Podcast Episode Outline – “Shadow AI: Threats, Solutions, and Thoughts”

* Report Spotlight: 1Password’s Annual Access‑Trust Gap study (5,000+ knowledge workers, IT pros, security leaders, CISOs)

* Core Finding: A widening chasm between the access controls organizations think they govern and how employees actually reach sensitive data.

Key Statistics & Insights

* AI Adoption vs. Policy Adherence

* 73 % of employees are encouraged to use AI at work.

* Only 37 % say they follow their company’s AI policies.

* 27 % admit using unsanctioned (“Shadow AI”) tools, feeding confidential info into LLMs.

* App & Device Risks

* 52 % of staff install apps without IT approval.

* 38 % have accessed a former employer’s account.

* 73 % use personal devices for work; >50 % of those devices lack MDM coverage.

* Identity & Access Weaknesses

* 70 % of IT/security pros claim SSO alone isn’t enough to secure identities.

* 34 % of SaaS applications aren’t protected by SSO.

* 66 % of employees maintain poor password hygiene.

* Real‑World Breach Example

* Post‑Louvre art heist: French agency discovered the surveillance server password was literally “Louvre.”

Hybrid Work – The Double‑Edged Sword

* Shift Overview: From pandemic emergency to permanent hybrid model (home + office).

* Business Benefits: Talent attraction, employee well‑being, reduced overhead, flexibility.

* Security Trade‑offs: Expanded attack surface, unmanaged personal devices, fragmented MDM coverage.

Economic Impact

* Turnover Costs: Replacing an employee can equal 6–9 months of salary (up to 2× annual wages).

* Retention Drivers:

* Hybrid/remote options boost employee happiness (+27 %).

* 4‑day work‑week pilots (Germany) improve health, recruitment, and profit stability.

Policy Imperatives

* Tailored AI Governance – Protect IP & confidential data, not just generic guidelines.

* Dynamic Cybersecurity Controls – Evolve beyond SSO/MDM to cover shadow AI and personal devices.

* Privacy Alignment – Sync with state/federal regulations (e.g., GDPR, CCPA).

* Data Governance & Incident Response – Documented, tested, and regularly audited.

* Enforcement & Training – Policies must be lived, not filed away.

How I Can Help (as a Fractional General Counsel)

* Draft a custom AI governance policy that reflects your industry, workflow, and culture.

* Conduct an AI compliance audit to verify adherence and identify gaps.

* Build a holistic IT security framework covering SSO, MDM, password hygiene, and shadow AI.

* Provide ongoing training and audit programs to keep policies enforceable.

Takeaway for Listeners

Strong, enforceable policies are no longer optional—they’re a competitive advantage and a legal shield. In an era of hybrid work, SaaS sprawl, and unchecked AI use, the Access‑Trust Gap threatens every organization. Tune in to learn how to close that gap before it closes you out.

To learn more about the services offered by Mercury Legal Group PLLC, please visit https://mercurylegalgroup.com/

THE INFORMATION PROVIDED IN THIS CONTENT IS NOT LEGAL ADVICE, AND NO ATTORNEY-CLIENT OR CONFIDENTIAL RELATIONSHIP IS OR WILL BE FORMED BY CONSUMPTION OF THIS CONTENT.

This video outlines the importance of responsible and ethical use of generative AI tools in the workplace to protect confidentiality, intellectual property, and privacy. It highlights risks such as data leaks, misinformation, and legal liability, and emphasizes the need for clear guidelines around permissible uses, transparency, oversight, and compliance. The policy recommends regular training, incident reporting protocols, and ongoing reviews to ensure safe and effective AI integration aligned with company values and regulatory standards.

If you would like help crafting your own AI use policy and are a TN business learn more at my firm’s website.

THE INFORMATION PROVIDED IN THIS CONTENT IS NOT LEGAL ADVICE, AND NO ATTORNEY-CLIENT OR CONFIDENTIAL RELATIONSHIP IS OR WILL BE FORMED BY CONSUMPTION OF THIS CONTENT.

