Day 1
Session 1: Current Cybersecurity Challenges. Panelists will describe current cyber risks and threats posed by bad actors to the digital systems used by clients, counsel, and the courts (e.g., social engineering exploits, ransomware attacks), the immediate and persistent consequences, and the need to implement and train in incident responses. Panelists will describe the kinds of cyber vulnerabilities that cyberattacks tend to exploit and the need for cybersecurity hygiene to reduce the risks of successful attacks. Panelists will review federal and state cybersecurity statutes and regulations and standards invokes and made applicable thereby, and will discuss court decisions explaining their interpretation and application.
Speakers:
Reena Bajowala, Shareholder, Greenberg Traurig, Chicago
Claudia Rast, Shareholder, Butzel, Ann Arbor
(15-minute break)
Session 2: Current AI Challenges. Panelists will explain definitions of artificial intelligence (AI) and of generative AI (GenAI), explain the differences, and review GenAI applications currently used by clients, counsel, and courts. Panelists will review, in detail, terms of service (including annexes on cybersecurity and privacy) that govern the use of GenAI applications, the risks that users take by agreeing to those terms of service, problematic provisions, the need to continually review those terms to keep abreast of changes and updates, and system cards used by an AI vendor that highlight limitations in the application. Panelists will describe the current known capabilities, limitations and deficiencies in GenAI (e.g., tendencies towards misplaced trust in GenAI, overreliance on GenAI, failure to check and verify outputs) and the user's need to learn those in order to avert misuses of GenAI. Panelists will review ways in which GenAI may be misused and cause harm (e.g., deep-fakes), challenges to detecting and mitigating such malicious uses, and applicable state and federal regulations to the use of GenAI.
Speakers:
Marc Donner, PhD, formerly Engineering Director (Uber), Engineering Director (Google), Director (Morgan Stanley), Executive Director (UBS), Research Staff (IBM), Research Engineer (NASA - JPL)
Adriana S. Luedke, Director and Associate General Counsel, IP and Technology Law, Lockheed Martin Corporation
Roland L. Trope, Partner, Trope and Schramm LLP, New York City, and Adjunct Professor, Department of Electrical Engineering and Computer Science, U.S. Military Academy at West Point
Day 2
Session 1: Intersections of Cybersecurity and AI. Panelists will review reported ways in which cybersecurity incidents affecting developers of AI may result in contaminated data sets, model drift, degrade in AI performance, and misalignment between how we expect AI to perform and ways in which it may fail to perform as expected (e.g., emergent, unanticipated behavior, inaccurate outputs, prompt-induced inaccuracies). Panelists will describe reported ways in which AI can enhance cyberattack capabilities and resulting harm and may be useful in improving cybersecurity and post-incident recovery. Panelists will review GenAI terms of service provisions that address cybersecurity and duties to report cyber incidents related to use of GenAI. Panelists will continue the previous day's discussion of security challenges created by malicious use of GenAI and court decisions on resulting evidentiary challenges (e.g., "deep-fake" defense and other authentication problems).
Speakers:
Jon M. Garon Professor of Law, Nova Southeastern University, Fort Lauderdale and Chair of ABA, Section of Business Law, Cyberspace Law Committee
Candace Jones, formerly Associate General Counsel and Vice President (Federal Reserve Bank of New York) and past-Chair of ABA, Section of Business Law, Cyberspace Law Committee and member of ABA Cybersecurity Legal Task Force
Ama A. Adams, Partner, Ropes & Gray LLP, Washington, DC
Marc Donner, Computer Scientist, formerly at IBM, Google, and Uber
Charles Palmer, Computer Scientist, Computer Science Dept., Dartmouth College
Roland Trope, Partner, Trope and Schramm LLP, New York City
(15-minute break)
Session 2: Ethical Rules Concerning Cybersecurity and AI. Panelists will review professional ethical rules concerning duties to keep abreast of new technologies (including changes in cyber threats, enhancing cybersecurity to address such threats, and the limitations, potential misuse, and malicious use of AI), duties to maintain cybersecurity to protect client confidentiality and avert inadvertent waiver of attorney-client and attorney work product privileges), duties to supervise users of GenAI applications, duties to review, verify, and ensure accuracy of GenAI outputs, etc. Panelists will discuss existing state bar ethics opinions on lawyer's use of GenAI (e.g.,as issued by California, Florida, and New York state bars) and local rules issued by state and federal courts concerning the use of GenAI in preparation of documents submitted by counsel.
Speakers:
Fernand A. Lavallee, Partner, Jones Day, Washington, DC
Lucian T. Pera, Partner, Adams and Reese LLP, Memphis