Author: Brandon Spurlock

Read Brandon's bio.
Posted on by Brandon Spurlock

The Implications Of ChatGPT In Class Action Litigation

By Brandon Spurlock

Duane Morris Takeaways: Daily news reports about ChatGPT are ubiquitous. Can it replace legal tasks undertaken by humans (with law degrees and state bar licenses)? Can lawyers use it to enhance their legal work? Quite naturally, this raises the issue of whether ChatGPT will make its way into class action litigation – where the stakes are enormous, and the workloads of lawyers involved in those cases are enormous.

ChatGPT And The Legal Profession

Launched in November 2022, Open AI’s ChatGPT has garnered much attention across the globe for its human-like ability to engage in conversations and generate content that is often indistinguishable from what we would expect talented professionals such as journalists, authors, professors (and even lawyers) to produce. But how does this technology work and what does it mean for the legal profession?

GPT stands for generative pre-trained transformer, which is a language model trained on a large corpus of data.  Through supervised and machine learning, the model analyzes tons of words, with each word having a score.  It then chooses a word with a high score and moves on to the next one. Every choice is determined by complex math and huge amounts of data, which allows it to produce text that is both coherent and accurate (most of the time).   So not only is it able to tap into vast amounts of vocabulary and information, but also it understands words in context, which helps mimic speech patterns while dispatching an encyclopedic knowledge.

How smart is ChatGPT? Well news articles report that it is smart enough to pass an MBA exam from a top business school, a Google coding interview, and several law school essay exams, albeit with less than stellar scores.

What Does This Mean For Class Action Litigation?

For the millions who have experimented with ChatGPT, it is easy to be mesmerized by its capabilities and wonder what it means for those white collar professions that many believed were impervious to displacement by AI, particularly lawyers.  For instance, when you type in a simple question such as “how do you certify a class action lawsuit?”  ChatGPT will respond:

In order for a class action lawsuit to be certified, the court must determine that the class of plaintiffs is sufficiently numerous, that there are common questions of law or fact among the class, that the claims or defenses of the class are typical of the claims or defenses of the individual class members, and that the representative plaintiff(s) will fairly and adequately protect the interests of the class.

This is a far cry from a winning brief, but the possibilities are instantly apparent.  And if you talk to attorneys who have asked the program to prepare work product like an insurance reservation of rights letter, they will tell you that they got a surprisingly workable template from which to start the editing process.  The technology is so promising that some service providers have rolled out a generative AI tool built on a version of OpenAI’s latest models, which is enhanced for legal work.  The tool allows access to legal content with efficiency and cost-effectiveness.

What Are The Pitfalls?

Despite the obvious promise exhibited by ChatGPT’s current abilities, the technology is still in its infancy. In fact, certain results obtained from ChatGPT are often riddled with errors and, in some cases, outright falsehoods.  In one instance, it referenced a non-existent California ethics provision.  In situations like these, where generative AI appears to simply make things up, and do so with complete and utter confidence, the tech industry has termed this a “hallucination.” With these risks in mind, professional liability carries are issuing warnings to law firms on the professional responsibility and risk management implications of the technology.

What’s Next?

Given the promise of ChatGPT, tempered by the associated risks, corporate counsel are certain to ask themselves what comes next for this technology.  Right now, for things like contracts, policies, and other legal documents that tend to be normative, generative AI’s capabilities in gathering and synthesizing information can do a lot of heavy lifting. Therefore, the legal industry should be on the lookout for emerging technologies, like ChatGPT, that can tackle such low hanging fruit, with the immediate benefit being potential cost savings for corporate clients.

As law firms and corporate legal departments contemplate the future of using this tool, it is noteworthy that there is an intellectual property class action pending in federal court in California – J. Doe 1, et al. v. Github, Inc., et al., No. 3:22-CV-06823 (N.D. Cal.) – alleging that OpenAI profits from the work of open-source programmers by violating the conditions of their open-source licenses.  Some commentators believe that the future of AI may well hinge on the outcome of this lawsuit, and it will no doubt be monitored closely by those in the legal industry interested this topic.

