Reflections are deeper dives into how law, technology, and innovation intersect. These longer form pieces analyze research and emerging trends — offering perspectives that help teams navigate what's coming next.
After two days watching practitioners solve problems that didn't exist two years ago, a pattern emerged. The sessions that landed weren't about perfect frameworks. They were about what works when building under constraints.
In October I spent two days at IAPP Privacy. Security. Risk. 2025 in San Diego, watching 500+ practitioners try to solve problems that didn't exis…
In October I spent two days at IAPP Privacy. Security. Risk. 2025 in San Diego, watching 500+ practitioners solve problems that didn't exist two y…
In October I spent two days at IAPP Privacy. Security. Risk. 2025 in San Diego, watching 500+ practitioners try to solve problems that didn't exis…
In October, I spent two days at IAPP Privacy Security & Risk 2025 in San Diego, watching 500+ practitioners try to solve problems that didn't…
Are you building privacy controls that work at the scale California is designing for? Because "we'll handle deletion requests manually" doesn't survive a system designed to generate them by the millions.
Are you building supervision frameworks that match the level of autonomy you're granting? Treating agents like assistants when they're acting like employees doesn't just create compliance risk—it creates the kind of accountability vacuum that ends badly.
Regulations are still uncertain. Legal and product professionals are trying to figure out what responsible actually looks like when the rules keep shifting.
