What you REALLY need to know about AI

April 29, 2024

There's no denying Artificial Intelligence (AI) is the rage. It's new, it's controversial, and it’s BOOMING. Everyone and every company is trying to hop on the AI bandwagon because AI offers new tools to make work more efficient, strategy more effective, and downtime more fun.

When it comes to your business consider it a best practice to have a modicum of restraint with AI. As a technology AI is so new that the law has not caught up with it yet and probably won't for several years. As with any new technology being so broadly applied to all kinds of data, AI has security and ownership questions which can inadvertently become liabilities to your business. AI is generative in nature, which means it is prone to plagiarism and malfeasance—meaning AI can create semi-original content based upon the data it has access to, but ultimately it is a variation of someone else’s work.

But first...

What Is AI, Anyway?

People talk about AI as though it is a single entity, and it isn't. Just like different operating systems run on different computers, each AI system is distinct. Some AI engines are specialized to be:

  • Better at handling graphics or images and creating composites of the data set
  • Better at predicting the outcomes of laboratory experiments based on prior results
  • Better at crunching huge data sets to forecast outcomes like stock market predictions or climate change.
  • Targeted to consumer demographics to improve client interactions
  • Workforce enhancers to improve efficiencies

Before making the AI investment, be sure you know which AI you are using and be familiar with its intended function.

AI for business tends to be driven by number-crunching and/or predictive text varieties called generative AI, because the AI generates new data based on existing data. Basically, generative AI uses an artificial neural network (e.g., a software platform that mimics a neural network) containing a number of hidden layers through which data is processed. The more data the AI is fed, the more it learns. The more the AI learns, the more it is able to recognize complex patterns, make connections, and weigh input.

Before an AI can be turned into an application for use in your business, it has to begin learning by processing existing data sets that are, or should be, similar to yours. This means the AI evaluates businesses like yours in the same field, industry, and even geography. The better the data used to train the AI, the better the predictive analytics it will produce, which will result in cleaner and safer to use results.

The Law Is a Decade Behind the Tech

To say that AI developers have little statutory guidance is an oversimplification. Current laws were written for circumstances that existed more than a century ago, never anticipating the rise of AI. To date the United States has no comprehensive data privacy legislation. What exists is a patchwork of state laws and federal regulations, but no U.S. laws exist that address today's technology head-on. Instead of having laws specifically regulating AI, we find portions of AI falling under different legal, but far from comprehensive, legal jurisdictions.

As a result, AI falls under existing legal guidelines which are scrambling to adjust to the advent of a new technological age. Areas such as:

  • Intellectual property laws, including trademark, copyright, patent, and trade secrets
  • Laws regulating the commercial use of a person's name, image, and likeness
  • Laws regarding the infringement of personal rights, such as HIPAA
  • Laws regulating commerce generally, like the Florida Deceptive & Unfair Trade Practices Act (FDUPTA) and rules regarding the discovery of electronically stored information in litigation.

It is important to note AI is not a lawyer and neither are the people coding the AI. In the process of compiling data sets for a legal AI, the results you get are only as detailed as the information provided to the AI. A lawyer may consult dozens of resources and draw upon years of experience to help you develop a strategy with the nuances a computer cannot understand. With an AI, the programming may only include a few sources covering the past 10 years of legal precedent, which means your results could be flawed. AIs are not reliable to write contracts, keep you compliant with the law, or maintain secrets or privacy. AI is a tool, but not a replacement for professional services.

Before you adopt AI technology for your business, educate yourself about how AI manages your data. Very often an AI shares information within its network with other AIs, which means your data is no longer private or secure. Always test your AI before first running it and ask questions. If you have doubts about your data’s security using AI, as a rule of thumb, don’t do it. Consulting with your business attorney before implementing an AI solution is always a wise option.

Security Issues Abound

Once an AI system incorporates your data, the data is "learned" and cannot be unlearned. This means if an AI is given a data set containing information that is subject to data privacy legislation, such as personally identifiable information subject to HIPAA, it can't be deleted from the AI. This means AI is not HIPAA compliant.

Certain laws require a business owner to safeguard third-party data. These laws include everything ranging from the European Union's GDPR privacy legislation to a contract with your merchant services provider which requires compliance with PCI standards.

In general, your company has a duty to protect customer names, email addresses, home addresses, social security numbers, payment information, health information, and other similar personal data from unauthorized access by third parties. This includes submission of that data to an AI that is not a closed environment limited to your business and only your business.

You also have a responsibility to tell your customers if their data will be processed by an AI, which should be disclosed in your online privacy policy.

Be aware that all AI is data-driven, so it is as susceptible to hacking as any other database. Your AI must be secured from intruders and any data breach of an AI must be disclosed to those affected.

Generative Technology Can Create Unexpected Results

Unlike a 20th century database platform, AI exists to modify the data it stores. Once your data is fed to the AI, it will be assimilated, aggregated, and repurposed to create new data. As a business owner and individual, it is imperative to understand how the AI results will be used by you and other AIs.

For example, if you used generative AI to write the next great American novel, you might feed the AI books by Melville, Twain, Faulkner, Hemmingway, Bradbury, and King. Your books would provide the foundation for the AI to create from, but that is all the information it would have. You could then give the AI some plot points to write a novel about a coast-to-coast road trip by two brothers. The AI will generate a novel borrowed from the authors it has "read," but the similarities to the other authors will be evident in setting, style, and word choice. The AI lacks the ethical framework to avoid copyright infringement or plagiarism. This means if you intended to publish the novel as your own, the work produced by the AI would constitute plagiarism.

Be aware, generative AI can "hallucinate" and create new data. For example, an attorney used an AI to perform legal research. In the results the AI created a fictional case which the lawyer then cited in a court brief. The result was a lawyer being sanctioned for fraud in court.

When seeking AI as a business solution, it’s best to err on the side of caution, understand the limitations of the technology, and to consult with your attorney to be sure you are not unintentionally creating new liabilities for your company. Consult with people who are in the know and ask lots of questions.

Now that’s a Meehle smart idea.™

Posted in Business Law, Legislation, Tech Law