<?xml version="1.0" encoding="UTF-8"?><rss xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:atom="http://www.w3.org/2005/Atom" version="2.0" xmlns:itunes="http://www.itunes.com/dtds/podcast-1.0.dtd" xmlns:googleplay="http://www.google.com/schemas/play-podcasts/1.0"><channel><title><![CDATA[Code on Trial: AI, Crypto and the Law in Dispute]]></title><description><![CDATA[Where AI and crypto meet legal reality.

Practical analysis of disputes, liability, regulation and evidence.

Subscribe for case-led insight into what gets pleaded, argued, proved and awarded.]]></description><link>https://www.codeontrial.ai</link><image><url>https://substackcdn.com/image/fetch/$s_!E0qX!,w_256,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F69c9971d-9308-4aa6-824b-f4524261071d_1280x1280.png</url><title>Code on Trial: AI, Crypto and the Law in Dispute</title><link>https://www.codeontrial.ai</link></image><generator>Substack</generator><lastBuildDate>Sat, 04 Jul 2026 22:29:39 GMT</lastBuildDate><atom:link href="https://www.codeontrial.ai/feed" rel="self" type="application/rss+xml"/><copyright><![CDATA[Nick Rowles-Davies]]></copyright><language><![CDATA[en]]></language><webMaster><![CDATA[nickrowlesdavies@substack.com]]></webMaster><itunes:owner><itunes:email><![CDATA[nickrowlesdavies@substack.com]]></itunes:email><itunes:name><![CDATA[Nick Rowles-Davies]]></itunes:name></itunes:owner><itunes:author><![CDATA[Nick Rowles-Davies]]></itunes:author><googleplay:owner><![CDATA[nickrowlesdavies@substack.com]]></googleplay:owner><googleplay:email><![CDATA[nickrowlesdavies@substack.com]]></googleplay:email><googleplay:author><![CDATA[Nick Rowles-Davies]]></googleplay:author><itunes:block><![CDATA[Yes]]></itunes:block><item><title><![CDATA[Autonomous Haulage, Algorithmic Geology and the Emerging Liability Framework for AI in Mining]]></title><description><![CDATA[From the Pilbara to Brumadinho: How the Automation of Extraction Is Reshaping Mining Disputes]]></description><link>https://www.codeontrial.ai/p/autonomous-haulage-algorithmic-geology</link><guid isPermaLink="false">https://www.codeontrial.ai/p/autonomous-haulage-algorithmic-geology</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Fri, 03 Jul 2026 09:22:22 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!4GyJ!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe67688f5-87e3-42fc-909b-03f71fb3fcc4_1600x1200.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!4GyJ!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe67688f5-87e3-42fc-909b-03f71fb3fcc4_1600x1200.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!4GyJ!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe67688f5-87e3-42fc-909b-03f71fb3fcc4_1600x1200.png 424w, https://substackcdn.com/image/fetch/$s_!4GyJ!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe67688f5-87e3-42fc-909b-03f71fb3fcc4_1600x1200.png 848w, https://substackcdn.com/image/fetch/$s_!4GyJ!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe67688f5-87e3-42fc-909b-03f71fb3fcc4_1600x1200.png 1272w, https://substackcdn.com/image/fetch/$s_!4GyJ!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe67688f5-87e3-42fc-909b-03f71fb3fcc4_1600x1200.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!4GyJ!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe67688f5-87e3-42fc-909b-03f71fb3fcc4_1600x1200.png" width="1456" height="1092" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/e67688f5-87e3-42fc-909b-03f71fb3fcc4_1600x1200.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1092,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:2590725,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/204825025?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe67688f5-87e3-42fc-909b-03f71fb3fcc4_1600x1200.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!4GyJ!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe67688f5-87e3-42fc-909b-03f71fb3fcc4_1600x1200.png 424w, https://substackcdn.com/image/fetch/$s_!4GyJ!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe67688f5-87e3-42fc-909b-03f71fb3fcc4_1600x1200.png 848w, https://substackcdn.com/image/fetch/$s_!4GyJ!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe67688f5-87e3-42fc-909b-03f71fb3fcc4_1600x1200.png 1272w, https://substackcdn.com/image/fetch/$s_!4GyJ!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe67688f5-87e3-42fc-909b-03f71fb3fcc4_1600x1200.png 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p><em><strong>Introduction</strong></em></p><p>In August 2024, Rio Tinto accepted its 300th autonomous-haulage-system truck for its Pilbara operations, with the fleet distributed across ten Australian mine sites.<sup>1</sup> The initial autonomous-haulage trial began in 2008. By the 2024 milestone, the fleet had completed 8.9 million operating hours and moved more than 4.8 billion tonnes of material. For scale, a Komatsu 930E-5SE has a rated gross vehicle weight of 521.6 tonnes.<sup>1</sup> BHP operates a comparable autonomous fleet at its Jimblebar and Goonyella mines.<sup>2</sup> Caterpillar and Komatsu supply the vehicles and the autonomous haulage systems that control them. Autonomous haulage is now deployed at scale across mines in Australia, Canada, Chile and China.<sup>3</sup></p><p>The safety record has been strong. BHP reported a 65% reduction in events with fatal potential across its Western Australian Iron Ore operations between FY2018 and FY2022, attributed in part to autonomous haulage deployment.<sup>2</sup> But it is not unblemished. In August 2023, an autonomous haul truck at BHP Mitsubishi Alliance&#8217;s Goonyella open-pit coal mine in Queensland collided with a manually operated excavator after a loss of communications on the autonomous circuit.<sup>4</sup> No one was injured.<sup>4</sup></p><p>In a separate Pilbara incident in November 2018, a BHP iron-ore train stopped automatically after a communications failure. The driver left the cab to apply handbrakes to individual wagons, after which a timed shutdown sequence released the locomotive brakes and the train rolled more than 90 kilometres before being deliberately derailed near Port Hedland.<sup>5</sup> That was a conventional runaway rather than an autonomous system failure, but it illustrates the consequence of assumptions about machine control at industrial scale.</p><p>The legal framework governing autonomous mining equipment sits at the intersection of workplace health and safety regulation, product liability, environmental law and the contractual allocation of risk between mine operators and technology suppliers. Western Australia published a dedicated Code of Practice for Safe Mobile Autonomous Mining in 2015, updated most recently in February 2025.<sup>6</sup> Queensland has its own guidance framework.<sup>7</sup></p><p><em><strong>Autonomous Haulage and the Duty Holders</strong></em></p><p>Autonomous haulage was driven by safety as much as by economics. Mining is among the most hazardous industrial activities. Haul truck rollovers, collisions and pedestrian strikes account for a significant proportion of mine fatalities worldwide.</p><p>The automation that reduces aggregate risk creates a different category of dispute when it fails. A conventional haul-truck accident engages the operator&#8217;s statutory duties, potential regulatory enforcement and, in serious cases, prosecution of the corporate operator and relevant officers or other duty holders. An autonomous-system failure distributes the analysis across multiple participants. The mine operator selected and deployed the system. The technology supplier may have designed or supplied the autonomous-control software. The equipment manufacturer built the truck. Where separately engaged, a systems integrator configured the system for the particular mine site. The mine&#8217;s safety management system defined the operating parameters, exclusion zones and interaction protocols between autonomous and human-operated equipment.