IP Tech Knowledgy

Businesses should adopt an AI Usage Policy.  Whether the business uses artificial intelligence in its operations or develops AI as a product for others to use (or both), having a policy informs all personnel of their responsibilities in using AI.  Having a policy can help reduce and defend against possible claims by third parties.  Policies should focus on the different ways the business uses AI, such as incorporating AI to help run its day-to-day functioning, using AI platforms for research, creating customer-facing output generated by AI, or developing the AI platform.   

For entities using AI, the policy should identify the types of information prohibited from being part of an AI query, such as company confidential information or trade secrets, or confidential or personal information of the business’ clients.  The Policy should also address permitted use of AI output, best practices in working with AI, how personnel can maintain security of its information, and where personnel can receive training and support for their AI activities.  

The policy should also require personnel to be transparent and report when material and conclusions have been aided by AI.  Also, caution personnel about potential inaccuracies that AI might generate, and state that personnel should understand and respect intellectual property laws governing how they can reproduce the content AI generates for them.  

A company should also consider whether to review different platforms and require personnel to use only designated platforms for their inquiries if the company believes only certain platforms meet requirements for confidentiality, reliability, or other factors important to the business.

A good policy written for an entity creating its own AI platform should address risk assessment methodology for security, privacy, algorithmic bias, and compliance with applicable rules and regulations.  The business should also ensure that developers are not violating patents, copyrights, or trade secrets in what they are programming.  

In any situation, the business should have an AI administrator and/or an entire governance structure to monitor usage, and address issues that arise – and should also map out consequences for any violation.  Because technology constantly evolves, any policy should state that the most recent policy is effective for all personnel.  

Just like internet policies became necessary safeguards a generation ago, AI usage policies are necessary tools for a business to oversee its personnel, help reduce problems and mistakes that could otherwise have created liability for the company, and act as evidence of sound business practices that might mitigate claims by third parties.

Ned T. Himmelrich
410-576-4171 • nhimmelrich@gfrlaw.com