Loading…
Johnie T Young
AI Expert
Johnie T Young is an AI expert and governance practitioner with deep experience helping fast-moving technology companies implement responsible AI practices at small-team scale. With a focus on practical, actionable frameworks, Johnie built AI Policy Desk to close the gap between enterprise-grade compliance tooling and the real-world needs of lean product teams. Before founding AI Policy Desk, Johnie worked across a range of technology companies advising on AI risk management, GDPR readiness, and EU AI Act compliance. With the rapid emergence of AI regulation globally, Johnie identified a clear need: governance resources written for 10-person teams, not Fortune 500 legal departments — practical templates, checklists, and guides that teams can pick up and use today.
- AI governance practitioner
- EU AI Act and GDPR specialist
- AI risk management expert
- Compliance frameworks for small teams
EU AI Act complianceAI governance frameworksGDPRRisk assessmentShadow AI managementVendor evaluationAI incident responseModel risk management
219 articles by Johnie T Young
Guides·10 min
Read →State Chatbot Disclosure Laws 2026: The Compliance Checklist Every SaaS Team Needs
12+ states now require AI chatbot disclosure. California SB 243 creates a private right of action: users can sue if your bot claims to be human. Here is what SaaS teams must do in 2026.
chatbotdisclosurecaliforniasaas-compliance
Guides·10 min
Read →AI employee monitoring laws 2026: what employers can and cannot do
AI-powered employee monitoring is now subject to specific laws in 11+ US states and GDPR in Europe. This guide covers what disclosures are required, what's prohibited, and how to build a compliant monitoring policy.
employee-monitoringemployment-lawai-governanceworkplace-privacy
Guides·10 min
Read →GenAI Vendor Risk Assessment: A Framework for 2026 (Treasury FS AI RMF + SOC 2)
Standard vendor questionnaires no longer satisfy regulators. The Treasury FS AI RMF (February 2026) requires independent testing, bias audits, and hallucination measurement. Here's a practical assessment framework for teams evaluating ChatGPT Enterprise, Claude, Gemini, and similar tools.
vendor-assessmentai-governancethird-party-riskcompliance
Guides·10 min
Read →AI Bias Audit Requirements by State (2026): NYC, Colorado, Minnesota, New Jersey Compared
NYC Local Law 144 is no longer the only AI bias audit requirement. Colorado, Minnesota, and New Jersey all have active requirements for HR teams using algorithmic decision tools in 2026. Here's what each state requires and what a multi-state employer must do.
ai-hiringbias-auditcompliancehr
Guides·9 min
Read →Texas TRAIGA Biometric AI in Hiring: Consent, Audit, and What HR Teams Must Do (2026)
Texas TRAIGA requires explicit consent before collecting biometric data in AI hiring tools, even from public sources. Here's what HR teams and AI vendors using facial recognition, voice analysis, or video interviews must do.
ai-hiringtexasbiometrictraiga
Guides·11 min
Read →EU AI Act high-risk classification: what the May 2026 draft guidelines change
The European Commission published draft guidelines May 19 on how to classify high-risk AI under Article 6. Consultation closes June 23. Here is what changes for small teams before August.
eu-ai-acthigh-risk-aiai-complianceeuropean-commission
Guides·11 min
Read →FTC AI product claims: what Cox Media Group's $930K fine means for your team
Cox Media Group paid $930K for AI capabilities it didn't have. The 8-step checklist to verify your product claims meet the FTC's substantiation standard.
ftcai-complianceai-marketingai-governance
Guides·11 min
Read →Georgia SB 540 AI chatbot law: what operators must do before July 2027
Georgia SB 540 takes effect July 1, 2027. $10,000 per knowing violation. Here is what chatbot operators must build into their products before the deadline.
georgiaai-compliancechatbotstate-ai-laws
Guides·10 min
Read →One Big Beautiful Bill: Federal AI Preemption Stripped 99-1, What Comes Next (2026)
The Senate voted 99-1 to strip AI preemption from the One Big Beautiful Bill. The White House pivoted to a DOJ AI task force. What the patchwork of state AI laws means for your compliance program.
federal-ai-preemptionai-regulationone-big-beautiful-billstate-ai-laws
Guides·10 min
Read →EU AI Act High-Risk AI Systems: Annex III Checklist for Employers and Vendors (2026)
EU AI Act Annex III lists 8 categories of high-risk AI systems. The EU Digital Omnibus extended the full compliance deadline to December 2, 2027. Plain-language guide: which AI qualifies, what providers and deployers must do.
eu-ai-acthigh-risk-aicomplianceannex-iii
Templates·10 min
Read →AI Agent Governance for Small Teams: Policy Template + Audit Log (2026)
Copy-paste AI agent governance policy for teams of 5-50. Covers authorization scope, data minimization, human-in-the-loop triggers, audit log format, and the 5 actions agents must never take without human approval.
ai-agentsai-governanceai-policytemplates
Guides·9 min
Read →AI Agent Identity: How to Audit What Agents Have Access to Your Systems (2026)
AI agents accumulate OAuth tokens, API keys, and tool permissions without formal approval processes. Here is how to find unauthorized agents in your environment, assess their access, and build an access inventory before something goes wrong.
ai-agentsai-securityai-governanceaccess-control