</p><p>Western Australia&#8217;s Code of Practice, originally approved under the former Mines Safety and Inspection Act 1994, continues in force as a transitional code of practice under the Work Health and Safety Act 2020.<sup>6</sup> It allocates interlocking responsibilities to system builders and system operators, while site-specific obligations remain non-exclusive. Operators, designers, manufacturers, importers and suppliers may each carry distinct statutory, contractual and tort obligations regarding plant design, safety information and risk management.<sup>8</sup> The question in any autonomous mining dispute will be which duty holder&#8217;s conduct, omission or system-design decision was causally relevant to the harm.</p><p>Queensland&#8217;s guidance takes a similar outcome-based approach, requiring proactive risk assessment before deployment and ongoing monitoring of autonomous system performance.<sup>7</sup> QGN33 is a guidance note rather than a Recognised Standard. It assists mine operators to meet their legislative obligations but does not displace the statutory requirement to keep risk within acceptable limits and as low as reasonably achievable. Neither instrument was drafted as a bespoke regime for machine-learning models that are periodically retrained. Both nevertheless address change management, system updates and upgrades, verification and validation, communications integrity and cyber-security. The unresolved issue is whether those broad controls are sufficiently granular for model versioning, data drift, retraining validation and post-deployment monitoring.</p><p><em><strong>Tailings Monitoring and the Brumadinho Legacy</strong></em></p><p>The Fundao tailings dam at Mariana, operated by Samarco (a joint venture between BHP and Vale), collapsed on 5 November 2015, killing nineteen people.<sup>9</sup> The environmental contamination extended across 600 kilometres of river. In October 2024, BHP, Vale, Samarco and Brazilian public authorities executed a reparation agreement valued at R$170 billion (approximately USD 31.7 billion), covering prior expenditure and future remediation obligations.<sup>9</sup> That agreement addressed the public-authority claims.</p><p>Separately, over 600,000 claimants, including individuals, businesses, institutions, municipalities, utilities and Indigenous and Quilombola communities, brought proceedings against BHP in the English courts. In November 2025, the English High Court found BHP liable under Brazilian statutory environmental liability, including the polluter principle and strict liability under the applicable environmental legislation, and on fault-based grounds under the Brazilian Civil Code.<sup>10</sup> In May 2026, the Court of Appeal refused BHP permission to appeal on the principal liability grounds, though a narrow costs-interest issue remained.<sup>10</sup></p><p>The Brumadinho tailings dam in Minas Gerais, also operated by Vale, collapsed on 25 January 2019, killing 270 people.<sup>11</sup> Brumadinho reinforced scrutiny of tailings monitoring, governance and escalation arrangements across the industry. The Global Industry Standard on Tailings Management, launched in 2020, established the first global standard for tailings management and requires integrated monitoring arrangements.<sup>11</sup> Vale, for example, has operated Geotechnical Monitoring Centres since 2019, using radar, robotic stations, automated piezometers, satellite monitoring, inspection drones and video cameras using artificial intelligence.<sup>11</sup></p><p>The legal question generated by AI-assisted monitoring turns on knowledge and response. Once a monitoring system is deployed, its alarms, calibration records, data-retention arrangements and escalation procedures may become central evidence of what the operator knew, or ought reasonably to have known, and whether its response met the applicable statutory, contractual and operational standard. If a monitoring system detects anomalous piezometric readings consistent with internal erosion but the mine operator does not evacuate or modify operations, the failure to act on the system&#8217;s output will be examined against the operator&#8217;s permit conditions, safety case and escalation protocols. The converse question is also live: if a monitoring system fails to detect instability that a competent engineer would have identified, the adequacy of the system and the operator&#8217;s reliance on it without sufficient human oversight will both be in issue.</p><p>Automated monitoring, sensor networks and dashboard alerts should not be conflated with AI. The distinct legal questions arise where an algorithmic model interprets data, predicts instability, prioritises risk or recommends operational intervention beyond rules-based alerting.</p><p>The English proceedings arising from Mariana were determined under Brazilian substantive law and are not, in themselves, a new English-law parent company duty decision. Where English law governs, Vedanta Resources plc v Lungowe confirms that parent exposure turns on ordinary duty of care principles applied to the parent&#8217;s own conduct.<sup>12</sup> A group-wide mandate of a monitoring platform may be relevant to that inquiry, but it will not be determinative. The deployment of AI monitoring systems across a global mining group adds a dimension: if the parent specifies a particular platform across its operations and that platform proves inadequate, the parent&#8217;s selection, specification and oversight of the technology may form part of the factual matrix in which an ordinary duty of care analysis is conducted.</p><p><em><strong>AI in Geological Modelling and Exploration</strong></em></p><p>AI is now used across the exploration lifecycle. Machine-learning models integrate geological, geophysical and geochemical data to identify prospective mineral deposits. ALS Geoanalytics, formerly ALS GoldSpot and GoldSpot Discoveries, and other specialist providers offer AI-assisted exploration and targeting tools.<sup>13</sup> Caterpillar&#8217;s MineStar suite illustrates a different part of the value chain: autonomous operations, fleet management and operational data analysis. Specialist providers are marketing AI-assisted tools for drill-hole targeting, ore-body modelling and resource-estimation workflows, but adoption rates vary by commodity, jurisdiction and the maturity of the underlying geological data.</p><p>Mining companies raise capital on the basis of resource and reserve estimates disclosed under reporting codes, including JORC in Australia, NI 43-101 in Canada and SAMREC in South Africa. These regimes require relevant technical disclosure to be prepared by, under the supervision of or, where the applicable instrument permits, approved by a designated Competent Person or Qualified Person, subject to their respective consent, certification and disclosure requirements.<sup>14</sup> Professional sign-off, the scope of the professional&#8217;s supervision, applicable disclosure obligations, investor reliance, causation and the relevant securities law will together determine the exposure of each participant if an AI-assisted estimate proves materially wrong. If the responsible professional relies on an AI-generated geological model without appropriate validation of the model&#8217;s inputs, assumptions, performance and limitations, that reliance will itself be examined against the professional standard.