In the meantime, if attorneys are feeling uneasy about how AI technology is impacting the profession, try asking ChatGPT “Is being a lawyer a good profession?” and one can take solace in ChatGPT’s answer: “Yes, it can be a very rewarding profession. Lawyers can have a big impact in society and can have a great deal of job satisfaction.”  The industry will have to wait and see if this answer holds over time.

Posted on by Gerald L. Maatman, Jr.

California Callout: New 2023 Privacy Regulations Coming Soon

By Gerald L. Maatman, Jr., Jennifer Riley, Brandon Spurlock, and Alex W. Karasik

Duane Morris Synopsis:  On the heels of California’s enactment of the California Consumer Privacy Act (“CCPA”) in 2020, and after two legislative bills that proposed to continue the employer exemption failed, employers will now need to comply with all requirements of the CPRA (“California Privacy Rights Act”) effective January 1, 2023. California-based employers now face these strict privacy requirements in the existing minefield of nuanced employment laws.

Legislative Background

The CCPA is often considered the most stringent data privacy law in the United States.  This landmark law established privacy rights for California consumers, including:  (1) the right to know about the personal information a business collects about them and how it is used and shared; (2) the right to delete personal information collected from them (with some exceptions); (3) the right to opt-out of the sale of their personal information; and (4) the right to non-discrimination for exercising their CCPA rights. (See https://oag.ca.gov/privacy/ccpa.).

Currently, data collected from workers is exempt from all but two provisions of the CCPA: (i) employers must provide an initial disclosure to all employees at or prior to the point of collection, and (ii) employees still have a right to statutory damages in the event of a data breach. “Employees” is a term that casts a wide net. It includes job applicants, business owners, officers, directors, medical staff members, independent contractors, emergency contacts and beneficiaries.

Two separate California state bills sought to continue the employer exemption: (1) AB 2891, for an additional three years; and (2) AB 2871, for an indefinite time period.  Neither bill was passed by the Legislature in its final 2022 session. Accordingly, with the exemption expiring, employers must now fully comply with the former CCPA’s requirements, as the new CPRA comes into effect.

Employer Obligations

First, employees are now afforded various rights, including:  (1) a right to request access to their personal information and information about how automated decision technologies work; (2) a right to correct inaccurate personnel information; (3) the right to request that an employer delete their personal information, including the obligation that employers must also notify third parties to whom they have sold or shared such personal information of the consumer’s request to delete; (4) the right to limit the use and disclosure of sensitive personal information to that which is necessary to perform the services or provide the goods reasonably expected by an average consumer who requests such goods and services.

Notice Obligations

Employers should be mindful of particular notice obligations under the CPRA. These include the: (1) requirement of notice at collection; and (2) requirement of a privacy policy.  Regarding the notice at collection, employers are required to give employees, applicants, and contractors notice at the time they collect the information if they plan to collect, use, or disclose that personal information, while also disclosing the categories of personal information.  The privacy policy is comprehensive and must disclose categories of personal information collected over the 12 months before the policy’s effective date. The policy also must disclose sources from which personal information is collected, the business purpose for the collection, categories of third-parties to whom personal information is disclosed; and categories of personal information sold or shared.  And employers are obligated to post the privacy policy online where it is accessible to employees, applicants, and contractors.

Data Governance

To ensure compliance with the CPRA, it is crucial that employers understand where personal information is located within their businesses. It behooves them to undertake a data inventory or data mapping exercise to assess how and where relevant information is stored and/or transferred.  Employers should also take stock of their records retention policies to ensure compliance, and also develop an internal framework to handle requests from employees for access and/or deletion.

Implications For Employers

Employers who have operations in California should immediately take heed of these new obligations. It is inevitable that the Plaintiff’s bar will be scrutinizing these practices come January 2023.  Accordingly, employers should determine whether they are covered by the CPRA, and prepare privacy policies that are fully compliant.

© 2009- Duane Morris LLP. Duane Morris is a registered service mark of Duane Morris LLP.

The opinions expressed on this blog are those of the author and are not to be construed as legal advice.

Proudly powered by WordPress