Colorado AI legislation further complicates compliance equation

Given the broad reliance on vendors and third parties in IT today, many company executives, even CIOs, may not be aware of all modes of AI assistance — which often comes via clouds, SaaS apps, third parties, remote sites, mobile devices, and home offices — impacting their customers. These hidden AI activities, what Computerworld has dubbed sneaky AI, could potentially come to bear in compliance with legislation such as this. 

Brian Levine, a manager partner at Ernst & Young who is also an attorney, reviewed the bill and doesn’t expect ignorance of a third party’s use of AI to be a major problem.

“If you know that the product you are using contains AI,” then that requires action, he said. “But if you don’t know and are not purposely sticking your head in the sand, I don’t think there is any obligation under this bill. Knowledge of what a third party is doing isn’t necessarily imputed to you,” he said, adding that the bill has no reference to strict liability. 



Source link