- Banner Year for Artificial Intelligence (AI) in Health – With AI-designed drugs entering clinical trials, growing adoption of generative AI tools in medical practices, increasing FDA approvals for AI-enabled devices, and new FDA guidance on AI usage, 2023 was a banner year for advancements in AI for medtech, healthtech, and techbio—even with the industry-wide layoffs that also hit digital and AI teams. The coming year should see continued innovation and investment in AI in areas from drug design to new devices to clinical decision support to documentation and revenue cycle management (RCM) to surgical augmented reality (AR) and more, together with the arrival of more new U.S. government guidance on and best practices for use of this fast-evolving technology.
- Congress and AI Regulation – Congress continues to grapple with the proper regulatory structure for AI. At a minimum, expect Congress in 2024 to continue funding AI research and the development of standards required under the Biden Administration’s October 2023 Executive Order. Congress will also debate legislation relating to the use of AI in elections, intelligence operations, military weapons systems, surveillance and reconnaissance, logistics, cybersecurity, health care, and education.
- New State and City Laws Governing AI’s Use in HR Decisions – Look for additional state and city laws to be enacted governing an employer’s use of AI in hiring and performance software, similar to New York City’s Local Law 144, known as the Automated Employment Decisions Tools law. More than 200 AI-related laws have been introduced in state legislatures across the country, as states move forward with their own regulation while debate over federal law continues. GT expects 2024 to bring continued guidance from the EEOC and other federal agencies, mandating notice to employees regarding the use of AI in HR-function software as well as restricting its use absent human oversight.
- Data Privacy Rules Collide with Use of AI – Application of existing laws to AI, both within the United States and internationally, will be a key issue as companies apply transparency, consent, automated decision making, and risk assessment requirements in existing privacy laws to AI personal information processing. U.S. states will continue to propose new privacy legislation in 2024, with new implementing regulations for previously passed laws also expected. Additionally, there’s a growing trend towards the adoption of “privacy by design” principles in AI development, ensuring privacy considerations are integrated into algorithms and platforms from the ground up. These evolving legal landscapes are not only shaping AI development but also compelling organizations to reevaluate their data strategies, balancing innovation with the imperative to protect individual privacy rights, all while trying to “future proof” AI personal information processing from privacy regulatory changes.
- Continued Rise in AI-Related Copyright & Patent Filings, Litigation – Expect the Patent and Copyright Offices to develop and publish guidance on issues at the intersection of AI and IP, including patent eligibility and inventorship for AI-related innovations, the scope of protection for works produced using AI, and the treatment of copyrighted works in AI training, as mandated in the Biden Administration Executive Order. IP holders are likely to become more sophisticated in how they integrate AI into their innovation and authorship workflows. And expect to see a surge in litigation around AI-generated IP, particularly given the ongoing denial of IP protection for AI-generated content and the lack of precedent in this space in general.
Tag: AI
What Employers Need to Know about the White House’s Executive Order on AI
President Joe Biden recently issued an executive order devised to establish minimum risk practices for use of generative artificial intelligence (“AI”) with focus on rights and safety of people, with many consequences for employers. Businesses should be aware of these directives to agencies, especially as they may result in new regulations, agency guidance and enforcements that apply to their workers.
Executive Order Requirements Impacting Employers
Specifically, the executive order requires the Department of Justice and federal civil rights offices to coordinate on ‘best practices’ for investigating and prosecuting civil rights violations related to AI. The ‘best practices’ will address: job displacement; labor standards; workplace equity, health, and safety; and data collection. These principles and ‘best practices’ are focused on benefitting workers and “preventing employers from undercompensating workers, evaluating job applications unfairly, or impinging on workers’ ability to organize.”
The executive order also requested a report on AI’s potential labor-market impacts, and to study and identify options for strengthening federal support for workers facing labor disruptions, including from AI. Specifically, the president has directed the Chairman of the Council of Economic Advisers to “prepare and submit a report to the President on the labor-market effects of AI”. In addition, there is a requirement for the Secretary of Labor to submit “a report analyzing the abilities of agencies to support workers displaced by the adoption of AI and other technological advancements.” This report will include principles and best practices for employers that could be used to mitigate AI’s potential harms to employees’ well-being and maximize its potential benefits. Employers should expect more direction once this report is completed in April 2024.
Increasing International Employment?
Developing and using generative AI inherently requires skilled workers, which President Biden recognizes. One of the goals of his executive order is to “[u]se existing authorities to expand the ability of highly skilled immigrants and nonimmigrants with expertise in critical areas to study, stay, and work in the United States by modernizing and streamlining visa criteria, interviews, and reviews.” While work visas have been historically difficult for employers to navigate, this executive order may make it easier for US employers to access skilled workers from overseas.
Looking Ahead
In light of the focus of this executive order, employers using AI for recruiting or decisions about applicants (and even current employees) must be aware of the consequences of not putting a human check on the potential bias. Working closely with employment lawyers at Sheppard Mullin and having a multiple checks and balances on recruiting practices are essential when using generative AI.
While this executive order is quite limited in scope, it is only a first step. As these actions are implemented in the coming months, be sure to check back for updates.
