Loading…
Johnie T Young
AI Expert
Johnie T Young is an AI expert and governance practitioner with deep experience helping fast-moving technology companies implement responsible AI practices at small-team scale. With a focus on practical, actionable frameworks, Johnie built AI Policy Desk to close the gap between enterprise-grade compliance tooling and the real-world needs of lean product teams. Before founding AI Policy Desk, Johnie worked across a range of technology companies advising on AI risk management, GDPR readiness, and EU AI Act compliance. With the rapid emergence of AI regulation globally, Johnie identified a clear need: governance resources written for 10-person teams, not Fortune 500 legal departments — practical templates, checklists, and guides that teams can pick up and use today.
- AI governance practitioner
- EU AI Act and GDPR specialist
- AI risk management expert
- Compliance frameworks for small teams
EU AI Act complianceAI governance frameworksGDPRRisk assessmentShadow AI managementVendor evaluationAI incident responseModel risk management
170 articles by Johnie T Young
Compliance·11 min
Read →AI Hiring Tool Compliance 2026: NYC, Illinois, Connecticut, Colorado — State-by-State Matrix
Four US states now regulate AI in hiring decisions. NYC Local Law 144 requires annual bias audits. Illinois HB 3773 requires consent before AI video interview analysis. Connecticut AIRT Act takes effect October 1, 2026. Colorado ADMT framework: January 1, 2027. State-by-state compliance matrix.
ai-hiringcomplianceemployment-lawnyc-local-law-144
Guides·7 min
Read →AI Incident Response Plan Template for Small Teams (2026)
Copy-paste AI incident response plan template: 5 phases, role assignments, notification checklist, and timeline. Built for teams without a dedicated security or compliance function.
ai-governanceincident-responsecompliancetemplates
Governance·5 min
Read →Amazon KDP AI Disclosure: Official Requirements at a Glance (2026)
Amazon KDP official AI disclosure requirements 2026: exact checkbox wording, what triggers disclosure, what doesn't, and where to check the box in the publishing workflow — in one quick-reference table.
amazon-kdpai-disclosureai-compliancecompliance
Compliance·6 min
Read →Connecticut SB 5 AI Compliance: What Employers Must Do Before October 1, 2026
Connecticut SB 5 employer checklist for October 1, 2026: 10 steps to comply with automated employment decision technology (AEDT) disclosure, anti-discrimination, and whistleblower protection requirements before the deadline.
connecticutai-lawhr-aicompliance
Compliance·6 min
Read →EEOC AI Hiring Guidance 2026: 8-Step Employer Compliance Checklist
EEOC AI hiring compliance checklist 2026: 8 steps to assess disparate impact, obtain vendor bias documentation, and avoid EEOC liability when using AI tools for hiring, screening, or performance evaluation.
eeocai-hiringhr-aicompliance
Compliance·7 min
Read →EU AI Act GPAI Compliance Checklist: August 2, 2026 Deadline
EU AI Act GPAI (general-purpose AI) compliance checklist for August 2, 2026. Six obligations for GPAI providers — technical documentation, copyright policy, training data summary, and systemic risk requirements. The GPAI deadline was NOT extended.
eu-ai-actcompliancegpaideadline
Compliance·7 min
Read →GDPR Article 22 and AI Tools: What Automated Decision-Making Rules Mean for Your Business (2026)
GDPR Article 22 applies when AI makes fully automated decisions with legal or significant effects on individuals. Small-team compliance guide: when Article 22 is triggered, what rights it creates, and the three steps to comply.
gdprai-governanceautomated-decisionsprivacy
Guides·10 min
Read →GDPR Article 30 for AI Tools: Record of Processing Activities Template (2026)
GDPR Article 30 requires every company that processes personal data to maintain Records of Processing Activities (RoPA). AI tools create new processing activities — ChatGPT, Claude, Copilot each need an entry. Fill-in template pre-completed for 12 common AI tools.
gdprai-compliancedata-privacyropa
Guides·6 min
Read →Third-Party AI Tool Risk Assessment Template (2026)
Fill-in-the-blanks risk assessment template for third-party AI tools: 4-category risk matrix covering data risk, access risk, vendor risk, and regulatory risk — with scoring guide for go/no-go decisions.
ai-governancevendor-risktemplatescompliance
Guides·6 min
Read →Amazon KDP AI Policy Changes: 2024, 2025, and 2026 — What Changed Each Year
Year-by-year breakdown of Amazon KDP AI content policies: what the 2024 disclosure rules said, what changed in 2025, and where the policy stands in 2026. Includes the current disclosure requirements and what KDP still does not address.
amazon-kdpai-contentkdp-policyai-disclosure
Guides·5 min
Read →TAKE IT DOWN Act: One Year In — What Platforms Still Need to Fix
The TAKE IT DOWN Act (signed May 2025) targets AI-generated NCII and deepfakes. One year after signing, many platforms still lack the 48-hour removal process the law requires. Compliance checklist and what FTC enforcement looks like now.
take-it-down-actnciideepfakesai-law
Guides·8 min
Read →EU AI Act Nudification Ban + Watermarking: December 2, 2026 Compliance Checklist
EU AI Act Omnibus: nudification apps banned and AI watermarking required by December 2, 2026. Compliance checklist for providers and deployers — what must change, what's exempt, and penalties.
eu-ai-actcompliancewatermarkingdeepfakes