Colorado AG Proposes Draft Amendments to the Colorado Privacy Act Rules

On September 13, 2024, the Colorado Attorney General’s (AG) Office published proposed draft amendments to the Colorado Privacy Act (CPA) Rules. The proposals include new requirements related to biometric collection and use (applicable to all companies and employers that collect biometrics of Colorado residents) and children’s privacy. They also introduce methods by which businesses could seek regulatory guidance from the Colorado AG.

The draft amendments seek to align the CPA with Senate Bill 41, Privacy Protections for Children’s Online Data, and House Bill 1130, Privacy of Biometric Identifiers & Data, both of which were enacted earlier this year and will largely come into effect in 2025. Comments on the proposed regulations can be submitted beginning on September 25, 2024, in advance of a November 7, 2024, rulemaking hearing.

In Depth

PRIVACY OF BIOMETRIC IDENTIFIERS & DATA

In comparison to other state laws like the Illinois Biometric Information Privacy Act (BIPA), the CPA proposed draft amendments do not include a private right of action. That said, the proposed draft amendments include several significant revisions to the processing of biometric identifiers and data, including:

  • Create New Notice Obligations: The draft amendments require any business (including those not otherwise subject to the CPA) that collects biometrics from consumers or employees to provide a “Biometric Identifier Notice” before collecting or processing biometric information. The notice must include which biometric identifier is being collected, the reason for collecting the biometric identifier, the length of time the controller will retain the biometric identifier, and whether the biometric identifier will be disclosed, redisclosed, or otherwise disseminated to a processor alongside the purpose of such disclosure. This notice must be reasonably accessible, either in a standalone disclosure or, if embedded within the controller’s privacy notice, a clear link to the specific section within the privacy notice that contains the Biometric Identifier Notice. This requirement applies to all businesses that collect biometrics, including employers, even if a business does not otherwise trigger the applicability thresholds of the CPA.
  • Revisit When Consent Is Required: The draft amendments require controllers to obtain explicit consent from the data subject before selling, leasing, trading, disclosing, redisclosing, or otherwise disseminating biometric information. The amendments also allow employers to collect and process biometric identifiers as a condition for employment in limited circumstances (much more limited than Illinois’s BIPA, for example).

PRIVACY PROTECTIONS FOR CHILDREN’S ONLINE DATA

The draft amendments also include several updates to existing CPA requirements related to minors:

  • Delineate Between Consumers Based on Age: The draft amendments define a “child” as an individual under 13 years of age and a “minor” as an individual under 18 years of age, creating additional protections for teenagers.
  • Update Data Protection Assessment Requirements: The draft amendments expand the scope of data protection assessments to include processing activities that pose a heightened risk of harm to minors. Under the draft amendments, entities performing assessments must disclose whether personal data from minors is processed as well as identify any potential sources and types of heightened risk to minors that would be a reasonably foreseeable result of offering online services, products, or features to minors.
  • Revisit When Consent Is Required: The draft amendments require controllers to obtain explicit consent before processing the personal data of a minor and before using any system design feature to significantly increase, sustain, or extend a minor’s use of an online service, product, or feature.

OPINION LETTERS AND INTERPRETIVE GUIDANCE

In a welcome effort to create a process by which businesses and the public can understand more about the scope and applicability of the CPA, the draft amendments:

  • Create a Formal Feedback Process: The draft amendments would permit individuals or entities to request an opinion letter from the Colorado AG regarding aspects of the CPA and its application. Entities that have received and relied on applicable guidance offered via an opinion letter may use that guidance as a good faith defense against later claims of having violated the CPA.
  • Clarify the Role of Non-Binding Advice: Separate and in addition to the formal opinion letter process, the draft amendments provide a process by which any person affected directly or indirectly by the CPA may request interpretive guidance from the AG. Unlike the guidance in an opinion letter, interpretive guidance would not be binding on the Colorado AG and would not serve as a basis for a good faith defense. Nonetheless, a process for obtaining interpretive guidance is a novel, and welcome, addition to the state law fabric.

WHAT’S NEXT?

While subject to change pursuant to public consultation, assuming the proposed CPA amendments are finalized, they would become effective on July 1, 2025. Businesses interested in shaping and commenting on the draft amendments should consider promptly submitting comments to the Colorado AG.

© 2024 McDermott Will & Emery
For more news on Colorado Privacy Law, visit the NLR Communications Media Internet and Consumer Protection sections.

SEC Revises Tick Size, Access Fees and Round-Lot Definition and Takes Steps to Disseminate Odd-Lot and Other Better Priced Orders

On September 18, the Securities and Exchange Commission (SEC or the Commission) adopted amendments to Rule 612 (Tick Sizes) and Rule 610 (Access Fees) under Regulation NMS under the Securities Exchange Act of 1934, as amended (Regulation NMS).1 The SEC also added and amended definitions and other rules under Regulation NMS to address round-lot and odd-lot sizing and dissemination. We address each category of revisions below and highlight at the outset that the SEC did not adopt the controversial provision that would have prevented market centers from executing orders at prices less than the current or revised tick sizes. That is, the minimum tick size continues to address only the minimum price increment at which a market center can publish a quotation for a security. This is significant, as adopting such a prohibition would have prevented broker-dealers and other market centers from providing price improvement at prices finer than the quotation tick sizes.

The SEC also took a measured approach to other aspects of the rule. As explained more fully below, the Commission adopted only one additional minimum quotation size (rather than the three proposed), narrowed the scope of securities that might be subject to the smaller minimum quotation size, reduced the frequency with which primary listing exchanges must calculate tick sizes and round-lot sizes, and expanded the amount of data to be evaluated for these calculations from one month’s worth to three months’ worth.

Tick Sizes/Minimum Pricing Increments

Rule 612 of Regulation NMS regulates the price increments (that is, the “tick size”) at which a market center can display a quotation and at which a broker-dealer can accept, rank, or display orders or indications of interest in NMS stocks. Currently, for NMS stocks priced at or above $1.00 per share, broker-dealers and market centers can accept orders or quote in one-penny ($0.01) price increments and at a much smaller increment ($0.0001) for NMS stocks priced less than $1.00 per share.

The SEC and other market participants had observed that many stocks were “tick constrained” — that is, bids, offers, and other orders in those stocks might regularly allow for quotation spreads narrower than $0.01, but the penny spread requirement of Rule 612 constrained such narrower quoting. Determining the “right” quote size for a security can be complicated: on the one hand, a narrower spread reduces transaction costs for investors. On the other hand, too narrow a quotation spread allows other market participants to “step ahead” of a quotation — that is, obtain better priority — by entering an order that is priced only slightly better. Obtaining priority by quoting for an economically insignificantly better price disincentivizes those offering liquidity or price improvement to the market. Stated simply, a market participant has little incentive to expose its order to the market if another participant can easily get better priority over that order at an insignificant cost. Accordingly, the Commission sought to balance the two competing concerns of spread size and fear of stepping ahead.

