Artificial intelligence, machine learning and data-driven technologies are rapidly transforming businesses across all industries, presenting a wide range of new legal challenges that accompany the advantages of an increasingly automated society. The Debevoise artificial intelligence team provides sophisticated, innovative advice to address these emerging challenges, routinely advising clients about the legal risks and regulatory implications of these complex, cutting-edge technologies.
A Premiere Data Strategy & Security Practice
The Debevoise Data Strategy & Security (DSS) practice is global and interdisciplinary—combining our AI, cybersecurity, privacy, business continuity, M&A diligence and data governance practices into one fully integrated and coordinated group. Our lawyers have deep technical knowledge that allows them to translate complex technical findings into legal and business decision points.
Experience in Navigating Complex Regulatory Inquiries
We regularly handle the most challenging and complex AI-related regulatory inquiries and supervisory examinations with the utmost levels of sophistication, expertise, creativity and commercial judgment. Our deep bench of former U.S. regulators from the U.S. Department of Justice, Securities and Exchange Commission, Federal Reserve Board and the N.Y. Department of Financial Services uniquely positions Debevoise to navigate regulatory inquiries concerning new technologies.
AI Industry Expertise
We have layered into our DSS practice deep AI experience across a variety of key industries and sectors. Our team is actively involved in efforts to develop best practices for AI ethics and governance, including through the IEEE Global Initiative on Autonomous and Intelligent Systems and other expert groups.
A Full Complement of AI-Related Legal Services
In today’s dynamic regulatory environment, managing risks at the intersection of law and technology means measuring data optimization and data protection strategies against existing laws and regulations, as well as anticipated changes to these legal frameworks.
Debevoise offers legal services for clients across the spectrum of AI matters. Among the issues we help clients navigate are the following:
AI Risk Assessments and Model Testing. We conduct AI risk assessments for clients, including global financial institutions. Our work ranges from leading a full legal and technical risk assessment of various AI and data programs, typically performed in tandem with a technical vendor, to a targeted review of areas known to attract regulatory and enforcement focus. This includes testing AI systems for bias, explainability, model drift, and robustness against unexpected events, as well as implementing appropriate guardrails or technical measure to mitigate risks.
Regulatory Enforcement and Examinations. We provide seasoned representation to companies in high-stakes government examinations, enforcement, and litigation related to AI, including before federal regulatory and supervisory agencies.
AI Ethics and Governance. We help companies establish AI ethics, governance, and compliance programs, including with respect to transparency, documentation, policies, and training. We also assist companies in establishing dedicated AI principles, cross-functional committees, and oversight processes.
AI Regulation Tracking. We track closely new and proposed AI regulations and guidance in the United States and around the world using our AI regulation tracking tool, which can show trends and predict where AI regulation is heading.
Communicate with Regulators. We communicate frequently with leading AI and data regulators in the US and Europe, including in our Debevoise Data Webinars and our AI Roundtable Series co-hosted with the IEEE.
Board/Executive Briefings and Training. We offer sessions tailored to board members or company executives on the latest developments in AI regulations and risks, as well as guidance on their obligations in these areas.
Mock AI Events and Tabletop Exercises. We help our clients prepare for business continuity events by conducting real-world drills of AI failures or other data events for various functions within the organization including Legal, Compliance, IT, Risk, Communications, Executive Management and the Board.
Incident Response. Our AI Incident Response Services include helping clients navigate AI incidents with crisis management, internal and external communications, fact investigation, regulator and law enforcement liaison, civil regulatory investigations, defense of civil litigation and attention to the needs of the board and C-Suite.
M&A Due Diligence. We lead AI diligence investigations, including advising on policies and procedures for due diligence and for integration generally, as well as on issues raised by specific AI acquisitions and investments.
AI Licenses and IP Advising. We negotiate AI-related technology agreements, licenses, and joint venture arrangements and advise clients on their IP rights in data sets, models, and model outputs.
Vendor Diligence and Oversight. Many companies increasingly rely on third-party vendors to supply cutting-edge AI. We can look quickly at significant vendor agreements, and at the policies and procedures for administering vendor relationships, and advise on how they might be updated to mitigate AI risk
Insurance. We assist companies in determining whether their existing insurance is sufficient to cover their AI risk.