Cybersecurity and National Security

hacker-working_t20_kj8GjX.jpg

Here in the United States, we have laws protecting sensitive technologies from foreign access. These laws would prevent an AI or robotics company from exporting technological information to another country; such a transaction might require an export license.

Although SVLG doesn’t do export licensing, we have colleagues around the country who do that kind of work, and we would be delighted to refer you to one of them. We would be able to coordinate a business transaction involving the export of that type of technology and to make sure that you don’t end up violating export control laws.

Also, the export laws not only apply to the transfer of those types of high technology to people in foreign countries but also to sharing technology with foreign nationals even within the United States. You may need an export license for those kinds of transfers as well. This may mean that if you hire a foreign resident to do some specific work for you as an employee or as a consultant, then you may need to have a license in order to work together with that person, even if all of that work takes place within the borders of the United States. Again, we can work together with export professionals and those who work with these laws to make sure that there is compliance under new and existing laws.

Protecting Your Company From International Data Breaches

Companies that are involved in advanced technologies (not only artificial intelligence and robotics, but things like brain-to-computer interfaces, quantum computing, and other types of emerging tech) need to find out whether they have applicable compliance obligations based on the exact types of technologies that they are developing.

In our global economy, it’s very important to understand what restrictions are placed on companies in terms of where they can export their technology and what foreign nationals they can speak to, including employees and consultants. SVLG can be of service by helping them go through the process together with professionals who focus on these areas; we will then work together as a team to look at processes, relationships, potential business deals, and then identify the compliance objectives and ensure we're implementing processes to comply with the legal restrictions on transfers.

For instance, it may be necessary to implement security controls to prevent foreign national access to technical information subject to export controls. We can assist with overseeing administrative, physical, and technical safeguards to prevent unauthorized access by foreign nationals to restricted information. We also work together with security professionals to implement security controls.

Huawei Case Study

Not long ago, Chinese company Huawei’s networking products were banned for use in the United States due to (allegedly) intentional back door security holes built into software and devices. The government is seeking to convince other countries and businesses not to do business with Huawei, and governments are trying to ensure that security concerns are handled properly. Needless to say, this complicates doing business with Huawei. Any company that's thinking about any sort of deal with them should understand from a compliance perspective what exactly is required. Finding this understanding could be challenging, as things are changing on a day-to-day basis with this particular case, in addition to local and international laws that evolve daily to grapple with security and related issues in technology.

Espionage Risks

Every day, companies become victims of the theft of intellectual property. It is common for employees to take confidential information while departing from a business, sometimes taking the information to help a new employer, and sometimes for purposes of starting a competing company. In other instances, however, workers may be funneling information to foreign governments or businesses. Nation-states, terrorist groups, or foreign businesses may seek to steal information from U.S. companies to gain national security or economic advantage.

Artificial intelligence and robotics companies are particularly at risk for espionage. Given how important AI and robotics are to national competitiveness, and the potential profits to be made from AI and robotics breakthroughs, AI and robotics companies are targets for foreign and economic espionage. Accordingly, AI and robotics businesses must take greater care of their intellectual property than even other technology companies. Robust data security practices are vital. 

Taking Security Into Your Own Hands

Businesses are at risk for non-compliance and espionage. There is no way around the need for greater preparation to understand threats, allocate resources to face these threats, and mitigate risk. AI and robotics businesses must put compliance and security measures into place. They should understand what laws apply to them. They must also make sure they have effective data security controls in place to prevent, deter, and detect espionage. In either case, it is time to review and update existing policies, and to make sure to implement controls to meet security requirements and protect sensitive technical information. These requirements are constantly changing and updating, and the AI/robotics counsel at SVLG is equipped to help your company stay safely ahead of the curve now and into the future.

Previous
Previous

AI Bias: Mitigating Your Risk

Next
Next

What to Know About Data Consent Under GDPR