Friday, July 03, 2026

Clearly not limited to the legal profession…

https://www.bespacific.com/exposing-the-risk-surface-of-agentic-ai-in-the-practice-of-law/

Exposing the Risk Surface of Agentic AI in the Practice of Law

Murray, Michael D., Exposing the Risk Surface of Agentic AI in the Practice of Law (April 14, 2026). Available at SSRN: https://ssrn.com/abstract=6576480  or http://dx.doi.org/10.2139/ssrn.6576480

This article examines how the legal profession’s shift from passive generative AI tools to autonomous or semi-autonomous agentic AI systems dramatically expands the “risk surface” of AI in law practice. It argues that once AI systems can plan, use tools, access files, interact with other agents, and take actions in the world, the ethical and professional risks move far beyond confidentiality and fabricated output to include unauthorized acts, tool misuse, memory leakage, cross-agent cascading failures, shadow AI, and compromised permissions. The article explains how these risks implicate a wide range of duties under the Model Rules of Professional Conduct, including competence, confidentiality, candor, scope of representation, supervision, fees, and unauthorized practice of law. It concludes by outlining practical governance responses for law firms and courts, including secure deployment environments, zero-trust architecture, human-in-the-loop review, and least-privilege access, while emphasizing that the human lawyer remains ultimately responsible for the actions of digital agents in legal practice.





New Jersey did this? Amazing.

https://pogowasright.org/new-jersey-enacts-broad-data-broker-law-with-costly-fees-and-severe-fines/

New Jersey Enacts Broad Data Broker Law with Costly Fees and Severe Fines

A newly enacted law is causing shock waves. David Stauss of Stauss Law writes:

The risks and costs of being a data broker in the United States just went up — again. On 30 June 2026, Gov. Mikie Sherrill, D-N.J., signed A 5328 into law, making New Jersey the seventh state to enact a data broker law, and the second this year, following Connecticut.
New Jersey’s data broker law stands out for its breadth and cost. It covers not just data brokers but also “data collectors” – entities with a direct relationship to consumers who sell their data to data brokers. Its biggest impact is a tiered annual registration fee: up to $1.5 million for the largest data brokers/collectors. Registration failures or outdated filings also carry significant fines. The law also bans sale of sensitive data – both directly and via an amendment to New Jersey’s general consumer privacy law – with violations carrying a steep $50,000-per-record penalty.
In this article for the IAPP, David Stauss and Cobun Zweifel-Keegan examine the new law and its potential impact on businesses

Expect to see a lot more coverage of this law.





Evolving surveillance. (Next? Facial recognition without the face.)

https://www.schneier.com/blog/archives/2026/07/flock-cameras-can-surveil-cars-without-license-plates.html

Flock Cameras Can Surveil Cars Without License Plates

This is from a 2024 company presentation:

Officers can also tap into data showing a car’s decals, bumper stickers, back and top racks—along with temporary and unique state tags.
Flock calls it a “Vehicle Fingerprint” and it’s touted as a way for law enforcement officials to get more information “even when you don’t have full plate information,” the company’s presentation shows.
The company gives police officers the ability to search that data as well, to “build stronger cases with less information upfront.” That includes being able to locate multiple vehicles law enforcement officials believe are moving together and what Flock calls a “multi geo search.”

This kind of thing is older than AI; I wrote about it in my 2014 book Beyond Fear. Edward Snowden revealed that the NSA was using cell phone location data to track phones that were habitually near each other.

As bad as Flock is, remember that anyone with broad access to cell phone location data can do the same thing.





Imagine thousands of copies…

https://thenextweb.com/news/ai-agent-first-end-to-end-ransomware-attack

Researchers say an AI agent just ran a ransomware attack from start to finish, with no human at the keyboard

Ransomware has always needed a skilled human somewhere in the loop. Security firm Sysdig says that just changed. It has documented what it calls the first ransomware attack run from start to finish by an AI agent, with no human at the keyboard.

The researchers named the attacker JADEPUFFER, and say a large language model handled the entire job. It broke in, stole credentials, moved deeper into the network, planted a backdoor, then encrypted and destroyed a company’s production database. Sysdig’s Threat Research Team laid out the case in a detailed write-up.



