Ken Priore

Questions to Ask When Everyone Else Is Guessing

Every six months, the rules change. Old playbooks don't work anymore. The only way through is to ask better questions. Here are nine questions that matter for anyone building with AI

6 min read
Reference: Y Combinator. (2025, June 17th). Every AI Founder Should Be Asking These Questions. YouTube.

"I'm extremely confused," Jordan Fisher admitted in a recent Y Combinator talk. "I can't see five years into the future. I can see like three weeks or less."

That's where we all are right now. Every six months, the rules change. Old playbooks don't work anymore. The only way through is to ask better questions.

What follows are my summaries and interpretations from that Y Combinator video—specifically the questions that hit hardest for me. Fisher covered a lot of ground, but these nine stood out as the ones that matter most when you're trying to build something that lasts. They're the questions I keep coming back to with the teams I work with, and the ones that seem to separate real strategy from guessing.

Here are nine questions that matter for anyone building with AI. Start with the first one—it's the foundation everything else builds on. The rest are interconnected, and you'll need to keep coming back to them as things evolve.

Do You Have Data That Actually Matters?

Before you think about product strategy, UI, or governance, answer this: do you have a dataset that competitors can't easily replicate?

A few years ago, you needed custom data just to build something useful. Then powerful generalist models changed that calculation—often it made more sense to use GPT than train your own model. But that's not true everywhere. The question is where "tacit knowledge" still lives inside companies, never indexed by the web scrapes that train general models.

LLMs struggle with highly specialized fields like material science or semiconductor fabrication. TSMC and ASML built multi-billion dollar businesses on decades of knowledge that doesn't leak out. A frontier LLM has no idea how to build a semiconductor fab. That's the kind of data advantage that holds up.

To figure out if you have one, work through these three steps:

What makes your data different? Document exactly how your dataset differs from what trains frontier LLMs. Does it come from a unique process? Does it capture interactions that don't exist on the public internet?

How does different data create a better product? You need to explain why a competitor using GPT-7 can't just prompt their way to your functionality.

What stops others from getting the same data? Look at time, cost, unique access, or intellectual property. What actually prevents someone else from building the same dataset?

Once you know your data advantage exists, protect it. That means clear records of data provenance and ownership, a strategy for treating data as a trade secret (with the internal controls and agreements that require), and documented policies for handling, storing, and accessing information—especially anything sensitive or user-generated.

Should You Plan for Today or Tomorrow?

The standard advice is to plan six months out. That's not enough anymore. You need to think two years ahead, assuming AGI-level capabilities arrive. But don't take this too literally or build a rigid plan. Jordan Fisher is right: "don't take it too seriously."

What you need is a flexible thought exercise that forces debate on how AGI changes everything—hiring, team composition, market strategy. Document a two-year vision that outlines potential product evolutions and market shifts. Keep a risk register of what an accelerated AGI timeline means for your business.

Here's why this connects to data: a defensible data advantage is the one asset likely to keep its value across multiple generations of foundation models. It's your anchor when everything else shifts.

Will Software Fully Commoditize?

There are two possible futures. In one, enterprises and consumers create software on-demand with simple prompts, making traditional SaaS outdated. In the other, automation elevates the quality bar, and exceptional products from expert teams using AI still fetch a premium.

The answer likely varies by industry. You need a realistic assessment of your specific market. Test your business model in a world where the marginal cost of developing software approaches zero. Write down your hypothesis on whether your industry will become a commodity or reward exceptional quality, and track the evidence you're using to validate it.

If code and logic become fully commoditized, the only remaining differentiator is proprietary data that powers the application and provides unique value.

Retrofit or Rebuild?

The core decision: retrofit existing products with AI features or build something AI-native from scratch? Retrofitting allows you to leverage the distribution you already have. Building new enables the creation of innovative interfaces—on-demand UI and full multimodality. This isn't about personal opinion; it's a hypothesis that requires testing. Document your design philosophy on AI-native versus retrofitted approaches, and explain why you made that choice. Keep records of what you're testing and what you're learning. A truly unique dataset can justify developing a novel, AI-native UI. Conversely, a more common use case might be better served by retrofitting AI into an existing platform with an established distribution.