Tick sizes are also relevant in the competition between exchange and non-exchange trading venues. Due to their market structure, exchanges generally execute orders at the prices they quote, but cannot execute at prices within the quoted spread. Narrower spreads provide better opportunities for exchanges to execute at the higher bids or lower offers represented by those narrower spreads. In short, narrower spreads allow exchange venues to be more competitive with off-exchange venues.

In December 2022, the SEC proposed to add three minimum tick sizes for NMS stocks priced $1.00 or more: one-tenth of a cent ($0.001), two-tenths of a cent ($0.002), and five-tenths (or one-half) of a cent ($0.005). Public comment suggested that this proposal was too complicated and the smaller price increment of $0.001 might also have been too small, thereby facilitating stepping ahead.

The adopted rule provides for only one new tick size for certain NMS stocks priced at or above $1.00 per share: $0.005. This half-penny minimum quotation size will apply for those NMS stocks priced at or above $1 that have a “time-weighted average quoted spread” (a metric defined in the rule) of $0.015 during a three-month Evaluation Period (as described in the table below) occurring twice a year.[1] “Time-weighted average quoted spread” seeks to estimate tick constraint and identify those securities that are quoted on average at close to a one-cent spread. Specifically, under the revised rule, primary listing exchanges must calculate the time-weighted average spread over the months of January, February, and March and July, August, and September. The results of the first (Q1) calculation determines which securities are subject to the half-penny tick size for the business days between May 1 and October 31 of that year. The results of the second (Q3) calculation determines which securities are subject to the half-penny tick size for the business days between November 1 of that year and April 30 of the following year.

The following chart shows the applicable tick sizes and calculations:

The SEC’s policy rationale for adopting these amendments is that they relax existing restrictions on tick sizes, which should reduce transaction costs and provide for better price discovery for certain NMS stocks. Additionally, smaller tick sizes for NMS stocks that merit them should improve liquidity, competition, and price efficiency.

Access Fees

Securities exchanges generally charge access fees to those who take liquidity and rebate a portion of that access fee to those who provide liquidity. As the SEC explains, “the predominant exchange fee structure is maker-taker, in which an exchange charges a fee to liquidity takers and pays a rebate to liquidity providers, and the rebate is typically funded through the access fee.”3 Rule 610(c) of Regulation NMS limits the fee that an exchange can charge for accessing protected quotations4 pursuant to Rule 611 of Regulation NMS. Currently, the access fee is capped at 30 cents per 100 shares (or “30 mils” per share) for NMS securities priced at or above $1. The access fee is capped at 0.3% of the quotation price for NMS stocks priced below $1.

With a smaller minimum quotation size, the SEC took the opportunity to revise the access fee cap, which some market participants believed had been set too high. Like the tick size changes, the access fee amendment ultimately adopted was modified from what was originally proposed. Originally, the SEC proposed to reduce access fee caps (a) from 30 mils to 10 mils per share for NMS stocks priced at or over $1 that would have been assigned a tick size larger than $0.001 and (b) to 5 mils per share for NMS stocks priced at or over $1 that would have been assigned a $0.001 tick size. For protected quotations in NMS stocks priced under $1.00 per share, the Commission originally proposed to reduce the 0.3% fee cap to 0.05% of the quotation price.

Ultimately, the Commission adopted a more simplified reduction in access fee caps. Because it added only one tick size to Rule 612, the SEC adopted only one reduction in access fee caps, from 30 mils to 10 mils per share for protected quotations in NMS stocks priced $1.00 or more. For such quotations priced less than $1.00, the Commission reduced the access fee cap from 0.3% to 0.1% of the quotation price per share. In addition, the SEC adopted (as proposed) new Rule 612(d), requiring all exchange fees charged and all rebates paid for order execution to be determinable at the time of execution. Currently, such exchange fees are subject to complex fee schedules that apply tiered and other discounts at month-end. As a result, market participants would not necessarily know intra-month whether their broker might access a higher tier later in the month, which would adjust the fee charged for the subject order. The new rule ends this uncertainty.

Setting the revised access fee cap at 10 mils per share was somewhat controversial, with Commissioners Peirce and Uyeda questioning the manner in which 10 mils was determined, whether another rate should have been used (15 mils? 5 mils? 12 mils?) and whether the Commission should be in the rate-setting business at all. The Commissioners ultimately voted in favor of the proposal based upon a pledge (discussed below) that the SEC staff will, by May 2029, “conduct a review and study the effects of the amendments in the national market system.”5

Required Staff Review and Study

The Adopting Release requires that the Commission staff conduct a “review and study” by May 2029 of the effects of the amendments on the national market system. The details of such study are not clearly defined, but the Adopting Release provides that:

[s]uch a review and study might include, but would not be limited to, an investigation of: (i) general market quality and trading activity in reaction to the implementation of the variable tick size, (ii) the reaction of quoted spreads to the implementation of the amended access fee cap, and (iii) changes to where market participants direct order flow, e.g., to exchange versus off-exchange venues, following the implementation of the amendments.6

Compliance Dates and Timelines

The amendments described above become effective 60 days after the publication of the SEC’s Adopting Release in the Federal Register. The date by which exchanges, broker-dealers, and other market participants must comply with the rule amendments is generally in November 2025 but, in some instances, in May 2026, as described more fully below. Specifically, the Compliance Date:

  • for the tick size amendments (half-penny quoting for “tick-constrained” stocks) of Rule 612 is “the first business day of November 2025,” or November 3, 2025.
  • for the 10 mils per share access fee cap amendment of Rule 610 and the new requirement under Rule 612(d) that exchange fees be known at time of execution in each case, is also November 3, 2025.
  • for the new round-lot definition (100 shares, 40 shares, 10 shares, or 1 share) is November 3, 2025.
  • for the dissemination of “odd-lot information,” including the new BOLO data element, is six months later, to allow broker-dealers and others to program systems accordingly. These changes will take effect on “the first business day of May 2026,” or May 1, 2026.

Closing Thoughts

The tick size and access fee amendments, and the other provisions adopted, appear to reflect negotiated concessions and a reasonable approach to addressing tick-constrained securities while avoiding the complex framework originally proposed. The decision not to prevent executions at prices within the minimum quotation size is appropriate and preserves the ability of market participants to provide price improvement to investors. While there can be some lingering debate about the appropriate level to which to reduce the access fee cap and whether 10 mils is an appropriate level, the net cumulative effect of these amendments appears reasonable. The planned “review and study” of the effect of the amendments may come too late if conducted towards the outer limit of “by May 2029,” but the overall effect of the amendments should serve to narrow spreads and increase quotation transparency through sub-penny quoting, reduced round-lot sizes, and the inclusion of odd-lot information.