Thursday, July 02, 2026

If not the answer, perhaps a baseline?

https://www.bespacific.com/un-unchecked-ai-progress-may-pose-catastrophic-risks/

UN – Unchecked AI progress may pose catastrophic risks

The Preliminary Report of the Independent International Scientific Panel on AI: Evidence-based assessment of opportunities, risks and impacts of AI  is a first-of-its-kind independent scientific assessment of the capabilities, emerging opportunities and risks of artificial intelligence. The Panel, composed of independent scientists and experts from all 5 UN regions, outlines trends in AI. It’s central warning: current safeguards cannot keep pace with the growth of AI’s capabilities. It identifies a crucial evidence challenge for decision-makers around the world: policymakers need scientific evidence to effectively govern AI, but by the time the evidence is clear, it may be too late to act on it. In the report, the Panel outlines its findings across seven key domains:

  • AI science, advances & trajectories

  • Societal applications: science, health, education & agriculture

  • Economic implications

  • Security, systems & environmental implications

  • Human rights, information & democracy

  • Cultural & individual flourishing, autonomy and child safety

  • Management, governance & reliability

This Preliminary Report marks the beginning of the Panel’s work. The Panel will continue to deepen its evidence base through consultations, engagement with the scientific community, and thematic briefs on emerging or fast-moving issues. Its next annual report will inform the second Global Dialogue in May 2027 in New York. The preliminary report will inform the inaugural Global Dialogue on AI Governance, to be held on 6 and 7 July 2026 in Geneva, providing a common scientific starting point for discussion.





Curious…

https://www.schneier.com/blog/archives/2026/07/cybersecurity-mission-creep-in-the-us.html

Cybersecurity Mission Creep in the US

Interesting paper: “Cybersecurity Mission Creep.”

Abstract: Cybersecurity is experiencing mission creep. Policymakers are casting more and more problems as issues of cybersecurity. So reframed, wildly different policy issues, from misinformation, to child social media safety laws, to antitrust regulations, to alleged journalist misconduct, to anti-sex trafficking statutes become what this Article calls “cybersecuritized.” Before this reframing, these issues present as important but not existential. But once cybersecuritization positions the issues as threats intensified by their technological nature, they gain access to the politics and law of urgency and exceptionalism and invite troubling governance responses.
Positioned as security threats, cybersecuritized issues become endowed with the apparent normative power to override countervailing considerations, oversimplifying the problem. Cybersecuritization’s oversimplification similarly risks unidimensional solutions and invites use of argumentative trump cards, like First Amendment challenges. Cybersecuritization also invites deference to purported specialists and their proposed solutions. Together, the reductive tendencies of cybersecuritization and the deference it prompts to specialists renders ultimate governance choices more opaque. And this opacity can erode public trust and political legitimacy.
This Article surfaces the phenomenon of cybersecuritization and offers a novel framework for analyzing and critiquing it. Mining cases from across criminal and civil domains, the account also demonstrates the insidiousness of cybersecuritization and the likelihood that it will continue to expand. Confronting cybersecuritization is crucial. If we continue to ignore it, we risk abdicating further responsibility for difficult choices to the trump card of cybersecurity. This Article’s analysis and critique aim to help reclaim the hard work of governance for our hands.





I don’t quite get the economic benefits. Political benefits seem obvious.

https://thenextweb.com/news/openai-5-percent-stake-trump-administration

OpenAI has reportedly offered Washington a 5% stake worth $42.6bn

OpenAI has proposed handing the US government a 5% equity stake in the company, according to the Financial Times, as the White House and Silicon Valley’s best-funded startup edge closer to a deal that has been under discussion for more than a year.

The politics around the idea are messier than the mechanics. Senator Bernie Sanders has pushed a competing and considerably more aggressive plan, the American AI Sovereign Wealth Fund Act, which would impose a one-time 50% stock tax on large AI companies to seed a fund the senator’s office projects could reach $7 trillion.

Palantir’s Alex Karp has argued that OpenAI’s voluntary 5% offer will look modest next to Sanders’ proposal, and that full nationalisation of frontier AI companies is coming regardless of which version wins first.

Where the two plans agree is on the underlying premise, that a handful of AI companies are about to become extraordinarily large and that the public should hold some claim on that value before it fully accrues to private shareholders. [Why? Bob]





Wednesday, July 01, 2026

What was the goal of this surveillance?

https://pogowasright.org/ca11-yahoo-not-a-govt-actor-in-scanning-emails-for-csam/

CA11: Yahoo not a govt actor in scanning emails for CSAM

Seen on FourthAmendment.com:

Yahoo and NCMEC didn’t act as government agents when they scanned defendant’s email account for hash values of CSAM. They were not required to do so, but did so and warned customers they would. NCMEC passed on the information to the local police who got a search warrant.  United States v. Williamson, 2026 U.S. App. LEXIS 18972 (11th Cir. June 30, 2026)





Would you like to play a game?

https://thenextweb.com/news/bioshocking-ai-browser-credential-leak-layerx

BioShocking” tricks AI browsers into leaking your passwords

Security researchers convinced six AI browsers they were playing a game. The browsers then handed over their users’ passwords and treated it as a win.

