Module 5: Existing Laws & AI · BoK III.B

Consumer Protection Laws and AI

The FTC's broad authority over "unfair or deceptive" practices already covers algorithms, and the agency will keep applying it to AI. Several US laws await AI interpretation (including SR 11-7), while the EU's Digital Services Act requires recommender-system and ad-targeting transparency.

The FTC's broad authority over "unfair or deceptive" practices already covers algorithms, and the agency has signalled it will keep applying it to AI.

Joint statement · FTC, CFPB, DOJ Civil Rights Division, EEOC

"Existing legal authorities apply to the use of automated systems and innovative new technologies just as they apply to other practices."

US laws awaiting AI interpretation:

Title VII + EEOC regulations → employment.
ECOA + FCRA → consumer finance.
SR 11-7 → Federal Reserve standard on model risk management.
OSHA → robotics safety and "hazard analysis".
FDA → systemic approval for software as a medical device

The EU angle:

Digital Services Act → overlaps the GDPR on transparency; recommender systems must tell users how they shape what is displayed, and for online advertising users must be able to access the parameters that targeted them, including the logic and whether profiling was used.
Product safety expansion → existing product safety laws are expanding to include AI, differently by jurisdiction; the EU AI Act incorporates existing product safety laws, and the US Consumer Product Safety Commission is developing standards.

Key terms - quick answers

What is “FTC authority”?

Broad authority over 'unfair or deceptive' practices that already covers algorithms and AI.

What is “SR 11-7”?

Federal Reserve standard on model risk management, awaiting AI interpretation.

What is “Digital Services Act”?

EU law requiring recommender-system and ad-targeting transparency, overlapping the GDPR.

← Nondiscrimination Laws Across Five Sectors Product Liability Foundations →