AI Legislation and Ethical Considerations: Navigating Compliance and Innovation

In a recent episode of Insights for IT Negotiations, hosts John Belden and Kylie Chisholm of UpperEdge sat down with Sarah Alt , Chief Process and AI Officer at Michael Best & Friedrich LLP, to discuss AI legislation, ethics, and corporate responsibility. The conversation provided critical insights into how AI governance is evolving and what organizations should consider when implementing AI-driven solutions.

Critical Insights on AI Regulation and Implementation Responsibility

1. AI Regulation: A Risk-Based Approach

Sarah Alt shared her experience working with the Wisconsin state legislature to assess AI regulation. The study concluded that rather than broad AI laws, a targeted approach focusing on high-risk areas—such as AI-powered gun detection in schools—would be more effective. The unanimous consensus was that AI should not override existing laws but should instead be regulated within existing legal frameworks.

2. Corporate Responsibility and AI Compliance

The discussion highlighted a shift in responsibility from AI vendors to buyers and subscribers. Recent lawsuits, such as the case against Workday, emphasize that organizations must conduct thorough due diligence to ensure compliance with anti-discrimination laws when using AI in hiring or talent management. Businesses must actively engage with AI vendors to verify their compliance and mitigate risks.

3. International AI Standards and U.S. Policy

Comparing the U.S. landscape to the European Union’s AI Act, Alt noted that the EU has taken a stricter, phased approach to AI regulation. While the U.S. currently lacks comprehensive federal AI laws, evolving executive orders signal a focus on maintaining technological leadership and security. Companies operating globally must be aware of these varying legal landscapes.

4. Vendor Agreements and AI Governance

Alt pointed out a key trend in vendor contracts—clauses allowing agreements to be amended in good faith as AI laws change. Organizations must also be cautious of automatic data opt-ins for AI training, ensuring that their sensitive data is not used without explicit consent.

5. Three Essential AI Procurement Rules

For companies adopting AI, Alt outlined three non-negotiables:

• Ensure data is not used to train public AI models.
• Prevent data from training a vendor’s private AI model.
• Avoid data commingling with other clients’ information.

The Future of AI Governance

The conversation also touched on the rapid development of open-source AI models like DeepSeek, which could shift the power dynamics of AI innovation. As AI becomes more accessible, businesses must take proactive steps to govern their own AI implementations responsibly.

For IT decision-makers, this podcast serves as a crucial guide to navigating AI regulation and corporate accountability. Stay ahead of AI governance trends by subscribing to Insights for IT Negotiations and visiting UpperEdge for expert advisory services.