The FCC Approves an NOI to Dive Deeper into AI and its Effects on Robocalls and Robotexts
AI is on the tip of everyone’s tongue it seems these days. The Dame brought you a recap of President Biden’s orders addressing AI at the beginning of the month. This morning at the FCC’s open meeting they were presented with a request for a Notice of Inquiry (NOI) to gather additional information about the benefits and harms of artificial intelligence and its use alongside “robocall and robotext”. The following five areas of interest are as follows:
- First, the NOI seeks, on whether and if so how the commission should define AI technologies for purposes of the inquiry this includes particular uses of AI technologies that are relevant to the commission’s statutory response abilities under the TCPA, which protects consumers from nonemergency calls and texts using an autodialer or containing an artificial or prerecorded voice.
- Second, the NOI seeks comment on how technologies may impact consumers who receive robocalls and robotexts including any potential benefits and risks that the emerging technologies may create. Specifically, the NOI seeks information on how these technologies may alter the functioning of the existing regulatory framework so that the commission may formulate policies that benefit consumers by ensuring they continue to receive privacy protections under the TCPA.
- Third, the NOI seeks comment on whether it is necessary or possible to determine at this point whether future types of AI technologies may fall within the TCPA’s existing prohibitions on autodial calls or texts and artificial or prerecorded voice messages.
- Fourth, NOI seeks comment on whether the commission should consider ways to verify the authenticity and legitimately generate AI voice or text content from trusted sources such as through the use of watermarks, certificates, labels, signatures, or other forms of labels when callers rely on AI technology to generate content. This may include, for example, emulating a human voice on a robocall or creating content in a text message.
- Lastly, seeks comment on what next steps the commission should consider to further the inquiry.
While all the commissioners voted to approve the NOI they did share a few insightful comments. Commissioner Carr stated “ If AI can combat illegal robocalls, I’m all for it” but he also expressed that he does “…worry that the path we are heading down is going to be overly prescriptive” and suggests “…Let’s put some common-sense guardrails in place, but let’s not be so prescriptive and so heavy-handed on the front end that we end up benefiting large incumbents in the space because they can deal with the regulatory frameworks and stifling the smaller innovation to come.”
Commissioner Starks shared “I, for one, believe this intersectionality is clinical because the future of AI remains uncertain, one thing is clear — it has the potential to impact if not transform every aspect of American life, and because of that potential, each part of our government bears responsibility to better understand the risks, opportunities within its mandate, while being mindful of the limits of its expertise, experience, and authority. In this era of rapid technological change, we must collaborate, lean into our expertise across agencies to best serve our citizens and consumers.” Commissioner Starks seemed to be particularly focused on AI’s ability to facilitate bad actors in schemes like voice cloning and how the FCC can implement safeguards against this type of behavior.
“AI technologies can bring new challenges and opportunities. responsible and ethical implementation of AI technologies is crucial to strike a balance, ensuring that the benefits of AI are harnessed to protect consumers from harm rather than amplifying the risks in increasing the digital landscape” Commissioner Gomez shared.
Finally, the topic around the AI NOI wrapped up with Chairwoman Rosenworcel commenting “… I think we make a mistake if we only focus on the potential for harm. We needed to equally focus on how artificial intelligence can radically improve the tools we have today to block unwanted robocalls and robotexts. We are talking about technology that can see patterns in our network traffic, unlike anything we have today. They can lead to the development of analytic tools that are exponentially better at finding fraud before it reaches us at home. Used at scale, we cannot only stop this junk, we can use it to increase trust in our networks. We are asking how artificial intelligence is being used right now to recognize patterns in network traffic and how it can be used in the future. We know the risks this technology involves but we also want to harness the benefits.”
Biden Executive Order Calls for HHS to Establish Health Care-Specific Artificial Intelligence Programs and Policies
On October 30, 2023, the Biden Administration released and signed an Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (Executive Order) that articulates White House priorities and policies related to the use and development of artificial intelligence (AI) across different sectors, including health care.
The Biden Administration acknowledged the various competing interests related to AI, including weighing significant technological innovation against unintended societal consequences. Our Mintz and ML Strategies colleagues broadly covered the Executive Order in this week’s issue of AI: The Washington Report. Some sections of the Executive Order are sector-agnostic but will be especially relevant in health care, such as the requirement that agencies use available policy and technical tools, including privacy-enhancing technologies (PETs) where appropriate, to protect privacy and to combat the improper collection and use of individuals’ data.
The Biden Administration only recently announced the Executive Order, but the discussion of regulating AI in health care is certainly not novel. For example, the U.S. Food and Drug Administration (FDA) has already incorporated artificial intelligence and machine learning-based medical device software into its medical device and software regulatory regime. The Office of the National Coordinator for Health Information Technology (ONC) also included AI and machine learning proposals under the HTI-1 Proposed Rule, including proposals to increase algorithmic transparency and allow users of clinical decision support (CDS) to determine if predictive Decision Support Interventions (DSIs) are fair, appropriate, valid, effective, and safe.
We will focus this post on the Executive Order health care-specific directives for the U.S. Department of Health and Human Services (HHS) and other relevant agencies.