1 Release No. 34-101070, Regulation NMS: Minimum Pricing Increments, Access Fees, and Transparency of Better Priced Orders, U.S. Sec. Exch. Comm’n (Sept. 18, 2024), https://www.sec.gov/files/rules/final/2024/34-101070.pdf (the “Adopting Release”).
2 The SEC modified of these requirements in the final rule. For example, the SEC had originally proposed smaller tick sizes for stocks with a time-weighted average quoted spread of $0.04 (rather than $0.015). The proposal also sought to evaluate tick-sizes 4 times per year rather than twice a year and based on monthly data rather than quarterly data.
3 Adopting Release at 15.
4 A protected quotation is defined in Rule 600(b)(82) of Regulation NMS as “a protected bid or protected offer.” 17 C.F.R. § 242.600(b)(82). A protected bid or protected offer is defined as “a quotation in an NMS stock that: (i) is displayed by an automated trading center; (ii) is disseminated pursuant to an effective national market system plan; and (iii) is an automated quotation that is the best bid or best offer of a national securities exchange, or the best bid or best offer of a national securities association.” 17 C.F.R. § 242.600(b)(81)
5 Adopting Release at 288.
Id. (emphasis added).
©2024 Katten Muchin Rosenman LLP
For more news on Rule 612 and Rule 610 of Securities Exchange Act of 1934, visit the NLR Securities SEC section.

Temporary Injunctive Relief for Nondebtors in Bankruptcy Court Post-Purdue Pharma

In June, in Harrington v. Purdue Pharma L.P.144 S. Ct. 2071 (2024), the Supreme Court held that the Bankruptcy Code does not, as part of a bankruptcy plan, allow nondebtors to receive permanent injunctive relief through nonconsensual releases. Less than a month later, two U.S. bankruptcy courts addressed whether Purdue Pharma bars bankruptcy courts from issuing temporary injunctive relief for the protection of nondebtors, and both courts determined that it does not. And just a couple of weeks ago, a third U.S. bankruptcy court reached the same conclusion.

The Supreme Court clearly limited the scope of its Purdue Pharma ruling to the permanent releases before it. In July, the U.S. Bankruptcy Court for the District of Delaware tackled a precise question left unresolved by Purdue Pharma: Can a bankruptcy court issue a preliminary injunction to stay claims against nondebtors? Yes, the court held in  Parlement Technologies.

The facts of Parlement Technologies are straightforward. The debtor, Parlement Technologies, and several of its former officers were sued in Nevada state court. While section 362(a) of the Bankruptcy Code automatically stayed the Nevada action against Parlement Technologies, it did not stay claims against the former officers, and Parlement Technologies therefore sought a temporary stay of those claims. Faced with whether it could temporarily stay an action against nondebtors in light of the Supreme Court’s Purdue Pharma ruling, the court concluded: “Purdue Pharma does not preclude the entry of such a preliminary injunction.” In re Parlement Techs., 24-10755 (CTG) (Bankr. D. Del. Jul. 15, 2024).

The court went on to describe the four-factor test for granting a preliminary injunction: (1) likelihood of success on the merits, (2) irreparable injury to plaintiff or movant absent an injunction, (3) harm to defendant or nonmoving party brought about by the injunction, and (4) public interest. In addressing the likelihood of success on the merits, the court considered how Purdue Pharma altered the traditional “success on the merits” calculation. Given the Purdue Pharma holding – that nondebtors may not receive permanent injunctive relief in the form of nonconsensual third-party releases – success on the merits in a temporary stay determination cannot be based on the likelihood that the nondebtors would be entitled to a nonconsensual third-party release. Clearly, that factor would never be met.

Instead, a court should find a likelihood of success on the merits when it concludes that (1) a preliminary injunction is necessary to permit debtors to focus on reorganization, or (2) the parties may ultimately negotiate a plan that includes resolution of the claims against nondebtors. After focusing primarily on the debtor’s failure to meet this first element of the four-factor test – success on the merits – the court declined to issue the preliminary injunction.

The same week that the Parlement Technologies court denied the temporary injunction, the U.S. Bankruptcy Court for the Northern District of Illinois – in Coast to Coast Leasing – granted a preliminary injunction staying state court litigation against nondebtors. Coast To Coast Leasing, LLC v. M&T Equip. Fin. Corp. (In re Coast to Coast Leasing), No. 24-03056 (Bankr. N.D. Ill. Jul. 17, 2024). The Illinois court addressed both the Purdue Pharma and Parlement Technologies decisionsand relied on a three-factor Seventh Circuit test used to determine whether a bankruptcy court may enjoin proceedings in another court: (1) those proceedings defeat or impair its jurisdiction over the case before it, (2) the moving party established likelihood of success on the merits, and (3) public interest.

The Coast to Coast court issued the temporary injunction. The court stressed that unlike Purdue Pharma, where the nondebtors sought to release and enjoin claims, the case before it involved only a temporary injunction (of two weeks). And unlike in Parlement Technologies, there was a likelihood of success on the merits based on both of the above-noted measures set forth in the Parlement Technologies decision ((1) a preliminary injunction is necessary to permit debtors to focus on reorganization, or (2) the parties may ultimately negotiate a plan that includes resolution of the claims against nondebtors).

These two cases point to the conclusion that Purdue Pharma does not preclude bankruptcy courts from temporarily staying claims against nondebtors. On September 13, the U.S. Bankruptcy Court for the Eastern District of Louisiana similarly stated, “under certain circumstances, a bankruptcy court may issue a preliminary injunction that operates to stay actions against nondebtors.” La. Dep’t of Envtl. Quality v. Tidewater Landfill, LLC (In re Tidewater Landfill LLC), No. 20-11646 (Bankr. E.D. La. Sep. 13, 2024). That court cited both Parlement Technologies and a pre-Purdue Pharma Fifth Circuit case, Feld v. Zale Corp. (In Re Zale Corp.), 62 F.3d 746 (5th Cir. 1995), suggesting that preliminary relief should not be treated differently after Purdue Pharma.

That court did not reach the relevant motion, but its clear statement of the law is instructive. Together this trio of cases provides guidance to debtors seeking temporary stays for nondebtors in the wake of Purdue Pharma.

© 2024 Binder & Schwartz LLP. All Rights Reserved
For more news on Purdue Pharma and Bankruptcy, visit the NLR Bankruptcy Restructuring section.

A Study in THC-O: Unpacking the Recent Anderson Case

Recently, the United States Court of Appeals for the Fourth Circuit handed the Drug Enforcement Administration (“DEA”) a big loss when it comes to hemp. In Anderson v. Diamondback Investment Group, LLC, the court ruled that the DEA’s interpretation, which classified a host of hemp-derived products as illegal, was incorrect.

I’ve previously written about the impact of Loper Bright Enterprises v. Raimondo on cannabis and hemp in this blog, and Anderson is one of the first cases to show how courts will handle cannabis law post-Chevron. In Loper, the Supreme Court ended the long-standing doctrine of Chevron deference. That doctrine required federal courts to defer to an agency’s interpretation of an ambiguous statute, so long as it was “reasonable,” even if the court didn’t agree with it. Now, courts don’t have to give the DEA (or any agency) that kind of leeway. If the agency’s interpretation isn’t the best reading of the statute, it is merely persuasive material at best.

