Many website owners are adding artificial intelligence (AI) software applications to their sites as tools to provide services to visitors and customers.
For instance, some sites are using AI chatbots to field questions by prospects and other artificial intelligence tools to handle customer service requests.
Now most of these tools are licensed from third-parties who own them. This means the data collection and use policies are governed by the license between the site owner (licensee) and the AI tool owner (licensor) plus the data security and privacy policies of both parties.
This creates a privacy legal problem for the website owner because a licensee will rarely be able to force the AI tool owner to comply with data privacy requests made by site visitors and customers per applicable law.
At the time this article was written, 14+ U.S. states have passed data privacy laws/regulations (more coming) and so have other countries (e.g., Brazil) and regions (e.g., European Union). And you’ll likely need to address your AI tools’ use in light of individuals’ many data security and privacy rights.
EXAMPLE: Let’s say a customer who lives in France makes a request that you delete all of the data you have about that customer. Although you may comply with the European Union’s General Data Protection Regulation (GDPR) for all data within your control or possession, what about the customer’s information collected by the AI tools you used?
In all likelihood, that data has been commingled in the AI tool owner’s data sets for artificial intelligence learning and other purposes. And there’s almost no chance a request by you on behalf of the customer to delete the data is going to be honored.
Of course, there are ways to properly disclose AI tool use in your website legal documents and obtain consent as-needed. If you need help complying legally, it’s probably time to set up a phone consultation with Website Attorney Mike Young.
