Loading…
Loading…

Legal & Regulatory Compliance SpecialistIndependent Reviewer
Judith C McKee is a legal and regulatory compliance specialist with more than ten years of experience advising technology companies on data protection law, AI-specific regulation, and corporate governance frameworks. With deep expertise across GDPR, the EU AI Act, and emerging national AI legislation, Judith provides independent expert review of AI Policy Desk content to ensure accuracy, regulatory currency, and practical applicability. Her reviews verify that every template, checklist, and guide reflects current legal standards and is appropriate for the jurisdictions and team sizes it targets. Judith brings a practitioner's eye to compliance content — cutting through regulatory complexity to confirm what small teams actually need to know and act on.
17 articles reviewed by Judith C McKee
Claude now writes 80% of its own code. Here is what that means for human oversight policies, agentic AI governance, and the 4 documents your team needs to update before this becomes your problem.
OpenAI''s Dreaming V3 memory update stores persistent user profiles across ChatGPT sessions including business plan users. What teams using ChatGPT need to govern, disable, and disclose under GDPR and CCPA.
California AB 2013 requires generative AI developers to post 12 categories of training data information on their website before making a system available to Californians. Effective January 1, 2026. What to disclose, who is covered, and the xAI lawsuit that tried and failed to block it.
A self-spreading worm compromised 57 npm packages in under 2 hours using binding.gyp instead of postinstall scripts, bypassing security scanners. What it means for teams that run npm install, and the 5 controls that limit your exposure.
Amazon scrapped KiroRank after staff gamed it with tokenmaxxing. Build AI adoption metrics that reward outcomes, not fake usage volume.
Hackers social-engineered Meta AI into resetting passwords on high-profile Instagram accounts by simply asking. What the attack means for any team deploying an AI chatbot that can take account actions, and the 6 controls that prevent it.
AI now writes a large share of the pull requests your team reviews. A copy-paste policy and 9-point checklist for reviewing AI-generated PRs, who is accountable, what to require, and where AI code fails review.
One company burned $500M on Claude in a month with no usage limits. Five copy-paste controls, usage caps, budget alerts, per-seat limits, a kill switch, and a monthly review, to keep token-based AI billing from blowing up your budget.
Searching for popular AI tools now surfaces fake malware sites and typosquatted packages at the top of results. A 7-step vetting check to confirm an AI tool is the real one before your team installs it.
Four US states now regulate AI in hiring decisions. NYC Local Law 144 requires annual bias audits. Illinois HB 3773 requires consent before AI video interview analysis. Connecticut CART Act takes effect October 1, 2026. Colorado ADMT framework: January 1, 2027. State-by-state compliance matrix.
80% of employees bypass or avoid company AI tools. How small teams close the governance trust gap and stop shadow AI use without triggering a rebellion.
FTC, SEC, state AGs, DOJ, and EEOC are all pursuing AI enforcement simultaneously using existing law, no new federal AI statute required. Four enforcement tracks running now: deceptive AI claims (FTC Section 5), AI washing in investor comms (SEC), biased automated decisions (EEOC), inadequate incident disclosure.