This reminds me of my days of clerking on the Court of Common Pleas. Oftentimes, lawyers would cite other non-binding Common Pleas decisions, and the judge would merely say he would consider them but did not view them as binding. It’s almost like déjà vu for me now with Loper, on a grander scale.

Since Loper was decided, everyone has had theories about how it could impact things like cannabis rescheduling or the legality of hemp-derived cannabinoids. In particular, the DEA has been flexing its muscles with opinion letters about what it considers to be legal or illegal cannabinoids. This is where Loper comes into play. In theory, the DEA can still issue its opinions, but the courts aren’t going to roll over and accept those interpretations without question anymore. That’s exactly what happened in Anderson.

Without getting into the weeds of the case too much, here’s the gist: an employee was fired after drug tests allegedly showed cannabis use. She sued her employer, claiming she was using legal hemp-derived products. The court said she didn’t provide enough evidence to prove those products contained less than 0.3% Delta-9 THC—the magic number that separates hemp from cannabis under federal law. So, in the district court’s view, she did not have a case.

But the important part for us is what the court said about the 2018 Farm Bill and the DEA’s interpretation of cannabinoids like THC-O. THC-O is a synthetic compound made from hemp derivatives, and there’s been a long debate about whether products like THC-O or Delta-8 THC fall under the “hemp” umbrella.

The DEA considers synthetic cannabinoid-controlled substances, and they’ve argued that products like THC-O are illegal. The Ninth Circuit took on this issue a few years ago in AK Futures LLC v. Boyd Street Distro, LLC, where they ruled that Delta-8 THC products derived from hemp with less than 0.3% Delta-9 THC were legal under the 2018 Farm Bill.

In Anderson, the Fourth Circuit agreed with the Ninth Circuit’s logic, holding that “we think the Ninth Circuit’s interpretation of the 2018 Farm Act is the better of the two.” The court went even further, rejecting the DEA’s argument outright, thanks to the post-Loper world we now live in, where the DEA’s interpretation no longer gets automatic deference.

Here’s the key takeaway: according to the Fourth Circuit, if a product is derived from hemp and doesn’t contain more than 0.3% Delta-9 THC, it’s legal—even if it’s been processed into something like Delta-8 THC. But if a cannabinoid is made entirely from synthetic materials, it’s not hemp, and it’s not protected by the 2018 Farm Bill.

Now, before anyone starts thinking this is an all-clear for hemp products, there’s still a lot to unpack. While Anderson pushes back against the DEA’s overreach, it doesn’t mean every hemp-derived product is automatically legal. The 0.3% Delta-9 THC threshold is still critical, and businesses need to make sure they’re playing by the rules. Plus, this ruling doesn’t mean states won’t have their own say about what’s legal within their borders.

To sum it all up, the Anderson decision is important because it reinforces that courts are not bound by the DEA’s interpretations, especially post-Loper. This decision helps the hemp-derived cannabinoid market. As always, businesses must stay compliant with both federal and state laws to avoid legal headaches.

©2024 Norris McLaughlin P.A., All Rights Reserved
For more news on Hemp Classification Litigation, visit the NLR Biotech, Food, and Drug section.

California Poised to Further Regulate Artificial Intelligence by Focusing on Safety

Looking to cement the state near the forefront of artificial intelligence (AI) regulation in the United States, on August 28, 2024, the California State Assembly passed the “Safe and Secure Innovation for Frontier Artificial Intelligence Models Act” (SB 1047), also referred to as the AI Safety Act. The measure awaits the signature of Governor Gavin Newsom. This development comes effectively on the heels of the passage of the “first comprehensive regulation on AI by a major regulator anywhere” — the EU Artificial Intelligence Act (EU AI Act) — which concluded with political agreement in late 2023 and entered into force on August 1, 2024. It also follows the first comprehensive US AI law from Colorado (Colorado AI Act), enacted on May 17, 2024. And while the United States lacks a comprehensive federal AI framework, there have been developments regarding AI at the federal level, including the late 2023 Executive Order on AI from the Biden White House and other AI-related regulatory guidance.

We have seen this sequence play out before in the world of privacy. Europe has long led on privacy regulation, stemming in large part from its recognition of privacy as a fundamental right — an approach that differs from how privacy is viewed in the United States. When the European General Data Protection Act (GDPR) became effective in May 2018, it was not the world’s first comprehensive privacy framework (not even in Europe), but it did highlight increasing awareness and market attention around the use and protection of personal data, setting off a multitude of copycat privacy regulatory regimes globally. Not long after GDPR, California became the first US state with a comprehensive privacy regulation when then-California Governor Jerry Brown signed the California Consumer Privacy Act (CCPA) into law on June 28, 2018. While the CCPA, since amended by the California Privacy Rights Act of 2020 (CPRA), is assuredly not a GDPR clone, it nevertheless felt familiar to many organizations that had begun to develop privacy compliance programs centered on GDPR standards and definitions. The CCPA preceded the passage of comprehensive privacy regulations in many other US states that, while not necessarily based on CCPA, did not diverge dramatically from the approach taken by California. These privacy laws also generally apply to AI systems when they process personal data, with some (including CCPA/CPRA) already contemplating automated decision-making that can be, but is not necessarily, based on AI.

AI Safety Act Overview

Distinct from the privacy sphere, the AI Safety Act lacks the same degree of familiarity when compared to the EU AI Act (and to its domestic predecessor, the Colorado AI Act). Europe has taken a risk-based approach that defines different types of AI and applies differing rules based on these definitions, while Colorado primarily focuses on “algorithmic discrimination” by AI systems determined to be “high-risk.” Both Europe and Colorado distinguish between “providers” or “developers” (those that develop an AI system) and “deployers” (those that use AI systems) and include provisions that apply to both. The AI Safety Act, however, principally focuses on AI developers and attempts to solve for potential critical harms (largely centered on catastrophic mass casualty events) created by (i) large-scale AI systems with extensive computing power of greater than 10^26 integer or floating-point operations and with a development cost of greater than $100 million, or (ii) a model created by fine-tuning a covered AI system using computing power equal to or greater than three times 10^25 integer or floating-point operations with a cost in excess of $10 million. Key requirements of the AI Safety Act include:

  • “Full Shutdown” Capability. Developers would be required to implement capabilities to enact a full shutdown of a covered AI system, considering the risk that a shutdown could cause disruption to critical infrastructure and implementing a written safety and security protocol that, among other things, details the conditions under which such a shutdown would be enacted.
  • Safety Assessments. Prior to release, testing would need to be undertaken to determine whether the covered model is “reasonably capable of causing or materially enabling a critical harm,” with details around such testing procedures and the nature of implemented safeguards.
  • Third-Party Auditing. Developers would be required to annually retain a third-party auditor to conduct audits on a covered AI system that are “consistent with best practices for auditors” to perform an independent audit to ensure compliance with the requirements of the AI Safety Act.
  • Safety Incident Reporting. If a safety incident affecting the covered model occurs, the AI Safety Act would require developers to notify the California Attorney General (AG) within 72 hours after the developer learns of the incident or learns of facts that cause a reasonable belief that a safety incident has occurred.
  • Developer Accountability. Notably, the AI Safety Act would empower the AG to bring civil actions against developers for harms caused by covered AI systems. The AG may also seek injunctive relief to prevent potential harms.
  • Whistleblower Protections. The AI Safety Act would also provide for additional whistleblower protections, including by prohibiting developers of a covered AI system from preventing employees from disclosing information or retaliating against employees for disclosing information regarding the AI system, including noncompliance of any such AI system.

