AI Counsel Blog Posts
by Zachary Barlow
August 21, 2025
I’ve harped on the dangers of algorithmic discrimination and bias in many of our previous blogs. My soapbox isn’t without merit; bias in automated decision-making is a leading driver of risk in AI. Failure to test for biased outputs has resulted in lawsuits and settlements, especially in the context of HR and highly regulated industries. […]
by Zachary Barlow
August 20, 2025
Federal policy currently favors AI deregulation, but states are taking up AI issues, creating a regulatory patchwork across the U.S. A recent Saul Ewing memo focuses on legislative activity at the Illinois legislature. Twelve AI bills are currently pending, which would regulate AI with new laws related to insurance, education, consumer protection, and employment: “Evidently, […]
by Zachary Barlow
August 19, 2025
In today’s world, full of “smart” devices, many ordinary objects connect to the internet. Everything from automobiles and appliances to industrial agriculture equipment has internet connectivity. This ecosystem of internet-enabled products is often referred to as the “Internet of Things” (IOT). In addition to connectivity features that allow for remote monitoring and operation, these devices […]
by Zachary Barlow
August 18, 2025
Internal policies are critical tools for AI risk management. We’ve talked about the importance of policies and what should go in them. However, there’s a critical flaw in many AI policies: communication. To explain, let me defer to an age-old thought experiment: If a tree falls in the middle of the forest and no one […]
by John Jenkins
August 14, 2025
Last month, the DOJ announced a settled enforcement action against Illumina arising out of the sale of certain genetic sequencing systems to the federal government that contained cybersecurity vulnerabilities. The DOJ alleged that Illumina’s sale of these products to the government with these vulnerabilities violated the False Claims Act, and Illumina agreed to pay $9.8 […]
by John Jenkins
August 13, 2025
Government contractors are required to conduct cybersecurity risk assessments in accordance with NIST standards, but an IAPP article published earlier this month says that regulators differ in the way they approach their oversight of risk assessments. Here’s an excerpt: Across the patchwork quilt of cybersecurity regulation in the U.S., enforcement agencies — including the Federal […]
by John Jenkins
August 12, 2025
A recent Risk Management Magazine article reviews some of the lessons learned from recent cyber insurance claims and offers the following tips on securing effective cyber insurance coverage: An organization that experiences a cyber insurance claim is best positioned to understand its own people and processes, but risk and insurance advisors can also help analyze […]
by John Jenkins
August 11, 2025
In what probably won’t come as a shock to anyone outside of corporate C-Suites, a recent study found that corporate executives think their companies’ AI rollouts are going swell, but rank-and-file employees think they’re kind of a mess. Here’s an excerpt from CIO.com’s article on the study: Most company executives believe their AI rollouts have […]
by Zachary Barlow
August 7, 2025
New research indicates that leading Large Language Models (LLMs) like ChatGPT and Claude may have significant bias baked into their learning data. In a recent study, researchers created “personas” for LLMs to interact with. These personas had different demographic backgrounds, including sex, ethnicity, and migrant status. When asking the LLMs for salary negotiation advice, researchers […]
by Zachary Barlow
August 6, 2025
Back in February, I wrote about the first provisions of the EU AI Act coming into force. Now we’ve hit another major milestone in the law’s phase-in. Requirements covering General Purpose AI (GPAI) became effective on August 2nd. However, despite these provisions officially phasing in, the State’s enforcement powers do not become active until next […]