Privacy Risks in Generative AI Deployments

This CLE program explores the complexities of generative artificial intelligence and its legal implications. In this course, Eran Kahana defines generative AI and explores the privacy law challenges it presents, including compliance issues with the NIST Privacy Framework and other relevant regulations. Mr. Kahana discusses the role of generative AI in various sectors, the hype versus reality of AI technologies, and the evolving legal landscape surrounding AI. By the end of this program, participants will have a solid understanding of the privacy risks associated with generative AI deployments and strategies for risk assessment and mitigation.

Learning Objectives:

• I. Define generative artificial intelligence and its various types, including functional, analytic, text, and visual AI, along with machine learning concepts such as unsupervised learning, supervised learning, reinforcement learning, and deep learning

• II. Identify the privacy law challenges posed by generative AI deployments, including the use of data for new purposes not contemplated at collection, and understand the relevant laws, standards, frameworks, and guidelines for compliance

• III. Discuss the NIST Privacy Framework and its application to generative AI deployments, including the principles of identify, govern, control, communicate, and protect, and how they can be implemented in practice

• IV. Explore the AI Life Cycle Core Principles, focusing on the privacy core principle, and understand how these principles can be used to ensure the responsible development and use of AI systems

• V. Analyze the AI Data Stewardship Framework and its role in managing data privacy risks associated with generative AI deployments, including basic controls, foundational controls, and organizational controls