Newsletter n°10 (october 2024)
✨ARTIFICIAL INTELLIGENCE✨
➡️ FTC sanctions DoNotPay, the notorious “robot lawyer”
The United States has sanctioned DoNotPay, a start-up that claimed it could replace lawyers with its artificial intelligence service.
On September 25, 2024, DoNotPay agreed to pay a fine of $193,000 and to stop claiming that its AI could replace legal professionals. The Federal Trade Commission (FTC) accused the company of misleading advertising, as its service received no legal training and was not developed with up-to-date legal underpinnings.
Founded in 2015, DoNotPay originally helped dispute parking fines, before expanding its services to include proceedings such as divorces or legal complaints.
This isn’t the first time that start-up DoNotPay has drawn attention to itself. Last year, the start-up made a name for itself by claiming to be able to offer its customers tailored legal arguments “live” during court hearings.
More information👉 DoNotPay | Federal Trade Commission (ftc.gov)
➡️ Establishing a new regulatory framework for AI in the USA
On September 29, 2024, California Governor Gavin Newsom vetoed SB 1047, one of the most ambitious efforts to date to establish a regulatory framework for artificial intelligence (AI) in the United States. In addition, Newsom also signed 18 other AI bills in September, which will very likely have a major impact.
Several sectors will be impacted by these laws, including:
Media & Entertainment:
One of the bills establishes enhanced consent requirements for the use of “digital replicas” (AI cloning of a person or object to simulate its presence) in media and entertainment content, including movies. Furthermore, it is intended to forbid the unauthorized commercial utilization of a digital duplicate of a deceased individual and to levy penalties equivalent to $10,000 or the true damages incurred, whichever is higher.
Deepfakes & Pornography:
The proposed laws forbid the use of artificial intelligence (AI) in the production of child pornography and impose criminal penalties on those who produce pornography that uses deepfakes. Social media companies will also have to remove deepfake pornography from their platforms right away and offer a reporting mechanism for it.
Elections & Disinformation:
“Protecting the integrity of elections is essential to democracy, and it’s critical to ensure that AI is not deployed to undermine public trust through misinformation – especially in today’s tense political climate,” said Newsom, ”These measures will help combat the harmful use of deepfakes in political ads and other content, one of many areas in which the state is being proactive in fostering transparent and trustworthy AI.”
Major online platforms will specifically have to block content that spreads false information about elections during certain times, such as right before and right after an election, and designate some additional content as “fake” or “inauthentic.” The bill also requires platforms to set up procedures for reporting such content. Finally, it will also be required to disclose any campaign advertising using AI.
More information 👉 FIRSH’s teams are keeping a legal watch on comparative AI law. Stay stunned!
➡️ The ANSSI has published a guide to security recommendations for a generative AI system
Although AI is growing in popularity, the risks of security breaches are not negligible. As a result, a certain amount of caution is called for when deploying AI in an existing information system.
To this end, the ANSSI (the French National Agency for the Security of Information Systems) has published a guide of recommendations for generative AI systems, promoting best practices.
Here are a few general recommendations highlighted in its guide:
1) Assess the confidence level of libraries and external modules used in the AI system;
2) Apply DevSecOps principles to all phases of the project. For example, by implementing secure management of secrets used in all phases of the project.
More information 👉 Recommandations de sécurité pour un système d’IA générative | ANSSI (cyber.gouv.fr)
Firsh Consultancy ; Firsh can help you with any legal issues you may face in the field of artificial intelligence and cybersecurity, anticipating future regulations such as NIS 2.
✨NEW TECHNOLOGIES✨
➡️ Blocking websites selling Olympic tickets without authorization
Is it possible to block access to websites selling Olympic tickets without authorization?
The Paris Court of First Instance answered yes to this question at the request of the Paris 2024 Olympic and Paralympic Games Organizing Committee (COJOP) in a decision dated July 29, 2024.
The Court found that the exclusive rights of the COJOP had been seriously infringed by an online public communication service, causing damage and a manifestly unlawful disturbance.
Based on the French law of June 21, 2004, loi pour la confiance dans l’économie numérique, the judges ordered Internet service providers (Orange, Bouygues, Free…) to implement measures to block access to the sites, in particular by blocking domain names, within three days, until the last day of the Olympic Games (currently scheduled for September 08, 2024).
Firsh expert word: In this type of case, the certified report (procès-verbal de constat) is crucial. The urgency of reaction is also crucial in order to file a summary claim with the competent court. Some suppliers demand payment of blocking or anonymity removal fees.
Read the decision 👉 July 29, 2024 Paris Court of Justice RG no. 24/09234
✨PERSONAL DATA ✨
➡️ CNIL imposes €800,000 fine on Cegedim Santé
In a decision dated September 5, 2024, La Commission nationale de l’informatique et des libertés (Cnil) imposed an €800,000 fine on Cegedim Santé, an entity specializing in medical software and appointment management for healthcare professionals.
This sanction follows breaches concerning the processing of non-anonymous health data, used without authorization to produce studies and statistics. In particular, the CNIL noted that the data was pseudonymized, potentially allowing the persons concerned to be re-identified.
