Data Provenance
Knowing where your data came from and what you're allowed to do with it — and the licence field on the dataset you're using is probably wrong.
When not to use it
- (It's a practice. The question is when to distrust a claim.)*
- Trusting the licence tag on an aggregated dataset. It describes the collection, not the restrictive source inside it.
- Assuming a derivation chain carried its terms. Each hop is a chance for the field to be retyped wrong.
- Treating web-scraped as permissive. It's unlicensed, which is the unresolved question, not an answer.
- Assuming you can remove data later. You can't. Unlearning doesn't give the guarantee you'd need.
Reach for something else instead
- Provenance-traced corpora — collections built with the chain intact. Newer than what you're using.
- Licensed data — expensive, clean, and it favours the largest labs.
- Public domain — clean, smaller, weaker.
- Datasheets — if you're publishing, this is the template.
Sources & further reading
- Longpre et al. (2023), The Data Provenance Initiative: A Large Scale Audit of Dataset Licensing & Attribution in AI — the audit; most licence tags on popular datasets are wrong or missing.
- Gebru et al. (2018), Datasheets for Datasets — the template; the good sections are the ones people skip.
- Bourtoule et al. (2021), Machine Unlearning — why you can't take it back, and what the approximate methods don't guarantee.
Primary sources, listed so you can check the claims on this page rather than take them on trust.
Where people go wrong
- Reading the licence field as a fact. It's a claim someone typed, and the audit says it's often wrong.
- Missing that aggregation launders terms. One tag over 50 sources hides the restrictive one.
- Forgetting synthetic data carries the generating model's terms. Distillation is usually explicitly prohibited.
- Planning to remove problematic data later. Retraining is the only clean answer, and at scale that's not a plan.