The Need for Stronger Deterrence Against Data Theft
It’s a common belief that the law often has to play catchup with technology, and this remains apparent today as the latter continues to evolve at a fast pace. With the advent of generative artificial intelligence (Gen AI), some important legal questions still need to be addressed.
Balancing Data Protection with Innovation
Policymakers must decide how to best balance the use of data to train AI models with the need to protect the rights of creators, said Jeth Lee, chief legal officer for Microsoft Singapore. Choosing one extreme can stifle or kill innovation in AI, but it’s also not possible to allow free-for-all access to all content and data, Lee said.
Legal Questions Surrounding Gen AI
There are legal questions that need to be resolved regarding whether data generated from Gen AI tools have IP (intellectual property) rights, he said. And if they do, who owns those rights? For instance, is there sufficient creativity in content made from the use of a Gen AI application to warrant IP rights for the user or should the Gen AI tool have rights to it?
Assuming Responsibility for Legal Risks
Until these issues are addressed, AI players such as Google, OpenAI, and Microsoft have pledged to assume responsibility for the potential legal risks, should customers of their Gen AI products be challenged on copyright grounds. Google’s training data indemnity, for instance, "covers any allegations" that the tech vendor’s use of training data to create its generative models, which is used in a Gen AI service, infringes on a third-party’s IP rights.
Common Concerns about AI
Organizations are concerned about how to address copyright challenges related to the use of Gen AI as well as data protection, Lee said. Organizations want to know where their data flows to across the AI systems, how to protect this data, and who should be responsible when there is a breach, such as when an AI system malfunctions.
Need for Stronger Deterrence Against Data Theft
In Singapore, meanwhile, there are suggestions that new legislation in other areas may provide stronger deterrence against data theft and offer clear recourse for victims. Organizations that experience data theft in the Asian market typically turn to civil claims for breach of confidence as recourse, said a spokesperson from law firm Baker McKenzie Wong & Leow.
Trade Secrets Laws
The law firm believes it may be time for Singapore to consider whether such legislation is appropriate; many other countries have equivalent statutes in place. Markets that have enacted trade secrets laws include Germany, Japan, China, and the US.
Case Study: Genk Capital
One organization, Genk Capital, agrees. The Singapore-based trading firm filed a civil and criminal suit against a former employee for copying Genk’s proprietary data before leaving the company to join a competitor. The employee was found to have copied data that included trading strategy, client details, and transactions.
Conclusion
The case suggests the need for specific legislation to address trade secrets theft with criminal penalties, Koh said, adding that this would benefit especially small and midsize businesses that may lack resources to prevent such theft. Having trade-secrets specific legislation is not a novel concept, and many neighboring countries have such statutes.
FAQs
Q: What are the legal questions surrounding Gen AI?
A: There are legal questions regarding whether data generated from Gen AI tools have IP (intellectual property) rights and who owns those rights.
Q: What is Google’s training data indemnity?
A: Google’s training data indemnity "covers any allegations" that the tech vendor’s use of training data to create its generative models, which is used in a Gen AI service, infringes on a third-party’s IP rights.
Q: What are the common concerns about AI?
A: Organizations are concerned about how to address copyright challenges related to the use of Gen AI as well as data protection.
Q: Why is there a need for stronger deterrence against data theft?
A: There is a need for stronger deterrence against data theft to provide clear recourse for victims and to send a clear message that such misdeeds should not be condoned.