On this episode, listen to interesting new laws taking effect in Tennessee on July 1st, 2025. The new laws include:

Lower BAC for Aggravated Vehicular Homicide or Assault (House Bill 190)

The minimum Blood Alcohol Concentration for Aggravated vehicular homicide or assault is lowered from .20 to .15.

Good Samaritan Law Extended (HB 995)

Tennessee’s existing Good Samaritan Law immunity protections are extended to include alcohol overdoses.

Rideshare Impersonation (HB 786)

It is now a criminal offense for one to falsely present themselves as a rideshare driver.

Lab Grown Meat (HB 804)

Any food that is lab-grown or “cell-cultured” cannot be labeled as “meat” or “meat food products.” Mislabeling is considered misbranding and may result in a $2,000 fine per violation. Labels may identify the species or state the product is a meat substitute. Manufacturers must obtain a state permit with a $1,000 annual fee.

Protecting Kids from Hemp (HB 72)

Creates a minimum sentence of 48 consecutive hours in a county jail or workhouse and a fine of not less than $500 for people convicted of selling or distributing hemp-derived cannabinoid products, including THC gummies, to people under 21.

Fertility Treatment and Contraceptive Protection Act (HB 533)

Related to protecting the kids, Tennessee is now first state in South to protect access to IVF, birth control

Commercial Squatting (HB 216)

Now allows for the immediate removal of squatters on commercial property if certain conditions are met.

Unfair Billing/FTC (HB 141)

Consumers are now protected from excessive charges when canceling service contracts for cable, internet or phone plans

DeepFakes (HB 1299)

There is now a legal framework for victims to sue and recover financial damages from a person who posts pictures of intimate digital depictions without consent.

Peace Act (HB 55)

Amends Civil rights intimidation to include those who Litters or trespasses upon any real or personal property of another person with the intent to unlawfully intimidate another from the free exercise or enjoyment of any right or privilege secured by the TN or Federal constitution or laws of the state of Tennessee or the US.

Mass Violence/ Doxing (HB 1314)

Knowingly threatening mass violence by any means of communication is a Class E felony offense. Another person must reasonably deem it a legitimate threat that could lead to the death or injury of four or more people. It also creates a Class B misdemeanor offense for posting on a public website the phone number or home address of another person with ill intent, a practice commonly referred to as “doxing.”

Human Smuggling (HB 322)

The law creates three new offenses: a Class E felony for knowingly smuggling or concealing illegal immigrants for financial gain; a Class A felony for smuggling a child under 13; and a Class A misdemeanor for knowingly harboring undocumented individuals in Tennessee, with a $1,000 fine per person.

Commemorative Months (HB 327)

There are now three commemorative months beginning in 2025 to celebrate the nation’s founding principles. June will be “Celebration of Life” Month, July “Celebration of Liberty” Month, and August “Pursuit of Happiness” Month. These observances aim to inspire civic pride and reflection on the values that shaped our country and continue to guide our state and nation.

To learn more about the services offered by Mercury Legal Group PLLC, please visit https://mercurylegalgroup.com/

THE INFORMATION PROVIDED IN THIS CONTENT IS NOT LEGAL ADVICE, AND NO ATTORNEY-CLIENT OR CONFIDENTIAL RELATIONSHIP IS OR WILL BE FORMED BY CONSUMPTION OF THIS CONTENT.

The episode explores the complex saga of TikTok’s potential ban in the United States and its implications for users, businesses, and national security. As political pressures evolve, the episode raises critical questions about data privacy, foreign influence, and the future of social media in America.

