Loading…
Category
guides
61 posts in this category.
·10 min read
Texas TRAIGA Safe Harbor: NIST AI RMF Alignment Checklist (2026)
Texas TRAIGA carries civil penalties up to $200,000 per violation plus up to $40,000 per day for continuing violations. The safe harbor, an affirmative defense, is substantial NIST AI RMF compliance. This checklist covers what you need and how to use the 60-day cure period.
·13 min read
Multi-state AI compliance in 2026: operating across US and EU AI laws at once
Companies operating across multiple US states and the EU face overlapping AI obligations from a dozen different laws. This guide shows how to build one governance program that satisfies all of them without running 12 parallel compliance tracks.
·10 min read
Amazon KDP AI Disclosure 2026: Every Content Type, Every Edge Case
Amazon KDP's AI disclosure requirement covers text, images, and translations, but the line between 'generated' and 'assisted' is not always obvious. This guide covers 12 content types and 8 edge cases, with the correct disclosure decision for each.
·10 min read
Shadow AI Policy for Small Teams: 2026 Detection and Governance Guide
Shadow AI adds $670K to breach costs, and small teams have the highest exposure. How to detect unsanctioned AI tools and govern them without an IT team.
·12 min read
AI red-teaming and security testing: what regulators now expect in 2026
EU AI Act, NIST AI RMF, and the White House AI executive order all include red-teaming requirements for AI systems. This guide covers what red-teaming means for AI, what testing is required at each risk tier, and how small teams can comply.
·10 min read
AI governance for legal teams and general counsel: privilege, confidentiality, and risk 2026
Legal departments face distinct AI risks: attorney-client privilege waiver, bar ethics rules on confidentiality, and liability for AI-assisted legal work. This guide covers what in-house counsel and law firms must do before using AI for legal work.
·10 min read
BIPA and facial recognition AI: compliance guide for employers and developers 2026
Illinois BIPA is the most litigated biometric privacy law in the US, with settlements reaching $650M (Facebook). AI systems that collect or analyze facial geometry, fingerprints, or voiceprints trigger BIPA. This guide covers what compliance requires.
bipabiometric-privacyfacial-recognition
·10 min read
Colorado AI Act Overhaul: What Employers Must Know About SB 26-189 Before January 1, 2027
Colorado replaced its original AI Act with SB 26-189, signed May 14, 2026. The new law drops bias audits and impact assessments in favor of a lighter notice-and-transparency framework. Effective January 1, 2027, it requires pre-use notice, post-adverse-action notice within 30 days, and 3-year recordkeeping for any employer using AI in hiring, promotions, or terminations.
·9 min read
EU AI Act August 2026: What's Delayed and What Still Applies
The EU provisional agreement pushed high-risk AI obligations to late 2027. But Article 50 transparency rules still apply August 2, 2026, GPAI requirements have applied since August 2, 2025, and the prohibited-practices ban has been in force since February 2, 2025. Here is exactly what changed and what did not.
·10 min read
Generative AI copyright ownership 2026: who owns AI-generated content
The US Copyright Office has ruled that purely AI-generated content cannot be copyrighted. But most AI outputs involve human creative choices. This guide explains what you can and cannot protect, and how to document the human contribution that matters.
·11 min read
Agentic AI Liability: Who Is Responsible When Your AI Agent Makes a Mistake? (2026)
When your AI agent sends a wrong email, makes a bad purchase, or deletes data, the law says you are responsible, not the AI. Here is what small teams must do before deploying autonomous agents in 2026.
·10 min read
AI Agent Memory and GDPR: How to Handle Persistent Context Without a Compliance Timebomb
AI agents that store personal data in RAG systems and vector databases cannot easily fulfill GDPR erasure requests. Here is what Spanish regulators found in 2026 and how to fix it before your next audit.
Showing 12 of 61 posts. View full blog archive →