Posted
By and

As a stakeholder considering the implementation of an MCP connector, it may be difficult to glean from product documentation or marketing materials alone how the tool is functioning, and what must be done to manage its implementation.

MCP connectors provide a standardized way to connect AI models to external systems, allowing for easier proliferation of agentic AI. However, these connections also introduce new risks, including data access and privacy liability; unauthorized or erroneous actions; security vulnerabilities; accountability and governance; and third-party mismanagement.

Continue reading

Posted
By and

Before reading the first three installments of Pillsbury’s MCP connector series, you may have thought MCP-connected agentic architecture was too complicated to understand. But now that you have wrapped your mind around what MCP connectors are, what legal and operational risks they pose, and how to practically mitigate those risks, you may feel ready to deploy them in your organization. But not so fast…

Continue reading

Posted
By , , and

Under Directive (EU) 2023/2673, online traders must provide a dedicated, user‑friendly withdrawal function—often described as a “cancel contract” or “withdrawal” button—allowing consumers to exercise their 14‑day right of withdrawal as easily as they entered into the contract. (Please see our earlier article on the issue.)

Continue reading

Posted
By , and

In the most recent installment of our series on Model Context Protocol (MCP) connectors, we closed with this observation: Organizations that will manage MCP connector technology effectively are those that treat deployment as an enterprise risk concern. We promised a practical starting framework for how to think about mitigating those enterprise risks.

In this installment, we provide that framework through a hypothetical (and associated risk incidents) that illustrate how the risks may manifest in practice, annotated with suggested mitigants that may have prevented—or meaningfully limited—each issue.

Continue reading

Posted
By and

Providers have recently moved towards enabling AI agents to maintain persistent context and memory across interactions rather than treating each request as an isolated event. The environment makes it easier for enterprise AI systems to be designed to remember data and materials input and output from the tool.

Continue reading

Posted
By , and

Any time a new technology emerges that includes the ability for an AI model to autonomously “reach out and interact with the world,” legal and operations teams take notice. And rightly so, the legal and operational implications of any AI autonomy deserve careful consideration. MCP connectors are powerful precisely because they reduce friction between AI models and databases, and between each prompt and the resulting action, resulting in a proliferation of agentic AI. But reduced friction cuts both ways. The same architecture that makes MCP efficient also makes it a meaningful source of risk that requires appropriate governance.

Below, we examine the key legal and operational risks that an organization should consider before and during any MCP connector deployment in its AI portfolio. It is worth noting that risks inherent in generative AI use more broadly persist when an MCP connector conduits to an LLM, but the below analysis focuses on the risk specific to the new MCP connection infrastructure.

Continue reading

Posted
By , and

We all remember the first time we beheld the majestic power of generative AI. It plans vacations! It drafts my emails! It writes my essays! … then you accidentally include “Would you like me to soften the breakup message I drafted for you to be less confrontational?” in the text you send to your now ex- and highly offended partner, and you realize quickly the glaring limitation that a large language model (LLM) has on making you more productive. The model could give you the words, but it couldn’t act on them to fix your problems. And so, agents came along, which we thought would fix the inefficiency of copying and pasting a text response. But technically, these tools were hard to scale because every connection was custom-built, one at a time. Want Claude to talk to Slack? Build a custom bridge. Want ChatGPT to talk to Google Drive? Build another custom bridge. In reality, these tools weren’t scaling in the way we thought would drive efficiency. Your dreams of building an autonomous breakup robot were just not coming to fruition.

That is until Anthropic came up with a solution. Enter the Model Context Protocol (MCP), a standardized language that allows integration of LLMs into existing data source and application structures.

Continue reading

Posted
By , and

The European Commission has published its regulatory proposal for the EU Digital Omnibus, a package of amendments seeking to streamline EU rules on data protection, artificial intelligence and digital regulation in an effort to improve EU competitiveness. For more information on the background to the Digital Omnibus, see our earlier briefing here. The Digital Omnibus is split into two regulations, one targeting the AI Act and another targeting other EU digital regulations.

Continue reading

Posted
By

“Let a thousand flowers bloom” used to be Johnson & Johnson’s strategy to generative AI innovation. In short order, nearly 900 projects sprouted across the company.

But subsequent internal review revealed that only 10–15% of those projects produced 80% of the value. In response, J&J pivoted. It narrowed its focus to high-impact use cases, and scrapped the rest. These remaining efforts were tightly aligned with business strategy, execution quality and adoption.

Continue reading

Posted
By and

Quantum-as-a-Service (QaaS) has moved from lab curiosity to real-world adoption. The inflection point isn’t that enterprises will own quantum computers anytime soon; it’s that usable quantum capacity is becoming accessible through cloud platforms, and leading firms are reporting production-adjacent use cases in real workflows.

Continue reading