Ashley Pusey
Ashley Pusey is your favorite API—Ashley Pusey Interface—a New York-based attorney navigating the fault lines between AI, cybersecurity, and global data regulation. She advises companies across industries on cyber incident response, privacy compliance, and the legal guardrails around emerging technologies. Whether handling complex breaches across EMEA, LATAM, and APAC or engaging with regulators like the Office for Civil Rights on HIPAA and GLBA issues, Ashley brings clarity and strategy to moments of uncertainty.
But Ashley’s practice isn’t just about managing risk—it’s about building trust. She helps organizations operationalize responsible tech, guiding product launches, adapting to evolving AI regulations, and crafting data governance frameworks.
Her passion for law and innovation didn’t start in a courtroom—it started on the runway. Fascinated by smart textiles and wearable tech disrupting the fashion industry, Ashley found herself drawn to the legal, ethical, and cultural questions embedded in emerging technologies.
Ashley is credentialed with CIPP/US, CIPP/E, CIPM, and the IAPP’s Fellow of Information Privacy (FIP) designation. She holds certifications in Cybersecurity (MIT), Artificial Intelligence (Center for AI and Digital Policy), and Fashion Law (Fashion Law Institute)—a blend that reflects both her creative and regulatory DNA.
At the interface of law, code, and culture, Ashley champions a future where innovation is as ethical as it is exciting—and where every system, suit, or software release is built with integrity.
Sessions
Open-source cryptographic libraries like OpenSSL are foundational to the internet’s security—but when misused or misconfigured, they don’t just open the door to cyber threats. They open the door to legal ones. This session explores the collision between technical missteps in cryptography and high-stakes legal exposure, examining how supply chain vulnerabilities, licensing misunderstandings, and implementation failures can escalate into breach reporting obligations, regulatory investigations, and contractual liability. We’ll also unpack how legal teams can support engineering in building stronger risk models and contract guardrails when deploying open-source cryptography.
As governments and regulators push for stronger digital security and AI accountability, the question is no longer if software developers will face legal risk—but when.
This session explores the emerging legal frameworks and liability theories placing developers—especially those working with cryptography, AI, and open-source tools—closer to the legal line. Whether maintaining encryption libraries, integrating LLMs, or building secure-by-design infrastructure, developers may soon find themselves navigating new legal duties, including under the EU AI Act, U.S. product liability laws, and global cybersecurity frameworks.
With real-world examples and forward-looking analysis, this talk unpacks the evolving risk landscape—and what organizations can do now to support and shield their developers.