Tag Archives: K.C. Halm

Commerce Department Proposes Cybersecurity/AI Reporting and “KYC” Requirements for Certain Cloud Providers

by Robert Stankey, K.C. Halm, Michael T. Borgia, Andrew M. Lewis, and Assaf Ariely

Photos of authors

Left to right: Robert Stankey, K.C. Halm, Michael T. Borgia, Andrew M. Lewis, and Assaf Ariely (photos courtesy of Davis Wright Tremaine LLP)

IaaS providers would need to verify foreign users’ identities (aka “know your customer”) and report certain AI model training activities under the proposed rules

The U.S. Department of Commerce’s (“Commerce”) Bureau of Industry and Security (“BIS”) has issued a proposed rule (the “Proposed Rule”) that would impose significant diligence, reporting, and recordkeeping requirements on U.S. providers of Infrastructure as a Service (IaaS) and their foreign resellers. IaaS is generally considered to be a cloud computing model that provides users with remote access to servers, storage, networking, and virtualization.

The Proposed Rule would require U.S. IaaS providers to:

  • Implement and maintain a “Customer Identification Program” (CIP), which must include detailed know-your-customer (KYC) procedures for identifying and reporting foreign customers to Commerce; and
  • Report transactions involving foreign persons that “could result in the training of a large AI model with potential capabilities that could be used in malicious cyber-enabled activity.”

Continue reading

Federal Agencies Will Jointly Look for Bias and Discrimination in AI

by Bradford Hardin, K.C. Halm, Aisha Smith, and Matt Jedreski

Photos of the authors

From left to right: Bradford Hardin, K.C. Halm, Aisha Smith, and Matt Jedreski (photos courtesy of David Wright Tremaine LLP)

DOJ, FTC, CFPB, and EEOC Announce Joint Commitment to Use Existing Consumer Protection and Employment Authority to Oversee Use of Artificial Intelligence

On April 25, 2023, the Federal Trade Commission (FTC), the Civil Rights Division of the U.S. Department of Justice (DOJ), the Consumer Financial Protection Bureau (CFPB), and the U.S. Equal Employment Opportunity Commission (EEOC) released a joint statement highlighting their commitment to “vigorously use [their] collective authorities to protect individuals” with respect to artificial intelligence and automated systems (AI), which have the potential to negatively impact civil rights, fair competition, consumer protection, and equal opportunity. These regulators intend to use their existing authority to enforce consumer protection and employment laws, which apply regardless of the technology used for making decisions or delivering products and services. The joint statement outlines several key areas of focus for the agencies – ensuring that AI does not result in discriminatory outcomes, protecting consumers from unfair, deceptive, or abusive acts or practices (UDAAP), preventing anticompetitive practices that may be facilitated or exacerbated by AI, and promoting responsible and transparent development of AI systems. Rather than operate as if AI is unregulated, businesses should ensure their use of AI complies with existing laws and regulations.

Continue reading