AI agent privacy and identity controls: what teams still need

TL;DR: Tumult Labs operationalised differential privacy for sensitive analytics, with mathematical guarantees, privacy accounting, and large-scale Spark deployments, but its own scope stops short of authentication, authorisation, directory sync, and audit trails needed for production AI agent systems, according to WorkOS. Privacy protection and identity control solve different problems, so teams building agents still need the latter first.

NHIMG editorial — based on content published by WorkOS: Tumult Labs: Differential Privacy for AI Agents

By the numbers:

• 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems, inappropriately sharing sensitive data, and revealing access credentials.

Questions worth separating out

Q: How should security teams govern AI agents that process sensitive data?

A: Security teams should govern AI agents through two separate controls: data privacy and identity security.

Q: Why does differential privacy not replace IAM for AI agents?

A: Differential privacy limits what can be inferred from data outputs, while IAM controls who or what can access systems and perform actions.

Q: What breaks when AI privacy controls are used as a substitute for access governance?

A: The control gap is accountability.

Practitioner guidance

• Separate privacy review from access review Assess AI agent data protection and identity governance in different workstreams.
• Map every agent to a governed identity Require each AI agent to have a distinct identity, explicitly scoped permissions, and a logging path that lets investigators reconstruct actions.
• Test the control boundary before production Run a pre-launch validation that answers two separate questions: what can the agent learn from data, and what can the agent do with its authenticated access.

What's in the full article

WorkOS's full analysis covers the operational detail this post intentionally leaves for the source:

• The product comparison between differential privacy and enterprise authentication, authorisation, and directory sync for AI agent systems.
• The implementation context around SSO, SCIM, fine-grained authorisation, and audit logging for production deployments.
• The commercial and lifecycle implications of Tumult Labs' LinkedIn acquisition and the sunsetting of new customer onboarding.
• The specific situations where differential privacy is useful for analytics but irrelevant to runtime identity governance.

👉 Read WorkOS's analysis of differential privacy and AI agent identity controls →

AI agent privacy and identity controls: what teams still need?

Explore further

View Full Forum →  |  NHI Foundation Course →