’t even know exist — and shows what Confidential AI looks like in practice.

See the full AI Stack Exposure Map at opaque.co.

The question isn’t whether your organization will adopt AI at scale. It’s whether you’ll be able to prove it’s safe when you do.

Reading Recommendation: The United States Constitution

The mission of the U.S. Constitution is to frustrate the human drive to concentrate power by spelling out limits on government and clear, enforceable rights. And by creating a systems of competing branches that hold each other accountable. “How to Read the Constitution—and Why” by Kimberly Wehle teaches you to read the text at its source and see how it protects liberty in real conflicts.

Right now in Minnesota, federal immigration enforcement actions—including the deadly shooting of U.S. citizen and ICU nurse Alex Pretti and Nicole Good by a Border Patrol agent during a protest — have raised urgent constitutional questions: violations of First Amendment free speech/protest rights, Fourth Amendment limits on unreasonable search/seizure and force, Fifth Amendment due process and right to counsel before loss of liberty, and disputes over how Second Amendment rights to keep and bear arms apply in public demonstrations where protesters include lawful gun owners.

Understanding the Constitution isn’t academic — it’s how citizens can spot when power oversteps its bounds. This book gives you that grounding. Knowing your rights matters; read it.

A Phoenix

San Francisco is one of the greatest cities of the last hundred years. It sparked the Summer of Love, helped launch a global music movement, and became the definitive epicenter of modern technology.

I grew up 69 miles south in Morgan Hill, back when it was mostly farmers and ranchers, but I spent plenty of time as a teenager hanging out in the Haight. As a kid, outside of Santa Cruz and the redwoods, my favorite places were the Exploratorium and Alcatraz.

San Francisco still leads the world in innovation, and today it sits at the center of the AI supercycle. I live in San Diego now, but I’m in San Francisco a few times a month since OPAQUE’s largest office is on New Montgomery (just down from House of Shields — and old haunt of mine in past tech super cycles) in the city and many customer and partner conversations happen in the Bay Area.

Like the phoenix, San Francisco has a habit of burning down and rebuilding itself. After the 1906 earthquake—and again after the pandemic—the city was declared finished, only to reemerge around the next technological inflection point. Today that rebirth is happening through AI, with talent, capital, and experimentation reconverging as platforms reset. The metaphor works not because it’s poetic, but because SF’s history shows renewal follows real innovation. Often I’ll hear people bemoan the destruction of SF during the pandemic. Don’t count on it. This Phoenix always rises again, renewed, different, but always beautiful.

My rituals: Run along the Embarcadero and back through China town. Zevi for lunch, Working Girls across the street from OPAQUE for coffee and a bagel (hi Max), and Fang for working dinners.

Some cities shape who you become (as is the case for me with SF); San Francisco keeps shaping what comes next, globally.

Trip Reflections from the United Arab Emirates

The United Arab Emirates creates quite an impression. The country is anchored in a rich and long history that stretches from pre-history to ancient desert trade routes to coastal pearl-diving villages, yet it’s moving at a pace that makes western ambition seem tired. It feels decades ahead of the United States. Dubai’s kinetic and surreal skyline is a striking contrast with the historic old town. Abu Dhabi has a kind of cultural gravity and an incredible mosque. The quiet vastness of the Sharjah desert…I love the desert. The visuals were literally awesome and the people were warm, welcoming, and high-integrity.

I was there last July and I’ve been meaning to write about it. It was in the 90s F and humid. I still managed a 3-4 mile jog every morning. It was the equivalent of a Florida Summer, but it was unusually cool for that time of year.

Zafer Younis


As always, some brief history—because I love it. Human settlement on the Arabian Peninsula dates back over 100,000 years, with archaeological sites in the UAE showing early stone-tool industries, Bronze Age metallurgy, and extensive pre-Islamic trade networks linking Mesopotamia, Persia, and the Indus Valley. Coastal communities relied on fishing and pearl diving for centuries, while inland tribes moved with the seasons across desert oases. By the 16th century, European and regional powers competed for influence along the Gulf’s strategic maritime corridor, but the interior remained defined by tribal alliances, trade, and pilgrimage routes that shaped the region’s cultural continuity well into the modern era.

Some more interesting facts :

  1. The UAE hosts one of the world’s oldest known pearling cultures; divers once descended 20-30 meters on a single breath, and many coastal towns still map to historic pearling fleets.
  2. The traditional wind tower (barjeel) is an indigenous form of natural air-conditioning; entire neighborhoods in old Dubai were engineered around passive cooling centuries before electricity.
  3. The Arabian oryx—once extinct in the wild—was reintroduced through UAE-led conservation and is now one of the world’s most successful large-mammal recovery efforts.
  4. Sharjah’s Mleiha archaeological zone contains a 130,000-year human migration trail, one of the oldest documented routes of Homo sapiens out of Africa.
  5. The date palm, a cultural and agricultural backbone of the Emirates, has supported food security for over 7,000 years; today the UAE maintains global gene banks to preserve lineage diversity.
  6. Dubai Creek is a natural inlet that enabled centuries of Indian Ocean trade; its shape and depth dictated the city’s earliest merchant settlements long before oil or skyscrapers.
  7. The Empty Quarter (Rub’ al Khali), which covers part of the UAE, contains dune systems that migrate up to 30 meters a year—an environment that shaped Bedouin navigation, camel-breeding, and oral poetry traditions.
  8. The falconry heritage is so integral that UAE falcons carry their own passports for international travel; it reflects a conservation tradition that brought the once-endangered saker falcon population back from collapse.

