¡Hola! Hi — and thank you for being a subscriber of The Data Massagist newsletter. Are you a new subscriber? Check out previous editions and articles at TheDataMassagist.com Website

According to a recent Microsoft study, an estimated 1.3 billion AI agents will be in operation by 2028. In that context, running agents in siloed environments will limit their ability to deliver real enterprise value.

In today’s edition (#9), I’m sharing my perspective on how Chief Data Officers (CDOs) can drive ethical, trusted, and scalable AI—without slowing down innovation.

Why CDOs? Because modern analytics platforms like Microsoft Fabric, Databricks, and Snowflake will play a pivotal role in the agentic future. These platforms provide the foundation to access the right data, prepare it (or “massage” it), and serve it in a secure, governed way.

They are also rapidly becoming the environments where agents are built and deployed:

• Microsoft Fabric: Capabilities like Copilot for PowerBI, Data Agents and Operations Agents enable teams to build agents directly on top of governed, enterprise-ready data.

• Snowflake: Features such as Snowflake Cortex and Snowflake AI Agents make it possible to create intelligent applications and agents natively within the platform.

• Databricks: Tools like Mosaic AI, Delta Live Tables, and Unity Catalog provide the foundation to develop, govern, and operationalize AI agents on top of high-quality, well-managed data.

Let's get started!

1.- What Is Responsible AI, and Why It Matters Now

Responsible AI refers to the practice of designing, deploying, and operating AI systems in ways that are fair, transparent, accountable, secure, and aligned with human and societal values. As AI systems increasingly influence decisions about customers, employees, pricing, eligibility, and content, the risks are no longer theoretical. Bias, data leakage, hallucinations, and opaque decision-making can quickly become regulatory, reputational, and financial liabilities. You can learn in my article about Responsible AI: Putting the People First while building AI systems.

Modern Responsible AI frameworks consistently converge on a core set of principles:

• Fairness & inclusiveness

• Transparency & explainability

• Privacy & security

• Reliability & safety

• Accountability & human oversight

• Auditability across the AI lifecycle

These principles are well-articulated in Microsoft’s Responsible AI Standard and similar industry frameworks. The challenge for enterprises is not agreeing with these principles—but enforcing them at scale, especially as analytics platforms become AI platforms.

2.- Analytics Platforms Are Becoming AI Platforms

Snowflake, Databricks, and Microsoft Fabric have all evolved beyond analytics into environments where users can build AI-driven experiences directly on enterprise data. However, their philosophies—and governance implications—are meaningfully different.

2.1.- Snowflake and Databricks: Maximum Flexibility, Maximum Responsibility

Snowflake and Databricks both enable organizations to choose which foundation models they want to use—including OpenAI, Anthropic (Claude), Meta (Llama), Mistral, and others—either through native services or external integrations.

• Databricks offers model serving, agent frameworks, and an explicit AI Governance Framework that spans model lifecycle, access control, monitoring, and evaluation. With Unity Catalog, MLflow, and AI Gateway, teams can govern models, prompts, usage, and inference traffic—if they choose to do so.

• Snowflake provides Cortex AI, agents, and an increasingly strong governance perimeter, ensuring customer data is not used for model training and remains within Snowflake’s security boundary.

This openness is powerful—but it shifts responsibility to the enterprise. When teams can freely select models, build agents, and deploy autonomous workflows, AI governance becomes an operating model problem, not a tooling problem.

Without clear guardrails, flexibility can quickly lead to:

• Shadow AI agents

• Unapproved model usage

• Inconsistent ethical standards

• Data leakage via prompts and responses

2.2.- Microsoft Fabric: Constrained by Design, Governed by Default

Microsoft Fabric takes a different and intentional approach.

When building AI Agents, currently Microsoft Fabric limits native AI experiences to:

• Copilot in Power BI

• Fabric Data Agents

• Operator-style agents embedded in the platform

These experiences are tightly integrated with Microsoft-managed models and operate within Fabric’s security, identity, and compliance boundary. Users cannot arbitrarily swap models inside Fabric AI experiences.

For more advanced scenarios—such as custom agents, multi-agent systems, or model orchestration across tools—Microsoft positions Microsoft Foundry (formerly Azure AI Foundry) as the correct extension point.

This design choice matters:

• It reduces accidental misuse of AI by business users.

• It centralizes accountability.

• It makes Responsible AI enforcement the default, not an afterthought.

Fabric effectively trades some flexibility for predictability, auditability, and trust—a trade many regulated or large enterprises actively want.

3.- The CDO’s Role: From Data Governance to Agent Governance

As AI agents move from copilots to autonomous actors, the CDO’s mandate expands.