HHS AI Task Force and Quality Assurance
To address how AI should be used safely and effectively in health care, the Executive Order requires HHS, in consultation with the Secretary of Defense and the Secretary of Veterans Affairs, to establish an “HHS AI Task Force” by January 28, 2024. Once created, the HHS AI Task Force has 365 days to develop a regulatory action plan for predictive and generative AI-enabled technologies in health care that includes:
- use of AI in health care delivery and financing and the need for human oversight where necessary and appropriate;
- long-term safety and real-world performance monitoring of AI-enabled technologies;
- integration of equity principles in AI-enabled technologies, including monitoring for model discrimination and bias;
- assurance that safety, privacy, and security standards are baked into the software development lifecycle;
- prioritization of transparency and making model documentation available to users to ensure AI is used safely;
- collaboration with state, local, Tribal, and territorial health and human services agencies to communicate successful AI use cases and best practices; and
- use of AI to make workplaces more efficient and reduce administrative burdens where possible.
HHS also has until March 28, 2024 to take the following steps:
- consult with other relevant agencies to determine whether AI-enabled technologies in health care “maintain appropriate levels of quality”;
- develop (along with other agencies) AI assurance policies to evaluate the performance of AI-enabled health care tools and assess AI-enabled health care-technology algorithmic system performance against real-world data; and
- consult with other relevant agencies to reconcile the uses of AI in health care against federal non-discrimination and privacy laws, including providing technical assistance to and communicating potential consequences of noncompliance to health care providers and payers.
AI Safety Program and Drug Development
The Executive Order also directs HHS, in consultation with the Secretary of Defense and the Secretary of Veterans Affairs, to organize and implement an AI Safety Program by September 30, 2024. In partnership with federally listed Patient Safety Organizations, the AI Safety Program will be tasked with creating a common framework that organizations can use to monitor and track clinical errors resulting from AI used in health care settings. The program will also create a central tracking repository to track complaints from patients and caregivers who report discrimination and bias related to the use of AI.
Additionally, by September 30, 2024, HHS must develop a strategy to regulate the use of AI or AI-enabled tools in the various phases of the drug development process, including determining opportunities for future regulation, rulemaking, guidance, and use of additional statutory authority.
HHS Grant and Award Programs and AI Tech Sprint
The Executive Order also directs HHS to use existing grant and award programs to support ethical AI development by health care technology developers by:
- leveraging existing HHS programs to work with private sector actors to develop AI-enabled tools that can create personalized patient immune-response profiles safely and securely;
- allocating 2024 Leading Edge Acceleration Projects (LEAP) in Health Information Technology funding for the development of AI tools for clinical care, real-world-evidence programs, population health, public health, and related research; and
- accelerating grants awarded through the National Institutes of Health Artificial Intelligence/Machine Learning Consortium to Advance Health Equity and Researcher Diversity (AIM-AHEAD) program and demonstrating successful AIM-AHEAD activities in underserved communities.
The Secretary of Veterans Affairs must also host two 3-month nationwide AI Tech Sprint competitions by September 30, 2024, with the goal of further developing AI systems to improve the quality of health care for veterans.
Key Takeaways
The Executive Order will spark the cross-agency development of a variety of AI-focused working groups, programs, and policies, including possible rulemaking and regulation, across the health care sector in the coming months. While the law has not yet caught up with the technology, the Executive Order provides helpful insight into the areas that will be topics of new legislation and regulation, such as drug development, as well as what may be the new enforcement priorities under existing law such as non-discrimination and data privacy and security. Health care technology developers and users will want to review their current policies and practices in light of the Biden Administration’s priorities to determine possible areas of improvement in the short term in connection with developing, implementing, and using AI.
Additionally, the National Institute of Standards and Technology (NIST) released the voluntary AI Risk Management Framework in January 2023 that, among other things, organizations can use to analyze and manage risks, impacts, and harms while responsibly designing, developing, deploying, and using AI systems over time. The Executive Order calls for NIST to develop a companion resource to the AI Risk Management Framework for generative AI. In preparation for the new AI programs and possible associated rulemaking from HHS, organizations in health care will want to familiarize themselves with the NIST AI Risk Management Framework and its generative AI companion as well as the AI Bill of Rights published by the Biden Administration in October 2022 to better understand what the federal government sees as characteristics of trustworthy AI systems.
Madison Castle contributed to this article.
Proposed Amendments to NY Film Production Tax Credit Would Disallow Costs for Artificial Intelligence
Since 2004, New York has provided tax credits to encourage film and television productions located in the state. In its adopted budget for fiscal year 2024, the tax credit program was extended to 2034, and the amount available for the tax credit increased to $700 million. The credit is 30% of “qualified costs” incurred in the production. This tax credit is one of the reasons that New York has remained one of the top filming locations in the United States notwithstanding stiff competition from other states to lure television and film projects.
Subsequently, legislation (S7422A) was introduced that would remove from “qualified costs” used to calculate the tax credit any production that “uses artificial intelligence in a manner which results in the displacement of employees whose salaries are qualified expenses, unless such replacement is permitted by a current collective bargaining agreement in force covering such employees.”
