Do you need an AI Use Policy?
According to our favorite tech lawyer, Don Ho Esq., “In the realm of Artificial Intelligence (AI), a transformative wave is forming on the horizon, ushering in a new era of regulatory engagement. The European Union stands at the forefront of this tide with its proposed AI Act, a trailblazing legislative framework poised to define the responsible use and development of AI within its member states and beyond.
The Act contains comprehensive requirements for high-risk AI systems, which include transparency obligations, data governance, technical documentation, and human oversight to ensure accountability and public trust.”
When it comes to our recommendations to our clients, we run conservatively. When it comes to what we do when we are playing with AI we are a bit more risky. We do NOT risk sensitive client data, we use our own if any data goes into AI.
We do our best to abide by the EU standards and recommend that others do too. I am not a lawyer, I am looking at what the history has been with email marketing, SMS regulations, and the like. If we follow what the EU is doing and follow those standards, we are more likely to be ready when other countries follow.
Since 2015, we have been using AI for work with our clients. AND, have not had an AI Use Policy until we were required by a partner to have one in Oct. 2023. Here is our External AI Use Policy.
Here is a short version of an Internal Use AI Policy Template.
3 Reasons to have an AI Use Policy
- As of today, there is no AI-specific cyber insurance or business liability insurance inclusion yet. What this means for you is that YOU need to define your policies to reduce your liability. A solid policy and adhering to that policy is your best bet for protection right now.
- Give your team direction. You need to find out what tools your team is using, how they are using them, and what the privacy policy of the tools are. Similar to a tech use policy, your team needs to know how to use AI safely.
- If you are using AI to do work for your clients, disclose it with an External AI Use Policy. We are betting that it will soon be a requirement. Therefore your clients can choose to allow you to use it or opt out.
BONUS: Be aware of how you are using your recorded meeting notes. If one of your clients or anybody on a meeting goes to court, your notes can be subpoenaed. If that person is not pleased you may get sued. This has happened in the US.
We’ll expand on this post as more information comes out on AI Use Policy requirements, rules, or legislation.
*I am not a lawyer, this is not legal advice, this is my own opinion.