At the end of 2022 the arrival of ChatGPT (a machine learning model that can understand and generate text based on the data it was trained on) was a major event. A machine capable of answering, in part, most of our questions in our language! Since then, it has been a revolution with the constant arrival on the market of many applications intended for both businesses and individuals, thanks to the development of artificial intelligence.
Generative artificial intelligence (generative AI) is a type of AI capable of creating new content and ideas, including conversations, stories, images, programs, videos, and music.
Predictive AI uses data analysis, machine learning, and statistical models to identify trends that can predict future behavior.
Predictive AI focuses on creating models and algorithms that can predict future events by analyzing past data. For example, recommendation systems, weather forecast models, credit analyses, preventative maintenance are common applications of predictive AI.
This is a tremendous opportunity for businesses and a major growth driver. All industries will benefit from it. AI applications can reinvent most customer experiences and applications, create applications never seen before, and help customers achieve new levels of productivity across all industries.
Exemples :
- Company operating mode: AI will intervene to make production, commercial operations, marketing, production planning, logistics chain and cost optimization, facilities management, etc. more efficient.
- Strategic decision-making: AI allows business leaders to obtain predictive analyzes with strategic recommendations based on real-time data.
- Supply chain: It is possible to improve the visibility and management of the supply chain, with demand forecasting, route optimization, etc.
- Business processes can be automated: this concerns all repetitive and time-consuming tasks, for example.
- Improvement and personalization of customer service: this thanks to chatbots and virtual agents which are increasingly used with 24/7 support. These can respond to customers and guide them. Possible interaction with customers based on their preferences and past behavior, for possible product recommendations, personalized offers.
- Product development: AI enables product design, innovation, and prototype development.
- Human Resources: thanks to applications, it is possible to optimize the recruitment process, evaluate employee performance, predict training needs, and improve talent management…
Business leaders, since the appearance of ChatGPT, have already seen the interest in all these new applications and their enormous potential for the development and increase in the productivity of their companies. They are looking to understand the technology and see how they can benefit from it and integrate it into their organization. There is a certain enthusiasm with a lot of questions.
In this context we have been questioned by various clients who question and wonder what the resources of local law are to strengthen the protection of the interests of any company when concluding contracts linked to AI applications and for everything related to digital law.
Before addressing the question raised about the availability of legal resources and the probable contractual “constructions – projections” in relation to the expectations of companies, we carried out various research on the market offer relating to AI applications. Immerse ourselves in.
We are indeed pleasantly surprised by all the new applications which, in a short time, are exploding on the market. Every day and at any time, multiple innovative applications are put on the market. New services that do not require any IT knowledge are available. the legal issues and problems to anticipate.
We cite a few of them.
- For videoconferencing, there are automatic note-taking tools during sessions: you launch the application as a participant and at the end you obtain a transcription of the entire discussion plus a summary organizing everything that was said, the objective, a summary, the discussion points and, possibly the next steps
- Another application allows you to transcribe audio recordings into text with a good level of understanding
- Another service allows you to automatically create mind maps from text. Useful for starting a brainstorming session based on existing ideas.
- Very recently Microsoft launched “Co-pilot” its AI assistant available in all its products.
- The GPT “vision” functionality of ChatGPT makes it easy to transcribe handwritten notes and then use them, for example, to fill in a table on Chapt GPT.
- There are several image creation applications that allow you to create images from a few words. What's more, the new version of Photoshop also allows, in a few words, to create and modify the image, without any required knowledge of the tool.
- For video, there are several applications available on the market that allow you to easily create videos. An application allows you to create a video…from a text only.
A significant number of other applications are created every day.
Particularly interesting for businesses are providers on the market who make platforms available to their customers and who use contextual generative AI. This AI can quickly create a variety of media tailored to specific needs, tailor-made. It is adaptable to the criteria set by the user, creates content with parameters also defined by the users for the generation of content and other appropriate settings.
Among other adaptations, any company can have, for example, personalized marketing content, better e-commerce efficiency, a personalized user experience and many other dedicated applications that allow companies to exploit the full potential of their own data.
Other vendors offer platforms that enable each customer to create, deploy, and manage data projects and AI applications with development tools, predefined use cases, and wizards.
Furthermore, in the medical field, there is already equipment using AI applications which make it possible to screen, diagnose and predict, treat, and prevent diseases.
It is then up to business leaders to seize these opportunities while knowing that local law allows them to limit risk in all areas.
The resources of common law, to strengthen the protection of the interests of any company when concluding contracts linked to AI and digital law, exist.
Certainly, IT and AI applications have particularities which impact contractual issues. Risks specific to the material require special contractual precautions.