The Path Forward

California may not want to cede its historical position as one of the principal US states that regularly establishes precedent in emerging technology and market-driven areas of importance. This latest effort, however, may have been motivated at least in part by widely covered prognostications of doom and the potential for the destruction of civilization at AI’s collective hands. Some members of Congress, however, have opposed the AI Safety Act, stating in part that it should “ensure restrictions are proportionate to real-world risks and harms.” To be sure, California’s approach to regulating AI under the AI Safety Act is not “wrong.” It does, however, represent a different approach than other AI regulations, which generally focus on the riskiness of use and address areas such as discrimination, transparency, and human oversight.

While the AI Safety Act focuses on sophisticated AI systems with the largest processing power and biggest development budgets and, thus, presumably those with a greater potential for harm as a result, developers of AI systems of all sizes and capabilities already largely engage in testing and assessments, even if only motivated by market considerations. What is new is that the AI Safety Act creates standards for such evaluations that, with history as the guide, would likely materially influence standards included in other US AI regulations if signed into law by Governor Newsom (who has already signed an executive generative AI order of his own that predated President Biden’s) even though the range of covered AI systems would be somewhat limited.

With the potential to transform every industry, regulation of AI in one form or another is critical to navigate the ongoing sea change. The extent and nature of that regulation in California and elsewhere is certain to be fiercely debated, whether or not the AI Safety Act is signed into law. Currently, the risks attendant to AI development and use in the United States are still largely reputational, but comprehensive regulation is approaching. It is thus critical to be thoughtful and proactive about how your organization intends to leverage AI tools and to fully understand the risks and benefits associated with any such use

© 2024 Jones Walker LLP
For more news on Artificial Intelligence Regulation, visit the NLR Communications Media Internet section.

Walgreens Settles for $106.8 Million Over FCA Violations

On September 13, the US Department of Justice (DOJ) announced that Walgreens Boots Alliance Inc. and Walgreen Co. (collectively, Walgreens) agreed to pay $106.8 million to resolve allegations of violating the False Claims Act (FCA) and state statutes. The allegations pertain to billing government health care programs for prescriptions that were never dispensed. The government alleged that from 2009 until 2020, Walgreens submitted claims to federal health care programs for prescriptions that were processed but never picked up by beneficiaries. This resulted in Walgreens receiving 10s of millions of dollars for prescriptions that were never actually provided to health care beneficiaries.

Under the resolution, Walgreens agreed to enhance its electronic pharmacy management system to prevent future occurrences and self-reported certain conduct. In addition, Walgreens refunded $66,314,790 related to the settled claims, which allowed Walgreens to receive credit under the DOJ’s guidelines for taking disclosure, cooperation, and remediation into account in FCA cases.

Under the settlement agreement, the federal government received $91,881,530, and the individual states received $14,933,259 through separate settlement agreements. The settlement will resolve three cases pending in the District of New Mexico, Eastern District of Texas, and Middle District of Florida under the qui tam, or whistleblower, provision of the FCA. Whistleblowers Steven Turck and Andrew Bustos, former Walgreens employees, will receive $14,918,675 and $1,620,000, respectively, for their roles in filing the suits.

The DOJ’s press release can be found here.

CVS Health Subsidiary Settles FCA Allegations for $60 Million

On September 16, Chicago company Oak Street Health, a subsidiary of CVS Health, agreed to pay $60 million to resolve allegations that it violated the FCA by paying kickbacks to third-party insurance agents in exchange for recruiting seniors to Oak Street Health’s primary care clinics from September 2020 through December 2022.

According to the DOJ, in 2020, Oak Street Health developed a program called the Client Awareness Program. Under the program, which was developed to increase patient membership, seniors who were eligible for Medicare Advantage received marketing messages designed to generate interest in Oak Street Health. Upon receipt of these messages, third-party insurance agents organized three-way phone calls with Oak Street Health employees for the interested seniors. Oak Street Health paid agents around $200 per beneficiary referred or recommended as part of this service. Instead of basing referrals and recommendations on the best interest of the seniors, these payments allegedly encouraged agents to base referrals and recommendations on Oak Street Health’s financial interests.

The DOJ’s press release can be found here.

Dunes Surgical Hospital Settles for $12.76 Million Over FCA Violations

On September 16, South Dakota companies Siouxland Surgery Center LLP, d.b.a. Dunes Surgical Hospital, United Surgical Partners International Inc. (USPI), and USP Siouxland Inc. agreed to pay approximately $12.76 million to settle FCA allegations related to improper financial relationships between Dunes and two physician groups. Since July 1, 2014, USPI has maintained partial ownership of Dunes through USP Siouxland, a wholly owned subsidiary of USPI. Following an internal investigation, Dunes and USPI disclosed the arrangements at issue to the government.

From at least 2014 through 2019, Dunes allegedly made financial contributions to a nonprofit affiliate of a physician group whose physicians referred patients to Dunes. According to the complaint, those payments allegedly funded the salaries of referring employees. Other allegations include that Dunes provided a different physician group with below-market-value clinic space, staff, and supplies. The DOJ alleged that these arrangements violated both the Anti-Kickback Statute and the Stark Law, which are “designed to ensure that decisions about patient care are based on physicians’ independent medical judgment and not their personal financial interest.”

Following Dunes’ and USPI’s internal compliance review and independent investigation, the companies promptly took remedial actions and disclosed such arrangements to the DOJ. The companies also provided the government with detailed and thorough written disclosures and cooperated throughout its investigation, resulting in cooperation credit for the companies.

Under the settlement, Dunes and USPI will pay $12.76 million to the federal government for alleged violations of the FCA, and approximately $1.37 million to South Dakota, Iowa, and Nebraska for their share of the Medicaid portion of the settlement.

The DOJ’s press release can be found here.

California Man Convicted for Paying Illegal Kickbacks for Patient Referrals to Addiction Treatment Facilities

On September 11, a federal jury convicted Casey Mahoney, 48, of Los Angeles, for paying nearly $2.9 million in illegal kickbacks for patient referrals to his addiction treatment facilities in Orange County, California. The facilities involved are Healing Path Detox LLC and Get Real Recovery Inc.

According to court documents and evidence presented at trial, Mahoney paid illegal kickbacks to “body brokers” who referred patients to his facilities. These brokers appeared to pay thousands of dollars in cash to patients to induce them to procure treatment at Mahoney’s facilities. Mahoney allegedly concealed these illegal kickbacks through sham contracts with the body brokers. The contracts purportedly required fixed payments and prohibited payments based on the volume or value of patient referrals, when in reality, payments were negotiated based on patients’ insurance reimbursements and the number of days Mahoney could bill for treatment. Mahoney also allegedly laundered the proceeds of the conspiracy through payments to the mother of one of the body brokers, falsely characterizing them as consulting fees.

