Health Tech FDA Regulation of Software as a Medical Device: A Founder's Guide to SaMD Pathways FDA regulates software as a medical device based on what it does, not what it looks like. This guide covers the SaMD definition, IMDRF risk classification, 510(k)/De Novo/PMA pathways, FDA's PCCP framework, and clinical evidence requirements for founders.
Health Tech Clinical AI Vendor Contracts: A Due Diligence Checklist for Healthcare Organizations Three regulatory regimes converge when you onboard a clinical AI vendor: HIPAA, Texas TRAIGA, and the EU AI Act. This guide walks through the due-diligence questions that matter most — training data integrity, BAA alignment, model transparency, and contract red flags.
EdTech COPPA's April 22 Amendments: What Changed for EdTech Operators in 2026 The FTC’s 2025 COPPA Final Rule took effect April 22, 2026 with no grace period. Here’s what changed for EdTech operators: new biometric and geolocation data categories, data minimization and retention requirements, unbundled consent mechanics, and an expanded verification menu.
Visual Artists The Visual Artist's AI Opt-Out Guide: What Actually Works in 2026 Three layers of defense — dataset, technical, legal — and which actually work for visual artists in 2026. Concrete steps for Spawning HIBT registration, Glaze cloaking, current AI-crawler robots.txt entries, EU TDMRep, and where DMCA still bites against AI outputs that copy your work.
Musicians Your Music Is Being Used to Train AI. Here's What You Can Actually Do About It. AI companies trained on tens of millions of recordings — including yours — without consent. Here's what the lawsuits mean, what opt-outs exist, and the steps you can take to protect your catalog now.
AI Law AI Startup Legal Compliance: Where Tech Law, Privacy, and IP Intersect AI-native and data-intensive product design is now the default: LLM features ship behind a toggle, analytics run continuously, and customer data flows…
AI Law FTC's 2026 AI Disclosure Rules: What Every Creator Must Change This Quarter The FTC's 2026 enforcement priorities single out four creator-disclosure failures and add a new layer for AI-generated endorsements. Here's a plain-English breakdown plus the five changes to make in your content workflow this quarter.
AI Law AI-Washing Litigation in 2026: What Public-Company GCs Need to Know On Jan 14, 2025, the SEC charged Presto Automation with the first public-company AI-washing action. Four enforcement surfaces — SEC, plaintiffs' bar, FTC, and EU AI Act — now scrutinize every public AI claim. The GC's pre-clearance workstream is the answer.
AI Law The Modern AI Vendor Contract: Eight Clauses Your Old Template Is Missing After Bartz, Kadrey, and TRAIGA, the 2022 SaaS skeleton is missing eight clauses: lawful-training-corpus warranty, AI BOM, model-card delivery, audit, incident reporting, data-use limits, AI indemnity, AI termination. Plus a 24-month reformation program.
AI Law Parallel Pipelines: Why the Strictest-Rule Strategy No Longer Works for AI GDPR-as-baseline worked for privacy because regimes shared a substrate. AI regimes don't — TRAIGA intent, EU AI Act risk-class, Colorado discrimination, NYC LL 144 audit, AB 2013 disclosure. Build modular NIST + ISO 42001 spine; layer overlays.
AI Law From Procurement Questionnaire to Standing Answer: How Vendors Sell Into Enterprise AI-CAIQ v1.0.2 (Oct 2025) + SIG 2025 made the questionnaire the deal-gating event. Mid-market vendors lose deals when answers are ad-hoc and inconsistent with the MSA. Build the standing answer FROM the signable contract template.
AI Law High-Risk AI Systems Under the EU AI Act: How to Classify Yours EU AI Act Article 6 high-risk classification activates the full Title III Chapter 2 stack. Two pathways (Annex I product-safety / Annex III use cases). Four-condition derogation with profiling kill-switch. A five-step decision tree.
