What Is the Privacy Impact of the White House AI Order for Businesses?

Liisa Thomas
Sheppard Mullin Richter & Hampton LLP
Contact
LinkedIn
Facebook
X
Send
Embed

Sheppard Mullin Richter & Hampton LLP

[co-author: Kathryn Smith*]

Biden’s sweeping AI Executive Order sought to have artificial intelligence used in accordance with eight underlying principles. The order, while directed to government agencies, will impact businesses as well. In particular, the order has privacy and cybersecurity impacts on companies’ use of artificial intelligence. Among other things, companies should keep in mind the following:

  • NIST Guidelines: The order calls for industry guidelines and best practices for deploying AI systems. These are to be created by the end of July 2024 by NIST, and include guidelines for AI developers as well as guidelines for assessing the safety and security of AI systems.
  • Critical Infrastructure: The order outlines steps to be taken to manage AI in critical infrastructure and cybersecurity. Included in these is requiring the Treasury to issue a best practices report to financial institutions by the end of March 2024.
  • Protect Consumers from Harm: The order outlines several steps to promote competition and protect individuals from potential harm. This includes potential FTC rulemaking. The order also asks all independent regulatory agencies to consider steps to protect consumers from AI-related risks. These include privacy risks. Listed agencies include HHS, the Department of Transportation the Department of Education, and the Federal Communications Commission. Time frames for the agencies to take action range from three months to a year.
  • Federal Agency Procurement: The order calls for the Office of Management and Budget to review what “commercially available information” (CAI) is procured by agencies. Especially when the CAI includes personal information and/or is obtained from data brokers. After that review OMB is called on to take issue recommendations on how these activities can be done in a way that “mitigates privacy and confidentiality risks.”

As illustrated from the Fact Sheet accompanying the order, these are just some of many directives it contains. Other issues covered in the order include intellectual property, federal use of AI, and national security.

*Kathryn Smith is a fellow in the firm’s Chicago office.

Putting it into Practice: There is time before we see the outcome of the action agencies have been directed to take under the order. In the meantime, companies are reminded that the measures it outlines -protecting consumers from privacy and security harm- are already expected by the FTC.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Sheppard Mullin Richter & Hampton LLP | Attorney Advertising

Written by:

Sheppard Mullin Richter & Hampton LLP
Sheppard Mullin Richter & Hampton LLP
Contact
more
less

Sheppard Mullin Richter & Hampton LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide