Advising Businesses on AI Agent Risk: Enforceable Policies Under Current Law

Kristie Prinz, Founder | The Prinz Law Office

Kristie Prinz is an AI, software, technology, digital health, and intellectual property business lawyer in Silicon Valley who has advised early-stage start-ups and mid-market companies for 28 years. She founded The Prinz Law Office, a boutique Silicon Valley firm with offices in San Jose and Palo Alto. Her clients are primarily in the SaaS, AI, technology, and digital health industries, and she advises them on business transactions involving customers, resellers, suppliers and distributors, business partners, and buyers and sellers, while also maintaining an intellectual property and a privacy practice.

• Education & Credentials

Kristie graduated from Furman University and Vanderbilt Law School and is licensed to practice law in California and Georgia.

• Recognition & Leadership

Kristie was selected as a Super Lawyer in Northern California in 2024 and 2025, a distinction determined by her peers in the profession.

• Professional Involvement

A frequent speaker and media contributor on software, AI, technology, digital health, and IP law, Kristie authored “Managing the Legal Risks of Artificial Intelligence on Intellectual Property and Confidential Information” (Consulting Psychology Journal, 2025) and writes the Silicon Valley Software Law Blog and the Silicon Valley Digital Health Blog. She founded the Silicon Valley Software Advisors Group and the AI Advisors Group, leads the Silicon Valley Virtual I home group within ProVisors (more than 11,000 professionals), and is a member of the Business Section of the American Bar Association, the Business and Privacy Sections of the California Bar Association, and the Privacy and Technology Section of the Georgia Bar Association.

• Experience

Kristie works with companies across California, in developing U.S. technology hubs, and in overseas markets including Canada, Mexico, Central America, Europe, the United Kingdom, Australia, and New Zealand, and serves as local IP counsel for a boutique IP firm in Paris, France. Before founding The Prinz Law Office, she practiced in the Palo Alto office of Pennie & Edmonds, LLP and began her career at Schnader Harrison Segal & Lewis, LLP in Atlanta.

Chiara Portner, CIPP/US | Lathrop GPM

Chiara Portner is a Partner at Lathrop GPM, where she serves as outside corporate counsel and an outsourced member of her clients’ legal teams. She helps companies monetize and commercialize their technology, services, and products and advises on privacy and AI compliance. Her practice spans artificial intelligence, intellectual property, and privacy and data security, with a focus on technology transactions, licensing arrangements, and other complex commercial contracts. Chiara represents start-ups, emerging companies, and entrepreneurs as well as mid-market and public companies — including B2B, B2C, and B2B2C businesses ranging from software, AI, mobile app, IoT, and SaaS startups to e-tailers, retail clothing brands, and large public companies.

• Education & Credentials

Chiara earned her J.D. from Santa Clara University School of Law and her B.A. in Political Science from the University of California, San Diego. She is a Certified Information Privacy Professional (CIPP/US) and has been admitted to the California bar since 2002.

• Recognition & Leadership

Chiara is the Partner-in-Charge of Lathrop GPM’s Redwood Shores office and Co-Chair of the firm’s Cyber Security and Tech Transactions group.

• Professional Involvement

Chiara is a member of the International Association of Privacy Professionals (IAPP) and serves on the Licensing and AI Committees of the Intellectual Property Owners Association (IPO). A frequent author and presenter on privacy and AI, her recent work includes “Compliance with the New CCPA Regulations” (Data Protection Leader, 2026) and “Due Process for the Algorithmically Screened — Illinois Adds New Rules to the AI Hiring Playbook” (DataGuidance, 2026), along with presentations on California privacy law and emerging enforcement developments. She also serves as Philanthropy Liaison for the National Charity League.

• Experience

Chiara has drafted AI product addenda for a cloud-based developer platform’s generative AI offerings, negotiated agreements licensing AI technologies to a global enterprise software provider, and advised companies on designing and implementing internal AI governance programs and usage policies. She counsels clients on compliant AI product use, data governance, and the protection of trade secrets associated with AI systems, and assists businesses with compliance under new state AI laws. Her broader transactional work includes enterprise SaaS, PaaS, IaaS, OEM, distributor, and reseller agreements, and she has prepared privacy and data security policies addressing the CCPA, GDPR, and other state, federal, and international requirements.

Bushra Samimi, CIPP/US | Lathrop GPM

Bushra Samimi is an Associate at Lathrop GPM who assists clients with commercial and technology-based transactions — including SaaS Master Service Agreements, Referral Partner Agreements, Terms of Service, and other related agreements — as well as privacy and data protection compliance matters.

• Education & Credentials

Bushra earned her J.D. from the University of California College of the Law, San Francisco, and her B.A. in Political Economy from the University of California, Berkeley. She holds the CIPP/US certification for U.S. private-sector privacy from the International Association of Privacy Professionals (IAPP), the global standard in privacy certification, and has been admitted to the California bar since 2021.

• Recognition & Leadership

Bushra has contributed to Lathrop GPM’s 2026 Legal Guide to Privacy and Data Security, helping shape the firm’s published guidance on an expanding privacy and cybersecurity regulatory environment. Her CIPP/US certification — the global standard in privacy certification — reflects a recognized command of U.S. private-sector privacy law.

• Professional Involvement

A member of the International Association of Privacy Professionals, Bushra writes on emerging privacy and data security issues. Her recent client-facing analyses include “CCPA 2026: Navigating the Expanded Consumer Privacy Compliance Requirements for Businesses” and “What Closely Held Businesses Need to Know About Data Privacy and Cybersecurity.”

• Experience

Bushra is experienced in advising life sciences and technology companies on venture financing, mergers and acquisitions, and capital market transactions. Before joining Lathrop GPM, she served as a privacy consultant at a life sciences company and practiced as an associate at Goodwin Procter.

SESSION 1 – Drafting an Enforceable Corporate AI Use Policy | 1:00pm – 1:30pm

Draft enforceable AI use policy: approved-tool lists keyed to data classification, human-in-the-loop thresholds, IP-ownership rules after Thaler v. Perlmutter, vendor vetting standards, and incident response built to support a reasonable-care defense.

SESSION 2 – AI Liability: Emerging State Laws, FTC & Title VII Traps | 1:30pm – 2:00pm

This session maps the legal exposure businesses face without a sound AI use policy, covering FTC Section 5 enforcement, state AI compliance obligations, and Title VII risk from AI-driven hiring. Attorneys gain a practical framework for counseling clients on the full spectrum of AI risk.

BREAK | 2:00pm – 2:10pm

SESSION 3 – Legal Risk from AI Agents and the Current Regulatory Landscape | 2:10pm – 2:40pm

Learn how autonomous agents and MCP turn internal data into third-party disclosures, when an agent binds your client under UETA, E-SIGN, and the UCC, and where privacy and preemption rules already apply.