Artificial intelligence brings a fresh set of procurement challenges. And it seems like every agency is buying it in one form or another. The White House last month issued guidance on what it calls responsible acquisition of AI. Joining the Federal Drive with Tom Temin with the implications for intellectual property and who owns what, Haynes Boone procurement attorney Dan Ramish.
Interview transcript:
Tom Temin Dan, this update with which was late September, that actually supersedes an earlier memo on the same topic.
Dan Ramish Well, Tom, it doesn’t actually supersede it. It supplements it, it expands on it and builds on it. Both the earlier memo M 2410 and the Biden administration’s executive order on AI 14110 Safe, secure and Trustworthy Development and Use of artificial intelligence. So this new memo M 2418 focuses on acquisition of artificial intelligence by government agencies and expands on the earlier memo, talks about cross-functional collaboration and interagency collaboration around AI, which has been a big theme. The government wants to make sure that different agencies are talking to each other in how they’re learning to use AI and sharing best practices and also lessons learned when things go wrong.
Tom Temin And when you are acquiring. I guess maybe we should start with what are you actually acquiring? Because in some cases you are basically buying the services of an algorithm and you produce your own results, but you could also, in other cases, be buying a software application. So is that part of the complication here?
Dan Ramish Well, so the memo talks about agency procurement of AI systems and services. Services suggests procurement of AI on a you know, as a service model, which is a common method of software delivery these days. Certainly an AI system, you would think more of a software application that the government would obtain maybe through the cloud the way things are delivered these days.
Tom Temin And so what is unique here with respect to intellectual property, I guess, is the question?
Dan Ramish Well, Tom, there are a number of specific considerations that arise in the context of AI that were raised in the earlier memo. And this new memo talks more about them. So the earlier memo simply pointed out that procurement of AI has to be consistent with applicable intellectual property, law, regulation and policy. So recognizing that AI procurement occurs within the broader legal context, both the legal context that applies to all intellectual property and also the government procurement, legal context, the Bayh-Dole Act for patents and the technical data statute and the technical data and computer software rights regulations. So a procurement occurs in that context, but there are a lot of unique features that aren’t directly addressed within the regulations or maybe go well beyond, in some cases what the regulations contemplate. Incidentally, general intellectual property law in the United States is still trying to figure out AI and a number of features of AI. So there are legal questions about whether copyrightable material can be used to train AI without running afoul of the copyright law, whether creations of an artificial intelligence system can be protected through copyright or through patent. So it’s really a wild West across the board. But then you throw in some special considerations when the government is the one buying the AI. And that’s part of what this memo illuminates. So the government is recognizing increasingly in both of these memos that data is really an asset that the federal government has a lot of unique data that no one else has and a volume of data that is valuable. So treating data as an asset is one of the themes of both the prior memo and this memo from OMB talking about handling of data and data improvements, cleaning and labeling to treat it as a critical asset so that can be used in in AI training and operations moving forward.
Tom Temin Data also then applies to what is produced by the AI.
Dan Ramish Both the input data that’s used to train the AI and to operate the AI, the iterative improvements of an AI model and also the outputs of an AI are significant for intellectual property purposes and the parties need to think about who owns them, who owns the input data, who owns the output data, who owns the improvements to the AI, how the data needs to be handled under the contract so that it’s usable.
Tom Temin We are speaking with Dan Ramish. He’s a procurement attorney with Haynes Boone. And it sounds like these concerns are commercial and governmental for anyone buying AI. Does the government have any unique concerns here that are addressed in this memo?
Dan Ramish Absolutely, Tom. So two categories of AI that were addressed, particularly in the prior memo, the 2410 memo, were safety impacting and rights impacting AI, as you can imagine. Right. The. Given the different activities of the federal government, there are activities that implicate the legal rights of people, whether that’s their civil rights, property rights, ability to get credit, anything across the board. There are particular concerns about how an eye goes through any decision making process that could affect the legal rights of people. And the other major bucket is safety impacting air, which has some implications for human safety or health, or where if something goes wrong, it could cause injury or other harm.
Tom Temin Sure. Well, I guess the question becomes how should government and how should I contractors or contractors using air proceed? I mean, what are some of the best practices, if we have them at this early stage in this whole evolution?
Dan Ramish So this new memo really takes a strong line in encouraging agencies to plan ahead and avoid vendor lock in as they refer to it. Some of the language is fairly innocuous as far as just ensuring that the rights and deliverables that are provided for in the contract meet the agency’s mission. But in some cases the memo goes significantly further in talking about requiring vendors to transfer knowledge to agency staff to allow them to essentially transfer the A.I. system at the end of the contract, or requiring vendors to promote data and model portability. Again, their interests on both sides. The agency needs to make sure that they are buying AI systems that it will be able to use and that that won’t die at the end of the contract and that they aren’t stuck with a single vendor for a long term contract. But at the same time, the contractor has interests in their own proprietary intellectual property and that may be the very foundation of their whole business, right?
Tom Temin So then you really have to negotiate carefully and it sounds like almost that you need a specialized approach for AI, at least until this becomes normalized and that could be years. But you’re buying something fundamentally different than other software and software services.
Dan Ramish That’s right. And you don’t have some of the same infrastructure that you have for other types of procurements. As I mentioned before, it’s not yet totally clear under copyright law whether materials that are created by AI are subject to copyright protections. So if there isn’t a broader legal framework to plug into, then the government and the contractor need to come up with some other way of dealing with or protecting the outputs of an AI.
Tom Temin In some ways, the acquisition as a head of the whole intellectual property framework. I mean, I read about a podcast producing service from Google the other day where you dump documents into it and it produces a conversational two person dialog that you can listen to, like a podcast, even though no human actually spoke a word, it’s all generated. Well, if you and I both dump the same documents into the same algorithm and it produces the exact same thing, then who can copyright that? Or if we both dump the same thing in and something else has happened in between and it produces different results, Can that be copyrighted? That’s the type of question I guess people don’t really know the answer to yet.
Dan Ramish That’s right. And along with that, there are other concerns that arise. And so one of the recommendations that the memo makes for agencies is to conduct careful due diligence to the supply chain of the vendors data. And in part, that’s thinking about the potential for rights impacting or safety impacting AI. They need to understand whether the training data could include any sources of bias or quality problems that could call into question whether the decision affecting rights or safety was proper. Also, there are cybersecurity concerns when it comes to training data, which the memo mentions need to understand, evaluates the data used in model training and the models so they can understand the AI risks such as data poisoning, which is cybersecurity attacks, the training data or also data leakage, unintentional exposure of sensitive data that was used to train a model.
Tom Temin So there’s a lot of branches to this. But on the intellectual property front, the rule then is be specific and make sure the contractor and you as the agency have the exact same understanding before you sign anything.
Dan Ramish That’s right. Well, and all of these factors have intellectual property implications because a contractor might closely hold what kind of training data they’re using. But the government may have specialized interests in knowing what that training data is or otherwise understanding the model because of the stakes of the government’s.
Tom Temin Dan Ramish is a procurement attorney with Haynes Boone. Well, thank you for outlining what sounds like a really complicated quagmire area for people to be careful of.
Dan Ramish Tommy, in the modern era, we’ve gone from procurement of goods to procurement of services. AI may be the next major procurement category for the federal government. It’s important for the government and for industry to work together to get it right.
Tom Temin And we’ll post this interview at federalnewsnetwork.com/federaldrive. Subscribe to the Federal Drive wherever you get your podcasts.
Copyright
© 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.