How Do You Segregate Personal and Professional Data?

Users want a single agent that works across their personal and professional lives. That creates a security and privacy conflict. Employers shouldn't see employee personal activities, but the agent needs context from both domains to be useful.

You need a sophisticated approach to information segregation that doesn't kill utility. Create data flow diagrams that define boundaries and permissible interactions between personal and professional contexts. Document the technical and policy controls that enforce segregation and prevent data leakage.

Managing sensitive user data safely across different contexts can become its own form of advantage—if users trust you with it.

Can Users Trust Your Company, Not Just Your Model?

Even with a perfectly aligned model, trust shifts to the corporation deploying it. An agent from an ad-based company might bias search results to serve the business model, not the user. There's a tension between what users want in the moment and the principles they value. Someone might want a sycophantic response in a specific interaction, but when asked at a higher level, they'll choose the company whose principle is to "never blow smoke up your ass."

Write down your principles and make them public.

Document your commitment to user alignment over momentary gratification. Prepare materials that address the concerns of both enterprises and consumers regarding viability, data handling, and ethical alignment. Demonstrate how your proprietary data is utilized for the user's benefit, and ensure that commitment is auditable.

How Do You Build Trust at Every Layer?

Trust isn't just a single issue. Users need confidence in the base AI model, the agent logic built on it, and the company behind the product. Develop a verification strategy that covers model behavior, agent safeguards, and corporate oversight. Document and publish any promises made to users regarding trust, safety, and data privacy. Your unique data is often your most valuable asset. Your approach to building trust around how you handle and use that data is critically important.

What Happens When Human Guardrails Disappear?

Traditionally, internal dissent acts as a check on corporate issues. Employees raise alarms or resign. In a world of very small teams and semi-automation, this mechanism disappears. One person could implement a change with significant impact, with no one else aware. This creates a trust gap that requires new solutions beyond human oversight. Document the risks posed by reduced human presence and the potential for unilateral action. Define the automated or procedural controls that will replace traditional oversight. Companies handling highly sensitive proprietary data face extra scrutiny in this area. You need documented guardrails that function without traditional human checks and balances.

What Do New Guardrails Look Like?

One approach involves AI-powered auditing. A neutral third-party AI evaluates a company based on its public mission statement, analyzing everything—every Slack message and decision. An AI auditor can be less biased than a human and can be programmed to delete itself after the audit, ensuring no proprietary IP is retained. This offers verification without risking trade secrets. Companies should document a public commitment to being audited by an impartial third party. They should craft a specific and clear mission statement to audit against—covering key decisions, data management policies, and user alignment principles. Making your proprietary data models and algorithms auditable by a trusted, neutral system could become the ultimate proof of trustworthiness.

For legal:

  • Evaluate and document the IP strategy for your core dataset, with trade secret protection through internal controls
  • Formalize technical and policy controls, separating user data contexts to ensure compliance
  • Make public commitments—mission statement, terms of service—that are clear, auditable, and establish user alignment
  • Establish a framework for third-party AI audits that protects IP while demonstrating transparency
  • Review the two-year roadmap to identify and mitigate future legal and regulatory risks

For product:

  • Lead the effort to test and document the uniqueness, value, and defensibility of the core data asset
  • Stress test the business model against software commoditization, with a clear thesis for ongoing value
  • Validate the decision to pursue retrofitted versus AI-native UI/UX using empirical data
  • Integrate security, privacy, and trust controls into product development from day one
  • Maintain a product roadmap that anticipates AGI-level capabilities

Where to Start

Most teams won't have good answers to all nine questions right now. That's fine. The point isn't to have everything figured out—it's to know which questions you're betting on and which ones you're still testing.

Start with your data. If you can't articulate a defensible advantage there, the other eight questions get a lot harder. If you can, the rest become a map for what to build and protect as models get better and the market shifts under your feet.

These questions won't stay static. New ones will emerge, and some of these will stop mattering. But right now, this is the terrain. Come back to them every quarter. Your answers will change, and that's how you'll know you're learning.

You might also like