AI Governance , AI Technologies , Ethics

When Using AI, Check the Origin of the Data - and the Output

Attorney Nathan Shaffer on Mitigating Risk Related to the Use of AI Tools
Nathan Shaffer, partner in intellectual property litigation, Orrick, Herrington & Sutcliffe

When using AI, the origin of data matters as much as its application. Nathan Shaffer, a partner in intellectual property litigation with Orrick, Herrington & Sutcliffe, advocates for forward-looking approaches to AI risk management, including employee training and proactive measures to anticipate emerging risks.

See Also: OnDemand: AI Application Security Implementation Trends in EU

"Understanding where the data comes from can give you a sense of what the risk profile may be and the questions you should be asking of your vendors," Shaffer said, emphasizing the pivotal role of comprehending data origins in assessing risk levels associated with AI tools.

"Data sources can create risk both on the input and the output side," he said. "On the input side, training data that is used to power AI models or to create error models can come from a variety of sources ... On the output side, a dataset that's trained on proprietary data could increase the risk of an unwitting infringement."

In this video interview with Information Security Media Group at Cybersecurity Implications of AI Summit: North America West, Shaffer also discussed:

  • How different licensing terms can expose organizations to varied levels of risk;
  • How contractual indemnifications are vital for protecting against potential legal issues arising from AI tools;
  • How to strike the right balance between keeping what's private and providing visibility for risk reduction purposes.

Shaffer is an intellectual property litigator working on some of the leading copyright, trademark and trade secret cases. He also counsels companies on licensing, intellectual property protection and risk assessment, privacy, and legal issues on the internet.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.