I was thrilled to experience this place firsthand. Awesome is the best word to describe it. I look forward to returning to explore more.

South Park Walk

South Park grew out of the 1905 Bartlett real-estate development, one of San Diego’s earliest streetcar suburbs. The 30th Street trolley line pulled middle-class residents south of Balboa Park and produced a dense run of Craftsman and Spanish Revival homes that still define the neighborhood. The area later became a small commercial district anchored by independent shops and cafés as postwar suburbanization bypassed it. Its present culture reflects that streetcar DNA: walkable blocks, preserved early-20th-century architecture, and a steady community focus on historic conservation.

Avignon: A Brief, Photogenic History

Avignon sits on a limestone outcrop above the Rhône, a strategic perch that’s drawn humans since prehistoric settlements ringed the riverbanks. The Romans formalized it in the 1st century BCE as Avenio, a fortified trading post tied into the Via Agrippa road network. The bones of that layout still shape the old city’s narrow lanes—perfect for close-up architectural shots of stone textures and surviving Roman foundations.

Everything changed in the 14th century, when the papacy relocated from Rome to Avignon—first under Pope Clement V, then firmly established by John XXII. For nearly 70 years, Avignon was the administrative and spiritual capital of Western Christianity. This is the era that produced the massive Palais des Papes, Europe’s largest Gothic fortress-palace.

Across the river, Villeneuve-lès-Avignon emerged as the papacy’s defensive counterweight. When the popes settled in Avignon, they needed control of both banks of the Rhône to secure trade, movement, and military access. The French crown—keen to assert influence without directly challenging papal authority—established Villeneuve as a royal town. To anchor that power and guard the river crossing, the French built the formidable Fort Saint-André atop Mount Andaon.

The fort’s purpose was twofold. Militarily, it dominated the Rhône valley and kept a watchful eye on Avignon itself. Politically, it was a reminder that even while the papacy ruled the city, France controlled the high ground. Its massive walls and twin towers still photograph beautifully: clean sight lines, panoramic overlooks of the Palais des Papes, and vantage points that show how the Rhône once defined borders, loyalties, and strategies.

Taken together, Avignon and Villeneuve tell a single story—one city holding spiritual power, the other holding the heights—shaping a medieval landscape that still reads clearly through a modern lens.

Augergine

Thirty-six Frames

I started a photography exercise of photographing a subject thirty-six times with pre-fixed constraints and from different angles, composition, and camera settings. Thirty-six because this is how many shots a roll of film usually had.

Art is the output of one’s passion for improving the world.

It’s an exercise in mindfulness and presence. You might enjoy this too. Here’s the pattern.

36 Frames Challenge

  1. Pick a single subject/location. (e.g., a café corner, a stairwell, a street intersection, your kitchen sink at noon.)
  2. Set constraints.
    • One lens/focal length.
    • No burst mode. No “chimping” (don’t check the screen).
    • Meter once, then adjust only when the light changes.
  3. Warm‑up (frames 1–6). Explore angles: high/low, near/far, front/backlight.
  4. Light study (frames 7–18). Track how light shapes form: side‑light for texture, backlight for rim/flare, open shade for skin.
  5. Composition study (frames 19–30). Work one idea at a time: leading lines, layers, frames‑within‑frames, negative space, symmetry/asymmetry.
  6. Decisive moments (frames 31–36). Wait for timing: gestures, overlaps separating, clean backgrounds.

Edit immediately

  • Import, hide filenames, and star only 5. No ties.
  • For each keeper, write one sentence: “Side‑light revealed texture on the brick; foreground blur added depth; subject isolated against shadow.”

Settings shorthand (use as a start, then adjust)

  • Daylight street: f/5.6, 1/500s, ISO 200.
  • Indoors window light: f/2–f/2.8, 1/125s, ISO 400–800.
  • Night city: f/1.8–f/2.8, 1/60s (brace), ISO 1600–3200.

Variations for different goals

  • People skills: same subject, three distances (full/half/close), one expression per frame.
  • Monochrome study: shoot B&W only; look for shape/contrast.
  • Geometry day: only leading lines and negative space.
  • Color hunt: anchor each frame on one dominant color + a counterpoint.

As much as I love photography, it’s a shame photos are shared on Instagram where one can’t really see and experience them fully.

Enjoy. 🙂