Given that the purpose of the tax credit is to incentivize production and creation of jobs in the state, with the increasing use of artificial intelligence (AI), there is scrutiny of how AI will impact/employment in film and television productions. The legislators were also aware that the use of AI was a major issue in the recent negotiations for contracts with the writers (now settled) and actors (still ongoing as of this date). Consequently, the idea to disincentivize the use of AI that supplants employment by removing the cost of AI from the calculation of the tax credit provides motivation to pursue the proposed legislation in New York’s Legislature.
The goal of removing AI costs from the credit is protecting employment from encroachment by AI, but how the disallowance would be implemented is unclear. For example, if instead of using costumed characters or extensive make-up, a production used computer generated images (CGI), would the cost of the CGI be disallowed? Or if AI were used to write or supplement dialogue, would that call into question those costs for computing the tax credit? How would an auditor reviewing the film credit know and understand where AI is used and whether it actually displaced a human employee? In addition, auditors would have to examine collective bargaining agreements to determine whether “such replacement is permitted by a current collective bargaining agreement in force covering such employees.”
Whether or not S. 7422-A is enacted, the proposal may pique the interest of the other 37 states that have some type of credit for film production. See Film Industry Tax Incentives: State-by-State (2023) | Wrapbook.
The Generative AI Revolution: Key Legal Considerations for the Fashion & Retail Industry
For better or worse, generative artificial intelligence (AI) is already transforming the way we live and work. Retail and fashion companies that fail to embrace AI likely risk losing their current market share or, worse, going out of business altogether. This paradigm shift is existential, and businesses that recognize and leverage AI will gain a significant competitive advantage.
For instance, some of our clients are using AI to streamline product design processes, reducing the costs and time necessary to generate designs, while others employ virtual models to circumvent issues related to adult and child modeling. Additionally, AI can provide valuable market intelligence to inform sales and distribution strategies. This alert will address these benefits, as well as other significant commercial advantages, and delve into the legal risks associated with utilizing AI in the fashion and retail industry.
There are significant commercial advantages to using AI for retail and fashion companies, including:
1. Product Design
From fast fashion to luxury brands, AI is set to revolutionize the fashion and retail industry. It enables the generation of innovative designs by drawing inspiration from a designer’s existing works and incorporating the designer’s unique style into new creations. For instance, in March 2023, G-Star Raw created its first denim couture piece designed by AI. We also worked with a client who utilized an AI tool to analyze its footwear designs from the previous two years and generate new designs for 2024. Remarkably, the AI tool produced 50 designs in just four minutes, with half of them being accepted by the company. Typically, this process would have required numerous designers and taken months to complete. While it is unlikely that AI tools will entirely replace human designers, the cost savings and efficiency gained from using such technology are undeniable and should not be overlooked.
2. Virtual Models
2023 marks a groundbreaking year with the world’s first AI Fashion Week and the launch of AI-generated campaigns, such as Valentino’s Maison Valentino Essentials collection, which combined AI-generated models with actual product photography. Fashion companies allocate a significant portion of their budget to model selection and hiring, necessitating entire departments and grappling with legal concerns such as royalties, SAG, moral issues, and child labor. By leveraging AI tools to create lifelike virtual models, these companies can eliminate the associated challenges and expenses, as AI models are not subject to labor laws — including child entertainment regulations — or collective bargaining agreements.
3. Advertising Campaigns
AI can also be used to create entire advertising campaigns from print copy to email blasts, blog posts, and social media. Companies traditionally invest substantial time and resources in these efforts, but AI can generate such content in mere moments. While human involvement remains essential, AI allows businesses to reduce the manpower required. Retailers can also benefit from AI-powered chatbots, which provide 24/7 customer support while reducing overhead expenses linked to in-person customer service. Moreover, AI’s predictive capabilities enable businesses to anticipate trends across various demographics in real-time, driving customer engagement. By processing and analyzing vast amounts of consumer data and preferences, brands can create hyper-personalized and bespoke content, enhancing customer acquisition, engagement, and retention. Furthermore, AI facilitates mass content creation at an impressively low cost, making it an invaluable tool in today’s competitive market.
4. ESG – Virtual Mirrors and Apps
From an environmental, social, and corporate governance (ESG) standpoint, the use of AI-powered technology can eliminate the need for retail stores to carry excess inventory, thereby reducing online returns and exchanges. AI smart mirrors can enhance in-store experiences for shoppers by enabling them to virtually try on outfits in various sizes and colors. Furthermore, customers can now enjoy the virtual try-on experience from the comfort of their homes, as demonstrated by Amazon’s “Virtual Try-On for Shoes,” which allows users to visualize how selected shoes will appear on their feet using their smartphone cameras.
5. Product Distribution and Logistics
Fashion companies rely on their C-level executives to make informed predictions about product quantities, potential sales in specific markets or stores, and the styles that will perform best in each market. In terms of logistics, AI models can be employed to forecast a business’s future sales by analyzing historical inventory and sales data. This ability to anticipate supply chain requirements can lead to increased profits and support the industry’s initiatives to reduce waste.
