-
The Accountability Control Plane Public Brief
Most organizations can prove they have an AI policy. Far fewer can prove what actually happened the last time an AI system shaped a real decision.
-
MCP Is an Operational Surface. Governance Has to Catch Up.
FairByDesign — Operational AI Governance Series Field Signal Model Context Protocol, or MCP, is mostly discussed as an integration breakthrough. That is accurate, but incomplete. Anthropic introduced MCP on November 25, 2024 as an open standard for connecting AI applications to the systems where data lives — files, databases, APIs, developer tools, internal systems,…
-
The Proof Deficit: Why AI Governance Is Moving From Principles on Paper to Controls in Systems
AI governance is shifting — from principles on paper toward controls running inside live systems. The unresolved problem is no longer a knowledge deficit. The field knows what responsible AI requires. It’s a proof deficit: whether a running system can actively prove who controlled it, when, with what evidence, and whether a human could…
-
Ratified by the EU, Rewritten in Colorado: AI Governance Diverges
In a single week of May 2026, the EU ratified the first binding international AI treaty while Colorado repealed and replaced America’s broadest state AI law with a narrower automated-decision framework. The two moves, a day apart, map a widening but asymmetric transatlantic split.
-
The AI Enforcer Already Open for Business Is Called the GDPR
While much of the AI Act’s use-based high-risk regime is set to move to December 2027, and product-integrated high-risk systems to August 2028, data-protection authorities have kept fining AI-enabled biometrics and profiling under the law already in force and ordering unlawfully collected data deleted.
-
The Regime That Got Nothing: GPAI Enforcement Still Arrives on 2 August
The 7 May Omnibus deal — still a provisional agreement, pending formal adoption — would delay the high-risk rules. It leaves the general-purpose AI obligations exactly where they are. For model builders, the enforcement clock does not move at all.
-
Twelve Days Apart: Brussels Moved the Deadline, Then Told You How to Meet It
The EU delayed its high-risk AI obligations on 7 May and published 148 pages of classification guidance on 19 May. Read together, the two acts say the same thing — the date moved, the expectation did not.