Incorporating International AI Standards Into Contracts

In today’s globalized economy, companies frequently engage in cross-border transactions, necessitating contracts that are not only legally compliant but also aligned with international best practices and standards.

The European Union (EU) Parliament’s adoption of the “AI Act” on March 13 and the expansion of international trade laws and regulations underscores the importance of ensuring that contracts with overseas entities remain up-to-date and precise. Here are some of the key terms that businesses should consider to enable effective integration of international standards into their contractual agreements when managing artificial intelligence (AI) or international trade to minimize risk, enhance transparency, and build trust among the involved parties.

Artificial Intelligence

In an era of heightened focus on AI, regulations are emerging across various jurisdictions and industries. The EU AI Act will come into effect in the coming months, which will impact many businesses that use AI in the EU or that offer their AI products in the EU. In addition, numerous U.S. state and federal laws have passed or are under consideration, other countries are working on legislation, and regulatory agencies around the world have indicated that they will use their current authority to regulate AI.

Ensuring compliance with diverse AI-related laws and regulations while contracting across different jurisdictions requires careful attention to regulatory requirements and proactive risk management strategies.

Companies should:

• Identify what relevant laws and regulations apply to their business and the business of the counterparty.
• If subject to the EU AI Act, determine whether the planned AI usage is classified as prohibited, high risk, or lower risk under the EU AI Act. This will determine the company’s obligations as a “provider” (i.e., vendor) or “deployer” (i.e., user) of AI. The provision of high-risk AI will require compliance with extensive obligations, such as the implementation of a quality management system.
• Implement ISO/IEC 42001, an international standard that includes guidance for establishing, implementing, maintaining, and improving an AI management system. ISO/IEC 42001 is expected to be adopted as a “harmonized standard” under the EU AI Act, meaning that if a company that provides high-risk AI is in compliance with ISO/IEC 42001, it will be presumed to be complaint with its core obligations under the EU AI Act as a high-risk provider.
• Identify what personal data will be shared between parties and whether such data can be used to train AI.
• Assess intellectual property (IP) rights in the model, including updates as the model is trained; prompts entered into the model; and the outputs of the model.
• If licensing an AI product, conduct a risk-impact assessment based on the nature of the AI and how it will be used. Continually monitor its use, including through the use of bias audits and other mechanisms.
• Add contractual provisions based on the foregoing. For instance, ISO/IEC 42001 provides that companies using third-party AI should ensure that the supplier of such AI provides adequate technical and system documentation and takes corrective action if the AI does not perform as intended. These requirements should be included in the contract with the AI vendor.

The EU is expected to develop non-binding contractual clauses as part of the AI Act’s implementation, which can be used as a guide for parties providing or deploying AI.

International Trade

Over the past several years, and particularly since Russia invaded Ukraine in February 2022, many countries have imposed or expanded existing international trade laws and regulations. The United States continues to be the leader in this effort, but Australia, Canada, the EU, Japan, South Korea, the United Kingdom, and others are also extending trade restrictions.

These restrictions pertain to exports of items and technologies to certain destinations or end users, and more general sanctions that prohibit engaging in any transactions with designated parties. In some cases, imports are banned too—for example, when an imported product is deemed to have been manufactured using forced labor. Similarly, many countries are aggressively enforcing laws related to bribery and corruption.

Generally speaking, international trade laws cover both individuals and companies, as well as any agent or other representative acting on behalf of another person: A party cannot avoid liability simply by acting improperly through a representative.

Due diligence on transactions and transaction partners is essential to protect against international trade violations.

Moreover, contracts that cover cross-border business need to include international trade provisions requiring compliance with the following:

• Export controls, including (as appropriate) reference to specific export regimes, such as the U.S. Export Administration Regulations or the U.S. International Traffic in Arms Regulations.
• Economic sanctions, including (as appropriate) reference to certain sanctioned parties such as designated Russian oligarchs or prohibited military end uses.
• Import controls, particularly as to the absence of forced labor in the supply chain.
• Anti-bribery, including (as appropriate) reference to specific laws such as the UK Bribery Act.

Emily Burrows is a member at Bass, Berry & Sims in its Nashville, Tennessee, office. She heads the firm’s artificial intelligence practice, advising companies on a wide range of business- and technology-related transactions, with a particular focus on negotiating agreements for the license and implementation of new AI tools and services, advising on the unique contractual and regulatory AI considerations, and crafting appropriate terms to allocate risk. She can be reached at EBurrows@bassberry.com.

Thad McBride is a member at the firm in its Washington, D.C., office. He heads the firm’s international trade practice and counsels clients on compliance with and investigations involving economic sanctions and embargoes, export and import controls, foreign corrupt practices, the committee on foreign investment in the United States, and other U.S. trade laws. He can be reached at TMcBride@bassberry.com.

From: Law.com