Policy Roast: JCPenney's AI Makeup Advisor Just Became a $50M BIPA Liability
Virtual try-on tech meets Illinois biometric law. JCPenney faces class action over facial scanning without consent. Again.
AI
Policy Roast: AI Companies Pay $12.5M to Clean Up the Mess AI Created
Anthropic, OpenAI, Google, and Microsoft just funded open source security. Specifically, security from AI-generated vulnerability spam their tools created.
Policy Roast: Banning the Symptom While Missing the Disease
The EU added nudification tools to the AI Act ban list. Good. Now explain how you'll enforce it when the tools are free, open-source, and run locally.
The Docket: Okta Builds AI Agent Identity Management Before Someone Gets Sued
Okta just announced a framework for managing AI agent identities. Translation: companies are deploying agents without knowing who has access to what.
Explain This: AI-Generated Malware Just Hit Production
Hive0163 used AI-generated Slopoly malware in Interlock ransomware attacks. Here's what changes when attackers start shipping LLM-written code at scale.
Explain This: NY RAISE Act and Frontier AI Regulation
Explain This: New York’s RAISE Act (what it actually requires, and where teams will screw it up)
New York just moved the AI compliance goalposts again.
The RAISE Act is not a vibes bill. It is an assignment of duty. If you build, deploy, or buy high-risk AI, you
Explain This: New York’s RAISE Act (what it actually requires, and where teams will screw it up)
New York’s RAISE Act is not a vibes bill. It is an assignment of duty, and it will define what ‘reasonable’ AI governance looks like when something breaks.