The firm behind it, LayerX, calls the technique BioShocking, and says it worked on every agent it tried. The list reads like a roll-call of the new AI browser market: OpenAI’s ChatGPT Atlas, Perplexity’s Comet, Anthropic’s Claude extension for Chrome, and three smaller players, Fellou, Genspark, and Sigma.

The attack starts on a booby-trapped web page built as a puzzle. To fit its dystopian theme, the puzzle rewards wrong answers, insisting that two plus two equals five. Once the agent accepts that “wrong” is the winning move, it switches from safety logic to game logic. From there, the researchers simply made stealing credentials the next level.





The law is what you make it…

https://www.reuters.com/world/china/china-says-it-has-right-target-people-overseas-with-new-ethnic-unity-law-2026-06-24/

China says it has a right to target people overseas with new ethnic unity law

The new law, which goes into effect on July 1, includes a clause saying people and groups beyond the borders of the People's Republic of China can be held legally accountable for undermining "ethnic unity and progress or inciting ethnic separatism".

That has sparked alarm in Chinese-claimed Taiwan in particular that it could give Beijing another legal basis to go after Taiwanese it views as separatists. Rights groups have also complained that China has tried to used Interpol "red notices" to try and get foreign governments to arrest people abroad it wants for political offences at home.



Tuesday, June 30, 2026

When technology runs amok…

https://sloanreview.mit.edu/article/the-real-question-to-ask-about-ai-governance/

The Real Question to Ask About AI Governance

When an AI model does something it shouldn’t, who in your organization has the authority to stop it? If you can’t answer that question, you’re performing AI governance theater.





Think of it as “Moneyball for politicians.”

https://www.nytimes.com/2026/06/29/us/politics/political-campaigns-ai-tech.html?unlocked_article_code=1.t1A.0BIa.SrowQDfeMYAi&smid=bs-share

How A.I. Is Changing the Way Politicians Run for Office

A.I.-generated images are the public face of this election overhaul. Behind the scenes, campaigns are using the technology to analyze voter data, craft campaign materials and write custom messages.





How common are health care hallucinations?

https://www.zdnet.com/article/us-adults-use-ai-for-health-information-now/

61% of US adults use AI for health information now - up from 2% in 2024

Only 2% of U.S. adults turned to AI for healthcare information in 2024, and today the number is 61%, according to Salesforce's Connected Health Consumer report, a survey of 3,200 consumers worldwide aimed at better understanding how the rise of agentic AI is reshaping consumer expectations, attitudes, and demands within healthcare -- specifically patient experience. 





Electronic search is still search… What a concept!

https://www.theguardian.com/us-news/2026/jun/29/supreme-court-geofence-warrants-case-decision

US supreme court rules geofence warrants require constitutional privacy protections

The US supreme court has ruled that law enforcement’s use of sprawling warrants that sweep up smartphone location data requires privacy protections under the fourth amendment, in a boost to critics who view their use as an unconstitutional dragnet.

Justice Elena Kagan wrote the majority opinion, which held that the sensitive data scooped up by “geofence warrants” counts as a fourth amendment search, and offers individuals a “reasonable expectation of privacy”, even if they may be in a public area.



Monday, June 29, 2026

Big Brother is looking after you.

https://www.bespacific.com/redesign-of-us-government-websites-stokes-surveillance-fears/