The modern CDO must govern:

• Which data agents can access

• Which actions agents are allowed to take

• Which models can reason over which data

• Who is accountable for outcomes

This requires a shift from traditional data governance (schemas, tables, reports) to AI governance primitives:

• Prompt governance

• Model lineage

• Agent identity

• Action boundaries

• Human-in-the-loop controls

Crucially, governance must be cross-platform—because most enterprises will run Snowflake, Databricks, and Fabric together, not pick a single winner.

4.- Microsoft Purview: The Unifying Control Plane for Responsible AI

This is where Microsoft Purview becomes strategically important.

For those less familiar with it, Microsoft Purview is Microsoft’s comprehensive platform for governing, protecting, and managing information wherever it lives—across documents, messages, and data, and across environments such as on‑premises, Azure, AWS, and GCP. Microsoft Purview is organized around three core solution areas: Data Governance, Data Security, and Data Compliance.

My primary focus is on Purview Data Governance, which enables organizations to discover, catalog, and manage their data estate with clarity and control. Through automated scanning and classification, Purview builds a unified view of enterprise data enriched with metadata, lineage, and sensitivity labels. The Unified Catalog provides business‑friendly discovery and governance constructs such as domains, data products, glossary terms, and data quality, allowing both technical and business users to confidently find and trust the data they use.

Microsoft Purview is not limited to governing data managed by Microsoft platforms alone. While it natively supports Azure services such as Azure Blob Storage, ADLS Gen2, Azure SQL (Database and Managed Instance), Azure Synapse, Azure Databricks (Unity Catalog), Azure Files, and Azure Machine Learning, Purview is designed as a multi‑cloud, hybrid governance platform.

At the core of Purview Data Governance is the Data Map, which supports 200+ data sources across Azure, AWS, GCP, and on‑premises environments. Through automated scanning, classification, and lineage capture, the Data Map provides a unified, continuously updated technical view of the enterprise data estate.

• Supported databases span a wide range of technologies, including Amazon RDS and Redshift, Cassandra, DB2, Google BigQuery, MongoDB, Oracle, PostgreSQL, SAP HANA and SAP Business Warehouse, Snowflake, Teradata, and among others.

• Beyond databases, Microsoft Purview also integrates with third‑party services and applications, extending governance beyond raw data stores to the tools where data is modeled, analyzed, and used. These integrations include platforms such as Erwin, Qlik Sense, SAP ECC and S/4HANA, Tableau, Salesforce, and even Enterprise AI interactions (e.g. ChatGPT Enterprise)—allowing organizations to govern not only data assets, but also how data is consumed and interpreted.

Back to today’s topic, Microsoft Purview already integrates with leading analytics platforms, with different levels of integration depth:

• Microsoft Fabric & OneLake Native, first‑party integration: deep metadata capture, end‑to‑end lineage, sensitivity labels, and tight alignment with Purview’s Unified Catalog and Data Products.

• Azure Databricks Strong governance integration: metadata and lineage ingestion aligned with Unity Catalog, enabling cross‑platform lineage and centralized governance.

• Snowflake Broad catalog and lineage support: schema, table, and classification metadata integrated into Purview for enterprise‑wide discovery and governance.

Note: It's a good practice to review the know limitations to set the right expectation and check the roadmap as Microsoft Purviews is always evolving.

In the context of Responsible AI, Microsoft Purview provides four critical capabilities across all three platforms:

4.1.- Data Discovery, Classification, and Lineage

Microsoft Purview enables automated scanning, sensitivity labeling, and lineage tracking—so organizations know what data exists, where it flows, and where AI can see it.

4.2.- Policy-Based Access and Risk Control

Sensitivity labels, DLP policies, and access governance extend into Microsoft Fabric, Power BI, and governed Databricks environments—reducing the risk of oversharing data with AI systems.

4.3.- AI-Centric Risk Assessment

Purview’s Data Security Posture Management (DSPM) capabilities increasingly focus on AI exposure—helping identify overshared dashboards, high-risk datasets, and AI-relevant assets before something goes wrong.

4.4.- A Shared Language Between CDO, CISO, and Legal

Perhaps most importantly, Microsoft Purview becomes the common control plane where data, security, compliance, and AI governance converge—bridging organizational silos that traditionally slow Responsible AI initiatives.

5.- Final Thought: Responsible AI Is an Architecture Choice

Responsible AI is not enforced by policy decks or ethics statements. It is enforced by platform architecture, default behaviors, and governance integration.

• Snowflake and Databricks give you freedom—but demand maturity.

• Fabric constrains by design—to make trust scalable.

• Purview ties them together—so governance survives platform diversity.

For CDOs, the question is no longer “Can we build AI?” It is “Can we prove our AI deserves to be trusted?”

That question will define the next generation of data leadership.