Artificial intelligence startups are characterized by rapid iteration and aggressive deployment by founders․ Underneath‚ investors often push for growth and defensibility even when the companies are still young․ Legal risk is a slower-moving risk‚ potentially‚ in terms of an organization identifying and acknowledging it․ Many founders in the AI sector view their creations as research projects‚ with legal risk to be addressed later․
Rather‚ in practice‚ legal risk begins as soon as a company starts designing an AI system‚ with the chosen data source‚ model usage‚ and product placement; depending on the phase‚ the assumptions may have already been written into the technical architecture during the due diligence stage‚ enterprise contracting‚ or regulatory inquiry․
As a plaintiff personal injury lawyer and researcher working on a doctoral dissertation on the intersection of law, business, and emerging technology, I have seen this pattern of thinking: legal risk tends to be a compliance problem rather than a design problem. That distinction matters․ Courts do not care that the technology is new․ When AI systems harm‚ discriminate‚ mispredict‚ or automate‚ scholars‚ judges‚ and tort lawyers ask whether the harm was foreseeable and whether reasonable precautions were in place to prevent or reduce the risks․ Did the organization receive some type of economic benefit? These questions are not new․ The technology is․
The Illusion of Technological Neutrality
Many founders believe that artificial intelligence is a tool and that when a model produces an output‚ it is the user’s responsibility․ The entire process of building an ML system is subject to human choices about which data to collect‚ which features to consider‚ how to evaluate the output‚ and how to deploy it․
Legal scholarship has increasingly recognized that algorithmic systems may reproduce and compound the biases and inequalities of their historic training data‚ such as in hiring algorithms and those used for credit scoring and predictive policing․ The risk is not limited to intentional discrimination‚ as even well-meaning systems can produce discriminatory results if the data they train on records discrimination․
From a litigation perspective‚ the relevant issue is how predictable bias was‚ not whether the researcher intended to be biased․ Whether developers took adequate measures to test for or reduce known risks associated with automated decision-making is often left to courts․ Explainability is also hard because many deep learning models are statistically so complex that humans cannot interpret them ‚ a problem referred to as the “black box” problem․
If the reasoning at the center of a system does not lend itself to explanation‚ reasonable care can be hard to prove․
Data Decisions Are Legal Decisions
For many early-stage AI firms‚ data is a technical input․ However‚ training datasets could expose organizations to several legal risks‚ including those arising from privacy‚ intellectual property‚ and consumer protection laws․
Courts have increasingly viewed data governance practices as an aspect of responsible system design․Documentation of dataset provenance‚ licensing rights‚ and consent mechanisms might be important evidence in the case of a later dispute․
Legal scholars have stressed that AI governance must not only be concerned with the behaviour of models after they are implemented‚ but also during their training and maintenance․
A growing focus on auditability reflects a shift in the approach of the courts to accountability in the online environment‚ moving from individual decisions towards the organization of systems․ In this respect‚ data management is no longer operational but rather evidentiary․
Product Liability Still Applies to Software
Founders tend to believe customary product liability doctrines only apply to cases involving a physical product․ In reality‚ courts have long applied rules of negligence to new technologies․ Legal analysis published by the Brookings Institution identifies product liability regimes as mechanisms to address injuries from design defects or from failure to provide warnings about risks that could be anticipated for AI-enabled systems․
This is pivotal because AI products do not stop learning after a deployment: they also retrain‚ fine-tune‚ and learn from user interactions․
These characteristics raise difficult legal questions:
- When does an update become a design change?
- Who is responsible if it changes the downstream system?
- Was the company’s automated output something it could reasonably foresee customers relying upon?
Legal scholars have increasingly suggested that AI harms may require hybrid liability models combining customary negligence and strict liability‚ especially in high-risk sectors․
This suggests that legal risk‚ for founders‚ is not reduced by technical innovation; rather, it is simply displaced onto a larger set of actors․
Regulatory Expectations Are Converging Globally
Governments are adopting regulatory frameworks for the risks of AI․ The European Union’s Artificial Intelligence Act was one of the first attempts at establishing thorough risk-based obligations for AI development and deployment․
For ‘high risk’ AI uses‚ the Act imposes rules regarding documentation‚ transparency‚ and human oversight․
While North American regulation continues to develop‚ there is growing international attention on: documentation standards‚ model evaluation practices‚ and demonstrable risk management processes․
Legal commentary stresses the compatibility of liability regimes with and their non-exclusivity to regulatory compliance frameworks․
Startups that hope to sell to enterprise clients in multiple countries must comply with regulations․ Furthermore‚ customers want to see evidence of responsible AI system design before adopting these tools in workflows․
Explainability and Accountability Are Becoming Business Requirements
Transparency in AI and algorithm decision-making not only has ethical implications‚ but is also emerging as a commercial expectation․
Several studies of algorithmic transparency and accountability stress the need for interdisciplinary governance approaches that combine technical‚ legal‚ and policy perspectives․
Enterprise customers‚ insurers‚ or regulators may require this documentation: model limitations‚ performance boundaries, and known failure modes․ Explainability does not require revealing source code․ However‚ the organization should usually be able to articulate how its system behaves under expected conditions․ The use of automated decisions where a company cannot explain why they were made․
The Emerging Litigation Landscape
While not specific to these technologies‚ existing law touches on the use of AI in common areas such as negligence‚ misrepresentation, and professional liability․
Interdisciplinary studies of generative AI liability have suggested that existing doctrines of law may be ill-suited to resolving cases that deal with non-material harm, such as reputational harm and algorithmic discrimination‚ whereby attributable causation is weak․
This difficulty does not eliminate liability risk․ In practice‚ it leads to litigation over foreseeability‚ documentation‚ and reasonable design practices․ The courts have applied existing legal doctrines to new technology‚ from aviation to pharmaceuticals to software․ Artificial intelligence is unlikely to be an exception․
Legal Risk as Strategic Infrastructure
Another trend in AI is the realization that governance structures may be a source of competitive advantage to firms․ An organization with an established and credible risk management framework is more likely to obtain enterprise partnerships‚ regulatory approval‚ and investor confidence․
Legal readiness may not occur slowly‚ but rather there can be big shifts afterward․
From the perspective of these plaintiffs‚ these disputes often involve technologies whose risks were inadequately assessed during the initial development process․Preventative legal thinking rarely makes headlines․ Litigation does․
Final Thoughts
AI startups are based on technology insights and entrepreneurial urgency‚ both of which are needed․ However‚ risk is viewed differently by the law․ Courts consider whether the damage was‚ or was not‚ foreseeable and whether reasonable steps were taken․ These questions are relevant whether the systems are based on linear regressions or deep neural networks․ While AI raises new technical complexities‚ existing ideas of liability are already applicable to it․ Design decisions expose risk long before litigation begins․ However‚ for founders that learn this early‚ there are many opportunities to learn this before it is too late․
–
About The Author
Kanon Clifford is a plaintiff personal injury lawyer with Bergeron Clifford. The ability to make a meaningful change in people’s lives is what attracts Kanon to injury law. For Kanon, the clients’ right to fair compensation is the pillar of his deep commitment to improving the lives of injured persons and their families. Kanon started at Bergeron Clifford as a summer student, learning the ins and outs of injury law. He then completed his articles at our firm before being called to the Ontario bar in 2020. He holds a B.Soc.Sc. from the University of Ottawa. He graduated with his LL.B. (Honours) from the University of Exeter in Devon, England and also holds an LL.M. (Conflict Resolution) with Distinctions from the University of Law in London, England. He is currently studying part-time for his Doctor of Business Administration (D.B.A.), where he studies the intersections of law, business and technology.