AI Law Drafting AI Disclosures for the 10-K: Materiality Without Hype Two-front pressure: 92 SEC comments / 56 companies push toward disclosure; AI-washing enforcement (Presto) punishes overstatement. Six-element Item 1A architecture, four-step pre-clearance workflow, integrated documentary spine.
AI Law AI BOM Disclosure: The OWASP and SPDX Standards for AI Procurement Two complementary AI BOM standards anchor 2026 procurement: OWASP AIBOM (six asset domains) and SPDX 3.0.1 AI Profile (machine-readable schema). California AB 2013 is the regulatory floor. Three implementation moves for procurement teams.
AI Law Lawful Training Corpus Warranties: Post-Bartz Rep & Warranty Drafting Bartz $1.5B + Kadrey caution = standard IP rep is not enough. Four-lane lawful-training-corpus warranty, AI BOM disclosure schedule, three indemnity calibration levers, three drafting fact patterns.
AI Law AI Diligence for M&A: The Workstream Most Buyers Aren't Running Yet AI diligence is now what cyber-DD was in 2018: a discrete M&A workstream that wasn't standard until the loss profile forced it. After Bartz $1.5B, Mobley, TRAIGA, and EU AI Act high-risk obligations, here is the buyer-side framework.
AI Law A 90-Day TRAIGA Compliance Plan for Texas Tech Companies TRAIGA takes effect Jan 1, 2026 with civil penalties up to $200K per violation. Section 546.103 makes substantial NIST AI RMF compliance an affirmative defense. A 90-day, four-phase workplan: Discovery, Governance, Vendor, Operationalization.
AI Law Roll-Up Acquirers and the AI Compliance-by-Design Question Roll-ups are repetitive by definition. Each acquired target imports its own AI exposure stack — shadow AI, pre-mid-2025 vendor reps, training-corpus gaps. Build compliance-by-design at the platform layer; phased Day 1-180 integration playbook.
AI Law The Marchand Test for AI Governance: What Boards Owe Their Shareholders Marchand creates heightened-scrutiny zone for mission-critical risk. Glass Lewis 2026 + CalPERS treat AI oversight gaps as director recall signals after material incidents. Six-artifact board record satisfies Marchand, TRAIGA, and Glass Lewis.
AI Law After McDonald's: Why Chief AI Officers Are Now Personally Liable for Oversight Failures In re McDonald's (Del. Ch. 2023) extended the Caremark oversight duty to corporate officers within their domain. With 60% of enterprises naming a CAIO, the named officer faces a personal-stakes posture that DGCL § 102(b)(7) does not cover.
AI Law EU AI Act August 2: A Pre-Deadline Checklist for U.S. Multinationals EU AI Act high-risk obligations apply 2 August 2026, with penalties up to 7% of worldwide turnover. Article 2(1)(c) reaches U.S. multinationals when AI output is used in the Union. A 10-item pre-deadline checklist for in-scope GCs and CAIOs.
AI Law The TRAIGA Safe Harbor: Why the NIST AI RMF Is Now a Business Decision TRAIGA went live January 1, 2026 with $200K-per-violation Texas AG enforcement and an affirmative defense for substantial NIST AI RMF compliance. That converts NIST adoption from a governance preference into a documented business decision.
AI Law Tech, Privacy, and AI Law: A Product Leader's Guide Most digital products are now data-driven by default — and increasingly AI-driven in ways that affect users in real time.
Startup Central When Copilot Committed the Ad: Agency Law, Electronic Signatures, and the Missing Duty-of-Care for AI Agents Moffatt v. Air Canada exports cleanly to US law: UETA Section 14 and Restatement Section 2.03 already bind the deployer. The drafting work is allocation, not attribution.
Lawyer in the Loop Audit-Ready AI-Assisted Law-Firm Workflows (FTC/FCC, Data Access, and Court/Ethics Disclosures) AI in law firms isn’t just a productivity upgrade anymore — it’s a supervision, confidentiality, and disclosure system.
