Diane Janosek: When AI Outruns the Law

Show Notes

Dr. Diane Janosek is a nationally recognized cybersecurity leader and CEO of Janos LLC who advises organizations at the intersection of technology, law, compliance, and policy. With a rare résumé that spans a PhD in cyber leadership, a JD, practice before the U.S. Supreme Court, and senior leadership roles at the National Security Agency, Janosek brings a perspective that neither a pure technologist nor a pure attorney could offer. She describes today as an exciting moment in history precisely because artificial intelligence keeps producing what lawyers call "cases of first impression" -- novel questions the courts have never decided before -- and her dual background lets her see both the legal framework and the technical challenge at once.

Much of the conversation centers on a deceptively simple question: Who owns what? Janosek illustrates how AI scrambles traditional notions of ownership and liability. When an AI tool rewrites your content, clones a narrator’s voice, or blends your proprietary idea into its own output, the lines of ownership blur, and liability and profitability follow close behind. Her practical warning to enterprises is blunt: Be careful what you feed into public models, because anything put "out into the ether" may no longer be protected or controllable. That risk is amplified by shadow AI, and she notes that while larger businesses are getting smarter about controlling what employees push into outside tools, policing those edicts across multiple personal devices remains a genuine challenge.

From ownership, the discussion turns to human oversight and the limits of regulation. Janosek explains her "risk-proportional approach" to keeping a human in the loop -- the greater the sensitivity of the data or the potential for harm, the more deliberately organizations should require human approval before autonomous AI acts. She frames the recurring theme of innovation’s pendulum, from Meta smart glasses that can covertly record strangers to Ring doorbell surveillance, where capabilities race ahead until something egregious forces a pull back toward the middle. She predicts AI regulation will likely follow the trajectory of cybersecurity law: voluntary guidance first, then state-by-state action led by places like New York and California, and eventually federal mandates -- though the hard questions of who enforces the rules and whether fines are proportionate to actual harm remain unresolved.

The episode closes on the international dimension and practical advice for leaders. Janosek argues that AI and data governance demand cross-border harmonization, citing her West Point Cyber Defense Review piece on cyber threat intelligence sharing and the persistent uncertainty over whether the EU AI Act will drive global standardization. Her counsel to CEOs who assume they are more prepared than they are foundational and concrete: Know where your data physically resides, understand your cloud agreements and supply chain, catalog your data, and apply protection proportionate to the sensitivity of your "crown jewels." It’s a fitting through-line for a Kitecast conversation that repeatedly returns to a human question beneath the legal and technical ones -- What do we want to keep for ourselves as humans, and how do we embrace innovation responsibly without slowing the people pushing it forward?

LinkedIn Profile: https://www.linkedin.com/in/diane-janosek-abc/ 

JANOS LLC: https://janosllc.com/ 

Check out video versions of Kitecast episodes at https://www.kiteworks.com/kitecast or on YouTube at https://www.youtube.com/c/KiteworksCGCP.