The Eliminating Kickbacks in Recovery Act formed the basis of the charges against Mahoney. He was convicted of one count of conspiracy to solicit, receive, pay, or offer illegal remunerations for patient referrals, seven counts of illegal remunerations for patient referrals, and three counts of money laundering. He is scheduled to be sentenced on January 17, 2025, and faces a maximum penalty of five years in prison for the conspiracy charge, 10 years in prison for each illegal remuneration count, and 20 years in prison for each money laundering count.

The DOJ’s press release can be found here.

© 2024 ArentFox Schiff LLP

by: D. Jacques SmithRandall A. BraterMichael F. DearingtonNadia PatelHillary M. Stemple, and Rebekkah R.N. Stoeckler of ArentFox Schiff LLP

For more news on FCA Violations visit the NLR Criminal Law Business Crimes section.

End of Summer Pool Party: CFTC Approves Final Rule Amending 4.7 Regulatory Relief for CPOs and CTAs

On 12 September 2024, the Commodity Futures Trading Commission (CFTC) published a Final Rule impacting registered commodity pool operators (CPOs) and commodity trading advisors (CTAs) relying on the regulatory relief provided under CFTC Regulation 4.7. “Registration light,” as Regulation 4.7 is sometimes known, provides reduced disclosure, reporting and recordkeeping obligations for CPOs and CTAs that limit sales activities to “qualified eligible persons” (QEPs).

The Final Rule amends Regulation 4.7 by:

  • Updating the QEP definition by increasing the financial thresholds in the “Portfolio Requirement” to account for inflation; and
  • Codifying certain CFTC no-action letters allowing CPOs of Funds of Funds to opt to deliver monthly account statements within 45 days of month-end.

For most asset managers, however, the most significant update is that the CFTC declined to adopt the proposed minimum disclosure requirements. Under existing Regulation 4.7, CPOs and CTAs are exempt from certain disclosure requirements when offering pools solely to QEPs. Without those exemptions, dually-registered managers would be burdened with duplicate or conflicting disclosure requirements under the Securities and Exchange Commission’s (SEC) rules. The Proposed Rule would have rescinded or narrowed certain of these exemptions. Commenters almost unanimously opposed the disclosure-related amendments, and the CFTC ultimately decided to take additional time to consider the concerns and potential alternatives.

The Final Rule doubled the Portfolio Requirement for the Securities Portfolio Test and the Initial Margin and Premium test to US$4,000,000 and US$400,000, respectively. Despite the increased suitability standards for QEPs, the Final Rule will not impact most private funds relying on Rule 506 of Regulation D, as those amounts are still less than the “Qualified Purchaser” threshold under the SEC’s rules.

Copyright 2024 K & L Gates
For more news on CFTC Final Rule, visit the NLR Antitrust Trade Regulation section.

Law Firm Bonus Strategies: A Guide to Compensating Attorneys

Compensating attorneys effectively is a combination of art and science. A well-structured bonus plan is integral to most law firms’ overall compensation strategy, playing a key role in retaining talent, driving performance, and fostering a collaborative culture. Whether the focus is on individual productivity or firm-wide profitability, bonuses help align attorney performance with the firm’s goals.

This guide provides an overview of various bonus strategies law firms use to compensate attorneys, along with their advantages, disadvantages, and key considerations for selecting the right bonus structure.

Common Bonus Models for Attorneys
1.) Defined Amount Over a Threshold
A set dollar amount per billable hour once an attorney surpasses their annual billable hour target. 
Strengths :

Simple to calculate and highly effective at incentivizing billable work.

 Limitations:

Focuses solely on hours billed, ignoring non-billable contributions such as client development, mentoring, or firm-related activities.
2.) Percentage of Salary Based on Pass/Fail Criteria.  / 
A percentage of the attorney’s salary is awarded if they meet certain predefined criteria, such as achieving a billable hour target.
Strengths :

Offers clarity and predictability, ensuring attorneys know exactly what’s required to earn their bonus.

 Limitations:

Does not account for performance beyond the set criteria, potentially overlooking high performers who exceed expectations.
3.) Percentage of Fees Over a Threshold:
Attorneys receive a percentage of the fees they collect or bill once they surpass a set production level.
Strengths :

Encourages attorneys to exceed production goals and maximizes their potential bonus.

 Limitations:

May cause attorneys to prioritize billing over client service quality, as the focus is heavily on numbers.
4.) Predefined Bonus Pool Split Among Eligible Lawyers
The firm allocates a bonus pool and divides it among attorneys, potentially tiered by seniority.
Strengths :

Encourages team collaboration, as everyone works toward a shared reward.

 Limitations:

High performers may feel undervalued if they receive the same bonus as lower performers.
5.) Profitability Bonus
A percentage of profits above a certain threshold (e.g., 15% of individual profitability over $75,000).
Strengths :

Aligns attorney incentives with firm profitability, encouraging both individual performance and a focus on firm health.

 Limitations:

Can be difficult to administer and track profitability on an individual basis.
6.) Profit-Sharing Pool
Attorneys receive a portion of the firm’s profits on a regular schedule (monthly, quarterly, or annually), often tiered by seniority.
Strengths :

Encourages attorneys to exceed production goals and maximizes their potential bonus.

 Limitations:

May cause attorneys to prioritize billing over client service quality, as the focus is heavily on numbers.
7.) Origination Bonus
Attorneys are rewarded for bringing new business into the firm based on origination credit for clients or cases.
Strengths :

Provides a direct incentive for business development, helping to grow the firm’s client base.

 Limitations:

Attorneys may focus too much on client acquisition and not enough on servicing existing clients or mentoring others.
8.) Evaluation with Points-Based Allocation of Bonuses in Tiers
Attorneys earn points based on both quantitative (economic) and qualitative (firm culture, mentoring, client relations) contributions. Bonuses are then awarded in tiers based on point ranges.
Strengths :

Provides a balanced approach that rewards both financial contributions and softer, qualitative metrics.

 Limitations:

Complex to administer and requires the firm to have clearly defined evaluation criteria and consistency in tracking.

Best Practices for Structuring Attorney Bonuses

When selecting a bonus model, law firm leaders should carefully consider their firm culture, values, and strategic objectives. Here are some best practices for creating a sustainable and motivating bonus system:

  1. Incorporate Both Economic and Qualitative Performance: While revenue generation is critical, a successful bonus plan should also recognize contributions like mentoring, client satisfaction, and leadership.
  2. Tailor Bonuses to Career Stages: Junior associates, senior associates, and partners may need different incentives to stay motivated. Consider tiered bonus systems or increasing potential bonus payouts as attorneys advance.
  3. Incorporate Regular Feedback: Rather than waiting for the annual bonus review, provide regular feedback to help attorneys stay on track and improve throughout the year.
  4. Use Data-Driven Systems: Consider leveraging technology to streamline bonus calculations. Tools like PerformLaw’s Attorney Relationship Management System (ARMS) can help firms objectively track both billable and qualitative contributions, ensuring fairness and transparency in bonus distribution.