</p><p>The risk is established in conventional geological misrepresentation. Bre-X illustrates how false or manipulated geological results can generate investor claims and securities litigation.<sup>15</sup> AI does not alter the underlying disclosure framework, but it adds questions about model validation, data provenance, version control and the disclosure of material limitations to investors.</p><p><em><strong>Strategic Outlook</strong></em></p><p>Autonomous mining is currently governed through general workplace-safety duties, autonomous-mining codes and guidance, site-specific safety arrangements and supplier obligations, rather than a bespoke regime for model governance. A serious incident would test how those overlapping obligations apply to software updates, sensor failures, degraded communications, inadequate escalation and the allocation of risk within the operator&#8211;supplier contract stack.</p><p>A fatal autonomous-mining incident could generate litigation concerning the respective obligations of the mine operator, technology supplier, equipment manufacturer and, where relevant, systems integrator, against the applicable regulatory framework and the site-specific safety arrangements governing the deployment. Beyond haulage, the expansion of AI-assisted tools into geological modelling, environmental monitoring and tailings management may give rise to claims under securities law and environmental regulation and, on appropriate facts, parent-company duty principles. The regulatory frameworks in Western Australia and Queensland address change management, system updates and verification, but whether those controls are sufficiently granular for AI-specific risks remains untested.</p><p>The disputes will not turn on whether a mine used AI in the abstract. They will turn on system design, approved operating limits, version control, sensor integrity, change management, human override, alarm escalation and the allocation of responsibility across the operator-supplier contract stack.</p><p><strong>Notes</strong></p><p><span>1. Rio Tinto accepted its 300th autonomous haul truck in the Pilbara in August 2024, across ten mine sites; by that milestone the fleet had completed 8.9 million operating hours and moved more than 4.8 billion tonnes of material (Komatsu media release, 12 August 2024). Komatsu 930E-5SE rated gross vehicle weight 521.6 tonnes. Autonomous haulage trials at Rio Tinto Pilbara operations since 2008 (Rio Tinto).</span></p><p><span>2. BHP Western Australian Iron Ore operations; 65% reduction in events with fatal potential FY2018&#8211;2022, attributed in part to autonomous haulage deployment (Haight &amp; Burgess-Limerick, CDC/NIOSH, 2023). BHP autonomous fleet deployed at Jimblebar and Goonyella mines.</span></p><p><span>3. GlobalData&#8217;s Mining Intelligence Center tracked 3,832 autonomous haul trucks operating at surface mines globally in July 2025, including systems classified as autonomous-ready as well as those operating autonomously. China accounted for 2,090 units, followed by Australia, Canada and Chile (GlobalData, Development of Autonomous Trucks in the Global Mining Sector, 2025).</span></p><p><span>4. BHP Mitsubishi Alliance, Goonyella open-pit coal mine, Queensland, August 2023; autonomous truck collided with manually operated excavator following loss of communications on autonomous circuit; no injuries (Mining Monthly, January 2024).</span></p><p><span>5. BHP Pilbara iron-ore train runaway, 5 November 2018. Train stopped automatically on communications failure; driver left cab to apply handbrakes to individual wagons; 60-minute locomotive shutdown sequence subsequently released brakes; train travelled more than 90 km before controlled derailment near Port Hedland. ATSB investigation report RO-2018-018.</span></p><p><span>6. Western Australia Code of Practice for Safe Mobile Autonomous Mining, WorkSafe WA, first published 2015, updated 17 February 2025. Originally approved under the Mines Safety and Inspection Act 1994; continues in force as a transitional code of practice under the Work Health and Safety Act 2020 (WorkSafe WA).</span></p><p><span>7. Queensland Guidance Note QGN33, Autonomous mobile machinery and vehicle introduction in coal mines (Resources Safety &amp; Health Queensland).</span></p><p><span>8. Under WA&#8217;s Work Health and Safety Act, duties extend to persons conducting a business or undertaking, designers, manufacturers, importers and suppliers of plant, each with obligations regarding design safety, information, installation and use (WorkSafe WA).</span></p><p><span>9. Fundao tailings dam (Samarco/BHP/Vale), Mariana, collapse 5 November 2015; 19 fatalities. Reparation agreement with Brazilian public authorities signed 25 October 2024, ratified by the Brazilian Supreme Federal Court 6 November 2024; valued at R$170 billion (approx. USD 31.7 billion), covering prior expenditure and future remediation obligations (BHP media release, November 2024).</span></p><p><span>10. Municipio de Mariana &amp; Ors v BHP Group (UK) Ltd [2025] EWHC 3001 (TCC), judgment 14 November 2025; BHP found liable under Brazilian statutory environmental liability (polluter principle, strict liability) and on fault-based grounds under the Brazilian Civil Code; over 600,000 claimants. BHP Group (UK) Ltd v Municipio de Mariana &amp; Ors [2026] EWCA Civ 502; Court of Appeal refused BHP permission to appeal on principal liability grounds, May 2026; narrow costs-interest issue remained.</span></p><p><span>11. Brumadinho tailings dam (Vale), Minas Gerais, collapsed on 25 January 2019, causing 270 fatalities; two victims remain missing. Global Industry Standard on Tailings Management launched 5 August 2020 by UNEP, PRI and ICMM. Vale Geotechnical Monitoring Centres operating since 2019, using radar, robotic stations, automated piezometers, satellite monitoring, inspection drones and video cameras using artificial intelligence (Vale, &#8220;Vale concludes de-characterization of the first of nine upstream dams as announced earlier this year&#8221;, 27 November 2019).</span></p><p><span>12. Vedanta Resources PLC v Lungowe [2019] UKSC 20; parent-company liability in English law turns on ordinary duty-of-care principles, including the parent&#8217;s own conduct, control, group policies and assumption of responsibility.</span></p><p><span>13. ALS Geoanalytics (formerly ALS GoldSpot and GoldSpot Discoveries; renamed October 2024) offers AI-assisted exploration and targeting tools; Caterpillar MineStar suite covers autonomous operations, fleet management and operational data analysis. Precise industry-wide adoption rates vary by survey methodology and definition.</span></p><p><span>14. JORC (2012) and SAMREC require a Competent Person; NI 43-101 requires a Qualified Person. Relevant technical disclosure must be prepared by, or under the responsibility or supervision of, that person. Issuers and directors or officers may bear separate disclosure responsibility under applicable securities law.</span></p><p><span>15. McNamara v Bre-X Minerals Ltd, 57 F Supp 2d 396 (ED Tex 1999); securities-fraud claims arising from alleged fabrication of geological assay results at the Busang gold deposit, Indonesia.</span></p>]]></content:encoded></item><item><title><![CDATA[No Circuit Split Yet: Prediction Markets, State Gambling Law and the CFTC’s New Rule Proposal]]></title><description><![CDATA[The federal-state boundary for prediction markets is unsettled, but it is not yet the subject of an appellate circuit split.]]