AI Counsel Blog Posts
by John Jenkins
April 15, 2026
We gave a plug to MIT yesterday, and today it’s Harvard’s turn. This Harvard Business School “Working Knowledge” blog discusses how AI tools are accelerating cyberattacks and increasing the threat that those attacks pose. It suggests the following diagnostic for companies to run before their next board meeting in order to assess their readiness to […]
by John Jenkins
April 14, 2026
MIT’s Sloan School of Management recently issued a report on “Mapping the Generative AI Risk Space” that focuses on where to look for risks associated with generative AI. To illustrate where risks might be located, the report uses the hypothetical of a hiring manager using AI tools to draft a new job description. A task […]
by John Jenkins
April 13, 2026
On April 7, a bunch of federal agencies issued a cybersecurity advisory on Iranian-affiliated actors’ efforts to exploit certain programmable logic controllers (industrial computers that have been adapted to automate processes, machinery, and equipment) in order to target critical infrastructure. Here’s an excerpt: The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), […]
by Zachary Barlow
April 8, 2026
Algorithmic pricing is the controversial practice of using software to set variable prices for individuals or groups that change with the elasticity of demand. Consumers and regulators are growing skeptical of the practice, and lawsuits alleging antitrust violations have seen some success. A recent Baker Hostetler memo warns of increased legal scrutiny. The memo offers […]
by Zachary Barlow
April 7, 2026
Last December, New York passed the Responsible AI Safety and Education (RAISE) Act. The law is designed to regulate “frontier AI” models and mitigate any “catastrophic risks” posed by their development and operation. California’s Transparency in Frontier Artificial Intelligence Act (TFAIA) serves a similar purpose. Recent amendments to the RAISE Act bring many of the […]
by Zachary Barlow
April 6, 2026
Earlier this year, I wrote about the upcoming deadlines for Colorado’s AI Act. The 2024 law was initially set to enter force in February 2026. However, concerns over compliance burdens saw the law postponed until June 30, 2026, pending a rework. That rework is finally here as Colorado’s working group released its proposed rewrite last […]
by John Jenkins
April 2, 2026
The Business Software Alliance’s position paper on Global Privacy Priorities for 2026 says that privacy laws should focus on (1) creating rights for consumers over their personal data, (2) imposing obligations on businesses to handle that data responsibly, (3) creating a clear and centralized enforcement mechanism, and (4) supporting an interoperable approach to privacy protections. […]
by John Jenkins
April 1, 2026
The risks associated with cyber breaches are growing more significant and complex, and the increasingly demanding regulatory environment is a big part of the reason for that. This excerpt from a recent PC Tech Magazine article highlights the regulatory frameworks shaping cybersecurity compliance in 2026: Privacy regulations inspired by GDPR continue to influence policy decisions […]
by John Jenkins
March 31, 2026
The term “Sovereign AI” refers to efforts by a nation and the businesses operating within its borders to develop, deploy and govern AI under their own laws, in order to preserve control over data, models and other aspects of the development and implementation of AI tools. Sovereign AI’s goal is to avoid dependence on foreign […]
by John Jenkins
March 30, 2026
A recent Boston Consulting Group publication says that programs for managing AI risks need to be revamped. Most of these programs assumed a small number of AI deployments that were “managed centrally, released carefully, and governed by a standard process.” Yeah, those were the days, huh? Agentic AI, vibe coding and the all-around breakneck pace […]