There are definitely a lot of legal angles that AI will implicate, although some of the examples you provided suggest the situation is more mixed:
The HIPAA rules don’t apply to everyone. See, e.g., 45 C.F.R. § 164.104 (stating the entities to which HIPAA Privacy Rule applies). If you tell me about your medical condition (not in my capacity as a lawyer), HIPAA doesn’t stop me from telling whoever I would like. I don’t see how telling a generalized version of ChatGPT is likely to be different.
I agree that professional-practice laws will be relevant in the AI context, although I think AI companies know that the real money is in providing services to licensed professionals to super-charge their work and not in providing advice to laypersons. I don’t think you can realistically monetize a layperson-directed service without creating some rather significant liability concerns even apart from unauthorized-practice concerns.
The foreign law problem you describe is about as old as the global Internet. Companies can and do take steps to avoid doing business in countries where the laws are considered unfriendly. Going after a U.S. tech company in a foreign court often only makes sense if (a) the tech company has assets in the foreign jurisdiction; or (b) a court in a country where the tech company has assets will enforce the foreign court order. For instance, no U.S. court will enforce a judgment for heresy.
More fundamentally, I don’t think it will be OpenAI, etc. who are providing most of these services. They will license their technology to other companies who will actually provide the services, and those companies will not necessarily have the deep pockets. Generally, we don’t hold tool manufacturers liable when someone uses their tools to break the law (e.g., Microsoft Windows, Amazon Web Services, a gun). So you’d need to find a legal theory that allowed imputing liability onto the AI company that provided an AI tool to the actual service provider. That may be possible but is not obvious in many cases.
There are definitely a lot of legal angles that AI will implicate, although some of the examples you provided suggest the situation is more mixed:
The HIPAA rules don’t apply to everyone. See, e.g., 45 C.F.R. § 164.104 (stating the entities to which HIPAA Privacy Rule applies). If you tell me about your medical condition (not in my capacity as a lawyer), HIPAA doesn’t stop me from telling whoever I would like. I don’t see how telling a generalized version of ChatGPT is likely to be different.
I agree that professional-practice laws will be relevant in the AI context, although I think AI companies know that the real money is in providing services to licensed professionals to super-charge their work and not in providing advice to laypersons. I don’t think you can realistically monetize a layperson-directed service without creating some rather significant liability concerns even apart from unauthorized-practice concerns.
The foreign law problem you describe is about as old as the global Internet. Companies can and do take steps to avoid doing business in countries where the laws are considered unfriendly. Going after a U.S. tech company in a foreign court often only makes sense if (a) the tech company has assets in the foreign jurisdiction; or (b) a court in a country where the tech company has assets will enforce the foreign court order. For instance, no U.S. court will enforce a judgment for heresy.
More fundamentally, I don’t think it will be OpenAI, etc. who are providing most of these services. They will license their technology to other companies who will actually provide the services, and those companies will not necessarily have the deep pockets. Generally, we don’t hold tool manufacturers liable when someone uses their tools to break the law (e.g., Microsoft Windows, Amazon Web Services, a gun). So you’d need to find a legal theory that allowed imputing liability onto the AI company that provided an AI tool to the actual service provider. That may be possible but is not obvious in many cases.
Jason—thanks for these helpful corrections, clarifications, and extensions.
My comment was rather half-baked, and you’ve added a lot to think about!