AI Counsel Blog Posts

Sort By
by Zachary Barlow

August 21, 2025

I’ve harped on the dangers of algorithmic discrimination and bias in many of our previous blogs. My soapbox isn’t without merit; bias in automated decision-making is a leading driver of risk in AI. Failure to test for biased outputs has resulted in lawsuits and settlements, especially in the context of HR and highly regulated industries. […]

by Zachary Barlow

August 20, 2025

Federal policy currently favors AI deregulation, but states are taking up AI issues, creating a regulatory patchwork across the U.S. A recent Saul Ewing memo focuses on legislative activity at the Illinois legislature. Twelve AI bills are currently pending, which would regulate AI with new laws related to insurance, education, consumer protection, and employment: “Evidently, […]

by Zachary Barlow

August 19, 2025

In today’s world, full of “smart” devices, many ordinary objects connect to the internet. Everything from automobiles and appliances to industrial agriculture equipment has internet connectivity. This ecosystem of internet-enabled products is often referred to as the “Internet of Things” (IOT). In addition to connectivity features that allow for remote monitoring and operation, these devices […]

by Zachary Barlow

August 18, 2025

Internal policies are critical tools for AI risk management. We’ve talked about the importance of policies and what should go in them. However, there’s a critical flaw in many AI policies: communication. To explain, let me defer to an age-old thought experiment: If a tree falls in the middle of the forest and no one […]

by John Jenkins

August 14, 2025

Last month, the DOJ announced a settled enforcement action against Illumina arising out of the sale of certain genetic sequencing systems to the federal government that contained cybersecurity vulnerabilities. The DOJ alleged that Illumina’s sale of these products to the government with these vulnerabilities violated the False Claims Act, and Illumina agreed to pay $9.8 […]

by John Jenkins

August 13, 2025

Government contractors are required to conduct cybersecurity risk assessments in accordance with NIST standards, but an IAPP article published earlier this month says that regulators differ in the way they approach their oversight of risk assessments.  Here’s an excerpt: Across the patchwork quilt of cybersecurity regulation in the U.S., enforcement agencies — including the Federal […]

by John Jenkins

August 12, 2025

A recent Risk Management Magazine article reviews some of the lessons learned from recent cyber insurance claims and offers the following tips on securing effective cyber insurance coverage: An organization that experiences a cyber insurance claim is best positioned to understand its own people and processes, but risk and insurance advisors can also help analyze […]

by John Jenkins

August 11, 2025

In what probably won’t come as a shock to anyone outside of corporate C-Suites, a recent study found that corporate executives think their companies’ AI rollouts are going swell, but rank-and-file employees think they’re kind of a mess. Here’s an excerpt from CIO.com’s article on the study: Most company executives believe their AI rollouts have […]

by Zachary Barlow

August 7, 2025

New research indicates that leading Large Language Models (LLMs) like ChatGPT and Claude may have significant bias baked into their learning data. In a recent study, researchers created “personas” for LLMs to interact with. These personas had different demographic backgrounds, including sex, ethnicity, and migrant status. When asking the LLMs for salary negotiation advice, researchers […]

by Zachary Barlow

August 6, 2025

Back in February, I wrote about the first provisions of the EU AI Act coming into force. Now we’ve hit another major milestone in the law’s phase-in. Requirements covering General Purpose AI (GPAI) became effective on August 2nd. However, despite these provisions officially phasing in, the State’s enforcement powers do not become active until next […]