• Posts
  • EU AI Act - Are We There Yet???

EU AI Act - Are We There Yet???

$800 + Value: IAPP's AI Governance Course Notes

What up AI homies?! Welcome to your dose of AI legal news. I’m keeping it light this time around because “ain’t nobody got time for…” writing a whole newsletter when you’re lawyering full time. 🙄⚖️🤖

On the docket today:

  New here?Subscribe

Depressing Attorney Meme

$800+ Worth of AI Governance Notes PLUS: IAPP’s AI Governance Course Notes

Moving on to Module 4 of the IAPP’s AI Governance course (notes). Alrighty, it’s time to geek out and keep learning about AI Governance!!! 🤓📚

Module 4: Interoperability of AI Risk Management


  • Importance of reviewing and harmonizing existing risk management with new AI risk strategies.

  • Understanding existing programs and their objectives.

  • Creating new processes for unique AI risks and ensuring efficiency and protection.

Security Risk

  • Risks include hallucinations, deepfakes, training data poisoning, data leakage, and filter bubbles.

  • Organizations respond by banning or limiting AI use.

  • AI algorithms can concentrate power, leading to overreliance and security holes.

  • Risks of adversarial machine learning attacks.

  • Misuse of AI and transfer learning attacks.

  • Storing training data in less secure environments.

Operational Risk

  • High costs in hardware and environmental impact.

  • Data corruption and poisoning risks.

  • Need for good identity and access management.

Privacy Risk

  • Data persistence, repurposing, spillover, and collection from AI.

  • Challenges in informed consent and opting out.

  • Limiting data collection and deletion complexities.

  • Compliance with laws and regulations.

  • Liability, intellectual property, human rights, and reputational risks.

  • Importance of aligning different risk management strategies to prevent gaps.

Privacy Harms

  • Categories include physical, reputational, relationship, economic, discrimination, psychological, and autonomy harms.

  • Use of AI in autonomous weapons, healthcare decisions, and labor displacement.

  • Effects on justice system and accountability.


  • Balancing AI benefits with potential harms.

  • Evolving risk management strategies to include AI.

  • Regular assessment of vulnerabilities and potential harms.

Module 4: Principles of AI Risk Management


  • Incorporating risk management and AI governance principles.

  • Understanding stakeholders, AI programs, and associated risks.


  • Pro-Innovation Mindset: Preparedness for changes and alignment with principles.

  • Risk-Centric Governance: Considering risk factors in governance.

  • Consensus-Driven Planning and Design: Involving all stakeholders and ensuring understanding of needs vs. risks.

  • Outcome-Focused Team: Clarity on desired outcomes and exploring better achievement methods.

  • Non-Prescriptive Approach: Context-specific risk approaches for adjustment and evolution.

  • Law-, Industry-, and Technology-Agnostic Framework: Interoperability and flexibility without bias.

  • Third-Party Risk Management: Ensuring end-to-end accountability.

Risk Management

  • Treating risks case-by-case.

  • Involving business and technical stakeholders.

  • Enumerating potential harms and assessing data used in AI.

  • Technical tools to assess AI for bias and risks.

  • Categorizing AI risks according to the EU model.


  • Regular risk assessments in the context of regulatory requirements, risk tolerance, and industry standards.

Module 4: Establishing AI Governance and Strategy


  • Understanding the organizational operations and incentive structures.

  • Tailoring AI governance to the organization's type.

AI Governance Stakeholders

  • Identifying key stakeholders and their roles.

  • Engaging leadership for AI governance support.

  • Addressing pressures on tech teams and influencing behavioral change.

AI Governance Structure

  • Leveraging existing structures and ensuring company-wide buy-in.

  • Transparency about the state of AI governance maturity.

  • Defining roles and responsibilities clearly.

  • Incentivizing effective and safe AI products.

  • Engaging HR for role identification and success measures.


  • Building AI governance starts with understanding organizational structure and culture.

  • Engaging stakeholders early and fostering a culture of responsible AI.

  • Iterating the governance program from conception to completion, with clear roles and incentives.

That’s all for today!

Catch ya’ll on LinkedIn

What'd you think of today's email?

Login or Subscribe to participate in polls.