Timothy Spangler

Partner, Practus, LLP

Artificial intelligence (AI) is becoming more interwoven into the fabric of our daily lives. The explosive rise of these technologies - ranging from large-language models to autonomous vehicles - poses many novel challenges that our pre-existing legal frameworks are possibly ill-equipped to handle. Enter California's proposed AI law, Assembly Bill 1047 (AB 1047), which admirably seeks to create new guardrails around AI deployment and governance. Unsurprisingly, AB 1047 is potentially a double-edged sword, laying the groundwork for future innovation but also running the risk of stifling it.

The Safe and Secure Innovation for Frontier Artificial Intelligence Models Act (to use its full name) has been a topic of fervent debate within Silicon Valley over the last several months, dividing opinion within the highest echelons of the tech community. Elon Musk threw his support to AB 1047, saying it was a "tough call" but should be passed, while Marc Andreessen argued that the new regulations would have a chilling effect on AI development, especially on open-sourced models.

In short, AB 1047 attempts to construct a comprehensive framework for AI regulation, establishing a series of guidelines aimed at protecting consumers, ensuring transparency and mitigating the societal risks of AI deployment. Most will readily agree that accountability and fairness in AI decision-making is a laudable goal. We would all likely benefit from requirements that companies disclose when we are interacting with AI systems, offer us greater clarity on how AI-based decisions are made and perform regular audits of the AI systems we interact with. With AI increasingly being used in critical areas--such as loan approvals, hiring processes and legal sentencing--understanding how an algorithm arrives at its decision is crucial. The black-box nature of many AI systems has long been a challenge, with deep learning models, for example, offering little insight into their decision-making processes.

Any new legislation, including AB 1047, inevitably runs the risk of stifling innovation, particularly for startups that lack the resources of tech mega-giants like Google, Microsoft, or Meta. Imposing stringent requirements could inadvertently create a regulatory moat that only the wealthiest companies can afford to navigate.

Forcing companies to provide detailed explanations to regulators, for example, could slow down the pace of innovation or even deter some businesses from exploring AI altogether.

AI is also a global field, so unilateral efforts by California to regulate it could have ripple effects across the United States and beyond. Silicon Valley is the world's preeminent tech hub, but Sacramento's regulatory approach could prompt local companies to relocate to jurisdictions with more lenient laws.

Further, technologies such as reinforcement learning, generative adversarial networks and quantum computing are progressing at breakneck speeds. Can any law crafted in 2024 adequately govern technologies that may look entirely different by 2025 or 2030? AB 1047 could rapidly become outdated or require frequent revisions, creating uncertainty for businesses trying to navigate an already complex regulatory landscape. Many observers also argue that ad hoc state-based legislation such as AB 1047 could contribute to a fragmented regulatory environment for AI within the United States, and that Washington should take the lead here.

Ultimately, the future of AI regulation will require a delicate balancing act--one that promotes responsible innovation while protecting the rights and well-being of individuals. AB 1047 may not be perfect, but it could represent a crucial focal point in the ongoing debate over how best to regulate the transformative power of AI.

It is important, however, to bear in mind that under current U.S. law, creators of an AI tool that cause damage can already be held legally responsible under a range of legal theories and regulations, depending on the nature of the harm, the use of the tool and the relationship between the AI creator and the user.

If the AI tool is considered a "product," creators could be held responsible under product liability law, which allows for liability when a product has a defect that makes it unreasonably dangerous. AI creators could also be liable under a traditional theory of negligence, which requires proving that the creators owed a duty of care to the plaintiff, they breached that duty by failing to act with reasonable care in the design, development or deployment of the AI, the breach caused harm to the plaintiff and the harm was a foreseeable consequence of the creators' actions. In some cases, courts might even impose strict liability on the AI creators, holding them responsible for the harm caused by the AI regardless of their intentions or how careful they were, in cases where AI is seen as an inherently dangerous product or activity.

In addition, a variety of existing statutes and regulations governing technology, such as data privacy and anti-discrimination laws, already apply to AI creators and could currently be the source liability if their tools violate them. For example, the Federal Trade Commission (FTC) and other governmental agencies may investigate or bring enforcement actions if AI tools engage in deceptive practices or violate consumer protection laws. The Securities Exchange Commission (SEC) has been conducting targeted examinations on the use of AI and machine learning by financial services firms and has also revised their rules to better cover the use of predictive data analytics by investment advisers and broker-dealers.

Critics might point out, however, that laws implemented before this current generation of AI arrived on the scene are not fully equipped to address the consequence of this technology being deployed at scale today. One difficulty in holding AI creators responsible could be establishing clear causation. AI systems can act autonomously and unpredictably, making it hard to pinpoint whether the creators' actions directly caused harm. Current law also does not recognize AI systems as legal entities, so liability must necessarily be directed at their human creators and operators, and the companies that employ them.

The fundamental issue, therefore, to applying existing law to AI is the question of "who" is responsible for the AI's behavior. In traditional products law, for example, liability usually lies with the manufacturer or seller. But AI systems, particularly those that are capable of learning and adapting over time, blur the lines of responsibility. Who is liable when an autonomous drone using AI malfunctions during a delivery, causing injury or property damage? The drone manufacturer, the software developer or the company that operates the drone fleet? What if the AI system, over time, changes its behavior based on data inputs from its environment, leading to unforeseen harm? Should the original developer be held responsible for the AI's self-learned decisions? AI systems result from the contributions of multiple parties--software developers, data scientists, hardware manufacturers and service providers--creating a complex web of potential liability.

As AI systems continue to evolve, our existing legal frameworks will need to be adapted or supplemented to address the unique challenges they present. One possibility is to establish a new category of liability specifically for AI systems capable of acting autonomously, which would hold developers or operators to higher standards of transparency and accountability.

Another approach could involve a shift toward risk-based regulation, similar to the European Union's AI Act, which classifies AI systems based on the level of risk they pose to society. This would allow regulators to apply more stringent liability rules to high-risk AI applications, such as those used in healthcare or criminal justice, while giving more leeway to lower-risk systems.

There is also the potential for AI insurance markets to evolve, with companies deploying AI systems required to purchase liability insurance to cover potential harms caused by their products. This could distribute the financial risk while also incentivizing companies to develop safer, more reliable AI systems.

AI is a transformative technology with enormous potential benefits, but it also presents unique legal and regulatory challenges. As courts and lawmakers grapple with these issues, the legal landscape for AI will need to evolve in step with the technology. Whether through adapting existing liability standards or creating entirely new regulatory frameworks, the challenge will be finding a balance that holds AI creators accountable without stifling innovation.