Often the subject of IT contracts relates to both material (equipment, networks) and intangible (software and services) which can make it difficult to qualify the contract and control its execution.
Computer science is a highly technical activity. Drafting the contract requires a good knowledge of the technical elements linked to the project as well as consistency between the terminology used and the contractual obligations.
In many cases it will be useful to provide definitions in the contract to clarify certain concepts used by the parties. To this end, there are certain “technical terminology” referents that may be useful to the parties.
There are also risks considering. There are risks linked to the extent of the damage because there is often no correspondence between the value of the equipment, software, services, and the loss they can create.
There are risks linked to vulnerability and therefore the need to put in place access control measures and back-up solutions and just as much to set up a maintenance structure. In terms of cloud computing and the related risks, it is useful to also put in place security and data protection measures.
It is also important to guarantee the sustainability of the investment made. At this level, it is necessary to address the issues of evolutionary maintenance, access to sources, ensuring compatibility and upgrading of systems, and for software, including the transfer of rights allowing any use.
Furthermore, IT activity involves different specialties and there is therefore a multiplicity of stakeholders, such as hardware manufacturers, their distributors, software development companies, network installers, software package publishers and developers, service providers. maintenance, Cloud computing and associated solutions, companies offering data storage solutions (data center) with various associated services…
Also, the collaboration of the parties before, during and after the conclusion of the contract is an essential element in the success of an IT project.
We still reassure business leaders. Indeed, algorithms and their uses can be governed, directly or indirectly, by numerous legal rules. It is true that these rules, as we will see, are in fact dispersed in various laws, reflecting the heterogeneity of digital technology.
The resources to be exploited can be:
Firstly, the Algerian Civil Code which provides for numerous relevant provisions and in particular its article 106 which states: “The contract constitutes the law of the parties. It cannot be revoked or modified except with their mutual consent or for the reasons provided for by law.”
It is a fundamental principle that parties to a contract are free to determine the terms and conditions of their agreement.
This essential provision allows companies, through the contract, to protect their interests, to define and specify the obligations provided for in the contract and, that the parties must perform them in good faith and in accordance with the object of the contract and its various clauses.
However, we must also be very vigilant regarding the drafting of the clauses and to define the essential obligation which corresponds to the heart of the company's IT project.
Before the contract there is therefore the necessary stage of developing the project and formulating the client's needs.
Each IT project is born from a need; the company that wants to develop a project has a recurring or new need and which will induce a change. Moreover, for many this is likely to happen in the short term due to the numerous AI applications which are constantly appearing on the market.
For any IT project, the end user must identify and define their needs to formalize them. For the party in charge of implementation, it will be a matter of understanding the needs to find ways and means to achieve them.
It is therefore important that the user can define his needs with maximum precision and formalize them in a "specification" also called "specifications" and which it is useful to integrate later into the contractual documents for the realization of the project. The development of specifications is not a legal obligation – at least for the private sector – but in IT practice it is necessary.
At this level, the client must if possible, and upstream of its project, strengthen its technical team by calling on his legal counsel; the latter, after understanding the needs, will be able to anticipate legal risks and find appropriate contractual formulations to preserve the interests of his client.
At this stage, a necessary consultation should also be established between the “client” and the supplier.
This will be the time to develop “specifications” representing the expression of the customer’s needs, expectations, and requirements. There is no predefined model for specifications. This document must include the following points (non-exhaustive):
- Objectives defined and expected.
- The state of the premises/current treatments.
- Technical and human resources required for implementation.
-Deadline.
- Scalable system.
- Performances.
- Means made available to the holder.
- Layout of premises intended for the installation of the equipment covered by the contract.
- Updates and new versions of software – Technical documentation.
- Security audit.
- Additional or modifying services.
- Review clause.
- Installation and commissioning.
- Quantitative and qualitative checks.
- Decisions after verification.
- Guarantee of software conformity.
- Destruction of data.
- Maintenance, third-party application maintenance (maintenance in operational condition).
- Reversibility and transferability.
- Definition of results…
Once the specifications have been decided, the contract must be drawn up. In the field of IT contracts there are no more difficulties in drafting than for other types of contracts applicable to other industrial and/or service sectors. However, there are specificities to be regulated.
In the IT project it is important to determine what is essential and therefore to design the contract accordingly as an efficient tool for predictability. In any case, care must be taken to integrate the requirements of each party completely and precisely.
You must be attentive to all the usual clauses and to preamble clauses, guarantees, limiting or exonerating liability, unfair clauses or those which may appear unfair. It should be noted that certain clauses may be found in invoices and general conditions of sale. We can also provide special conditions to add to the general conditions. To clarify certain terms of the contract it will be useful to provide a clause for definitions. If several documents are exchanged between the parties, a clause relating to the contractual documents should be provided with an indication of the order of priority that the parties intend to grant to each referenced document, in the event of a contradiction. Also consider the non-solicitation of personnel clause.