• Overview of TikTok's history and rise to popularity
• Political concerns and investigations surrounding TikTok
• Pentagon's actions regarding military device bans
• Impact of executive orders from the Trump administration
• Biden administration's delayed response
• Internal data access issues highlighted by BuzzFeed report
• Congressional hearings with TikTok’s CEO
• Discussion on the Protecting Americans from Foreign Adversary Controlled Applications Act
• Supreme Court ruling on TikTok’s operational status
• Ethical considerations in social media algorithms and practices
• Call for stronger privacy laws in the U.S.
• The consequences of relying solely on one platform
• Encouragement to diversify across multiple social media platforms

To learn more about the services offered by Mercury Legal Group PLLC, please visit https://mercurylegalgroup.com/

THE INFORMATION PROVIDED IN THIS CONTENT IS NOT LEGAL ADVICE, AND NO ATTORNEY-CLIENT OR CONFIDENTIAL RELATIONSHIP IS OR WILL BE FORMED BY CONSUMPTION OF THIS CONTENT.

In this episode, Robert Marks, Fractional General Counsel at Mercury Legal Group PLLC, dives into the Department of Treasury FinCen's Beneficial Owner Reporting Rule under the Corporate Transparency Act that was suppose to be mandatory on January 1st, 2025.

To learn more about the services offered by Mercury Legal Group PLLC, please visit https://mercurylegalgroup.com/

THE INFORMATION PROVIDED IN THIS CONTENT IS NOT LEGAL ADVICE, AND NO ATTORNEY-CLIENT OR CONFIDENTIAL RELATIONSHIP IS OR WILL BE FORMED BY CONSUMPTION OF THIS CONTENT.

To learn more about the services offered by Mercury Legal Group PLLC, please visit https://mercurylegalgroup.com/

THE INFORMATION PROVIDED IN THIS CONTENT IS NOT LEGAL ADVICE, AND NO ATTORNEY-CLIENT OR CONFIDENTIAL RELATIONSHIP IS OR WILL BE FORMED BY CONSUMPTION OF THIS CONTENT.

MLSE3: Last month, the US Copyright Office granted a key exemption under DMCA 1201, allowing repair advocates to decode diagnostic codes in food prep equipment—including McDonald’s McFlurry machines—without breaking the law. This means tools can now legally interpret scrambled error codes to make repairs easier.

To learn more about the services offered by Mercury Legal Group PLLC, please visit https://mercurylegalgroup.com/

THE INFORMATION PROVIDED IN THIS CONTENT IS NOT LEGAL ADVICE, AND NO ATTORNEY-CLIENT OR CONFIDENTIAL RELATIONSHIP IS OR WILL BE FORMED BY CONSUMPTION OF THIS CONTENT.

To learn more about the services offered by Mercury Legal Group PLLC, please visit https://mercurylegalgroup.com/

THE INFORMATION PROVIDED IN THIS CONTENT IS NOT LEGAL ADVICE, AND NO ATTORNEY-CLIENT OR CONFIDENTIAL RELATIONSHIP IS OR WILL BE FORMED BY CONSUMPTION OF THIS CONTENT.

In this episode, Robert Marks, Fractional General Counsel at Mercury Legal Group PLLC, dives into the story about a North Carolina musician's use of AI-Generated songs to defraud Spotify of millions of dollars. He discusses the rising use of AI and it's copyright implications.

To learn more about the services offered by Mercury Legal Group PLLC, please visit https://mercurylegalgroup.com/

THE INFORMATION PROVIDED IN THIS CONTENT IS NOT LEGAL ADVICE, AND NO ATTORNEY-CLIENT OR CONFIDENTIAL RELATIONSHIP IS OR WILL BE FORMED BY CONSUMPTION OF THIS CONTENT.

To learn more about the services offered by Mercury Legal Group PLLC, please visit https://mercurylegalgroup.com/

THE INFORMATION PROVIDED IN THIS CONTENT IS NOT LEGAL ADVICE, AND NO ATTORNEY-CLIENT OR CONFIDENTIAL RELATIONSHIP IS OR WILL BE FORMED BY CONSUMPTION OF THIS CONTENT.