Why AI Is Training on Its Own Garbage (and How to Fix It)

2026-04-08 · Source: Towards Data Science · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Data Science & Analytics · Depth: Intermediate, medium

Summary

The PROPS (Protected Pipelines) framework, introduced by Ari Juels, Farinaz Koushanfar, and Laurence Moroney, addresses the looming "Model Collapse" in AI training by enabling secure access to high-quality, private "Deep Web" data. This framework leverages Privacy-Preserving Oracles and Secure Enclaves to allow AI models to train on sensitive information, such as medical records or financial documents, without ever exposing the raw data to humans or the model itself. Unlike synthetic data, which can reduce diversity and bias models against outliers, PROPS facilitates the use of real-world, authenticated data. It also extends to inference, exemplified by a Loan Decision Model (LDM) that verifies financial data securely without direct document submission. While full-scale implementation requires advancements in hardware-backed secure enclaves like Intel SGX or NVIDIA H100 TEEs, lighter versions are deployable today, offering a significant improvement over current data sharing practices.

Key takeaway

For CTOs and VPs of Engineering concerned about data quality and privacy in AI model development, PROPS offers a viable path to access the vast, high-quality "Deep Web." You should investigate integrating privacy-preserving oracles and secure enclaves into your data pipelines to mitigate "Model Collapse" and enhance model performance on real-world, diverse data, even if full hardware-backed solutions are still maturing.

Key insights

PROPS enables secure AI training on private Deep Web data using privacy-preserving oracles and secure enclaves.

Principles

• Trust is the bottleneck for AI data access.
• Deep Web data is higher quality than Surface Web.
• Synthetic data reduces model diversity.

Method

PROPS involves user permission, data verification by a Privacy-Preserving Oracle (e.g., DECO protocol), and model training within a hardware-backed Secure Enclave, releasing only updated model weights.

In practice

• Use PROPS for training on sensitive medical records.
• Implement PROPS for secure loan decision models.
• Explore DECO protocol for data authentication.

Topics

• Model Collapse
• Deep Web Data
• PROPS Framework
• Privacy-Preserving Oracles
• Secure Enclaves

Best for: Research Scientist, CTO, VP of Engineering/Data, AI Scientist, Machine Learning Engineer, AI Security Engineer

Related on AIssential

• AI is Eating Its Own Tail And Biting The Hand That Feeds It — AI training on its own outputs creates a feedback loop leading to model collapse and degraded quality.
• How to Build License-Compliant Synthetic Data Pipelines for AI Model Distillation — Synthetic data distillation pipelines enable specialized AI model development despite data scarcity or licensing concerns.
• How Synthetic Data is Solving AI’s Biggest Data Problem — Synthetic data addresses AI's data scarcity and privacy challenges by generating artificial, realistic training information.
• The Sequence Knowledge #784: The Convergence of Synthetic Data and World Models Models Are Unlocking Embodied AI — Synthetic data generation and world models overcome real-world data bottlenecks for embodied AI.
• The Download: deepfake porn’s stolen bodies and AI sharing private numbers — AI advancements introduce complex ethical and privacy challenges alongside technological progress.
• AI Is Eating Itself to Death — and Nobody Is Stopping It — AI models trained on synthetic data experience "model collapse," progressively losing unique information and degrading.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Towards Data Science.