Posts

Showing posts with the label AI Governance

Working Group Proposes Revamping Colorado AI Act

Colorado’s legislature enacted one of the first comprehensive U.S. artificial intelligence (AI) laws in 2024, the  Consumer Protections for Artificial Intelligence  (aka, the Colorado AI Act). Now, a working group convened by Gov. Jared Polis  proposed  a near-total rewrite of that law on Tuesday. This isn’t a technical cleanup—it meaningfully changes  how  AI is regulated and  where  legal risk shows up.  The Colorado AI Act currently focuses on “high-risk AI” and imposes heavy governance requirements, impact assessments, and risk programs, while the new proposal narrows the scope to automated tools that “materially influence” meaningful decisions and shifts compliance toward consumer notice, post adverse-decision disclosures, and meaningful human review. In sum, the proposal provides a more business friendly approach to AI regulation. But can the bill cross the finish line? What are the key provisions?  Narrows scope to cover more si...

AI Trends For 2026 - How States Will Shape AI Enforcement

As federal momentum toward a comprehensive U.S. AI law remains stalled, state regulators are stepping decisively into the gap. H eading into 2026, state attorneys general are likely to play an increasingly central role in shaping AI governance, not by waiting for new statutes, but by actively enforcing existing consumer privacy and AI-related laws. Two trends stand out: the use of profiling restrictions as a de facto AI enforcement mechanism and the continued expansion of a state-by-state AI regulatory patchwork. Modern state privacy laws already provide regulators with a powerful hook. Many include limits on “profiling,” often defined as automated decision making and sometimes limited to solely automated processes, particularly where those activities produce legal or similarly significant effects on individuals. In practice, these provisions give state attorneys general a ready-made framework to scrutinize high-risk AI systems. Enforcement actions are likely to first focus on famili...

What is OpenClaw, and Why Should You Care?

  Over 100,000 people just gave an AI assistant root access to their computers. [1]  That assistant can now talk to other AI assistants on a social network humans cannot post to. [2]  Security researchers have already found that one in four downloadable extensions contain vulnerabilities, and some are designed to steal credentials. [3] This is OpenClaw—an open-source autonomous AI agent that went viral last week—and Moltbook, the AI-only social network its users created. Within days: 37,000 registered agents, over a million human observers, and an AI-created religion spreading through executable shell scripts. [4] For organizations deploying AI systems or advising clients on AI governance, this is the deployment gap made concrete. Everything we flagged in our recent piece on  agentic AI governance —prompt injection, credential exposure, supply chain attacks, agent-to-agent coordination—is now running in production at scale. This article explains what happened and why...

Anthropic Reports First Known AI-Orchestrated Cyber Espionage Campaign: Raising Stakes for Data Security

On November 13, AI company Anthropic reported that its Threat Intelligence team had disrupted a state‑sponsored Chinese threat actor conducting what is believed to be the first largely autonomous AI‑orchestrated cyber espionage campaign. The threat actor used Claude Code with autonomous agentic orchestration to execute the majority of the intrusion life cycle— reconnaissance, exploitation, credential harvesting, lateral movement, and data exfiltration—across multiple global sectors . Claude Code is a developer-focused variant of the Claude large language model created by Anthropic , designed to function as an advanced, agentic coding assistant that automates complex software development. The key technical aspects of the campaign reveal that the AI agent autonomously carried out approximately 80 percent to 90 percent of all operational tasks . Human operators were responsible for selecting targets and giving strategic approvals, while the AI handled the majority of the tactical action...

BREAKING: Senate Votes to Drop State AI Law Pause, Opening Door for More Workplace Regulation – What Should Employers Do?

  Senators voted overwhelmingly in the early morning hours today to drop the proposed pause on state AI laws that would have dissuaded state lawmakers from regulating artificial intelligence at the local level for the next five years. This latest move opens the door for states like California, New York, Colorado, Illinois, and more to regulate the use of AI in the workplace. Today’s 99-1 vote will clear a path for more laws to be passed in states across the country and almost certainly lead to compliance headaches for multistate employers given the impending regulatory patchwork. What should you do to prepare? Quick Background Original Proposal:  The House passed a sweeping proposal to impose a 10-year moratorium on state-level laws regulating AI on May 22 as part of the budget package.  Read our summary here . Senate Turns Ban into Pause:  Senate leaders veered and introduced a revised proposal on June 5 that would have merely blocked states from receiving federal t...