It always seems interesting and necessary to write a preamble before the text of the contract. It is useful to explain the context of the contract, the history, to situate the parties and their activities, the objectives, and the object of the contract. The preamble also clarifies the common intention of the parties, in the event of conflict.
For the purpose of the contract and the description of the services, it will be necessary to include, if possible, a complete description of the services; or provide a short summary of the subject and in a separate annex a very detailed description of the subject of the delivery, the expected work results (all deliverables) and the documents due. If necessary, divide the project into phases: (at start-up, concept, production, and commissioning.).
Receipt of deliverables is an important clause. To write this clause you need in-depth knowledge of the project. The purpose of this clause is to organize the receipt of any deliverable (software, equipment, studies, services, etc.). This allows the client to validate the conformity of the services in relation to their “specifications”. Here too, the option would be to describe and organize the reception in detail in an annex to the contract.
For unfair clauses and to contain the risk, we can refer to certain provisions of the civil code, in particular those referring to adhesion contracts, to law no. 2004-02 of June 23, 2004, setting the rules applicable to commercial practices, to Order No. 2003-03 of July 19, 2003 relating to competition.
An intellectual property clause should also be included which deals with the rights relating thereto and linked to the digital products or services included in the contract. If necessary, with regard to the protection of rights linked to a computer program or a database, we can exploit the provisions of Order No. 2003-05 of July 19, 2003 relating to copyright and related rights.
Data law impacts the supervision of AI.
For any contract relating to the provision of an IT service including an AI application (which often processes large quantities of data) it would be appropriate to provide a confidentiality clause – Data protection, to regulate the security of information and data exchanged within the framework of the contract.
At this stage it will be necessary to exploit and apply the provisions of Law No. 18-07 of June 10, 2018, relating to the protection of individuals in the processing of personal data.
As a reminder, said law defines “personal data” as: “any information, whatever its medium, concerning an identified or identifiable person, hereinafter referred to as “data subject”, in a direct or indirect manner, by reference to an identification number or to one or more specific elements of his physical, physiological, genetic, biometric, psychological, economic, cultural or social identity.”
Also, the attention of the companies concerned is required: it is necessary to foresee and integrate into any computer program and especially for AI applications, the principles decreed by the law on data “law no 18-07”.
Indeed, data law impacts AI, particularly about privacy protection, data governance and liability.
For the protection of privacy, “Law No. 18-07” provides binding rules regarding the collection, processing, and storage of personal data. Also, AI applications must respect these rules.
The rule of purpose/transparency provided for in the above-mentioned law has implications for AI; automated decisions must be described and their purpose – objectives explained in a coherent manner.
Also, the attention of the companies concerned is required: it is necessary to foresee and integrate into any computer program and especially for AI applications, the principles decreed by the law on data “law no 18-07”.
Indeed, data law impacts AI, particularly about privacy protection, data governance and liability.
For the protection of privacy, “Law No. 18-07” provides binding rules regarding the collection, processing, and storage of personal data. Also, AI applications must respect these rules.
The rule of purpose/transparency provided for in the above-mentioned law has implications for AI; “automated decisions must be described and their purpose – objectives explained in a coherent manner."
There is reason to integrate these ethical and legal concerns related to data management.
Law No. 18-07 also requires “informed” consent; this rule may apply to data used to design AI models or to predict automated decisions.
The data law substantially impacts any AI application and in principle, any contract relating to the provision of an IT service.
AI developers and users are therefore subject to legal obligations to ensure responsible use of data. Consequently, we recommend that the companies concerned anticipate and integrate the rules raised to protect themselves against the risks raised and thus follow the law. There is reason to integrate these ethical and legal concerns related to data management.
For this specific subject, appropriate training in ethics would be wise for all players in the algorithmic and Data chain; well trained in the application of these rules, the transparency and loyalty necessary for the algorithms designed, they will anticipate their integration into all programs and applications.
Algerian law, the variety of arrangements and clauses, the development of know-how by professionals make it possible to ensure economic actors and users of these technologies a digital transition while minimizing all risks.
Finally, all business leaders should be reminded of Amara's Law (Roy Lamara, scientist, and futurist): “When it comes to innovation, we often overestimate short-term impacts and underestimate long-term ones. ".
So, there is no question of being surprised.
Samir HAMOUDA. Lawyer
January 20, 2024
Mob: +213 (0) 661 459 459
samir.hamouda@samirhamouda-avocats.com