My company’s security team is very much “no proprietary data or information can be used to train a model”, I just don’t know how you can validate or trust that they aren’t doing just that.

ZDRs, spot audits, and the fact that salespeople can be held personally liable both financially and even criminally for fraud if they sold a contract with a ZDR that was not honored.