Question 21
IIAn organization is reviewing a planned AI deployment and wants to identify which legal obligations should be considered in addition to privacy requirements. Based on the source material, which approach is most appropriate?
Correct answer: B
Explanation
When evaluating AI systems, organizations should assess not only privacy obligations but also other existing laws and legal requirements that may apply. AI governance must account for the broader legal landscape rather than treating privacy as the only relevant area. — aigp-study-guide-2026.pdf
Why each option is right or wrong
A. Focus only on privacy laws because AI-specific legal analysis is limited to personal data issues.
AI review must include other existing laws and legal requirements, not only privacy obligations.
B. Evaluate how other existing laws and legal requirements may apply to the AI system alongside privacy obligations.
The source material for Topic II.B states that organizations must understand how other types of existing laws apply to AI and that non-privacy laws and other existing legal requirements may apply to AI systems. Because the organization is assessing a planned AI deployment, the appropriate approach is to evaluate those broader legal requirements in addition to privacy obligations.
C. Delay legal review until a new AI-specific statute is enacted for the organization’s industry.
Existing laws may already apply to AI systems even without a new AI-specific statute.
D. Assess only contractual terms because existing laws do not generally govern AI deployments directly.
Existing legal requirements may apply directly to AI systems beyond contractual obligations.