Lawyer reviewing AI compliance frameworks, considering the practical gray areas in the EU AI Act where “mid-level risks” blur the line between minimal oversight and strict regulation. The image captures a professional in-house counsel at their desk, balancing legal analysis with business pressures, reflecting the tension of navigating ambiguity in corporate decision-making, especially when assessing mid-level AI risks for in-house lawyers.
Watch the full conversation with Kassi Burns & Olga Mack here:
Is the “middle ground” where the real risks live?
When it comes to the EU AI Act, in-house lawyers are quickly realizing that the hardest part isn’t the obvious high-risk categories or the minimal-risk exceptions. It’s everything in between the murky “mid-level” risks that sound harmless on paper but create real-world headaches in practice for those addressing mid-level AI risks within their companies.
In a conversation with Pedro Pavon, Global Policy Director at Meta, and Sarah Hutchins, Partner at Parker Poe, we explored how these mid-level risks play out inside companies. The challenge? Translating legal ambiguity into business decisions often without clear rules, but with plenty of consequences if you get it wrong, especially for in-house lawyers dealing with AI and these nuanced risks.
The Messy Middle: Why Mid-Level AI Risks Don’t Mean Low Stakes
The EU AI Act divides AI into neat categories: minimal risk, high risk, and unacceptable. But business reality doesn’t fit neatly into those boxes. Customer service chatbots, recruitment tools, algorithmic marketing systems—they’re not strictly “high risk,” but they raise enough questions around transparency, bias, and disclosure to keep lawyers up at night, making mid-level AI risks particularly challenging for in-house legal teams.
And here’s the catch: regulators may call them “mid-level,” but the internal politics of compliance make them feel anything but.
Mid-Level AI Risks in Compliance: From Over-Compliance to Last Line of Defense
Large companies often err on the side of over-compliance. Compliance teams move slowly, pressure builds, and risk tolerance shrinks. The default becomes “say no” or “do more” than the law strictly requires. Evaluating mid-level AI risks for in-house lawyers becomes a crucial task in such scenarios.
Smaller, fast-moving companies face a different challenge. With fewer layers of review, in-house lawyers often stand alone as the last line of defense. That means persuading leadership to care about fuzzy requirements like chatbot disclosure or fairness reviews—sometimes with founders pushing back, statute in hand—which underscores the importance of understanding mid-level AI risks.
Either way, in-house counsel are forced to burn political capital on issues that aren’t black and white, but that regulators and the public increasingly expect companies to get right. These situations highlight key mid-level AI risks for in-house lawyers.
Why Mid-Level Risks Demand Judgment, Not Just Rules
The real difficulty isn’t the statute it’s the ambiguity. A recruitment tool may look like an efficiency win, but regulators see a potential bias engine. A marketing algorithm may boost sales, but could regulators call it manipulation? Such dilemmas emphasize mid-level AI risks for in-house legal teams.
For in-house lawyers, the skill is not just legal interpretation it’s judgment. Knowing when to push, when to compromise, and how to frame compliance as a business enabler, not a blocker. This approach is particularly crucial in dealing with mid-level AI risks.
What’s Next for You?
If your company is already experimenting with AI, don’t wait for regulators to define every edge case. Start with an AI inventory: what tools are in use, who owns them, and what data they touch. Then, position yourself as both translator and strategist. Your business wants efficiency and growth; regulators want transparency and fairness. Your job is to align them, especially when confronting mid-level AI risks for in-house lawyers.
Mid-level risks may not grab headlines, but they’re where the real practice of in-house law will evolve. This is where your influence, persuasion, and courage will matter most, particularly for in-house lawyers assessing AI risks.
Watch the full conversation here: Notes to My (Legal) Self: Season 7, Episode 7 (ft.Kassi Burns & Olga Mack)
Join the Conversation
At Notes to My (Legal) Self®, we’re dedicated to helping in-house legal professionals develop the skills, insights, and strategies needed to thrive in today’s evolving legal landscape. From leadership development to legal operations optimization and emerging technology, we provide the tools to help you stay ahead. AI risks, including mid-level ones, are an essential component of these discussions.
What’s been your biggest breakthrough moment in your legal career? Let’s talk about it—share your story.