Conclusion

Choosing the right bonus structure for your law firm is not a one-size-fits-all solution. It requires thoughtful consideration of firm goals, attorney performance, and the behaviors you want to incentivize. A well-rounded approach to rewarding economic and qualitative contributions is crucial for long-term success. By combining structured salary increases and performance-driven bonuses, law firms can boost morale, improve retention, and ultimately, drive greater firm profitability.

©2024 PerformLaw
For more news on Bonuses for Attorneys, visit the NLR Labor Employment and Law Office Management sections.

Artificial Intelligence and Intellectual Property Legal Frameworks in the Asia-Pacific Region

Globally, governments are grappling with the emergence of artificial intelligence (“AI”). AI technologies introduce exciting new opportunities but also bring challenges for regulators and companies across all industries. In the Asia-Pacific (“APAC”) region, there is no exception. APAC governments are adapting to AI and finding ways to encourage and regulate AI development through existing intellectual property (“IP”) regimes and new legal frameworks.

AI technologies aim to simulate human intelligence through developing smart machines capable of performing tasks that require human intelligence. The expanding market for AI ranges from machine learning to generative AI to virtual assistants to robotics, and this list merely scratches the surface.

When it comes to IP and AI, there are several critical questions for governments to consider: Can AI models be protected by existing legal frameworks within IP? Must copyright owners be human? Does a patent inventor have to be an individual? Do AI models’ training programs infringe on others’ copyrights?

To begin to answer these questions, regulators are drawing from existing IP regimes, including patent and copyright law. Some APAC countries have taken a non-binding approach, relying on existing principles to guide AI regulation. Others are drafting more specific AI regulations. The summary chart below provides a brief overview of current patent and copyright laws within APAC focused on AI and IP. Additional commentary concerning updates to AI laws and regulations is provided below the chart.

Country Patent Copyright
Korea A non-human cannot be the inventor under Korea’s Patent Act. There is a requirement for “a person.” The Copyright Act requires a human creator. Copyright is possible if the creator is a human using generative AI models as software tools and the human input is considered more than simple prompt inputs. For example, in Korea, copyright was granted to a movie produced by generative AI as a “compilation work” in December 29, 2023.
Japan Under Japan’s Patent Act, a natural person must be the inventor. This is the “requirement of shimei 氏名” (i.e. name of a natural person). Japan’s Copyright Act defines a copyright-protected work as “a creation expressing human thoughts and Emotions.” However, in February 29, 2024, the Agency for Cultural Affairs committee’s document on “Approach to AI and Copyright” provided that a joint work made up of both human input and AI generated content can be eligible for copyright protection.
Taiwan Taiwan’s Patent Law does not explicitly preclude a non-human inventor, however, the Patent Examination Guidelines require a natural person to be an inventor. Formalities in Taiwan also require an inventor’s name and nationality. The Copyright Act requires of “human creative expression.”
China The inventor needs to be a person under Patent Law and the Guidelines for Examination in China. Overall, Chinese courts have recognized that when AI-generated works involve human intellectual input, the user of the AI software is the copyright owner.
Hong Kong The Patents Ordinance in Hong Kong requires a human inventor. The Copyright Ordinance in Hong Kong attributes authorship to “the person by whom the arrangements necessary for the creation of the work are undertaken.”
Philippines Patent law in the Philippines requires a natural person to be the inventor. Generally, copyright law in the Philippines requires the author to be a natural person. The copyright in works that are partially AI-generated protects only those parts that are created by natural persons. The Philippines IP Office relies on the declarations of the creator claiming copyright to provide which part of the work is AI-generated and which part is not.
Vietnam AI cannot be an IP right owner in Vietnam. The user of AI is the owner, regardless of the degree of work carried out by AI. In terms of copyright, AI cannot be an IP right owner. Likewise, the user of AI is the owner, regardless of the degree of work carried out by AI.
Thailand Thailan’s Patent law in Thailand requires inventors to be individuals. Copyright law in Thailand requires an author to be an individual.
Malaysia Malaysia’s Patent law requires inventors to be individuals. Copyright law in Malaysia requires an author to be an individual.
Singapore Patent law requires inventors to be a natural person(s). However, the owner can be a natural person or a legal entity. In Singapore, it is implicit in provisions of the Copyright Act that the author must be a natural person.
Indonesia Under Indonesia’s patent law, the inventor may be an individual or legal entity. Under copyright law in Indonesia, the author of a work may be an individual or legal entity.
India India’s patent law requires inventors to be a natural person(s). The copyright law contains a requirement of “originality” – which the courts interpret as “intellectual effort by humans.”
Australia The Full Federal Court in Australia ruled that an inventor must be a natural person. Copyright law in Australia requires the author to be a human.
New Zealand One court in New Zealand has ruled that AI cannot be an inventor under the Patents Act. A court in New Zealand has ruled that AI cannot be the author under the provisions of the Copyright Act. There is updated legislation clarifying that the ownership of computer-generated works is the person who “made the arrangements necessary” for the creation of the work.

AI Regulation and Infringement

KOREA: Court decisions have ruled that web scraping or pulling information from a competitor’s website or database infringes on competitor’s database rights under the Copyright Act and the UCPA. In Koria, parties must obtain permission for use of copyrighted work for training AI emphasized in guidelines. The Copyright Commission published guidelines on copyright and AI in December 2023. The guidelines noted the growing need for legislation on AI generated works. The English version of the guidelines was released in April 2024.

JAPAN: The January 1, 2019 Copyright Act provides very broad rights to use copyrighted works without permission for training AI, as long as the training is for the purpose of technological development. The committee aims to introduce checks to this freedom, and also to provide more protection for Japan-based content creators and copyright holders. The Japan Agency for Cultural Affairs (ACA) released its draft “Approach to AI and Copyright” for public comment on January 23, 2024. Additional changes have been made to the draft after considering 25,000 comments as of February 29, 2025. Also, the Ministry of Internal Affairs and Communications, Ministry of Economy, Trade and compiled the AI Guidelines for Business Ver1.0 in Japan on April 19, 2024.

TAIWAN: Using copyrighted works to train AI models involves “reproduction”, which constitutes an infringement, unless there is consent or a license to use the work. Taiwan’s IPRO released an interpretation to clarify AI issues in June 2023. Under the IPO interpretation circular of June 2023, the Taiwan cabinet approved draft guidelines for the use of generative AI by the executive branch of the Taiwan government in August 2023. The executive branch of the Taiwan government also confirmed that it is in the process of formulating the government’s version of the Draft AI Law, which is expected to be published this year.