Legal and Ethical Risks
Although AI has some major advantages, it also comes with a number of legal and ethical risks that should be considered, including:
1. Accuracy and Reliability
For all their well-deserved accolades and hype, generative AI tools remain a work in progress. Users, especially commercial enterprises, should never assume that AI-created works are accurate, non-infringing, or fit for commercial use. In fact, there have been numerous recorded instances in which generative AI tools have created works that arguably infringe the copyrights of existing works, make up facts, or cite phantom sources. It is also important to note that works created by generative AI may incorporate or display third-party trademarks or celebrity likenesses, which generally cannot be used for commercial purposes without appropriate rights or permissions. Like anything else, companies should carefully vet any content produced by generative AI before using it for commercial purposes.
2. Data Security and Confidentiality
Before utilizing generative AI tools, companies should consider whether the specific tools adhere to internal data security and confidentiality standards. Like any third-party software, the security and data processing practices for these tools vary. Some tools may store and use prompts and other information submitted by users. Other tools offer assurances that prompts and other information will be deleted or anonymized. Enterprise AI solutions, such as Azure’s OpenAI Service, can also potentially help reduce privacy and data security risks by offering access to popular tools like ChatGPT, DALL-E, Codex, and more within the data security and confidentiality parameters required by the enterprise.
Before authorizing the use of generative AI tools, organizations and their legal counsel should (i) carefully review the applicable terms of use, (ii) inquire about access to tools or features that may offer enhanced privacy, security, or confidentiality, and (iii) consider whether to limit or restrict access on company networks to any tools that do not satisfy company data security or confidentiality requirements.
3. Software Development and Open-Source Software
One of the most popular use cases for generative AI has been computer coding and software development. But the proliferation of AI tools like GitHub Copilot, as well as a pending lawsuit against its developers, has raised a number of questions for legal counsel about whether use of such tools could expose companies to legal claims or license obligations.
These concerns stem in part from the use of open-source code libraries in the data sets for Copilot and similar tools. While open-source code is generally freely available for use, that does not mean that it may be used without condition or limitation. In fact, open-source code licenses typically impose a variety of obligations on individuals and entities that incorporate open-source code into their works. This may include requiring an attribution notice in the derivative work, providing access to source code, and/or requiring that the derivative work be made available on the same terms as the open-source code.
Many companies, particularly those that develop valuable software products, cannot risk having open-source code inadvertently included in their proprietary products or inadvertently disclosing proprietary code through insecure generative AI coding tools. That said, some AI developers are now providing tools that allow coders to exclude AI-generated code that matches code in large public repositories (in other words, making sure the AI assistant is not directly copying other public code), which would reduce the likelihood of an infringement claim or inclusion of open-source code. As with other AI generated content, users should proceed cautiously, while carefully reviewing and testing AI-contributed code.
4. Content Creation and Fair Compensation
In a recent interview, Billy Corgan, the lead singer of Smashing Pumpkins, predicted that “AI will change music forever” because once young artists figure out they can use generative AI tools to create new music, they won’t spend 10,000 hours in a basement the way he did. The same could be said for photography, visual art, writing, and other forms of creative expression.
This challenge to the notion of human authorship has ethical and legal implications. For example, generative AI tools have the potential to significantly undermine the IP royalty and licensing regimes that are intended to ensure human creators are fairly compensated for their work. Consider the recent example of the viral song, “Heart on My Sleeve,” which sounded like a collaboration between Drake and the Weeknd, but was in fact created entirely by AI. Before being removed from streaming services, the song racked up millions of plays — potentially depriving the real artists of royalties they would otherwise have earned from plays of their copyrighted songs. In response, some have suggested that human artists should be compensated when generative AI tools create works that mimic or are closely inspired by copyrighted works and/or that artists should be compensated if their works are used to train the large language models that make generative AI possible. Others have suggested that works should be clearly labeled if they are created by generative AI, so as to distinguish works created by humans from those created by machine.
5. Intellectual Property Protection and Enforcement
Content produced without significant human control and involvement is not protectable by US copyright or patent laws, creating a new orphan class of works with no human author and potentially no usage restrictions. That said, one key principle can go a long way to mitigating IP risk: generative AI tools should aid human creation, not replace it. Provided that generative AI tools are used merely to help with drafting or the creative process, then it is more likely that the resulting work product will be protectable under copyright or patent laws. In contrast, asking generative AI tools to create a finished work product, such as asking it to draft an entire legal brief, will likely deprive the final work product of protection under IP laws, not to mention the professional responsibility and ethical implications.
6. Labor and Employment
When Hollywood writers went on strike, one issue in particular generated headlines: a demand by the union to regulate the use of artificial intelligence on union projects, including prohibiting AI from writing or re-writing literary material; prohibiting its use as source material; and prohibiting the use of union content to train AI large language models. These demands are likely to presage future battles to maintain the primacy of human labor over cheaper or more efficient AI alternatives.
Employers are also utilizing automated systems to target job advertisements, recruit applicants, and make hiring decisions. Such systems expose employers to liability if they intentionally or unintentionally exclude or impact protected groups. According to the Equal Employment Opportunity Commission (EEOC), that’s precisely what happened with iTutorGroup, Inc.
7. Future Regulation
Earlier this year, Italy became the first Western country to ban ChatGPT, but it may not be the last. In the United States, legislators and prominent industry voices have called for proactive federal regulation, including the creation of a new federal agency that would be responsible for evaluating and licensing new AI technology. Others have suggested creating a federal private right of action that would make it easier for consumers to sue AI developers for harm they create. Whether US legislators and regulators can overcome partisan divisions and enact a comprehensive framework seems unlikely, but as is becoming increasingly clear, these are unprecedented times.
