Presented By
O’Reilly + Intel AI
Put AI to Work
April 15-18, 2019
New York, NY

Executive Briefing: The Regulatory Road Ahead - How to Navigate the Legal Trends Driving AI in 2019

Anna Gressel (Debevoise & Plimpton LLP), Jim Pastore (Debevoise & Plimpton LLP), Anwesa Paul (American Express)
2:40pm3:20pm Wednesday, April 17, 2019
Secondary topics:  AI in the Enterprise, Ethics, Privacy, and Security

Who is this presentation for?

C-level decision makers, general counsels, directors, privacy officers, and anyone else who wants to learn more about key legal trends applicable to AI.



Prerequisite knowledge

No prior legal or technical experience necessary. This presentation is intended for a general audience, including anyone with an interest in legal and regulatory trends around AI.

What you'll learn

• Understand how key provisions in the GDPR and California Consumer Privacy Act apply to AI and machine learning. • Gain insights into how the GDPR has been enforced since it took effect on May 25, 2018. • Explore how current U.S. laws and regulations apply to AI, and what regulatory trends we expect to see in 2019. • Learn about how plaintiffs and government agencies have been challenging uses of AI in U.S. courts – and what companies can do today to mitigate legal and regulatory risks.


What rights do consumers have under the GDPR and U.S. laws to challenge decisions reached by algorithms? Does the GDPR provide a broad “right to an explanation” for AI technologies? And will the U.S. government succeed in arguing that Facebook violated U.S. federal and state anti-discrimination laws through its targeted job and housing advertisements? These are critical questions about how laws and regulations apply to AI – these legal frameworks are in their early stages, and it has never been more important for companies to understand and mitigate these regulatory risks.

Anna Gressel, Jim Pastore, and Anwesa Paul will explore important laws and regulations that currently apply to AI and machine learning. They will also offer insights from lawsuits challenging various algorithms, and highlight the key cases to watch in 2019. Finally, Anna, Jim, and Anwesa will share a practical framework for evaluating and mitigating the risks related to AI and machine learning.

Participants will gain concrete insights into the following questions:
• How do key provisions in the GDPR and California Consumer Privacy Act apply to AI and, in particular, to algorithmic decision-making and profiling?
• What trends have we seen in enforcement actions since the GDPR took effect on May 25, 2018?
• In the absence of national U.S. legislation governing AI, what other U.S. laws and regulations apply to AI and machine learning?
• What lawsuits have been brought in the U.S. challenging the use of algorithms or machine learning, and what issues are likely to be litigated going forward?
• How can companies take concrete actions now to mitigate legal and regulatory risks?

Debevoise & Plimpton’s market-leading FinTech and Cybersecurity & Data Privacy practices have experience in the fast-developing legal and regulatory trends related to AI, machine learning, and data analytics. We provide holistic legal advice to our clients, so that they can anticipate and stay ahead of issues that may affect the development of their products and business models. In the wake of the GDPR taking effect in May 2018 and the California Consumer Privacy Act passed in June 2018, the Debevoise team has also been actively advising our clients to ensure policies comply with these new laws and regulations.

Photo of Anna Gressel

Anna Gressel

Debevoise & Plimpton LLP

Anna R. Gressel is a litigation associate whose practice focuses on complex civil litigation, corporate governance and intellectual property. Ms. Gressel is a member of the firm’s Technology, Media & Telecommunications Group, and she actively advises on issues related to emerging technologies. She also maintains a pro bono practice that includes federal civil rights litigation and indigent criminal defense.

Ms. Gressel joined the firm in 2014. She received a J.D. from Harvard Law School in 2014, where she twice served as teaching assistant for Harvard Law School’s flagship Negotiation Workshop course and Harvard Negotiation Institute’s executive education programs.

Ms. Gressel received a B.A. from Pomona College. Prior to law school, Ms. Gressel was the recipient of a Fulbright Research Fellowship to Morocco.

Ms. Gressel is the co-author of “Storm Clouds or Silver Linings? Assessing the Impact of the U.S. CLOUD Act on Cross-Border Criminal Investigations,” American Bar Association, Litigation Journal (Fall 2018, forthcoming) (with Frederick T. Davis), “Key Insights from the New York AI in Finance Summit,” Debevoise & Plimpton, TMT Insights Blog (October 2018, forthcoming), “Report of the Investigation,” American Bar Association, Section of Litigation, Internal Corporate Investigations, Brad D. Brian, Barry F. McNeil and Lisa J. Demsky, eds., 4th ed. 2017 (with Edwin G. Schallert) and “Do the Apps Have Ears? Cross-Device Tracking,” Bloomberg BNA, Privacy & Security Law Report, 15 PVLR 1421, (7 November, 2016) (with Jeremy Feigelson).

