Business Considerations in the Use of AI

As artificial intelligence becomes more prevalent in all aspects of business across industries, the risks and compliance issues posed by the technology are increasingly on the minds of executives. Stoel Rives’ Artificial Intelligence and Privacy Working Group is actively working with clients on mitigating risk and establishing compliance programs as they continue to work with AI technologies including generative AI, natural language processing, neural networks, and machine learning. 

To help businesses navigate these emerging challenges, below is a list of key considerations, strategic questions, and actionable ways Stoel Rives can support your organization in adopting and leveraging AI technologies effectively.

1. Strategic Alignment: Does AI Align With Your Long-Term Business Goals?
   • Key Questions to Ask:
     • Is your AI strategy aligned with your overall business objectives?
     • Do you have governance structures and accountability frameworks in place, such as an AI policy or oversight for AI development and use?
   • How Stoel Is Helping Clients:
     • Develop a corporate AI Governance Policy tailored to your industry and needs.
     • Serve as a strategic advisor to identify compliance risks posed by corporate AI strategy and misalignment with long-term business goals.
2. Build or Buy? Should You Use Existing AI Tools or Develop Your Own?
   • Key Questions to Ask:
     • Does the AI vendor comply with legal and ethical standards?
     • Are vendor audits, liability clauses, and generative-AI use policies in place?
     • Is developing an in-house solution more beneficial for your business goals?
   • How Stoel Is Helping Clients:
     • Conduct AI and software vendor audits and negotiate vendor contracts to help ensure compliance with ethical and legal AI practices, including data security, hallucination prevention, and alignment with the company’s other data privacy obligations.
     • Develop a playbook for the evaluation of new AI tools or AI usage requests.
     • Present a comparison between the liability and compliance risks of candidate third-party AI tools versus in-house development.
3. Data Strategy: What Data Will Be Used to Train Your AI Systems?
   • Key Questions to Ask:
     • Do you have access to high-quality data that ensures accuracy, consistency, and transparency, and the rights to use the data for your intended purpose?
     • Are you managing data ownership and sharing agreements effectively?
   • How Stoel Is Helping Clients:
     • Draft and promulgate a corporate Data Governance Policy to specify the criteria for data quality and compliance.
     • Draft and negotiate data-sharing agreements to protect your business and help ensure legal compliance.
4. Ethics: Are You Mitigating Bias and Protecting Privacy?
   • Key Questions to Ask:
     • Are your AI systems transparent and free from bias?
     • Do you have privacy safeguards, such as opt-out mechanisms and consent management processes, in place?
     • Is there a “human in the loop” to monitor and manage AI decisions?
   • How Stoel Is Helping Clients:
     • Help ensure data and AI policies contain terms to mitigate bias, enhance transparency, and safeguard privacy.
     • Analyze vendor agreements and terms of use for your AI deployments to help ensure compliance with ethical standards and best practices in AI governance.
5. Legal Compliance: Are You Navigating AI Regulations Effectively?
   • Key Questions to Ask:
     • Does your AI system comply with the EU AI Act’s risk classification framework?
     • Are you adhering to U.S. data protection laws, such as the California Consumer Privacy Act (CCPA), Children’s Online Privacy Protection Act (COPPA), Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), and state-specific AI laws?
     • Are you following sector-specific guidelines from agencies like the Federal Trade Commission (FTC), Department of Health and Human Services (HHS), Equal Employment Opportunity Commission (EEOC), and others?
   • How Stoel Is Helping Clients:
     • Provide an actionable plan to communicate compliance with international and domestic AI regulations.
     • Help ensure your business practices are updated in accordance with evolving laws, including the Illinois AI Video Interview Act, Colorado AI Act, and California AI Transparency Act, and implement FTC guidance on AI and machine learning.
6. Innovation: Are You Protecting Your AI Innovations?
   • Key Questions to Ask:
     • Are you modifying existing AI systems to solve your problems more effectively?
     • Is the output of AI systems fueling innovation in your company?
   • How Stoel Is Helping Clients:
     • Evaluate whether AI-related innovation may meet the criteria for patentability and prepare and pursue any relevant patent filings.
     • Ensure documented steps are taken to maintain the secrecy of any data or process that the company intends to maintain as a trade secret.

To get a complete checklist to guide your organization’s responsible AI adoption, download our AI, Privacy & Cybersecurity Readiness Checklist here.