At the beginning of each year, we gaze into the near future to try and help you prioritise your next steps. This is the law in 2024. We try to predict what will happen and what it will mean for you. We use our expertise to offer you some guidance on where you will need to spend your time and energy.
Many wise people have said that ‘it is difficult to make predictions, especially about the future.’ We agree, but that doesn’t stop us from trying anyway. We try our best to get it right, and sometimes we don’t. Last year the majority of our 2023 predictions were accurate. We aim to help you allocate your resources effectively to navigate the next 12 months.
Regulating AI will become a primary focus for some regulators & policymakers
AI is still the talk of the town and will continue to be the talk of the town in 2024 as consumer-grade AI and its impact increase. This will see the legal issues regarding AI come to the fore in 2024 with data, privacy and ethical implications of AI receiving significant attention. You can join our Trustworthy AI programme to stay up-to-date with developments.
The Artificial Intelligence Act is set to come into operation and it is expected to spark AI regulation worldwide. Regulatory authorities may look to industries to self-regulate, or they may prescribe ethical frameworks, rules-based regulations or they may adopt a risk-based approach. While we wait for these regulations, it is important to use AI ethically to prevent bias and discrimination, comply with privacy and data protection perspectives, and is safe and reliable.
The EU AI Act will commence with a two-year grace period
Lawmakers in the EU reached a political agreement on the text of the AI Act at the end of 2023 and are expected to pass the AI Act in the coming months. This is the flagship AI law and is Europe’s answer to the question of how to regulate AI.
Once passed, the AI Act will apply automatically to all member states. This will see member states take action to enforce the AI Act over the next two years as the AI Act comes into full effect. This will impact the way businesses in different regions operate and engage with one another.
Organisations will leverage Generative AI more readily
Organisations will have more confidence in the available AI technologies leading to them embrace these technologies more readily. We expect organisations to use a strategic approach to rolling out the use of AI in their organisations by checking whether the available technologies align with their needs and purposes. AI impact assessments and change management will be critical in the successful adoption of AI.
AI will impact the way we work and we need to regulate work
AI will not replace lawyers, but lawyers who use AI will.
We predict that this may hold true for other professions and businesses too.
AI might change your strategy
The impact of AI adoption goes beyond the realm of just compliance and may require a change in business strategy. The governance board will need to consider the use and impact of AI as part of their business strategy very carefully. Training and learning will be critical factors in your organisation’s strategy when you consider how AI can improve offerings and increase efficiencies.
There will be increased regulation at the business level and not the regulatory level
We note that there will be lags in the law as lawmakers grapple with the risks and potential impact of emerging technologies. We predict that those leading organisations will take charge and set their internal policies and regulations while we all await official legal regulations to be put in place.
As people start to realise the full power of AI, more focus will be put on the ethical components of it like sandboxes and offices. Education and learning on how AI works and how to use it will also play a critical role in ensuring the ethical use of AI in your organisation.
AI-generated misinformation will spread rapidly
As AI is becoming more advanced, it is becoming increasingly more difficult to distinguish between what is real and what isn’t. Generative AI also makes it easier to create convincing content that purposefully misleads people. We predict that there will be an increase in the spread of misinformation in 2024.
We have seen many examples of the spread of misinformation, particularly on social media, and expect this to only get worse, especially within the context of elections. During media blackouts, such as those surrounding election periods, it will become even more difficult for information to be verified and widely communicated to combat the fake news being spread.
We also foresee challenges relating to balancing free speech, privacy rights, hate speech and access to information.
Authorities will publish more laws to enforce privacy and data protection
In the past few years, many countries continued to introduce data protection legislation, particularly in Africa and various states in America. In 2024, more countries around the world will continue to publish data protection laws or amend their existing data protection laws in line with global developments in data protection. In particular, we will see more data protection laws in Africa and Asia (like India) this year. Join our data protection programme to stay up to speed.
Data privacy will become more important during elections
With more than 70 countries heading to the polls this year in national elections, we predict that data protection laws will have a bigger than usual role to play. Data protection laws regulate how personal information is processed and this includes how voter information is used during elections. This will impact how political parties structure their campaigns and by extension the use of AI in campaigns as AI models rely on data to function.
In South Africa, there is a guidance note on how political parties can process personal information. Ultimately, there needs to be a balance of data protection and access to information during the elections so that people can make informed decisions.
The EU Digital Services Package will start to have an effect
The EU’s Digital Services Package, comprising of the Digital Services Act and the Digital Markets Acts, grace period ends within the next few months. This will impact businesses operating on online platforms such as online marketplaces, social networks and app stores in the EU.