Navigating Data Ownership in the AI Age, Part 1: Types of Big Data and AI-Derived Data
The emergence of big data, artificial intelligence (AI), and the Internet of Things (IoT) has fundamentally transformed our understanding and utilization of data. While the value of big data is beyond dispute, its management introduces intricate legal questions, particularly concerning data ownership, licensing, and the protection of derived data. This article, the first installment in a two-part series, outlines challenges and opportunities presented by AI-processed and IoT-generated data. The second part, to be published Thursday, October 19, will discuss the complexities of the legal frameworks that govern data ownership.
Defining Big Data and Its Legal Implications
Big data serves as a comprehensive term for large, dynamically evolving collections of electronic data that often exceed the capabilities of traditional data management systems. This data is not merely voluminous but also possesses two key attributes with significant legal ramifications. First, big data is a valuable asset that can be leveraged for a multitude of applications, ranging from decoding consumer preferences to forecasting macroeconomic trends and identifying public health patterns. Second, the richness of big data often means it contains sensitive and confidential information, such as proprietary business intelligence and personally identifiable information (PII). As a result, the management and utilization of big data require stringent legal safeguards to ensure both the security and ethical handling of this information.
Legal Frameworks Governing Data Ownership
Navigating the intricate landscape of data ownership necessitates a multi-dimensional understanding that encompasses legal, ethical, and technological considerations. This complexity is further heightened by diverse intellectual property (IP) laws and trade secret statutes, each of which can confer exclusive rights over specific data sets. Additionally, jurisdictional variations in data protection laws, such as the European Union’s General Data Protection Regulation (GDPR) and the United States’ California Consumer Privacy Act (CCPA), introduce another layer of complexity. These laws empower individuals with greater control over their personal data, granting them the right to access, correct, delete, or port their information. However, the concept of “ownership” often varies depending on the jurisdiction and the type of data involved — be it personal or anonymized.
Machine-Generated Data and Ownership
The issue of data ownership extends beyond individual data to include machine-generated data, which introduces its own set of complexities. Whether it’s smart assistants generating data based on human interaction or autonomous vehicles operating independently of human input, ownership often resides with the entity that owns or operates the machine. This is typically defined by terms of service or end-user license agreements (EULAs). Moreover, IP laws, including patents and trade secrets, can also come into play, especially when the data undergoes specialized processing or analysis.
Derived Data and Algorithms
Derived and derivative algorithms refer to computational models or methods that evolve from, adapt, or draw inspiration from pre-existing algorithms. These new algorithms must introduce innovative functionalities, optimizations, or applications to be considered derived or derivative. Under U.S. copyright law, the creator of a derivative work generally holds the copyright for the new elements that did not exist in the original work. However, this does not extend to the foundational algorithm upon which the derivative algorithm is based. The ownership of the original algorithm remains with its initial creator unless explicitly transferred through legal means such as a licensing agreement.
In the field of patent law, derivative algorithms could potentially be patented if they meet the criteria of being new, non-obvious, and useful. However, the patent would only cover the novel aspects of the derivative algorithm, not the foundational algorithm from which it was derived. The original algorithm’s patent holder retains their rights, and any use of the derivative algorithm that employs the original algorithm’s patented aspects would require permission or licensing from the original patent holder.
Derived and derivative algorithms may also be subject to trade secret protection, which safeguards confidential information that provides a competitive advantage to its owner. Unlike patents, trade secrets do not require registration or public disclosure but do necessitate reasonable measures to maintain secrecy. For example, a company may employ non-disclosure agreements, encryption, or physical security measures to protect its proprietary algorithms.
AI-Processed and Derived Data
The advent of AI has ushered in a new era of data analytics, presenting both unique opportunities and challenges in the domain of IP rights. AI’s ability to generate “derived data” or “usage data” has far-reaching implications that intersect with multiple legal frameworks, including copyright, trade secrets, and potentially even patent law. This intersectionality adds a layer of complexity to the issue of data ownership, underscoring the critical need for explicit contractual clarity in licensing agreements and Data Use Agreements (DUAs).
AI-processed and derived data can manifest in various forms, each with unique characteristics. Extracted data refers to data culled from larger datasets for specific analyses. Restructured data has been reformatted or reorganized to facilitate more straightforward analysis. Augmented data is enriched with additional variables or parameters to provide a more comprehensive view. Inferred data involves the creation of new variables or insights based on the analysis of existing data. Lastly, modeled data has been transformed through ML models to predict future outcomes or trends. Importantly, these data types often contain new information or insights not present in the original dataset, thereby adding multiple layers of value and utility.
The benefits of using AI-processed and derived data can be encapsulated in three main points. First, AI algorithms can clean, sort, and enrich data, enhancing its quality. Second, the insights generated by AI can add significant value to the original data, rendering it more useful for various applications. Third, AI-processed data can catalyze new research, innovation, and product development avenues.
