What the Federal AI Action Plan Means for U.S. Businesses Written By: Matthew Gross **Attorney Advertising: Prior results do not...
- Providing consulting on AI and related third-party data collection and use, algorithm development, licensing, data privacy and security impact, data flows, data sets, de-identified data, algorithm applications, monetization considerations, and related contracting.
- Developing enterprise AI program policies addressing product creation, audits, and proposed law.
- Advising on strategic company planning and contracting related to AI, advanced analytic development, and related cloud storage, data privacy, and third-party responsibilities.
- Completing Data Protection Impact Assessments (“DPIAs”) in accordance with U.S. and EU regulations to help identify and mitigate risks associated with the use of automated decision-making and other high risk data processing.
- Drafting comprehensive policies and playbooks for development teams.
- Advising boards and management regarding up-and-coming AI laws and compliance measures.
- Advising on requirements and strategies to comply with U.S. state privacy laws requiring the right to opt out of automated decision making affecting data processing activities.
- Drafting, supporting, and leading discussions for industry reporting on AI use and proposed frameworks.
We help identify potential pitfalls and liabilities with AI use, such as compliance, discrimination, bias, ethical evaluations, and assessing and implementing risk mitigation strategies.
We assist with board and management education and reporting on AI impact and strategy. We help establish clear roles and responsibilities for accountability and transparency in AI projects.
We help draft and negotiate agreements, addressing limitations on use, specialized contractual terms, specific use of data in training, and rights in AI output. This includes responding to third party inquiries and security questionnaires regarding AI uses and practices. Companies using third-party generative AI tools may also face legal, practical, and reputational risks due to the provider’s noncompliance, which we assist through contracting and operations risk mitigation efforts.
As leaders in insurance markets, we provide clients with no-cost evaluations of their insurance policies to address AI uses and coverage with insurance carriers.
We respond to data security incidents involving AI, such as the use of AI by threat actors, including instances in which threat actors impact on AI systems results in data loss, disclosure, or modification of AI for unintended consequences.
Security cannot be ignored in developing AI models. We help organizations establish internal controls and white papers for AI use while considering unique ways to keep personal information protected from unauthorized use.
We create detailed plans for organizations that identify applicable AI laws and regulations and steps to achieve compliance.
It is difficult for organizations in this rapidly-emerging technological landscape to understand and assess the risk of AI use in mergers and acquisitions. Our tech lawyers and AI technologists can assist with due diligence measures.
We assist clients in assessing the legal implications of obtaining data and content from public sources (e.g., web scraping to third party data acquisitions) to train machine learning (ML) models and various AI applications. Training data may include personal information that was collected in violation of privacy laws, which may negatively impact the AI model and derivative uses.
We have drafted many AI policies and worked with AI development teams to create sound playbooks for internal operational practices.
We advise clients on global privacy requirements related to the use of personal information for automated decision making, which may have legal, financial, or social consequences for individual consumers or employees. Data subjects may also make requests (data subject access requests (DSARs)) regarding the use and removal of their information. Numerous privacy laws provide these individuals the right to access, delete, and correct their personal information, which may be difficult where the personal data has been absorbed into AI models and systems.
The Beckage Firm assists in responding to inquiries from regulators on AI practices.
We work with clients to determine how they can use AI and related processes within their organizations, including the potential impact on existing contractual requirements, business operations, data collection and use, and use of AI by third parties. Our clients seek guidance on AI projects while balancing data privacy, data protection and security, litigation, and information governance considerations.
With any new technology, employees and management must be trained on AI use, ethics, and risk mitigation efforts. We support clients with foundational knowledge regarding AI processes, including data assembly, AI and algorithm operation, audit practices, potential for disparate impacts, and related contractual and regulatory obligations.