Making Utah the first U.S. state to enact a major artificial intelligence (AI) statute governing private-sector AI usage, on March 13, 2024—coincidentally, the same day the European Parliament adopted the EU AI Act—Utah Gov. Cox signed into law S.B. 149 (AI Law). The AI Law, set to take effect May 1, 2024, was incorporated into Utah’s consumer protection statutes. Its key elements include establishing liability for inadequate/improper disclosure of generative AI (GenAI) use and creating the Office of Artificial Intelligence Policy (Office) to administer a state AI program.

Continue reading the full GT Alert.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Reena Bajowala Reena Bajowala

Reena R. Bajowala has deep experience with data security, information technology, and privacy law issues, and litigating class, collective, and plan-wide litigation. She is a Certified Information Privacy Technologist (CIPT), a Certified Information Privacy Professional – US (CIPP/US) and a Certified Information Privacy

Reena R. Bajowala has deep experience with data security, information technology, and privacy law issues, and litigating class, collective, and plan-wide litigation. She is a Certified Information Privacy Technologist (CIPT), a Certified Information Privacy Professional – US (CIPP/US) and a Certified Information Privacy Manager (CIPM). Through a competitive process, she was selected as a 2021-2023 Fellow of the American Bar Association’s Business Law Section with the Cyberspace Law Subcommittee.

When faced with a data breach, including in business email compromise, ransomware, or wire transfer fraud scenarios, clients turn to Reena to investigate, remediate, and comply with legal obligations. She regularly conducts risk assessments, develops privacy and information security compliance programs, and leads proactive planning for potential data security incidents, including drafting incident response plans, communications plans, and conducting tabletop exercises. In addition, Reena helps evaluate legal risks relating to emerging technologies, including artificial intelligence, connected devices, and drones.

Reena assists Employee Retirement Income Security Act (ERISA) benefit plan sponsors with implementing cybersecurity policies and service provider management programs. The Department of Labor’s current emphasis on cybersecurity allows Reena to utilize her combined decade-plus ERISA and benefit plan counseling and litigation experience and her deep cybersecurity and vendor management practice.

Reena has wide-ranging litigation and trial experience, including over 100 days of first-chair trial experience. She represents buyers and providers of IT services regarding issues ranging from billing and performance disputes arising from Master Services Agreements and Service Level Agreements to copyright and licensing disputes pursuant to Software Licensing and SaaS agreements. Reena also works to protect the interests of companies during software audits.

With a broad-based background in complex dispute resolution, Reena understands the intricacies of class, collective, and plan-wide litigation in the employment and consumer fraud spaces. She has deep experience with lawsuits involving ERISA, having represented plan sponsors and service providers in both benefits and fiduciary matters.

Photo of Arda Goker Arda Goker

Arda advises businesses on navigating complex data privacy and cybersecurity issues. He focuses on designing and maintaining privacy and security programs in compliance with existing and emerging U.S. and international privacy laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act…

Arda advises businesses on navigating complex data privacy and cybersecurity issues. He focuses on designing and maintaining privacy and security programs in compliance with existing and emerging U.S. and international privacy laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Colorado Privacy Act (CPA), Virginia Consumer Data Protection Act (VCDPA), Utah Consumer Privacy Act (UCPA), and Connecticut Data Privacy Act (CTDPA). He is certified as a privacy professional by the International Association of Privacy Professionals (CIPP/US).

In addition to his privacy and security practice, Arda litigates state and federal appeals and original appellate proceedings primarily involving consumer financial services, intellectual property, and defaulted tax-exempt bonds. His appellate experience also encompasses a variety of other subject matters, including catastrophic personal injuries and wrongful death, professional negligence, breach of contract, dignitary and business torts, employment issues, civil rights, divorce, child custody, immigration, and white-collar crime. Beyond his advocacy in the appellate courts, Arda regularly provides litigation support to trial counsel through strategic analysis, legal research, and pre- and post-trial motion practice geared toward preserving error and positioning cases for success on appeal.