A record of AI & compliance regulation, annotated weekly.
Which roles to hire first, what skills actually matter, realistic salary ranges, and interview questions that separate genuine AI compliance expertise from resume inflation.
75 days until enforcement. Use this step-by-step checklist to get your business compliant with the Colorado AI Act before the June 30, 2026 deadline.
A practical 5-step preparation guide for Colorado deployers: what triggers compliance, impact assessments, consumer notification, and vendor due diligence.
Virginia’s new AI law takes effect July 1, 2026. Here’s who it covers, how it compares to Colorado, and what you need to do now.
A practical walkthrough of the RFQ process for an AI bias audit: what auditors assess, typical timelines and costs, and the right questions to ask.
What the NIST AI Risk Management Framework is, how its four core functions work, and how it maps to the EU AI Act and Colorado requirements.
With six months until the Colorado AI Act’s effective date, here’s a practical compliance checklist for businesses using high-risk AI systems in Colorado.
The general-purpose AI (GPAI) model provisions of the EU AI Act are now in effect. Here’s what developers and deployers of foundation models need to know.
New York City has begun enforcing Local Law 144. We break down the first enforcement actions, the amounts fined, and what employers need to fix immediately.
If you use AI tools for hiring in New York City or Colorado, you need a bias audit. Here’s exactly how to find an auditor, what the process looks like, and how to post results.
Texas is moving toward its own AI regulation modeled on Colorado. Here’s what the bill proposes, where it stands, and how to prepare if you operate in Texas.
You don’t need a team of 10 to build an effective AI governance program. This guide covers the essentials: policy, inventory, risk assessment, and documentation.
California’s Automated Decision-Making Technology rules are now in force. Here’s what they require, who they cover, and what your AI team must do to comply.
California and New York City both regulate automated decisions, but with fundamentally different approaches. Side-by-side comparison for employers operating in both.
California’s ADMT rules require meaningful human oversight for certain automated decisions. Here’s what “meaningful” actually means and how to build a compliant review process.
Colorado offers a safe harbor to businesses that align with NIST AI RMF. Here’s what that requires in practice and how to document it for enforcement.
GOVERN, MAP, MEASURE, MANAGE — what each function actually requires in practice and how to implement them in your AI governance program.
Both are legitimate AI governance frameworks — but they serve different purposes. Here’s how to choose, and when you might need both.
ISO 42001 is the first certifiable AI management system standard. Here’s what the audit process looks like, what auditors check, and how to prepare.
ISO 42001 is a candidate harmonized standard for the EU AI Act. Here’s how they map to each other and what certification means for EU conformity.
The EU AI Office published the GPAI Code of Practice. Here’s what it requires for Tier 1 and Tier 2 GPAI providers and what foundation model developers must do.
Every Annex III high-risk AI category explained with practical examples of what’s in scope and what’s not — for compliance teams who need to classify their systems.
The EU went comprehensive. The UK went principles-based. Here’s how the two approaches compare for companies operating in both markets.
Both apply to most AI systems in the EU. Here’s how they interact, where they duplicate obligations, and how to satisfy both simultaneously.
Clearview AI faced enforcement actions totaling hundreds of millions in fines. Here’s what the cases reveal about how regulators treat AI and biometric data.
Colorado’s AI Act requires impact assessments before deploying high-risk AI. Here’s exactly what to cover and how to document it for enforcement.
Enforcement begins June 30, 2026. Here’s where organizations stand, what readiness actually means, and what to do this month.
From finding an auditor to publishing results — here’s exactly how the NYC LL 144 annual bias audit process works for employers using AI in hiring.
California’s AB 2013 requires GenAI providers to post training data documentation. Here’s who it covers, what must be disclosed, and what to do now.
Illinois’ AI Video Interview Act has been in force since 2020 and class action risk has grown. Here’s exactly what employers must do before using AI to evaluate video interviews.
Illinois BIPA litigation generated billions in settlements. Here’s the state of play after the Cothron ruling and what employers must do to limit exposure.
Illinois BIPA is the most litigated biometric law, but it’s not alone. Here’s every state biometric privacy law — requirements, enforcement, and compliance risk.
The largest privacy settlement in US history. Here’s what Texas proved, what Meta did, and what it means for companies using facial recognition.
Illinois and Texas both restrict biometric data but use completely different enforcement models. Side-by-side comparison for companies operating in both states.
Every Friday — the week’s new regulations, enforcement actions, and compliance deadlines. Free forever. No tracking pixels.