Insights: Alert Executive Order on Artificial Intelligence – NIST Solicits Public Comment
On December 19, 2023, the U.S. Department of Commerce’s National Institute of Standards and Technology (“NIST”) issued a Request for Information (“RFI”) regarding responsibilities set forth in the Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (“EO”). Specifically, the EO “directs NIST to develop guidelines for evaluation, red-teaming and more; facilitate development of consensus-based standards; and provide testing environments for the evaluation of AI systems.” Comments responding to the RFI must be submitted by February 2, 2024.
The RFI notes that NIST is seeking input from the public to assist in its “carrying out several of its responsibilities under Sections 4.1 [Developing Guidelines, Standards, and Best Practices for AI Safety and Security], 4.5 [Reducing the Risks Posed by Synthetic Content], and 11 [Strengthening American Leadership Abroad] [… ,]” of the EO. Additional information regarding the “assignments and plans” set for NIST under the EO (including an informative video) can be found here.
In the RFI, NIST expresses its “interest[ed] in receiving information pertinent to” numerous “assignments” established by the EO. While each of the assignments address important topics (and the RFI provides additional detail and examples), below are several that may be of particular relevance.
- Developing a companion resource to the AI Risk Management Framework (“AI RMF”), NIST AI 100-1, for generative AI.
- Creating guidance and benchmarks for evaluating and auditing AI capabilities, with a focus on capabilities and limitations through which AI could be used to cause harm (e.g., autonomy, self-improvement, and access to external resources).
- Establishing guidelines, standards, and best practices for AI safety and security, including appropriate procedures and processes, to enable developers of AI to evaluate cybersecurity effectiveness of AI systems through adversarial testing (red-teaming) to enable deployment of safe, secure, and trustworthy systems.
- Soliciting input concerning topics related to synthetic content creation, detection, labeling, and auditing.
- Seeking information regarding topics related to the development and implementation of AI-related consensus standards, cooperation and coordination, and information sharing that should be considered in the design of standards.
Responses to the RFI must be received on or before February 2, 2024. Developers, researchers, and users of AI systems should strongly consider responding to NIST's request for information and requests that will be solicited by other agencies addressed in the EO over the coming months.
Kilpatrick
Kilpatrick – Generative AI
Kilpatrick’s Generative AI practice works with clients to tackle their most pressing AI concerns and challenges to achieve results in line with overall business strategies and goals. Our multidisciplinary team, with backgrounds in intellectual property, privacy, cybersecurity, federal legislation and regulation, commercial transactions, and dispute resolution, monitors and proactively addresses risks, compliance requirements, and opportunities related to generative AI. For more information, please visit our website: Kilpatrick – Generative AI
Kilpatrick – Government and Regulatory
Kilpatrick’s Government and Regulatory practice offers policy, legislative, rulemaking, compliance, and regulatory advocacy services and legal guidance on both broad and industry-specific matters, including artificial intelligence, energy, sustainability, Tribal, finance, distributed ledger technology (including blockchain), and digital assets (cryptocurrency, stablecoin, tokenization, and central bank digital currency (CBDC)). For more information, please visit our website: Kilpatrick – Government & Regulatory
Kilpatrick – Cybersecurity, Privacy & Data Governance
Kilpatrick’s Cybersecurity, Privacy & Data Governance practice helps its clients protect their most important information in the most pragmatic, cost-effective, and business-focused way possible. The team supports its clients in: complying with evermore complex privacy, data protection, and cybersecurity regulatory frameworks around the world, anticipating and managing the full range of information-related risks, optimizing the value of information and appropriately monetizing it, containing and responding quickly and effectively to incidents, preventing and controlling disputes and investigations, and maximizing recoveries and resilience. For more information, please visit our website: Kilpatrick – Cybersecurity, Privacy & Data Governance
Related People
Related Industries
Disclaimer
While we are pleased to have you contact us by telephone, surface mail, electronic mail, or by facsimile transmission, contacting Kilpatrick Townsend & Stockton LLP or any of its attorneys does not create an attorney-client relationship. The formation of an attorney-client relationship requires consideration of multiple factors, including possible conflicts of interest. An attorney-client relationship is formed only when both you and the Firm have agreed to proceed with a defined engagement.
DO NOT CONVEY TO US ANY INFORMATION YOU REGARD AS CONFIDENTIAL UNTIL A FORMAL CLIENT-ATTORNEY RELATIONSHIP HAS BEEN ESTABLISHED.
If you do convey information, you recognize that we may review and disclose the information, and you agree that even if you regard the information as highly confidential and even if it is transmitted in a good faith effort to retain us, such a review does not preclude us from representing another client directly adverse to you, even in a matter where that information could be used against you.
