Starrett Law

Third-Party Risk

AI Governance and Third-Party Risk

Generative artificial intelligence and other types of machine-learning projects most often require specialists from many verticals to converge around a single goal.

Data scientists, software companies, cloud providers, data-discovery solution providers and other entities culminate into a single quest. Tying this legal and technical ecosystem into a coherent synergy is paramount for commercial success and controlled risk.

Our Approach

There is a tightly-coupled mesh between the AI technologies that enable commercial advancement and the due diligence and contractual controls that guide them.

AI Technologies

At a high level, we believe a thorough understanding of application security, data discovery, model governance and cloud-based implementations play a primary role in assessing AI risk. Of course, cybersecurity, training of personnel and other factors are integral. We first examine  the data flows, dependencies, and overall ecosystem of relevant technologies. We can then approach risk analysis and efficient control strategies by way of due diligence and technology agreements.

Due Diligence and Technology Agreements

Due diligence provides an optimal understanding of the relationships that culminate around AI technologies and workflows. From this, agreements and contractual provisions can be crafted that come together into a transparent synergy. Intellectual property rights, confidentiality, limitations of liability and disclaimers, termination provisions, service-delivery requirements and other critical rights and protections can be accommodated.

At Starrett Law, we are unrivaled at bringing efficient due diligence and airtight third-party contracts into your AI risk-management and risk-transference programs.  This includes internal development of AI solutions, use of a third party’s AI application, or the buying or selling of AI solutions or services. Supply chain and contract chain approaches are something we are particularly skilled at.

Our approach is flexible.  Whether the right solution for you is consulting in nature, straight legal advice or a strategic mix of both, we offer bespoke solutions specific to your business. 

Our Team

We have a unique team devoted to this service vertical led by Paul Starrett and Jenn Suarez. Together, they cover every aspect of the technology, due diligence and contract structuring/drafting of your AI quest. Each is also a licensed attorney.

Paul brings over twenty years of technology background and ten years in AI/ML technology to help assess risks in any machine learning or generative AI project. Read more about Paul on our About Us page.

Jenn is a global privacy leader and an expert on the emerging and regulated aspects of artificial intelligence (AI). She helps businesses understand and capitalize on consumer privacy, cybersecurity, and online data protection, while integrating and harmonizing these across multiple countries and jurisdictions. She is a certified Fellow of Information Privacy (FIP) and she holds eight privacy accreditations from the International Association of Privacy Professionals (IAPP). You can read more about Jenn on her LinkedIn profile.

Scroll to Top