Conversely, the challenges in data ownership are multifaceted. First, AI-processed and derived data often involves a complex web of multiple stakeholders, including data providers, AI developers, and end users, which can complicate the determination of ownership rights. Second, the rapidly evolving landscape of AI and data science leads to a lack of clear definitions for terms like “derived data,” thereby introducing potential ambiguities in legal agreements. Third, given the involvement of multiple parties, it becomes imperative to establish clear and consistent definitions and agreements that meticulously outline the rights and responsibilities of each stakeholder.
Using AI to Replicate or Replace Human Creativity May Violate Intellectual Property Law
As artificial intelligence (AI) becomes better and more prevalent, people will increasingly use its computing power to supplement or replace human creativity. Film director Gareth Edwards attempted to do just that in his new movie, The Creator, about artificial intelligence. Edwards used an AI algorithm to attempt to replicate the musical style of composer Hans Zimmer. Ultimately, Edwards abandoned this effort and hired Zimmer to compose the score because although the AI-generated track was convincing, Edwards believed it still felt short of human Zimmer’s work.
Because AI generates new content through a database of existing content, the model’s output can convincingly replicate existing artists. However, the AI-generated content may be simplistic and lack a human’s creativity. In an interview with the MIT Technology Review, Edwards stated his belief that generative AI should be embraced like Photoshop and treated like a tool for improving the creative process.
Although there may be similar creative benefits between generative AI and Photoshop, using AI to replicate or replace human creativity may violate intellectual property laws. Writers, including Game of Thrones author George R.R. Martin, are currently suing OpenAI alleging that the company violated the authors’ copyrights by using their collective works to train its model. The results of this case and similar cases may determine the future viability of generative AI as a creative tool for mass consumer entertainment.
Under the GDPR, Are Companies that Utilize Personal Information to Train Artificial Intelligence (AI) Controllers or Processors?
The EU’s General Data Protection Regulation (GDPR) applies to two types of entities – “controllers” and “processors.”
A “controller” refers to an entity that “determines the purposes and means” of how personal information will be processed.[1] Determining the “means” of processing refers to deciding “how” information will be processed.[2] That does not necessitate, however, that a controller makes every decision with respect to information processing. The European Data Protection Board (EDPB) distinguishes between “essential means” and “non-essential means.[3] “Essential means” refers to those processing decisions that are closely linked to the purpose and the scope of processing and, therefore, are considered “traditionally and inherently reserved to the controller.”[4] “Non-essential means” refers to more practical aspects of implementing a processing activity that may be left to third parties – such as processors.[5]
A “processor” refers to a company (or a person such as an independent contractor) that “processes personal data on behalf of [a] controller.”[6]
Data typically is needed to train and fine-tune modern artificial intelligence models. They use data – including personal information – in order to recognize patterns and predict results.
Whether an organization that utilizes personal information to train an artificial intelligence engine is a controller or a processor depends on the degree to which the organization determines the purpose for which the data will be used and the essential means of processing. The following chart discusses these variables in the context of training AI:
The following chart discusses these variables in the context of training AI:
Function |
Activities Indicative of a Controller |
Activities Indicative of a Processor |
Purpose of processing |
||
Why the AI is being trained. |
If an organization makes its own decision to utilize personal information to train an AI, then the organization will likely be considered a “controller.” |
If an organization is using personal information provided by a third party to train an AI, and is doing so at the direction of the third party, then the organization may be considered a processor. |
Essential means |
||
Data types used in training. |
If an organization selects which data fields will be used to train an AI, the organization will likely be considered a “controller.” |
If an organization is instructed by a third party to utilize particular data types to train an AI, the organization may be a processor. |
Duration personal information is held within the training engine |
If an organization determines how long the AI can retain training data, it will likely be considered a “controller.” |
If an organization is instructed by a third party to use data to train an AI, and does not control how long the AI may access the training data, the organization may be a processor. |
Recipients of the personal information |
If an organization determines which third parties may access the training data that is provided to the AI, that organization will likely be considered a “controller.” |
If an organization is instructed by a third party to use data to train an AI, but does not control who will be able to access the AI (and the training data to which the AI has access), the organization may be a processor. |
Individuals whose information is included |
If an organization is selecting whose personal information will be used as part of training an AI, the organization will likely be considered a “controller.” |
If an organization is being instructed by a third party to utilize particular individuals’ data to train an AI, the organization may be a processor. |
[1] GDPR, Article 4(7).
[1] GDPR, Article 4(7).
[2] EDPB, Guidelines 07/2020 on the concepts of controller and processor in the GDPR, Version 1, adopted 2 Sept. 2020, at ¶ 33.
[3] EDPB, Guidelines 07/2020 on the concepts of controller and processor in the GDPR, Version 1, adopted 2 Sept. 2020, at ¶ 38.
[4] EDPB, Guidelines 07/2020 on the concepts of controller and processor in the GDPR, Version 1, adopted 2 Sept. 2020, at ¶ 38.
[5] EDPB, Guidelines 07/2020 on the concepts of controller and processor in the GDPR, Version 1, adopted 2 Sept. 2020, at ¶ 38.
[6] GDPR, Article 4(8).
©2023 Greenberg Traurig, LLP. All rights reserved.
For more Privacy Legal News, click here to visit the National Law Review.
