Bradley Merrill Thompson, Strategic Advisor with EBG Advisors and Member of the Firm at Epstein Becker Green, was quoted in VentureBeat, in “NIST Releases New AI Risk Management Framework for ‘Trustworthy’ AI,” by Sharon Goldman.

Following is an excerpt:

Today the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) released the first version of its new AI Risk Management Framework (AI RMF 1.0), a “guidance document for voluntary use by organizations designing, developing, deploying or using AI systems to help manage the many risks of AI technologies.”
The NIST AI Risk Management Framework is accompanied by a companion playbook that suggests ways to navigate and use the framework to “incorporate trustworthiness considerations in the design, development, deployment, and use of AI systems.”
Congress directed NIST to develop the AI Risk Management Framework in 2020
Congress directed NIST to develop the framework through the National Artificial Intelligence Act of 2020, and NIST has been developing the framework since July 2021, soliciting feedback through workshops and public comments. The most recent draft had been released in August 2022.
A press release explained that the AI RMF is divided into two parts. The first discusses how organizations can frame the risks related to AI and outlines the characteristics of trustworthy AI systems. The second part, the core of the framework, describes four specific functions — govern, map, measure and manage — to help organizations address the risks of AI systems in practice.
Community feedback will be key
In a live video announcing the RMF launch, undersecretary of commerce for technology and NIST director Laurie Locascio said “Congress clearly recognized the need for this voluntary guidance and assigned it to NIST as a high priority.” NIST is counting on the broad community, she added, to “help us refine these roadmap priorities.”
Deputy secretary of commerce Don Graves pointed out that the AI RMF comes not a moment too soon. “I’m amazed at the speed and extent of AI innovations just in the brief period between the initiation and the delivery of this framework,” he said. “Like many of you, I’m also struck by the enormity of the potential impacts, both positive and negative, that accompany the scientific, technological, and commercial advances.”
However, he added, “I’ve been around business long enough to know that this framework’s true value will depend upon its actual use and whether it changes the processes, the cultures, our practices.” …
Some criticize the RMF’s ‘high-level’ and ‘generic’ nature
While the NIST AI RMF is a starting point, “in practical terms, it doesn’t mean very much,” Bradley Merrill Thompson, an attorney focused on AI regulation at law firm Epstein Becker Green, told VentureBeat in an email.
“It is so high-level and generic that it really only serves as a starting point for even thinking about a risk management framework to be applied to a specific product,” he said. “This is the problem with trying to quasi-regulate all of AI. The applications are so vastly different with vastly different risks.”

Jump to Page

Privacy Preference Center

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.