></description><link>https://www.codeontrial.ai/p/no-circuit-split-yet-prediction-markets</link><guid isPermaLink="false">https://www.codeontrial.ai/p/no-circuit-split-yet-prediction-markets</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Thu, 25 Jun 2026 09:54:16 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!nNEZ!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f38d1-3140-40e2-a436-57b65bad3789_1200x1200.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!nNEZ!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f38d1-3140-40e2-a436-57b65bad3789_1200x1200.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!nNEZ!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f38d1-3140-40e2-a436-57b65bad3789_1200x1200.png 424w, https://substackcdn.com/image/fetch/$s_!nNEZ!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f38d1-3140-40e2-a436-57b65bad3789_1200x1200.png 848w, https://substackcdn.com/image/fetch/$s_!nNEZ!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f38d1-3140-40e2-a436-57b65bad3789_1200x1200.png 1272w, https://substackcdn.com/image/fetch/$s_!nNEZ!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f38d1-3140-40e2-a436-57b65bad3789_1200x1200.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!nNEZ!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f38d1-3140-40e2-a436-57b65bad3789_1200x1200.png" width="1200" height="1200" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/8f8f38d1-3140-40e2-a436-57b65bad3789_1200x1200.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1200,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:107748,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/203529495?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f38d1-3140-40e2-a436-57b65bad3789_1200x1200.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!nNEZ!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f38d1-3140-40e2-a436-57b65bad3789_1200x1200.png 424w, https://substackcdn.com/image/fetch/$s_!nNEZ!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f38d1-3140-40e2-a436-57b65bad3789_1200x1200.png 848w, https://substackcdn.com/image/fetch/$s_!nNEZ!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f38d1-3140-40e2-a436-57b65bad3789_1200x1200.png 1272w, https://substackcdn.com/image/fetch/$s_!nNEZ!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f38d1-3140-40e2-a436-57b65bad3789_1200x1200.png 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p></p><p>The federal-state boundary for prediction markets is unsettled, but it is not yet the subject of an appellate circuit split. One US court of appeals has ruled on whether the Commodity Exchange Act pre-empts state gambling law as applied to sports-event contracts. The other courts positioned to answer have not. The recent appellate orders that read like a contrary signal in fact decided something narrower.</p><p><em><strong>The Third Circuit&#8217;s ruling and its limits</strong></em></p><p>In KalshiEX LLC v Flaherty, No. 25-1922, the Third Circuit on 6 April 2026 affirmed a preliminary injunction preventing New Jersey from applying its gambling laws to Kalshi&#8217;s sports-event contracts.<a href="#_ftn1"><span>[1]</span></a> Writing for a 2-1 majority, Judge Porter, joined by Chief Judge Chagares, held that Kalshi had demonstrated a reasonable chance of success on its argument that the Commodity Exchange Act pre-empts the relevant application of New Jersey law, and that both field and conflict pre-emption applied. The posture is important. The court granted that relief on a likelihood-of-success standard, before any trial on the merits. Judge Roth dissented, invoking the presumption against pre-emption with &#8220;special force&#8221; in gambling regulation and treating the products as functionally identical to online sportsbooks.</p><p><em><strong>Why the Ninth Circuit&#8217;s May orders are not a contrary answer</strong></em></p><p>It is tempting to read the Ninth Circuit as having gone the other way. It has not done so yet. The court heard the consolidated Nevada appeals involving Kalshi, Crypto.com and Robinhood on 16 April 2026.<a href="#_ftn2"><span>[2]</span></a> Separately, in May, it denied interim stays pending appeal from remand orders. In the Washington matter the panel reasoned that CEA pre-emption is an affirmative defence and therefore does not itself create federal-question jurisdiction for removal.<a href="#_ftn3"><span>[3]</span></a> Those orders let the remands take effect and left the state-enforcement actions in state court. They did not decide whether the CEA ultimately pre-empts the relevant state gambling laws. The current landscape is best described as an emerging inter-district and inter-state conflict rather than an appellate circuit split. The Fourth and Sixth Circuits are weighing the same issue, the latter on appeals from conflicting Tennessee and Ohio decisions, so a genuine split could still form.</p><p><em><strong>The savings clauses, the criminal front and what a rule cannot do</strong></em></p><p>The sharpest intra-panel disagreement concerns the CEA&#8217;s savings clauses. The majority treated them as preserving state common-law actions and state-court jurisdiction without retaining concurrent state regulatory authority over trading on a CFTC-registered designated contract market. Judge Roth regarded the clauses as incompatible with complete field pre-emption. That disagreement, rather than any clash between circuits, is where the doctrine is currently unsettled.</p><p>Criminal enforcement runs alongside the civil dispute. On 17 March 2026 Arizona brought a 20-count misdemeanour criminal information against Kalshi entities alleging unlicensed gambling activity, four counts of which concerned election-event contracts, including the 2028 presidential election.<a href="#_ftn4"><span>[4]</span></a> The CFTC and the United States answered with state-specific pre-emption actions, beginning with Arizona, Connecticut and Illinois on 2 April 2026 and extending to further states, most recently Kentucky on 23 June 2026.<a href="#_ftn5"><span>[5]</span></a> In Arizona, federal relief temporarily restrained the State from enforcing its gambling laws against event contracts listed on CFTC-regulated markets while the pre-emption question is litigated.</p><p>The CFTC has now entered the same boundary dispute through rulemaking. On 10 June 2026 it announced a notice of proposed rulemaking to amend Regulation 40.11 and introduce Appendix F governing event contracts, published in the Federal Register on 12 June with comments due by 27 July.<a href="#_ftn6"><span>[6]</span></a> The proposal concerns how the agency treats event contracts under its public-interest framework, including a proposed definition of &#8220;gaming&#8221; and a proposed standard for when an event contract &#8220;involves&#8221; an underlying activity. It does not amend the statutory definition of &#8220;swap&#8221; in 7 U.S.C. &#167; 1a(47), nor the CEA&#8217;s jurisdictional and savings-clause provisions. The proposal cannot itself conclusively resolve whether the CEA pre-empts a particular application of state gambling law. The narrower question is what persuasive weight a reviewing court will give the CFTC&#8217;s eventual reasoning when construing the statute.</p><p>Dodd-Frank expressly addressed event contracts and authorised a special CFTC review process for contracts involving gaming. The statute anticipated the category. The harder issue is whether the federal regime for trading those contracts displaces state gambling law where the products functionally resemble sportsbook wagers. Congress may yet redraw the line. The proposed Prediction Markets Are Gambling Act, introduced on 23 March 2026, would amend the CEA to prohibit CFTC-registered entities from listing specified sports and casino-style event contracts.