Writing Archive

All perspectives in one place.

Essays and briefings on privacy, data, AI regulation, board governance, incident response, and regulated-business risk.

01.

Full Archive

PII Is Not Personal Data June 2026 · Privacy Strategy
PII is an IT security concept; personal data and personal information are legal concepts. Confusing them weakens privacy, data and AI governance.
AI Governance Is the Stress Test for Your Operating Model June 2026 · AI Governance
AI governance tests whether privacy, data, vendor and risk controls can reach weak AI pathways before the business starts depending on them.
A Framework Is Not an Operating Model June 2026 · Privacy Strategy
Boards can mistake framework adoption for changed behaviour. The harder test is whether the business now makes different risk decisions.
AI Governance Is Not a One-Person Job May 2026 · AI Governance
AI governance cannot be solved by hiring one specialist role. It needs existing privacy, data, risk and technology capability to work together.
Anatomy of a Board-Level Privacy Failure May 2026 · Board Governance
Boards miss privacy risk when reporting preserves internal boundaries. Stronger governance gives directors one usable picture while the response can still be shaped.
The 2026 Automated Decision-Making Rules Will Expose Governance Gaps May 2026 · Regulatory (Australia)
The 2026 automated decision-making rules will test whether organisations know where consequential decisions are made and who controls them.
Why Siloed Privacy, Data, and AI Programs No Longer Work April 2026 · Privacy Strategy
Privacy, data and AI governance are still managed as separate programs long after the risk stopped behaving that way.

← Back to writing