In determining this penalty, the CNIL considered the seriousness of the facts, the large volume of data collected and the sensitive nature of the information (medical history, diagnoses, prescriptions, etc.).”
FIRSH expert word: If you wish to process personal data in the health field, make sure you have the legal framework for the processing, Firsh will assist you where necessary.
Read the decision 👉 Deliberation SAN-2024-013 of September 5, 2024
➡️ Is the supervisory authority obliged to adopt a corrective measure in the event of a personal data breach?
In a ruling on September 26, 2024, the CJEU answers this question in the negative.
It considers that in the event of a personal data breach being established, the supervisory authority is not under an obligation to adopt a remedial measure when such intervention is not appropriate, necessary or proportionate to remedy the shortcoming established and ensure full compliance with the GDPR.
In addition, on an exceptional basis and taking into account the circumstances, the authority may decide not to adopt a corrective measure under two cumulative conditions: firstly, the breach must be corrected and, secondly, the compliance of the processing operations must be ensured.
FIRSH expert word: In the event of a personal data breach, quickly remedy the errors and keep all evidence of the correction of the breach, as well as the conformity of the processing, in order to benefit from the above-mentioned exception. If necessary, you should also notify the CNIL.
Read the decision 👉 CJEU judgment of 26 September 2024, C 768/21
✨INTELLECTUAL PROPERTY✨
➡️ Designs / Copyright: Infringement of a chair design reproduced in donut stores
On September 13, 2024, the Lille Court recognized the copyright infringement of a BABA chair reproduced in the stores of Royal Donuts France.
A furniture company commercializes “BABA” chairs in rounded shapes, made from a fleece material and featuring a hollow in the middle of the backrest. The Donuts company equipped its stores with similar chairs to recall the shape of the famous pastry.
The judges considered that, although the two chairs were not identical, there was a general impression of resemblance due to their shapes, structure and contrasting materials.
FIRSH expert word: the reproduction, even similar, of a piece of furniture protected by intellectual property law can be punished as copyright infringement. Beware of the temptation to copy a piece of furniture at low cost, and don’t forget that social networks make it easy to get into your home!
Read the decision 👉 Lille Court of Justice, September 13, 2024, 23/09494
➡️ Copyright: 1st ruling in Europe on the use of pre-existing works in AI training datasets
AI raises a number of copyright issues, notably the re-use of pre-existing works in training datasets.
The AI involved in the artistic creation phase operates in a learning process known as “machine learning”. Initially, there is an “input” phase in which the AI is fed multiple works (particularly copyrighted works). Next, the AI analyzes, deconstructs and registers the characteristics common to these pre-existing works, in order to obtain a new work which is then called an “output”.
By integrating pre-existing works into AI training programs without the authorization of the copyright holders, there is a hypothesis of copyright infringement.
In this case, photographer Robert Kneschke took LAION 5B (an association that creates AI datasets) to court to have his works removed from the training dataset.
The Hamburg District Court has handed down a groundbreaking decision: the judges have authorized the training of AI learning models on pre-existing copyrighted photographs under the exception for data mining and data mining for scientific purposes.
FIRSH expert opinion : This decision is somewhat surprising insofar as the scientific purpose may be questionable. It remains to be seen whether the plaintiff will appeal the decision…
Read the judgement 👉 District Court of Hamburg (Kneschke v. LAION)
✨« FIRSH » NEWS ✨
Find out more about Firsh’s contributions to the advancement of law and innovation:
➡️ Claire Poirson, our founding partner, is delighted to have been able to shed some legal light on deepfake scams on TF1’s JT de 20h on September 24, 2024.
More information 👉 Fausses vidéos : attention aux pièges | TF1 INFO
➡️ Claire Poirson also had the pleasure of being interviewed by journalist Laurence Neuer for Le Point, on the legal implications of deepfakes cloning the voice or face of deceased artists.
More information 👉 Clonage des voix d’artistes décédés : entre risques juridiques et dilemmes éthiques (lepoint.fr)
➡️ We are proud to support Ana Healthcare, a winner of the French government’s Innovation Competitions, one of 177 winning projects to be supported by the French government via France2030. Ana Healthcare’s project involves the development of a platform specializing in the re-use of medical data to accelerate clinical research.
➡️ In September, Firsh assisted clients with the following projects:
– Negotiation of the terms of a framework contract between a perfume designer and a major brand in the cosmetics and perfumery sector.
– Negotiation of confidentiality agreements for an innovative customer in the field of energy reduction and the environment
– Negotiation of a settlement protocol with a service provider working simultaneously for several luxury brands, in breach of its non-competition clause.
– “Public affairs” expertise on the ban on plastics by 2025 in application of the French Climate and Resilience Act
– “Public affairs” expertise in the field of transparency in media advertising
📢 To follow us on LinkedIn and receive our newsletter, click here: https://www.linkedin.com/company/firshlaw/
📢 There is no direct collection of your personal data and therefore no emailing from FIRSH !