Posted

The first binding obligations of the European Union’s landmark AI legislation, the EU AI Act (the Act), came into effect on February 2, 2025. Essentially, from this date, AI practices which present an unacceptable level of risk are prohibited and organizations are required to ensure an appropriate level of AI literacy among staff. For a comprehensive overview of the Act, see our earlier client alert here.

Continue reading

Posted

Following his second-term inauguration, President Trump swiftly signed a collection of executive orders. Executive orders issued on January 20 and 21, 2025, rescinded a host of executive actions by President Biden. They also advance a number of new policy initiatives and actions. Among the many executive orders addressing wide-ranging areas are two specifically targeted at diversity, equity, and inclusion (DEI) or diversity, equity, inclusion, and accessibility (DEIA) activities. The policy view reflected in these orders is that DEI policies violate federal civil rights laws and undermine national unity because DEI promotes attention to individuals’ demographic identities; the executive orders also depict “illegal DEI” as a “guise” for racial and sex-based preferences.

In Trump Administration Executive Orders Take Aim at DEI in Government and Private Sector, colleagues Julia E. JudishAaron S. RalphAlexis P. LandrumAndrew CaplanGabby RegardJeffrey P. MetzlerSarah RowanCraig J. Saperstein and Aimee P. Ghosh break down these latest developments and suggest proactive compliance measures for contractors as well as potential next steps for private sector entities without federal contracts or grants.

Posted

A recent code leak indicated that OpenAI is set to release its first true AI Agent. An AI agent is a system designed to perceive its environment, process information, and autonomously take actions to achieve specific goals. Unlike traditional software that operates based on direct input and predefined instructions, AI agents can analyze situations, make decisions, and sometimes learn or adapt over time to better achieve its goals.

Continue reading

Posted

Businessperson checking yes or no (green checkmarks or red X's) to unspecified textImagine you’re an associate at a consulting firm. You’re surprised to see a new “AI Assist” button appear in your email application one morning. Without any training or guidance from your firm’s IT department, you decide to try it out, asking the AI to draft a response to a client’s inquiry about tax implications for a proposed merger. The AI confidently generates a response that looks professional and well-written, which you quickly review and send. Three days later, your managing partner calls you into their office—the AI cited outdated tax regulations and recommended a structure that would create significant liability for the client. The incident triggers an urgent internal review, revealing that dozens of employees have been using the undisclosed AI feature for weeks, potentially exposing the firm to professional liability and damaging client relationships.

Continue reading

Posted

Earlier this year, the UK’s Competition and Markets Authority (CMA) published an update to its initial report on AI foundation models which presented the CMA’s findings on key changes in the foundation model sector and included stakeholder feedback. (Our thoughts on the initial September 2023 report, which provides a summary of foundation models and the CMA’s initial review, can be found here.) The updated report confirms the CMA’s final competition and consumer protection principles and details how the CMA plans to continue its investigations into the impact of foundation models on digital markets and take enforcement against unfair competition. The updated report also outlines recent and upcoming initiatives and publications from the CMA, emphasizing the importance of collaboration and cooperation between regulators in the digital markets sector.

Continue reading

Posted

The Data (Use and Access) Bill (DUA Bill) represents the most recent effort to reform the UK’s data protection landscape, introducing changes aimed at simplifying compliance and enhancing regulatory flexibility. The DUA Bill has three stated core objectives: (i) improving public services, (ii) growing the economy, and (iii) making people’s lives easier. The DUA Bill retains some content from the previous Data Protection and Digital Information Bills proposed by the previous Conservative government(s) (DPDI), though some of the more controversial elements have been dropped.

Continue reading

Posted

ai-data-governance-722210487-e1730305423540-300x246Google recently unveiled its latest AI-integrated search engine—and the internet didn’t hold back, roasting it for suggesting recipes like glue-infused pizza sauce and recommending rocks as a nutritious snack. The tech giant’s AI bot could scrape the web’s boundless resources and serve up answers, but apparently, it couldn’t tell sincerity from sarcasm or facts from wild fiction. This fiasco is just another reminder of why data governance really matters.

Continue reading

Posted

The California legislature recently passed Assembly Bill 2013 (AB 2013) on August 27, 2024, a measure aimed at enhancing transparency in AI training and development. If signed into law by Governor Gavin Newsom, developers of generative AI systems or services that are made available to Californians would be required to disclose significant information on the data used to train such AI systems or services. This, in turn, may raise novel compliance burdens for AI providers as well as unique challenges for customers in interpreting the information.

Continue reading

Posted

In a landmark moment for global AI governance, the United States, European Union and United Kingdom have signed the Council of Europe’s framework convention on artificial intelligence and human rights, democracy, and the rule of law (the “Convention”), the first legally binding international treaty on AI.

Continue reading

Posted

GettyImages-1490939019-300x193On July 25, 2024, the Board of Governors of the Federal Reserve System (FRB), Federal Deposit Insurance Corporation (FDIC) and Office of the Comptroller of the Currency (OCC) issued a joint statement describing potential risks related to banks’ deposit arrangements with fintechs and other third parties. The agencies also published a joint request for information (RFI) seeking input on the risk management practices employed in a wider variety of arrangements between banks and fintechs. These joint actions follow an increase in regulators’ enforcement actions involving bank-fintech arrangements and are the latest step in their efforts to more closely monitor those relationships.

Continue reading