CHINA: Interim Measures for the Management of Generative Artificial Intelligence Services, promulgated in July 2023, require that generative AI services “respect intellectual property rights and commercial ethics” and that “intellectual property rights must not be infringed.” The consultation draft on Basic Security Requirements for Generative Artificial Intelligence Service, which was published in October 2023, provides detailed guidance on how to avoid IP infringement. The requirements, for example, provide specific processes concerning model training data that Chinese AI companies must adopt. Moreover, China’s draft Artificial Intelligence Law, proposed on March 16, 2024, outlines the use of copyrighted material for training purposes, and it serves as a complement to China’s current AI regulations.

HONG KONG: A review of copyright law in Hong Kong is underway. There is currently no overarching legislation regulating the use of AI, and the existing guidelines and principles mainly provide guidance on the use of personal data.

VIETNAM: AI cannot have responsibility for infringement, and there are no provisions under existing laws in Vietnam regarding the extent of responsibility of AI users for infringing acts. The Law on Protection of Consumers’ Rights will take effect on July 1, 2024. This law requires operators of large digital platforms to periodically evaluate the use of AI and fully or partially automated solutions.

THAILAND: Infringement in Thailand requires intent or implied intent, for example, from the prompts made to the AI. Thai law also provides for liability arising out of the helping or encouraging of infringement by another. Importantly, the AI user may also be exposed to liability in that way.

MALAYSIA: An informal comment from February 2024 by the Chairman of the Malaysia IP Office provides that there may be infringement through the training and/or use of AI programs.

SINGAPORE: Singapore has a hybrid regime. The regime provides a general fair use exception, which is likely guided by US jurisprudence, per the Singapore Court of Appeal. The regime also provides exceptions for specific types of permitted uses, for example, the computational data analysis exception. A Landscape Report on Issues at the Intersection of AI and IP issued by IPOS on February 28, 2024 provided a Model AI Governance Framework for Generative AI, which was published May 30, 2024.

INDONESIA: A “circular,” a government issued document similar to a white paper, implies that infringement is possible in Indonesia. The nonbinding Communications and Information Ministry Circular No. 9/2023 on AI was signed in December 2023.

INDIA: Under the Copyright Act of 1957, a Generative AI user has an obligation to obtain permission to use the copyright owner’s works for commercial purposes. In February 2024, the Ministry of Commerce and Industry’s Statement provided that India’s existing IPR regime is “well-equipped to protect AI-generated works” and therefore, it does not require a separate category of rights. MeitY issued a revised advisory on March 15, 2024 providing that platforms and intermediaries should ensure that the use of AI models, large language models, or generative AI software or algorithms by end users does not facilitate any unlawful content stipulated under Rule 3(1)(b) of the IT Rules, in addition to any other laws.

AUSTRALIA: Any action seeking compensation for infringement of a copyright work by an AI system would need to rely on the Copyright Act of 1968. It is an infringement of copyright to reproduce or communicate works digitally without the copyright owner’s permission. Australia does not have a general “fair use” defense to copyright infringement.

NEW ZEALAND: While infringement by AI users has not yet considered by New Zealand courts, New Zealand has more restricted “fair dealing” exceptions. Copyright review is underway in New Zealand.

© Copyright 2024 Squire Patton Boggs (US) LLP
For more news on AI Intellectual Property Regulations, visit the NLR Intellectual Property section.

Illinois Enacts Requirements for AI Use in Employment Decisions

On Aug. 9, 2024, Illinois Gov. Pritzker signed into law HB3733, which amends the Illinois Human Rights Act (IHRA) to cover employer use of artificial intelligence (AI). Effective Jan. 1, 2026, the amendments will add to existing requirements for employers that use AI to analyze video interviews of applicants for positions in Illinois.

Illinois is the latest jurisdiction to pass legislation aimed at preventing discrimination caused by AI tools that aid in making employment decisions. The state joins jurisdictions such as Colorado and New York City in regulating the use of AI in this context.

Restrictions on the Use of AI in Employment Decisions

The amendments expressly prohibit the use of AI in a manner that results in illegal discrimination in employment decisions and employee recruitment. Specifically, covered employers are barred from using AI in a way that has the effect of subjecting employees to discrimination on the basis of any class protected by the IHRA, including if zip codes are used as a proxy for such protected classes.

These new requirements will apply to any employer with one or more employees in Illinois during 20 or more calendar weeks within the calendar year of, or preceding, the alleged violation. They also apply to any employer with one or more employees when unlawful discrimination based on physical or mental disability unrelated to ability, pregnancy, or sexual harassment is alleged.

The amendments define AI as a “machine-based system that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments.” AI also includes “generative artificial intelligence.”

The amendments further define generative AI as “an automated computing system that, when prompted with human prompts, descriptions, or queries, can produce outputs that simulate human-produced content, including, but not limited to”:

  • Textual outputs, such as short answers, essays, poetry, or longer compositions or answers;
  • Image outputs, such as fine art, photographs, conceptual art, diagrams, and other images;
  • Multimedia outputs, such as audio or video in the form of compositions, songs, or short-form or long-form audio or video; and
  • Other content that would be otherwise produced by human means.

Employer Notice Requirements

The amendments require a covered employer to provide notice to employees if the organization uses AI for the following employment-related purposes:

  • Recruitment
  • Hiring
  • Promotion
  • Renewal of employment
  • Selection for training or apprenticeship
  • Discharge
  • Discipline
  • Tenure
  • The terms, privileges, or conditions of employment

While the amendments do not provide specific direction regarding the notice, such as when and how the notice should be provided, they direct the Illinois Department of Labor to adopt rules necessary to implement the notice requirement. Thus, additional guidance should be forthcoming.

Although not required, Illinois employers and AI technology developers may wish to consider conducting audits or taking other measures to help avoid biased outcomes and to further protect against liability.

Enforcement

The IHRA establishes a two-part enforcement procedure. The Illinois Department of Human Rights (IDHR) is the administrative agency that investigates charges of discrimination, while the Illinois Human Rights Commission (IHRC) is an administrative court that adjudicates complaints of unlawful discrimination. Complainants have the option to proceed before the IHRC or file a civil action directly in circuit court after exhausting their administrative remedies before the IDHR.

Practical Considerations

Before the effective date, covered employers should consider:

  • Assessing which platforms and tools in use (or under consideration) incorporate AI, including generative AI, components.
  • Drafting employee notices and developing a plan for notifying employees.
  • Training AI users and quality control reviewers/auditors on anti-discrimination/anti-bias laws and policies that will impact their interaction with the tool(s).
  • Partnering with legal counsel and experienced vendors to identify or create privileged processes to evaluate, mitigate, and monitor potential discriminatory or biased impacts of AI use.
  • Reviewing any rules published by the Illinois Department of Labor, including on the circumstances and conditions that require notice and the timeframe and means for providing notice.
  • Multi-state employers should continue to monitor for additional requirements. For instance, California’s legislature is considering a range of AI-related bills, including some aimed at workplace discrimination.
©2024 Greenberg Traurig, LLP. All rights reserved.
For my news on AI Use in Employment Decisions, visit the NLR Communications Media Internet section.