The EU Digital Services Package aims to increase consumer protection online and increase regulations of the online environment to prevent illegal content and actions. Any platform owner found to be in breach of the Digital Services Package could receive a fine worth up to 6% of their global turnover, while repeat offenders may be banned from operating in the EU completely.
Many countries will focus on cross-border data transfers
Data has to flow and we need it to flow across regions. 2023 saw the EU and US put the EU-US Data Privacy Framework in place to facilitate the lawful transfer of data. We expect to see an increase in regional and inter-governmental regulations on cross-border data transfers in 2024.
From a BRICS perspective, we already have two policy papers on this topic. We expect countries to focus on their economic blocs and create regulations from that perspective.
The Information Regulator has emphasized cross-border data transfers and making sure that information is transferred properly. This is a change from their previous approach which required the responsible party to decide whether data could be transferred or not. We suspect that this means that we may receive some guidance from them on how to regulate cross-border data transfers.
Organisations will continue to emphasise cybersecurity
Governments and businesses need to double down on cybersecurity because there has been an exponential increase in cybercrimes. This requires that organisations have appropriate information security measures in place. Organisations should specifically check to see if their information security measures can cope with AI-assisted cyberattacks by considering NIST and ISO standards.
Incident response and cyber resilience are also important factors in effectively dealing with cybercrimes. An organisation’s liability is likely to be exacerbated by its inability to respond to cybercrimes appropriately.
In a South African context, we expect the Companies Act to be amended. These amendments will relate to beneficial ownership and anti-money and other financial crimes laundering. This would assist in increasing transparency and in turn, getting South Africa off the FATF grey list.
Parliament won’t enact the Cybersecurity Bill but will make progress in drafting it.
There will be greater efficiency in legal services resulting in cost-cutting
We think 2024 is the year when legal practitioners will adopt legal tech more widely in their practice. The introduction of legal tech into the way lawyers work will improve efficiencies and streamline the delivery of legal services.
The legal profession will have no choice but to adopt Artificial Intelligence (AI) more extensively
AI will not replace lawyers, but lawyers who use AI will.
We predict that AI will aid lawyers in becoming more efficient in the same way that the adoption of computers into practice did. There are two cases which illustrate this point.
In one instance, things went wrong and this is where legal counsel used ChatGPT to generate case law that didn’t exist. In the other instance, a non-legal practitioner used AI to generate heads of argument. The judge in this matter noted that the heads of argument were indistinguishable from the other heads of argument which were drafted by a legal practitioner. Here the court remarked that lawyers need to watch out for AI.
Compliance professionals will make the circle bigger
Due to the convergence of different problems, technology and risks, more people will need to be involved in ensuring compliance with the law. Organisations will need multidisciplinary teams to adequately respond to problems and mitigate risk in the future.
Individuals will be held personally liable in the tech industry
We predict that 2024 will be the year regulators will hold CEOs in the tech industry personally liable. An example of this is the former chief security officer of Uber being convicted on federal charges for covering up a data breach which involved millions of Uber user’s records.
There are also some developments in the UK around a senior responsible individual and trying to make an individual more responsible for the actions of their organisations.
People will use data legal action as a weapon
We anticipate that people will use data subject access requests (DSARs), complaints or any of their other data rights as a weapon against organisations.
There will be clarity on AI copyright disputes
The New York Times filed a lawsuit against OpenAI over ChatGPT alleging a copyright infringement by OpenAI for using its articles to train the AI model. OpenAI contends this constitutes fair use. This case illustrates the evolving legal landscape as AI technology continues to advance. It will provide critical guidance on the development of AI training models. This is a complex legal challenge that could have far-reaching implications if the New York Times is successful.
Parliaments will change copyright laws
AI raises a host of new challenges to existing copyright laws and we expect some amendments to the existing legislation.
In the South African context, we anticipate that the President won’t sign the Copyright Amendment Bill into law. We expect the President to send it back to parliament for further consideration.
Information shall be set free
Access to information, and the free flow of information, will become more prominent in 2024. We expect its prominence to grow in the following areas:
- AI: we expect to see a strong emphasis on the principle of transparency and accountability.
- Environmental information: we expect more people to make use of ICO’s Environmental Information Regulations which which enable people to have access to a public body’s information that relates to or affects the environment.
- Right to access information: we expect the Information Regulator to play an important role in examining decisions of whether to grant or refuse access to information as they have said that the right to access to information is of equal importance as protecting personal information.
We hope to empower you to navigate 2024 and stay ahead of the rest by reading our 2024 predictions.