<a href="#_ftn7"><span>[7]</span></a> Until Congress acts or an appellate court resolves the merits with a nationally controlling answer, the position remains state-by-state and court-by-court, and the comment period is the immediate formal opportunity for exchanges, platforms, state regulators and market participants to shape the federal framework.</p><div><hr></div><p><a href="#_ftnref1"><span>[1]</span></a><span> KalshiEX, LLC v Flaherty, 172 F.4th 220 (3d Cir. 2026) (No. 25-1922), 2-1 (Porter, J., joined by Chagares, C.J.; Roth, J., dissenting), affirming a preliminary injunction. Swap definition: Commodity Exchange Act, 7 U.S.C. &#167; 1a(47).</span></p><p><a href="#_ftnref2"><span>[2]</span></a><span> KalshiEX, LLC v Hendrick, No. 25-7516 (9th Cir., argued 16 April 2026), consolidated Nevada appeals heard with the Crypto.com and Robinhood matters.</span></p><p><a href="#_ftnref3"><span>[3]</span></a><span> Washington v KalshiEX, LLC, No. 26-3106 (9th Cir., order denying stay pending appeal, 21 May 2026).</span></p><p><a href="#_ftnref4"><span>[4]</span></a><span> State of Arizona, 20-count misdemeanour criminal information against KalshiEX LLC and Kalshi Trading LLC, 17 March 2026; four counts concerned election-event contracts, including the 2028 presidential election.</span></p><p><a href="#_ftnref5"><span>[5]</span></a><span> CFTC and the United States, state-specific pre-emption actions, commencing against Arizona, Connecticut and Illinois on 2 April 2026 and extending to further states, including Kentucky, the ninth state as at 23 June 2026. Arizona criminal proceeding temporarily restrained by federal relief.</span></p><p><a href="#_ftnref6"><span>[6]</span></a><span> Prediction Markets; Public Interest Determinations, 91 Fed. Reg. 35,806 (proposed 12 June 2026) (amendments to Regulation 40.11; proposed Appendix F; comments due 27 July 2026).</span></p><p><a href="#_ftnref7"><span>[7]</span></a><span> Prediction Markets Are Gambling Act (introduced 23 March 2026; Sens. Schiff and Curtis), proposing to amend the CEA to prohibit CFTC-registered entities from listing specified sports and casino-style event contracts.</span></p>]]></content:encoded></item><item><title><![CDATA[Automated Systems, Certification Failure and the Liability Gap Above 30,000 Feet]]></title><description><![CDATA[From the 737 MAX to the eVTOL Certification Race: How Aviation Law Is Absorbing Algorithmic Flight]]></description><link>https://www.codeontrial.ai/p/automated-systems-certification-failure</link><guid isPermaLink="false">https://www.codeontrial.ai/p/automated-systems-certification-failure</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Thu, 25 Jun 2026 06:13:13 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!ZEdY!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Febd92b77-5552-4b3e-8e2d-6122f37ddc84_4600x3103.jpeg" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!ZEdY!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Febd92b77-5552-4b3e-8e2d-6122f37ddc84_4600x3103.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!ZEdY!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Febd92b77-5552-4b3e-8e2d-6122f37ddc84_4600x3103.jpeg 424w, https://substackcdn.com/image/fetch/$s_!ZEdY!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Febd92b77-5552-4b3e-8e2d-6122f37ddc84_4600x3103.jpeg 848w, https://substackcdn.com/image/fetch/$s_!ZEdY!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Febd92b77-5552-4b3e-8e2d-6122f37ddc84_4600x3103.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!ZEdY!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Febd92b77-5552-4b3e-8e2d-6122f37ddc84_4600x3103.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!ZEdY!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Febd92b77-5552-4b3e-8e2d-6122f37ddc84_4600x3103.jpeg" width="1456" height="982" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/ebd92b77-5552-4b3e-8e2d-6122f37ddc84_4600x3103.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:982,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:1251624,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/203511678?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Febd92b77-5552-4b3e-8e2d-6122f37ddc84_4600x3103.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!ZEdY!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Febd92b77-5552-4b3e-8e2d-6122f37ddc84_4600x3103.jpeg 424w, https://substackcdn.com/image/fetch/$s_!ZEdY!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Febd92b77-5552-4b3e-8e2d-6122f37ddc84_4600x3103.jpeg 848w, https://substackcdn.com/image/fetch/$s_!ZEdY!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Febd92b77-5552-4b3e-8e2d-6122f37ddc84_4600x3103.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!ZEdY!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Febd92b77-5552-4b3e-8e2d-6122f37ddc84_4600x3103.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p><em><strong>Introduction</strong></em></p><p>In May 2026, LOT Polish Airlines became the first airline to take Boeing to a jury trial over the 737 MAX grounding.<sup>1</sup> The airline sought approximately USD 153 million in damages arising from the worldwide grounding of the MAX fleet following the Lion Air and Ethiopian Airlines crashes that killed 346 people. The jury found that LOT had failed to substantiate its claims of purposeful misrepresentation regarding Boeing&#8217;s disclosure of the Maneuvering Characteristics Augmentation System.<sup>1</sup> The verdict was a defence win for Boeing on the airline&#8217;s commercial claims, but it resolved nothing about the underlying automated-systems liability that produced the two crashes.</p><p>Publicly reported MAX-related DOJ resolutions alone exceed USD 3.6 billion, before taking account of confidential civil settlements. The federal criminal case was dismissed in November 2025 after the Department of Justice requested dismissal. As part of the resolution, Boeing agreed to pay or invest an additional USD 1.1 billion in fines, victim family compensation and internal safety measures.<sup>1</sup> Separately, Boeing has resolved more than 90% of the individual civil complaints arising from the two crashes. The wrongful death trial of Michael Ryan is scheduled to commence on 3 August 2026.<sup>1</sup> A jury awarded USD 49.5 million to the family of Samya Stumo, killed in the Ethiopian Airlines crash, in May 2026.<sup>1</sup></p><p>The 737 MAX is not an AI case. MCAS was a deterministic automated system that responded to angle-of-attack sensor data according to pre-programmed logic. It did not learn or adapt. It executed its programming and its programming was fatally flawed. But the liability framework that the MAX litigation has constructed applies directly to the next generation of aviation AI: adaptive flight-management systems, AI-enabled predictive maintenance, machine-learning-based air traffic management and the autonomous flight capabilities being developed for the eVTOL air taxi sector. The allocation question is the same in each context: when an automated system fails and people die, how does the law distribute responsibility between the manufacturer, the certifier, the operator, the software supplier and the system integrator?