BizTech Law Blog

Risks Make AI Workplace Policies a Requirement

Artificial intelligence (AI) is fast becoming an integral element in the operation of virtually every business and organization.

As with most modern technologies, the use of AI-powered apps and tools comes with its own set of challenges. In the case of AI, the challenges can be profound and lead to significant legal risks and exposure.

AI-assisted tools are making companies more efficient, helping them to make better business decisions, improving customer service and streamlining the hiring process.

The biggest challenge posed by AI, however, may be the speed at which it’s been embraced. In the rush to leverage AI’s formidable competitive advantage, it has often been deployed in haste without ensuring that its outcomes and decisions would be safe, fair, ethical and legal.

AI Exposes Businesses to New Levels of Risk

The shortcomings of AI associated with discriminatory, biased or inaccurate outcomes and decisions having negative effects on humans are well documented. Acknowledging its dangers, the CEOs of the leading companies in the development of AI (Anthropic, DeepMind, Google, Meta, Microsoft, OpenAI) and many others recently signed and published an open letter.

The letter warned that the AI technologies they are rapidly developing may one day pose significant threats. The letter also encouraged industry self-regulation and government oversight of AI.

Some of the serious risks associated with the use of AI for businesses, include:

• Bias and Discrimination – AI tools can be biased, reflecting prejudices that are present in the data they are trained on. Biased outcomes can lead to discrimination against certain groups of people, such as those being considered for jobs, benefits or loans.
• Data Breaches and Privacy Violations – AI tools are often trained on vast amounts of data, and it is not always clear that the tool’s developer has appropriate rights or consent to use or commercialize that information. Relatedly, like other software, AI tools often use, hold, and interact with significant volumes of sensitive information. This data could be exposed to unauthorized access and result in a costly data breach.
• Cybersecurity Risks – AI tools can be vulnerable to cyberattacks, including the corruption of algorithms. These attacks can also be used to take control over a part or the entire AI system with the objective of creating or threatening serious consequences for businesses and organizations.
• Copyright and Intellectual Property Risks – AI-generated content can violate copyright laws or infringe on third-party intellectual property rights. This can potentially expose organizations to costly legal action and related financial losses.
• Legal and Regulatory Risks – Foundationally, a business using AI for significant decisions must understand that it remains liable for these decisions, and AI may not be a substitute for sound analysis and business judgment. Firms may also be liable for damages caused by AI programs or use of AI-tools which are not compliant with federal, state or local guidelines.
• Reputational Risks –A data breach or other negative incident involving AI-assisted tools can result in severe damage to the reputation of a business or organization. This can also lead to the loss of loyal customers, decreased sales, legal action, negative publicity and other financial losses.

Intent and Content of a Workplace AI Policy

Experts and insiders are unanimous in their belief that AI will play a necessary and integral role in operations for most organizations in the coming years. They also agree that any organization utilizing AI would be well-advised to establish a robust and detailed oversight policy.

AI policies will differ from firm to firm, but common elements which might be addressed in an initial AI workplace policy include:

• Purpose and Scope of Policy – What is the purpose of the policy? What does it cover? How will it be implemented? Who’s in charge of the policy?
• Data Collection and Use – How will data be collected and used by AI systems? What types of data will be collected? Are approvals needed for data being collected or utilized in outcomes?
• Fairness and Non-Discrimination – How will AI systems be designed to ensure fairness and non-discrimination? How will organizations address potential bias in their systems?
• Transparency and Accountability – How will employees be informed that AI systems are being used? How will employers be held accountable for the decisions made by AI systems?
• Intellectual Property – Who owns the intellectual property created by AI systems? How will employees be compensated for their contributions to AI systems?
• Privacy and Security – How will the privacy and security of employee data be protected? How will employers comply with applicable privacy and security laws?
• Training and Education – How will employees be trained on AI systems? How will employers ensure that workers understand the risks and benefits of AI systems?
• Monitoring and Auditing – How will employers monitor and audit the use of AI systems? How will employers ensure that AI systems are being used in accordance with their policy?

Addressing these key issues in a comprehensive policy will help your organization limit risk and be better prepared for potential problems in the future.

If you’re using AI-assisted tools, developing an AI policy or have questions pertaining to current oversight and regulation of AI, please contact an attorney at Foster Swift’s Employment Services, Technology or Intellectual Property Practice Group. Our lawyers are always monitoring the changing landscape of AI regulations and laws and will provide regular updates and advisories.

Categories: Artificial Intelligence (AI), Cybersecurity, Digital Assets, Employment, Intellectual Property, Privacy, Technology