Redesign of US government websites stokes surveillance fears

The Guardian: “The National Design Studio, staffed by Doge veterans, installed visitor-tracking software on vital federal website.  An opaque White House office staffed largely by veterans of Elon Musk’s “department of government efficiency” (Doge) has quietly rebuilt some of the federal government’s most sensitive websites – for passport applications, voter registration, prescription-drug pricing and children’s savings – in ways critics say appear to violate federal law. The National Design Studio (NDS) was established by a Donald Trump executive order last August, and is led by Trump-aligned Airbnb co-founder Joe Gebbia and staffed by Doge veterans. A Guardian investigation has found the office has apparently been developing or redeveloping sensitive federal websites, including those connecting Americans with prescription drugs, children’s savings accounts, passports and voter registration. The investigation corroborates and advances earlier reporting by the Drey Dossier, a YouTube investigative outlet.  The NDS built and now operates four public federal websites: ndstudio.gov, trumprx.gov, realfood.gov and trumpaccounts.gov. All four ran commercial visitor-tracking software, configured to evade the privacy tools many web users install, and none carry the public filings federal privacy law requires under laws including the Privacy Act of 1974 and the E-Government Act of 2002. Separately, none of the NDS’s spending or its arrangements with outside vendors appears in USAspending, the federal contracting database, raising questions about how it is funded and overseen. Separately, the NDS has also built and runs White House-controlled versions of services the US Congress assigned to other federal agencies, including a passport-application portal that bypasses the state department’s existing site, and a copy of voter-registration site vote.gov. Combined, the sites route sensitive interactions Americans have with their government through infrastructure the White House apparently controls, and outside the reporting and accountability systems that normally cover federal agencies…”





Don’t try to slip surveillance under the radar, be the radar!

https://doctorow.medium.com/https-pluralistic-net-2026-06-23-destroy-the-village-to-save-it-c4eaddaef7bc

Spying on kids to save kids from spying is very, very stupid

The literature on harms to kids from online platforms is complex and nuanced, rife with people citing small, ambiguous studies as iron-clad evidence that kids are being destroyed by the internet:

It’s a weird coalition of anti-Big Tech campaigners (who are rightly angry at the platforms’ callous disregard for user welfare) and Heritage Foundation-backed culture warriors (who think that if their kids aren’t exposed to LGBTQ content they won’t come out as queer). While there’s plenty these groups disagree about, they share one consensus: there should be a “minimum age” for certain kinds of internet use.

The problem is, there’s no such thing as “age verification” for the internet.  What we call “age verification” is actually mass surveillance, so invasive and pervasive that it makes the ad-tech industry’s commercial surveillance look like some kind of cypherpunk darknet pirate utopia:

Age verification” means that everyone who does anything online will have to submit to fine-grained tracking and recording of all their online activities. This nightmare is the surveillance advertising industry’s fondest dream, a world where it’s literally illegal to avoid their tracking, all in the name of saving kids…from them!



(Related)

https://thenextweb.com/news/eth-zurichs-bidirectional-pixel-could-turn-screens-into-cameras

ETH Zurich’s bidirectional pixel could turn screens into cameras

Researchers at ETH Zurich have built the first bidirectional pixel, in work published in Nature. The same tiny patch of chip can create an image and analyse the light falling on it. Not just brightness, but the phase and polarisation of the wave too.

The promise is a camera-display: one surface that shows you a picture and watches you at the same time. Picture a phone screen that is also its own front camera, with no notch and no cut-out. Or a video call where the lens sits behind the eyes you are looking at.



Sunday, June 28, 2026

Preparing my AI to sue your AI.

https://papers.ssrn.com/sol3/papers.cfm?abstract_id=6979919

Tort Law at the Frontier of Artificial Intelligence

The frontier of contemporary AI development is dominated by AI systems built on foundation models - highly versatile algorithms, trained in the first instance on broad swathes of data, that can function as tools and agents across a wide variety of commercial, social, military and political domains. For the moment, at least, the process of developing and releasing foundation models is subject to anemic formal regulation and haphazard ex ante governance. Until that changes, it is largely the common law of torts - our society's most ancient and general legal mechanism for governing serious risks of physical injury - that will govern the frontier of AI development.

This Article offers an in-depth conceptual, normative, and doctrinal examination of tort liability for foundation model development and release. It provides a qualified defense of the tort of negligence - the common law's broadest and most flexible cause of action - as the principal doctrinal foundation of the tort system's governance of this novel domain. Legal scholarship on AI liability has been quite hostile to negligence. By contrast, this Article argues that the generality and flexibility of the negligence tort - and its greater sensitivity to the externalized benefits of risky activity - render it well-suited to the polymathic and protean functionality of foundation models. Only the tort of negligence has the breadth and flexibility to address the range of important pathways - including internal deployments, inadequate model weight security, targeted entrustments of non-defective models, and open source releases - by which foundation model developers might cause serious harm.

