Counsel at the intersection of law, technology, and innovation

Better context beats a better model — which means AI risk governance needs to shift from the model layer to the retrieval layer. That's where defensibility lives now.

LLMs break traditional observability — and that creates a compliance gap most governance teams haven't addressed yet. If you can't trace the full AI pipeline, you can't audit it.

You wouldn't tell a first-year associate "do law" and expect good results. So why are attorneys doing exactly that with AI agents? Dan…

The trajectory is encouraging — the most capable models performed best. But 20 percent is not a foundation for compliance frameworks.

SaiKrishna Koorapati's piece in VentureBeat makes the case that observable AI isn't about adding monitoring dashboards. It's about audit trails that connect every AI decision back to its prompt, policy, and outcome

The accountability gap doesn't just create compliance risk. It creates operational security risk. When model developers point to deployers and deployers point to model developers, the space between them becomes the attack surface.

A new research paper from Stanford, Harvard, UC Berkeley, and Caltech — "Adaptation of Agentic AI" — provides the clearest framework I've seen for diagnosing what goes wrong when agentic AI systems move from controlled demonstrations to real-world deployment.

Before MCP, every AI application needed custom connectors for each data source. Without foundation governance, that success creates three risks: proprietary lock-in, protocol fragmentation, or de facto control by a single company. AAIF prevents all three