TheCorporateCounsel.net

I’ve blogged that AI is the next corporate governance frontier. Now, the White House Office of Science & Technology Policy has issued this “Blueprint for an AI Bill of Rights” – which can help boards & advisors spot issues that may develop into regulatory & reputational risks. This Eversheds Sutherland memo gives a helpful summary. Here’s an excerpt that describes the Blueprint’s key principles:

– Safe and effective systems – Automated systems should undergo extensive testing prior to deployment to determine potential risks and options for mitigating such risks. Businesses should consult experts and have diverse input to ensure the system is effectively designed for the intended goal. Systems should be redesigned when the design is harmful, or the AI system should not be deployed if it cannot be improved. Independent evaluators should be given access to automated systems to evaluate and document their safety and effectiveness to ensure the systems are operating as intended.

– Algorithmic discrimination protections – Automated systems should be designed in an equitable manner. The public should not face algorithmic discrimination based on any type of legally protected classification like race, ethnicity, sex, gender identity, or religion. AI systems should be proactively designed and assessed to protect against discrimination. AI systems should receive “algorithmic impact assessments” from independent evaluators on the potential disparate impacts.

– Data privacy – There should be built-in protections to shield the public from “abusive data practices” and people should have control over how their personal data is used by AI systems. Data collection should conform to reasonable expectations and only data that is strictly necessary for a specific context should be collected. The description of the intended use of the AI-derived data should be explained in non-technical language. Any consent request should be brief, be understandable in plain language. Enhanced protections and restrictions on data and inferences related to sensitive information collection and processing may be necessary. In addition, individuals should be free from unchecked AI-enabled surveillance and monitoring.

– Notice and explanation – People should be notified when AI is in use and told the extent of that use. The business should also explain how and why the particular outcome was reached and if any non-AI factors contributed to the outcome.

– Human alternatives, consideration, and fallback – The public should have the option to reject the use of AI and to choose a human alternative, where appropriate. Individuals also should have access to a person who can quickly consider and remedy any problems they encounter in relation to AI systems.

The memo points out that the Blueprint is non-binding and discretionary, and the White House says that future sector-specific guidance will likely be necessary. Some agencies (e.g., the DOL) and states are already looking for ways to compel disclosures on these topics. Eversheds predicts that organizations that engage in commercial surveillance or that use AI to profile customers (e.g., targeted ads) should be particularly attuned to whether their practices align with the Blueprint’s principles.

Visit our “Artificial Intelligence” and “Privacy Rights” Practice Areas for more guidance and updates on these topics.

– Liz Dunshee