Privacy & Information Security Law Blog

On March 27, 2024, the National Telecommunications and Information Administration (“NTIA”) issued its AI Accountability Report, and, on March 28, 2024, the White House announced the Office of Budget and Management’s (“OMB’s”) government-wide policy on AI risk management. These provide new guidance in the wake of the Biden Administration’s recent Executive Order (“EO”) on AI. The EO requires agencies to generate various types of guidance and rules, and to take actions on staggered timelines. The OMB policy represents one such action at the 150-day mark of the EO.

The NTIA’s AI Accountability Report, for which the NTIA requested comments in April 2023, focuses on the idea that AI accountability policies and mechanisms are critical to optimizing AI technology. In particular, evaluation of AI systems, both pre- and post-release, and transparency around AI systems is necessary for innovation and adoption of trustworthy AI and for fostering stakeholder trust. The report details recommendations around the following aspects of the “AI accountability chain”:

• Access to information: disclosures, documentation, access;
• Independent evaluation: evaluations, audits, red teaming; and
• Consequences for responsible parties: liability, regulation, market.

The NTIA developed eight major policy recommendations related to the AI accountability chain, under the broad categories of Guidance, Support and Regulatory Requirements. The recommendations may be accessed in the full report, but one example impacting the private sector will be requirements for entities contracting with the government.

The OMB Policy to Advance Governance, Innovation and Risk Management in Federal Agencies’ Use of Artificial Intelligence, announced by Vice President Kamala Harris, is a “core component” of the EO on AI, provides the basis for multiple areas of AI accountability and governance and will be foundational for other agencies to build upon in developing subsequent regulations, many of which will in turn impact the private sector. According to the White House fact sheet, the OMB policy would, among other things:

• Address risks related to the use of AI (e.g., mandatory assessments and safeguards);
• Expand transparency of AI (e.g., reporting AI use cases and metrics);
• Advance responsible AI innovation for high priority societal challenges (e.g., climate change, public health, public safety);
• Grow the AI workforce (e.g., hiring AI professionals and setting pay and leave guidance); and
• Strengthen AI governance (e.g., designating Chief AI officers and establishing AI Governance Boards).

The White House also announced several of its upcoming actions, including a request for information (“RFI”) for responsible AI procurement, expanding the government’s AI Use Case Inventory, and hiring 100 AI professionals by summer 2024.

These types of policies and reports are anticipated to inform compliance efforts in the rapidly evolving AI environment, including in the privacy and security arenas.