Businesses across South Africa are embracing artificial intelligence (AI) to streamline operations, boost efficiency and enhance decision-making. But while AI offers incredible tools, it comes with legal risks that can’t be ignored. Cape Town-based commercial law firm Gillan & Veldhuizen Inc. is urging companies to take a proactive stance by implementing clear AI policies to safeguard against unforeseen liabilities.

Why AI policies matter

AI is revolutionising industries, but without well-defined policies businesses may find themselves exposed to legal, ethical and security risks. Managing Director PJ Veldhuizen warns, “The law hasn’t caught up with AI yet, which means businesses need to set their own ground rules. Without them, you’re operating in a grey area – and that’s where legal trouble starts.”

A lack of AI-specific legislation in South Africa means businesses must take responsibility for outlining how AI can and should be used within their operations. This includes defining accountability, ensuring data security and setting clear parameters for AI-generated content.

The dangers of blind AI reliance

One key concern is the impact of AI on research and the reliability of information. AI-generated content, while often persuasive, is not infallible. Veldhuizen cautions against blind reliance on AI, referencing the Dunning-Kruger effect: “Businesses must recognise that they ‘don’t know what they don’t know’. If you don’t already have the answer, AI can’t find it for you. It’s a tool not an authority.”

The rising threat of cybercrime

Another pressing issue is digital security.  AI tools can now impersonate CEOs and key staff members on video calls, WhatsApp messages and telephone calls, extorting businesses and individuals alike. The financial and reputational risks are enormous,” explains Veldhuizen.

To safeguard against these threats, businesses must establish AI policies addressing data security, ownership and third-party liabilities. Veldhuizen advises including clauses that clearly define responsibilities in case of data breaches or AI-related incidents.

AI policies should clearly define:

  • How AI tools interact with sensitive business data
  • Protocols for verifying communications, even if they appear authentic
  • Legal recourse in case of AI-driven fraud or cyberattacks

Responsible AI integration: The way forward

In an era of rapid technological advancement, staying ahead means understanding where AI fits in – and where human expertise remains irreplaceable.

Businesses should embrace AI, but with clear guidelines, oversight and a firm understanding of its limitations. By implementing AI policies now, companies can stay ahead of risks while making the most of this game-changing technology.