
In this article, Joe Sullivan, CEO of Joe Sullivan Security, examines a question most companies have yet to confront: what happens to the version of you that lives inside your workplace AI tools when you leave a job? Over time, employees teach these systems how they think, write, make decisions, and apply years of professional judgment — creating a digital extension of themselves that is deeply intertwined with company data. Joe explains why today’s offboarding practices leave both sides with a bad choice: let employees take everything and risk exposing sensitive information, or delete everything and erase a valuable part of their professional identity. He argues that businesses, lawmakers, and AI builders must develop a secure, auditable way to separate what belongs to the employee from what belongs to the company—before disputes over who owns the “backup of your mind” become unavoidable.
On your last day at a job, someone from IT deactivates your accounts. It takes about a minute. And in that minute, something new is now destroyed: the version of you that you spent years teaching a machine.
Think about what knowledge workers actually pour into AI tools now. Not just company data — themselves. How you think through a hard decision. The checklists you developed over a career. Your writing voice, refined through a thousand small corrections. Your values, which show up in every instruction you've ever given an AI assistant about what matters and what doesn't. Employees bring their whole selves to work — we've spent a decade asking them to — and the AI tools they use all day have been quietly recording exactly that.
The footprint is deeper than most people realize, and it accumulates in layers. There are the artifacts you deliberately author: custom skills, prompt libraries, agent configurations, automations — reusable tools you built to make yourself better at your job. There is also extracted memory: the facts the system has learned about you, some because you said them, some because it inferred them — your preferences, your projects, your relationships, your standing context. There are style and voice profiles: the tool's learned model of how you write and decide, built from every correction and thumbs-up you've ever given. And underneath it all sits the raw corpus of your conversation history, from which every other layer can be regenerated. Together they amount to a working model of a person's professional mind.
Then they resign, and the account is deleted, and they start over at the next job with nothing. Not because anyone decided they should lose it. Because nobody decided anything at all.
For as long as we've had employment law, we've maintained a decent bargain. You leave a job with your skill, your experience, your know-how, and you leave behind the trade secrets, the customer lists, the work product. Courts have policed that line for a century. Consulting agreements even formalized it with "residuals clauses": you may reuse whatever you retain in unaided memory. The bargain worked because the most personal things — your craft, your judgment, your voice — lived in your head, and your head walked out the door with you, no questions asked.
AI broke that bargain, quietly and completely. The moment you teach an AI assistant how you work, your tacit knowledge becomes a file. The file was created during employment, often on employer time and tools. Under the standard IP assignment clause every employee signs — "all work product created during the scope of employment" — it arguably belongs to the company. The identical knowledge in your head was yours forever. In a file, it's assignable. An accident of old contract language meeting new technology has put the most personal layer of a person's working life on the wrong side of the line.
And there's a third party at the table nobody invited: the AI platform itself, which holds custody of the whole footprint under terms of service neither the employee nor the employer chose. Don't count on regulators to have solved this either. Even Europe's data portability right doesn't reach the most valuable layer — GDPR's Article 20 has been read to cover data you provided, not the profile the system inferred about you. I learned this when working on facial recognition technology long ago: you own your images but not the derived facial recognition algorithm that was generated. In the same way the learned model of your voice and judgment — the part that feels most like you — belongs, in practice, to whoever hosts it.
I've spent my career in security, protecting companies from data walking out the door. So believe me when I say the answer is not "let employees export everything." An AI footprint interleaves a person's voice and preferences with customer names, deal terms, and unannounced plans — sometimes three lines apart in the same memory file. A skill called "how I review contracts" may encode both a career's worth of general craft and a company's confidential negotiation playbook. A full export is a data breach with a bow on it. No CISO should allow it, and I wouldn't either.
So the choice at offboarding today is binary and bad. Take everything, and the company suffers an exfiltration event. Take nothing, and the employee absorbs the whole loss. Because companies can't cleanly separate the personal from the proprietary, nearly all of them default to destroying both. We would never accept this in physical form — imagine HR shredding your personal notebooks on the way out because a few pages mention client work. Yet that is the standard offboarding policy at nearly every company today, applied to something more intimate than a notebook: an accumulated record of how you think.
And it will get worse before it gets better. These tools are becoming more personal, not less. The employee who joins a company in 2026 and leaves in 2030 will have taught their tools more about themselves than they've told most colleagues. If the deal is "everything you teach the machine dies here," rational employees will respond rationally — by holding back, by keeping a shadow toolkit on personal accounts, by never fully investing in the tools their employer paid for. Companies that destroy their people's accumulated selves at the exit will find those selves were never fully brought in the door.
The instinct will be to fix this at the artifact level: this file is personal, that file is the company's. That instinct is wrong. Ownership doesn't attach to artifacts; it attaches to the content inside them, layer by layer and line by line. Identity, values, and voice belong to the person. Confidential context belongs to the company. The honest answer to "who owns this?" requires opening the artifacts and separating those layers, with an audit trail both sides can trust. Nothing does this today. The AI memory infrastructure companies assume the footprint is monolithically the user's. The enterprise governance vendors assume it's monolithically the company's. Both are wrong, and the gap between them is where the next generation of employment disputes will be born. The first wrongful-termination case with a contested AI memory file in discovery is coming.
So here is the challenge: how do we do right by the employee. To employment lawyers: the residuals clause needs a successor written for a world where memory is no longer unaided. To CISOs and CHROs: your off-boarding checklist has a new asset class on it, and "delete the account" is not a policy. To builders: the interesting problem was never moving bytes between AI tools — the platforms will commoditize that themselves. The problem worth solving is the clean, provable split.
But it starts with recognizing whose loss this is. We spent the last decade arguing about who owns our data. The next fight is about who owns the backup of your mind — and right now, the person it's a backup of is the only party with no claim at all.