To AI or Not to AI: U.S. Copyright Office Clarifies Options
The U.S. Copyright Office has weighed in with formal guidance on the copyrightability of works whose generation included the use of artificial intelligence (AI) tools. The good news for technology-oriented human creative types: using AI doesn’t automatically disqualify your work from copyright protection. The bad news for independent-minded AI’s: you still don’t qualify for copyright protection in the United States.
On March 16, 2023, the Copyright Office issued a statement of policy (“Policy”) to clarify its practices for examining and registering works that contain material generated by the use of AI and how copyright law’s human authorship requirements will be applied when AI was used. This Policy is not itself legally binding or a guarantee of a particular outcome, but many copyright applicants may breathe a sigh of relief that the Copyright Office has formally embraced AI-assisted human creativity.
The Policy is just the latest step in an ongoing debate over the copyrightability of machine-assisted products of human creativity. Nearly 150 years ago, the Supreme Court ruled at photographs are copyrightable. See Burrow-Giles Lithographic Company v. Sarony, 111 U.S. 53 (1884). The case involved a photographer’s claim against a lithographer for 85,000 unauthorized copies of a photograph of Oscar Wilde. The photo, Sarony’s “Oscar Wilde No. 18,” is shown below:
The argument against copyright protection was that a photograph is “a reproduction, on paper, of the exact features of some natural object or of some person” and is therefore not a product of human creativity. Id. at 56. The Supreme Court disagreed, ruling that there was sufficient human creativity involved in making the photo, including posing the subject, evoking the desired expression, arranging the clothing and setting, and managing the lighting.
In the mid-1960’s, the Copyright Office rejected a musical composition, Push Button Bertha, that was created by a computer, reasoning that it lacked the “traditional elements of authorship” as they were not created by a human.
In 2018, the U.S. Court of Appeals for the Ninth Circuit ruled that Naruto, a crested macaque (represented by a group of friendly humans), lacked standing under the Copyright Act to hold a copyright in the “monkey selfie” case. See Naruto v. Slater, 888 F.3d 418 (9th Cir. 2018). The “monkey selfie” is below:
In February 2022, the Copyright Office rejected a registration (filed by interested humans) for a visual image titled “A Recent Entrance to Paradise,” generated by DABUS, the AI whose claimed fractal-based inventions are the subject of patent applications around the world. DABUS’ image is below:
Litigation over this rejected application remains pending.
And last month, the Copyright Office ruled that a graphic novel consisting of human-authored text and images generated using the AI tool Midjourney could, as a whole, be copyrighted, but that the images, standing alone, could not. See U.S. Copyright Office, Cancellation Decision re: Zarya of the Dawn (VAu001480196) at 2 (Feb. 21, 2023).
The Copyright Office’s issuing the Policy was necessitated by the rapid and remarkable improvements in generative AI tools over even the past several months. In December 2022, generative AI tool Dall-E generated the following images in response to nothing more than the prompt, “portrait of a musician with a hat in the style of Rembrandt”:
If these were human-generated paintings, or even photographs, there is no doubt that they would be copyrightable. But given that all four images were generated in mere seconds, with a single, general prompt from a human user, do they meet the Copyright Office’s criteria for copyrightability? The answer, now, is a clear “no” under the Policy.
However, the Policy opens the door to registering AI-assisted human creativity. The toggle points will be:
“…whether the ‘work’ is basically one of human authorship, with the computer [or other device] merely being an assisting instrument, or whether the traditional elements of authorship in the work (literary, artistic, or musical expression or elements of selection, arrangement, etc.) were actually conceived and executed not by man but by a machine.”
In the case of works containing AI-generated material, the Office will consider whether the AI contributions are the result of “mechanical reproduction” or instead of an author’s “own original mental conception, to which [the author] gave visible form.”
The answer will depend on the circumstances, particularly how the AI tool operates and how it was used to create the final work. This will necessarily be a case-by-case inquiry.”
See Policy (citations omitted).
Machine-produced authorship alone will continue not to be registerable in the United States, but human selection and arrangement of AI-produced content could lead to a different result according to the Policy. The Policy provides select examples to help guide registrants, who are encouraged to study them carefully. The Policy, combined with near future determinations by the Copyright Office, will be critical to watch in terms of increasing likelihood a registration application will be granted as the Copyright Office continues to assess the impacts of new technology on the creative process. AI tools should not all be viewed as the “same” or fungible. The type of AI and how it is used will be specifically considered by the Copyright Office.
In the short term, the Policy provides some practical guidance to applicants on how to describe the role of AI in a new copyright application, as well as how to amend a prior application in that regard if needed. While some may view the Policy as “new” ground for the Copyright Office, it is consistent with the Copyright Office’s long-standing efforts to protect the fruits of human creativity even if the backdrop (AI technologies) may be “new.”
As a closing note, it bears observing that copyright law in the United Kingdom does permit limited copyright protection for computer-generated works – and has done so since 1988. Even under the U.K. law, substantial questions remain; the author of a computer-generated work is considered to be “the person by whom the arrangements necessary for the creation of the work are undertaken.” See Copyright, Designs and Patents Act (1988) §§ 9(3), 12(7) and 178. In the case of images generated by a consumer’s interaction with a generative AI tool, would that be the consumer or the generative AI provider?