Analyzing the choice between negligence and competing doctrinal regimes does, however, suggest important ways in which common law courts should incrementally develop the law of negligence, in order to properly reflect the risks and capabilities of foundation models. For example, courts should expand the scope of the duty of care in negligence, in order to provide redress when foundation models cause economic or emotional injury by behaving in ways that are closely analogous to serious human wrongdoing (e.g., certain crimes and intentional torts, such as theft, deceit, and outrage).

But the Article's analysis also suggests certain fundamental pathologies of tort liability as a mechanism of AI governance - pathologies that no amount of doctrinal development will adequately cure. In particular, the specter of tort liability can be expected to disincentivize frontier AI developers from investigating and disclosing many of the novel and poorly understood risks that frontier AI development may pose. That is especially disturbing given that our society is relying quite heavily, for its ability to discover and understand these risks, on frontier AI developers themselves. Thus, tort liability is not only inadequate as a mechanism of frontier AI governance; in certain important respects, it is actively perverse, and its perverse effects must be countered by governance institutions of a different kind. Ultimately, a robust regime of ex ante regulation - under which government institutions or credibly neutral third-party experts are empowered to investigate, evaluate, and mitigate the risks of frontier AI development - is urgently required in frontier AI governance.





Tools & Techniques. Could be useful.

https://journals.uwyo.edu/index.php/jtilt/article/view/10247

Teaching Prompt Engineering as a Core AI Literacy Skill in Undergraduate Education

This learning representation introduces undergraduate students to prompt engineering as a structured, iterative practice rather than an ad hoc interaction with generative AI tools. Students design, test, and refine prompts within a domain of their choosing, documenting each iteration and evaluating outputs for accuracy, relevance, and ethical considerations. The activity emphasizes transparency, reflection, and intentional AI use, positioning prompt engineering as both a technical and metacognitive skill. By engaging students in guided experimentation and revision, the assignment supports AI literacy while reinforcing critical thinking, communication, and documentation skills applicable across academic and professional contexts.





Tools & Techniques. Takes some work, but could be useful.

https://www.makeuseof.com/tiny-claude-skill-that-turns-any-document-into-mind-map-visualize-anything/

I built a tiny Claude skill that turns any document into a mind map, and now I can visualize anything

I have reopened the same 60-page PDF multiple times this week, and I still can't tell you what is in the middle of it. Linear reading has never really clicked for me. Somewhere around page twenty, a long report stops being information and starts being wallpaper. So I built a small Claude skill that takes any document and hands me back a navigable mind map. It's the same instinct behind turning plain notes into visual maps. A branching picture sticks in my head when paragraphs just slide off it.



Saturday, June 27, 2026

Clearly AI is a weapon, that’s why the government treats it like a tank or a predator drone.

https://thenextweb.com/news/anthropic-mythos-5-us-clearance-trusted-partners-fable-restricted

US clears Anthropic to restore Mythos 5 to a small group of cyber defenders, but Fable 5 stays dark

The US government has cleared Anthropic to restore access to Mythos 5, its most powerful cybersecurity model, for a select group of trusted partners. Commerce Secretary Howard Lutnick wrote in a letter to Anthropic co-founder Tom Brown that the company’s efforts to address security concerns had “yielded significant progress,” and that the model could be released to “certain trusted partners.” The letter, dated Friday and seen by Bloomberg, does not mention any change to the restrictions on Fable 5, the public-facing version of the same model.

The clearance partially resolves a confrontation that began two weeks ago when the government invoked export controls to force Anthropic to disable both Mythos 5 and Fable 5, citing fears that security guardrails could be circumvented. Anthropic shut off all global access to both models because it could not distinguish foreign nationals from domestic users in real time.





Target selection...

https://www.theregister.com/security/2026/06/25/nation-state-actors-cracked-critical-australian-infrastructure-to-cripple-it-at-a-time-of-their-choosing/5261877

Nation-state actors cracked critical Australian infrastructure to ‘cripple it at a time of their choosing’

Australia’s Security and Intelligence Organisation (ASIO) has established dedicated teams to counter nation-state attacks on critical infrastructure, the org’s director general Mike Burgess revealed yesterday.

We discovered nation-state hackers had compromised the network of an Australian critical infrastructure provider,” Burgess said yesterday in remarks accompanying the release of ASIO’s annual threat assessment, a task it performs in its role as Australia’s equivalent to the FBI and MI5.

ASIO assessed the hackers were preparing for sabotage. They weren’t planting ‘digital dynamite’ as such; they were mapping out the network and maintaining access so they could cripple it at a time of their choosing.”