Indemnification will not save you from GenAI!

Computerworld.com reported that “…various businesses trying to contractually remove their liability by asking the AI vendor to indemnify them against costs or legal issues arising from their use of genAI tools. It often doesn’t help nearly as much as the enterprise executives hope it will.” The August 13, 2024 article entitled “GenAI compliance is an oxymoron. Ways to make the best of it” (https://www.computerworld.com/article/3484326/genai-compliance-is-an-oxymoron-ways-to-make-the-best-of-it.html) included these comments about GenAI indemnification by Jana Farmer (partner at the Wilson Elser law firm):

 She said that the AI vendor will usually stipulate that they cover all costs only if they are found to have been negligent by a recognized court or regulatory body. “If we and only if we are found to have been negligent, we will indemnify you later on,” she said, paraphrasing the AI vendor.

 This brings the enterprise back to awareness of exactly what the genAI program is doing, what data it is examining, what it will be doing with its analysis, and so on. For many different reasons, Farmer said, executives often do not know what they need to know.

“The issue is not that nobody in the organization knows what data is being processed, but that understanding information practices is a ‘whole business’ issue, and the various departments or stakeholders are not communicating,” she said. “Marketing may not know what technologies IT has implemented, IT may not know what analytics vendors Marketing engaged and why, etc. Not knowing the information that privacy laws require to be disclosed is not an acceptable response.”

This then gets far tricker when genAI tries to extrapolate insights from data.

Interesting thoughts….what do you think?