AI Statutory Update
Background
As we move toward the end of 2024, it seems the time is right for an update of AI statutory developments so far this year. While the EU has once again set the standard with the EU AI Act, the 30,000-foot view in the U.S. is that while there is a lot of talk there is not a lot of action. As the case has been with the failure of Congress to pass meaningful, comprehensive data privacy legislation, it has failed to pass any meaningful AI legislation.
New AI legislation has come from the states and seems to be focused on a consumer approach, rather than addressing the use of AI regardless of industry. State AI laws seem more concerned solely with the potential for AI to be used in a discriminatory manner without addressing other risks of AI and protecting the privacy of people overall. My concern is that the legislation of AI will go the way of data privacy, which is that AI legislation will be passed only by individual states, resulting in businesses having to comply with a patchwork of laws, rather than being governed by a single federal law.
AI Legislation Updates
- The EU AI Act went into effect on August 1, 2024. Enforcement is done in stages, with the enforcement of prohibitions on acceptable risk AI beginning February 1, 2025.
- The Colorado AI Act was passed and is set to take effect on February 1, 2026. The focus of this law is the concept of algorithmic discrimination. Any employer doing business in Colorado with more than 50 employees will have specific obligations with regard to hiring, retention, and promotion of employees when using AI to make decisions.
- New York City (not even New York State) prohibits the use of AI tools to make automated employment decisions unless the tool is audited for bias annually, the employer publishes a public summary of the audit, and the employer provides certain notices to applicants and employees where a subject is screened by the tool.
- The FCC declared that AI generated voices fall within the meaning of “artificial” under the Telephone Consumer Protection Act (TCPA) and calls using such voices must comply with the TCPA.
- California Senate Bill 1047 proposes safety standards requiring AI models to certify safety testing before deployment. The Bill is still in the legislative process with proponents stating it will help mitigate risks to the public, while opponents argue to would place unfair burdens on developers and would inhibit start-ups.
- On March 13, 2024, Utah enacted S.B. 149 governing AI usage. The law requires that if an individual interacting with Generative AI (GenAI) asks the GenAI if it is a human, the business or person using the GenAI must clearly disclose to the individual that he or she is interacting with GenAI and not a human.
Disclaimer
This material is provided for informational purposes only. It is not intended to constitute legal advice nor does it create a client-lawyer relationship between Hall Booth Smith, P.C. and any recipient. Recipients should consult with counsel before taking any actions based on the information contained within this material. This material may be considered attorney advertising in some jurisdictions. Prior results do not guarantee a similar outcome.
Blog Overview
About the Author
Richard Sheinis
Partner | Charlotte Office
T: 980.859.0381
E: rsheinis@hallboothsmith.com
Richard Sheinis assists businesses in the areas of data privacy and cyber security, employment, and technology. He works with a wide variety of companies from small technology businesses to publicly traded companies with a global footprint.
Leave a comment
You must be logged in to post a comment.