20/02/2024
In the first of Bevan Brittan’s series of six “In-house Insights” webinars Wesley O'Brien and Ben Pumphrey inform us about recent updates in intellectual property and data protection law. Wes discusses the intellectual property (IP) considerations for organisations using artificial intelligence (AI) and Ben gives an overview of the key data protection risks organisations should be alive to in 2024 along with some practical tips on how you can limit your risk exposure going forward.
Key Takeaways
Intellectual property and AI
- The level of risk is increasing for organisations – the ICO is becoming increasingly active in issuing fines and enforcement / decision notices for breaches of the data protection regulations.
- AI is a tool which is increasingly being used by a range of organisations.
- IP ownership in the output of an AI tool is a complex area – it depends on the level of user involvement and whether the requirement of “originality” is met.
- Be aware of infringing copyright, both in the training process and in the output. Many AI tools are trained on copyright-protected information scraped from the internet – liability will rest with the trainer and/or the user of the AI tool (depending on the circumstances).
- There is little existing case law in this complex area of law – watch out for the outcome of the Getty Images (US) Inc v Stability AI Ltd case.
- The government currently has no plans to change existing IP laws although we are expecting some new proposals soon about how the tension between the creative industries and AI developers can be resolved.
Data Protection
· The level of risk is increasing for organisations – the ICO is becoming increasingly active in issuing fines and enforcement / decision notices for breaches of the data protection regulations.
· Organisations may be fined for not implementing adequate security measures to protect personal data.
· Breaches are commonly caused by phishing emails – make sure your staff are trained to spot and report these.
· Make sure you put in place adequate training and resources to respond to subject access and freedom of information requests in a timely manner.
· Be aware of the increasing divergence between the UK and EU in matter of data protection.
In this ever changing legal landscape make sure to keep your business, and your staff, up-to date and cognisant of the potential risks involved. This can be done through employee training and putting robust organisational policies in place.
If you would like to discuss any of the topics covered in our webinar in more detail, or have a specific query for us, please do get in touch with Wes or Ben.