Ms. Gressel is a member of the Bar of New York. She is also admitted to practice before the U.S. Courts of Appeals for the Second and Third Circuits and the U.S. District Courts for the Southern and Eastern Districts of New York. Ms. Gressel is a member of the Harvard Law School Women’s Alliance, the Federal Bar Council and the Association of the Bar of the City of New York.

Photo of Jim Pastore

Jim Pastore

Debevoise & Plimpton LLP

Jim Pastore is a litigation partner and a member of the firm’s Cybersecurity & Data Privacy practice and Intellectual Property Litigation Group. The Legal 500 recognizes Mr. Pastore for both his intellectual property and cybersecurity and data privacy work, describing him as a “skilled litigator” who is “highly accomplished.” Chambers USA 2018 recognizes Mr. Pastore as a leading lawyer for Privacy and Data Security, where sources explain “he knows the technical side of matters and is great at interfacing when there is federal involvement." Named as a Cybersecurity Trailblazer by The National Law Journal, Mr. Pastore has also twice been named to Cybersecurity Docket’s “Incident Response 30,” a collection of 30 of the “best and brightest” incident response attorneys in the country. Benchmark Litigation named Mr. Pastore to its Under 40 Hot List and Law 360 named him a “Rising Star” for his cybersecurity work.

Mr. Pastore has assisted a broad range of clients in cybersecurity and data privacy matters, including The Home Depot (in connection with its 2014 data breach); PayPal (in connection with a 2017 data security incident at its subsidiary, TIO Networks); American Express; KKR; and the NBA, among others.

From 2009 to 2014, he served as an Assistant United States Attorney in the Criminal Division of the Southern District of New York, where he was assigned to the Complex Frauds Unit and Computer Hacking and Intellectual Property Section. He successfully litigated eight jury trials to verdict and was the lead prosecutor in United States v. Monsegur, a/k/a “Sabu,” and Operation Cardshop, both of which were named to the FBI’s top 10 cases of 2012. Mr. Pastore also led Operation Dirty R.A.T., which targeted the creators and users of Blackshades ransom and malware, resulting in the largest ever worldwide law enforcement action against cybercriminals. In connection with the so-called “doomsday virus,” Mr. Pastore obtained a unique order to prevent catastrophic Internet outage.

Prior to 2009, Mr. Pastore was an associate at Debevoise, working on a variety of high-profile intellectual property matters, including the well-publicized Google books copyright litigation.

Mr. Pastore is routinely sought out as a speaker on cybersecurity and data privacy, having been invited to present to the Department of Justice’s National Cyber Security Division, the DOJ’s National Advocacy Center, Georgetown Law’s Cybersecurity Law Institute, the FBI-led International Conference on Cyber Security, the annual meeting of the Association of Life Insurance Counsel (ALIC), and the Fiduciary & Investment Risk Management Association (FIRMA)’s National Risk Management Training Conference, as well as to the boards of multiple public companies.
Mr. Pastore’s publications include “Cybersecurity: Evaluating Transactional Risk,” Transaction Advisors (July, 2015); “A Closer Look,” Best’s Review (June, 2015); “New York State Department Of Financial Services Expands Its Cyber Focus To Insurers,” FC&S Legal (April, 2015); and “Debevoise & Plimpton On Cybersecurity: Reducing Threats To Private Equity Firms And Their Portfolio Companies,” The Newsletter of the Private Equity Growth Capital Council (March, 2015).

Mr. Pastore earned his J.D., with distinction, from Stanford Law School in 2004. He served as Co-President of the Stanford Law & Technology Association and was a member of the Stanford Technology Law Review. He received his B.A., summa cum laude and Phi Beta Kappa, from the University of Notre Dame in 2001, where he was a Notre Dame Scholar, the recipient of the James E. Robinson Award for outstanding senior English major and one of 40 class members of the Honors Program of the College of Arts & Letters.

Photo of Anwesa Paul

Anwesa Paul

American Express

Anwesa Paul is Chief Global Privacy Counsel at American Express and advises all parts of the business with legal questions relating to U.S. and Canadian financial privacy laws, marketing privacy laws, online and mobile privacy self-regulatory guidelines, big data governance and big data breaches. Before joining American Express, Ms. Paul served as in-house counsel at two online advertising technology startups, Kinetic Social and Epic Media Group. Previously, Ms. Paul worked in the privacy space at the New York State Attorney General’s Office Internet Bureau, handling consumer protection issues related to online marketing.

Leave a Comment or Question

Help us make this conference the best it can be for you. Have questions you'd like this speaker to address? Suggestions for issues that deserve extra attention? Feedback that you'd like to share with the speaker and other attendees?

Join the conversation here (requires login)