As federal AI legislation remains unsettled, states are moving ahead. Recent activity in Illinois, Connecticut, and New York shows how quickly AI oversight is becoming a state-by-state operational challenge. The details differ by jurisdiction. Some proposals focus on frontier AI developers, transparency frameworks, safety reporting, and third-party audits. Others connect AI oversight to consumer protection, … Continued
Colorado’s repeal and replacement of its original AI law may look like regulatory relief. For organizations using AI in consequential decisions, it should be read differently: as a reminder that AI risk continues even when legal requirements change. In May 2026, Colorado replaced its broader 2024 AI framework with a narrower law focused on covered … Continued
South Korea’s AI Basic Act took effect on January 22, 2026, and it sends a clear message to organizations using artificial intelligence: AI governance is no longer just about principles, policies, or static documentation. It is increasingly about operational accountability. For privacy, compliance, and risk leaders, the question is not simply whether the organization has … Continued
Financial institutions are moving quickly to apply AI across customer service, fraud detection, underwriting, portfolio support, and internal operations. The upside is clear: faster decisions, greater efficiency, and more tailored customer experiences. But in financial services, speed without control creates exposure. As AI systems gain access to sensitive financial data and decision workflows, privacy, cybersecurity, … Continued
By Zach Burnett, CEO at RadarFirst & Edna Conway, Board Chair, Global Chief Security & Risk Officer, and Strategic Advisor for RadarFirst Artificial intelligence is no longer a future risk; it is an active force reshaping the data incident landscape in real time. As organizations accelerate AI adoption, they are also inheriting a new class … Continued
Canada’s joint investigation into OpenAI’s ChatGPT is one of the clearest signals yet that AI privacy compliance has become an operational issue, not just a policy issue. Canadian federal and provincial regulators concluded that aspects of ChatGPT’s early training and deployment practices did not comply with privacy law, citing concerns that included overcollection, lack of … Continued
There’s a moment every emerging technology hits where the conversation changes. For AI, we’ve officially crossed it. For the last few years, AI governance lived comfortably in the realm of principles. Ethical frameworks. Responsible AI pledges. High-level policies drafted in boardrooms and compliance documents. But today, as AI becomes embedded in core business operations, that … Continued
A Board-Level Playbook for What Breaks, How Likely It Is, and Who Owns It AI risk is no longer a future concern. It is a present-day, board-level issue. As I discussed with Chris Hetner, who advises boards and regulators globally on cybersecurity and AI governance, organizations are being pushed to rethink how risk is defined, … Continued
Fewer Incidents, Narrower Margin for Error Financial services stand apart from other industries in this year’s Privacy Benchmarking Report. While healthcare and other sectors continue to see rising incident volumes, finance experienced a 5.04% decline year-over-year. But this reduction does not directly translate into lower risk. Instead, it reflects a shift: risk in financial services is … Continued
At IAPP Global Privacy Summit 2025, a clear shift emerged as organizations prioritize AI governance, privacy, and safety over pure productivity. As AI systems grow more complex, experts stress that proactive governance is now a critical business priority.