</p><p><em><strong>The Certification Gap: FAA and EASA</strong></em></p><p>Aviation is the most heavily regulated transport sector. Aircraft certification requires demonstration of compliance with airworthiness standards through a process that can take years and cost hundreds of millions of dollars. The certification framework was designed for deterministic systems: mechanical and electronic components that behave predictably and can be tested exhaustively against failure-mode analysis.</p><p>AI-enabled systems strain this model. A machine-learning system whose behaviour depends on training data, operational context and later updates cannot be characterised in the same way as a conventional deterministic component. The European Union Aviation Safety Agency recognised this in its AI Roadmap and in November 2025 published Notice of Proposed Amendment 2025-07, the first regulatory proposal for AI trustworthiness in aviation.<sup>2</sup> The NPA distinguishes between Level 1 AI (AI-based assistance, where the human retains full authority) and Level 2 AI (human-AI teaming, where the AI shares decision-making with the pilot).<sup>2</sup> The consultation closed in March 2026, after an extension from the original February deadline, and a second NPA addressing domain-specific regulations is expected later in 2026.<sup>2</sup></p><p>The FAA has taken a slower path. Its Roadmap for Artificial Intelligence Safety Assurance sets out principles for the safety assurance of AI in aircraft and aircraft operations, but has not produced binding certification standards for AI in flight-critical systems.<sup>2</sup> SAE G-34/EUROCAE WG-114 is developing ARP6983/ED-324 as a recommended practice for AI/ML in aeronautical systems, but the first version is limited and does not solve certification of the highest-criticality adaptive systems.<sup>2</sup> The current scope extends to Design Assurance Level C, corresponding to &#8220;major&#8221; failure conditions. It does not cover DAL-A (catastrophic failure) or DAL-B (hazardous failure), which govern the systems most likely to kill people.</p><p>The gap between what AI can do in aviation and what regulators can certify is widening. The technology is advancing more quickly than the regulatory framework that must validate it for flight.</p><p><em><strong>The eVTOL Certification Race</strong></em></p><p>Electric vertical takeoff and landing aircraft are the first new commercial aviation category in which highly automated flight-control software, autonomy roadmaps and certification constraints converge from the outset. The eVTOL sector has attracted approximately USD 13 billion in investment since 2019.<sup>3</sup> Four concurrent certification applications are being processed by the FAA: Joby Aviation, Archer Aviation, Beta Technologies and Wisk Aero.<sup>3</sup></p><p>In November 2025, Joby began power-on testing of the first FAA-conforming aircraft being built for Type Inspection Authorization testing. In March 2026, it began flight testing the first aircraft intended for FAA certification testing, with FAA pilots expected to conduct &#8220;for credit&#8221; TIA testing later in 2026.<sup>3</sup> As of the first quarter of 2026, no US eVTOL manufacturer has received a full type certificate for commercial passenger operations.<sup>3</sup></p><p>Lilium&#8217;s principal German operating subsidiaries filed for insolvency in late October 2024, and Lilium N.V. later authorised insolvency proceedings after failed fundraising efforts.<sup>3</sup> The company had received EASA Design Organisation Approval in November 2023 but pursued a novel jet-propulsion architecture that fell outside any existing certification framework, resulting in extended timelines and unsustainable cash burn. Lilium&#8217;s failure demonstrates that the certification pathway is itself a commercial risk of the first order: a technically viable aircraft that runs out of capital before it completes certification cannot generate revenue.</p><p>The product liability implications for eVTOL are significant. These are new-category aircraft operating in urban environments over populated areas. The first passenger fatality will produce litigation in which the manufacturer, the battery supplier, the flight-control software provider and the operator will all be in play, while the FAA&#8217;s certification decision may form part of the factual and regulatory background. The automated flight-control systems that manage hover-to-cruise transition, motor failure redistribution and autonomous emergency landing are the systems most likely to be at the centre of that litigation.</p><p><em><strong>AI in Maintenance and Predictive Failure</strong></em></p><p>AI-enabled predictive maintenance is one of the earliest and most commercially advanced applications of machine learning in aviation. Airlines and MRO (maintenance, repair and overhaul) providers use AI systems to analyse engine sensor data, flight-data recorder outputs, component wear patterns and environmental exposure data to predict when parts will fail and schedule maintenance before failure occurs.</p><p>The hard issue for courts will arise when a predictive system fails to predict. If an AI maintenance system assesses a turbine blade as having adequate remaining life and the blade subsequently fails in flight, the causation analysis involves the manufacturer of the AI system, the airline that relied on its output, the MRO provider that implemented the AI-recommended maintenance schedule and the regulatory framework that permitted or required AI-driven maintenance planning.</p><p>The standard of care for maintenance decisions is well established in aviation law. Maintenance must comply with the manufacturer&#8217;s maintenance programme and the applicable airworthiness directives. AI-enabled predictive maintenance introduces a tension between approved maintenance intervals and tool-generated assessments of component condition. If an operator seeks to extend service life or alter inspection timing on the basis of AI analysis and the component subsequently fails, the critical question will be whether that decision sat within an approved maintenance or reliability programme. The operator&#8217;s deviation from published maintenance intervals will be a central issue in the litigation.</p><p><em><strong>Drone Delivery and Airspace Liability</strong></em></p><p>Drone delivery in the United States currently operates through a combination of Part 135 air-carrier certification, Part 107 small-UAS rules, exemptions and individual airspace authorisations for each delivery zone. Operators including Wing, UPS Flight Forward, Amazon Prime Air and Zipline have used the Part 135 pathway.<sup>4</sup> FAA environmental and operational review materials for Zipline projects contemplate operations of up to 400 delivery flights per operating day from each site and, in some cases, 24-hour operations.<sup>4</sup> The proposed Part 108 rule for routine beyond-visual-line-of-sight operations is intended to simplify the fragmented structure, but until it is finalised the regulatory path remains piecemeal.<sup>4</sup></p><p>Liability for drone delivery incidents operates under conventional aviation and product liability principles. The drone operator will face the primary operational and regulatory exposure under its Part 135 authority. The manufacturer is liable for design and manufacturing defects. The question that has not been tested is the liability of the AI navigation system that determines the drone&#8217;s flight path, altitude, obstacle avoidance and delivery approach. If an autonomous delivery drone strikes a person or property, the liability allocation between the operator, the manufacturer, the navigation software provider and the airspace authority that approved the delivery zone will depend on whether the cause was a software defect, a sensor failure, an environmental condition outside the system&#8217;s design parameters or a regulatory failure in approving the operating zone. Any claim against the FAA or another airspace authority would face public-law and sovereign-immunity barriers, so the practical liability focus is likely to remain on the operator, manufacturer and software suppliers.</p><p><em><strong>Strategic Outlook</strong></em></p><p>Aviation&#8217;s regulatory culture of exhaustive certification and conservative adoption of new technology has slowed the integration of AI into flight-critical systems. This conservatism has so far helped avoid AI-related aviation disasters in flight-critical civil aviation systems. It has also created a growing disparity between what AI can do in aviation and what the certification framework permits.</p><p>The 737 MAX litigation established that automated-system design defects, combined with certification failures, can produce multi-billion-dollar exposure across regulatory enforcement and civil proceedings. The eVTOL certification race may produce the first highly automated new-category aircraft type certificates within the next two years, although the extent to which those certificates involve AI rather than conventional flight-control automation will vary by platform. The expansion of drone delivery to 24-hour, high-volume operations over populated areas is likely to produce significant drone-injury litigation.</p><p>Aviation law is not creating a new liability framework for AI. It is applying existing certification, product liability and carrier liability principles to increasingly autonomous systems. The question is whether those principles, designed for deterministic systems that behave predictably, can accommodate AI-enabled systems whose behaviour may be difficult to characterise fully in advance and which may fail in ways their designers did not anticipate.</p><p><strong>Notes</strong></p><p><span>1. LOT Polish Airlines v Boeing, US District Court, Western District of Washington (Seattle), trial in May 2026; jury found LOT failed to prove purposeful misrepresentation regarding MCAS disclosure; Boeing cleared of approximately USD 153 million claim. Boeing federal criminal case dismissed November 2025 at DOJ request; Boeing agreed to pay/invest additional USD 1.1 billion in fines, victim family compensation and safety measures. Publicly reported MAX-related DOJ resolutions exceed USD 3.6 billion, comprising the 2021 deferred prosecution agreement of more than USD 2.5 billion and the 2025 non-prosecution/dismissal resolution involving approximately USD 1.1 billion in additional payments, compensation and safety/compliance investment. CNBC, DOJ Criminal Division, NPR reporting. Michael Ryan wrongful death trial scheduled 3 August 2026. Jury verdict of USD 49.5 million to family of Samya Stumo (Ethiopian Airlines crash), May 2026 (Reuters). JD Journal, National Trial Lawyers, Law Fold, Boeing settlement reporting.</span></p><p><span>2. EASA Notice of Proposed Amendment 2025-07, AI trustworthiness in aviation, published November 2025, original consultation deadline February 2026, extended to March 2026; Level 1 (AI assistance) and Level 2 (human-AI teaming) classification. FAA Roadmap for Artificial Intelligence Safety Assurance. SAE G34/EUROCAE WG114 developing ARP-6983 for AI integration up to DAL-C. Aviation Week, JDA Solutions reporting.</span></p><p><span>3. Joby Aviation began power-on testing of first FAA-conforming TIA aircraft November 2025 (Joby Q3 2025 results); began flight testing first certification aircraft March 2026 (Reuters). Archer Aviation, Beta Technologies and Wisk Aero also have concurrent FAA certification applications. No US eVTOL manufacturer has received full type certificate for commercial passenger operations as of Q1 2026. Lilium subsidiaries filed for insolvency late October 2024; N.V. board authorised insolvency 4 November 2024; cause was failure to secure EUR 100 million government funding commitment (German parliament budget committee blocked loan); Lilium had received EASA Design Organisation Approval November 2023 (Vertical Mag, AOPA reporting). eVTOL sector has attracted approximately USD 13 billion in investment since 2019 (Reuters, sector reporting). Altitudes Magazine, Airwaysmag reporting.</span></p><p><span>4. FAA Part 135 certification route used for drone package delivery; operators include Wing Aviation, UPS Flight Forward, Amazon Prime Air and Zipline (FAA). FAA environmental and operational review materials for Zipline projects contemplate up to 400 delivery flights per operating day and, in some cases, 24-hour operations. Proposed Part 108 rule for routine BVLOS operations pending. FAA reporting.</span></p>]]></content:encoded></item><item><title><![CDATA[Algorithmic Blackouts, Grid Liability and the Legal Architecture of AI-Managed Energy]]></title><description><![CDATA[From the Iberian Peninsula Blackout to FERC's AI Data Centre Rulemaking: How Energy Law Is Absorbing Autonomous Grid Management]]></description><link>https://www.codeontrial.ai/p/algorithmic-blackouts-grid-liability</link><guid isPermaLink="false">https://www.codeontrial.ai/p/algorithmic-blackouts-grid-liability</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Mon, 08 Jun 2026 06:06:48 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!qIR_!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e855414-c6fb-4073-aeba-3290fe397991_6000x4000.jpeg" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!qIR_!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e855414-c6fb-4073-aeba-3290fe397991_6000x4000.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!qIR_!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e855414-c6fb-4073-aeba-3290fe397991_6000x4000.jpeg 424w, https://substackcdn.com/image/fetch/$s_!qIR_!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e855414-c6fb-4073-aeba-3290fe397991_6000x4000.jpeg 848w, https://substackcdn.com/image/fetch/$s_!qIR_!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e855414-c6fb-4073-aeba-3290fe397991_6000x4000.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!qIR_!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e855414-c6fb-4073-aeba-3290fe397991_6000x4000.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!qIR_!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e855414-c6fb-4073-aeba-3290fe397991_6000x4000.jpeg" width="1456" height="971" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e855414-c6fb-4073-aeba-3290fe397991_6000x4000.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:971,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:1436385,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/201102609?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e855414-c6fb-4073-aeba-3290fe397991_6000x4000.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!qIR_!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e855414-c6fb-4073-aeba-3290fe397991_6000x4000.jpeg 424w, https://substackcdn.com/image/fetch/$s_!qIR_!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e855414-c6fb-4073-aeba-3290fe397991_6000x4000.jpeg 848w, https://substackcdn.com/image/fetch/$s_!qIR_!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e855414-c6fb-4073-aeba-3290fe397991_6000x4000.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!qIR_!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e855414-c6fb-4073-aeba-3290fe397991_6000x4000.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p><em><strong>Introduction</strong></em></p><p>On 28 April 2025, the continental electricity systems of Spain and Portugal collapsed.<sup>1</sup> The Iberian Peninsula blackout cut power to more than 55 million people. Electricity was interrupted for approximately ten hours in most areas and up to twenty hours in others. Parts of southern France connected to the Iberian grid were also affected. It was the largest grid failure in Western Europe in decades.<sup>1</sup></p><p>The cause was not a cyberattack, nor was it a single catastrophic equipment failure. The European Network of Transmission System Operators for Electricity&#8217;s (ENTSO-E) final report, published in March 2026, identified a sequence of interacting factors: oscillations, gaps in voltage and reactive-power control, differences in voltage-regulation practice, rapid output reductions and generator disconnections, producing fast voltage increases and cascading loss of generation across continental Spain and Portugal.<sup>1</sup></p><p>The Iberian blackout was not caused by AI. But it exposed the vulnerability that AI is now being deployed to address and, in doing so, it illuminated the liability framework that will govern AI failures in grid management. Grid operators across Europe, North America and Asia are deploying AI systems for load forecasting, demand response, frequency regulation, renewable integration and real-time grid optimisation. When those systems fail and the lights go out, the liability analysis will be materially more complex than the conventional regulatory failure at issue in the Iberian case.</p><p><em><strong>AI in Grid Management: The Current Deployment</strong></em></p><p>AI integration into electricity grid management is proceeding on three tracks. Load forecasting, where machine-learning models predict electricity demand to optimise generation dispatch and reduce the need for expensive peaking capacity. Renewable integration, where AI systems manage the variability of wind and solar generation by predicting output, coordinating battery storage and adjusting grid parameters in real time. And autonomous grid control, where AI systems make operational decisions about load shedding, frequency regulation and voltage management without waiting for human operator approval.<sup>2</sup></p><p>Operationally, the case for AI grid management is strong. Replacement of synchronous generators with inverter-based renewable resources has diminished overall system inertia, making grids more vulnerable to frequency disturbances.<sup>2</sup> Traditional grid management relied on the inherent stability provided by large rotating generators. A grid powered substantially by solar panels and wind turbines requires active management to maintain the frequency and voltage stability that rotating mass previously provided. Real-time grid stability increasingly depends on automated control systems operating at speeds human operators cannot match. AI may sit around that control layer through forecasting, optimisation and decision-support, but the fastest stability interventions remain heavily dependent on engineered protection and control systems.</p><p>The regulatory exposure tracks the capability. A grid operator that deploys AI for real-time frequency management has adopted a system capable of responding to disturbances faster than any human operator. If that system fails to respond, or responds incorrectly, the operator&#8217;s liability will be assessed against the capability of the system it chose to deploy rather than against the slower human-operator standard it replaced.</p><p><em><strong>The Iberian Blackout and Grid Operator Liability</strong></em></p><p>The liability framework for grid failures varies across jurisdictions, but the common principle is that the transmission system operator bears a duty to maintain system security. In Spain, Red El&#233;ctrica operates under obligations imposed by the Spanish Electricity Act and the European Network Codes. In the United States, the North American Electric Reliability Corporation (NERC) administers and enforces mandatory reliability standards under Federal Energy Regulatory Commission (FERC) oversight.<sup>3</sup> In the United Kingdom, National Grid ESO (now the National Energy System Operator) operates under licence conditions imposed by Ofgem.<sup>3</sup></p><p>ENTSO-E&#8217;s investigation confirmed that excess renewable generation did not trigger the blackout. The failure sequence lay in voltage control, reactive-power management, stabilisation capability and generator-disconnection dynamics.<sup>1</sup> The allocation questions will take years to resolve. European grid operators reported that a decade-long legal battle over responsibility was plausible.<sup>1</sup></p><p>For AI-managed grids, the Iberian precedent establishes the baseline: the grid operator is responsible for system security regardless of the tools it uses. AI does not transfer that responsibility to the technology provider. If a grid operator deploys an AI system for voltage control and the system fails to prevent a cascading blackout, the grid operator remains liable for the system failure because it chose to rely on that system. The technology provider may face secondary claims in product liability or under contractual indemnities, but the primary duty to the public sits with the operator.</p><p><em><strong>Algorithmic Energy Trading and Market Manipulation</strong></em></p><p>AI is now widely used in wholesale energy markets for automated trading, price forecasting and arbitrage between spot and futures markets. The parallels with algorithmic trading in financial markets are direct, but energy markets have sector-specific manipulation risks because energy is a physical commodity that must be generated, transmitted and consumed in real time.<sup>4</sup></p><p>FERC regulates wholesale energy markets in the United States under the Federal Power Act. Market manipulation in FERC-regulated wholesale electricity markets is prohibited principally through Federal Power Act &#167; 222, 16 U.S.C. &#167; 824v, and FERC&#8217;s Anti-Manipulation Rule, 18 C.F.R. &#167; 1c.2. The question of whether an AI trading system that exploits structural features of market design constitutes manipulation mirrors the Mango Markets problem in cryptocurrency: if the algorithm operates within the rules of the market as designed, is exploiting an inefficiency fraud or is it rational trading?<sup>4</sup></p><p>The distinction from crypto is that energy markets are subject to mandatory regulatory oversight. FERC can impose civil penalties of at least USD 1 million per day per violation, with the statutory maximum subject to inflation adjustment, and can refer matters for criminal prosecution. The deployment of AI trading systems in energy markets creates a duty of supervision on the market participant that deploys the system. If an algorithm identifies and exploits a pricing anomaly in a way that distorts the market, the participant cannot claim that the algorithm acted independently. The participant designed, deployed and profited from the system.</p><p><em><strong>AI Data Centres and Grid Capacity</strong></em></p><p>On 23 October 2025, the Department of Energy sent a Section 403 directive to FERC to commence a rulemaking to accelerate the interconnection of large loads, explicitly including AI data centres.<sup>5</sup> The directive responded to the reality that AI data centre construction is consuming grid capacity at a rate that threatens reliability in multiple regions. PJM Interconnection, which operates the largest wholesale electricity market in the United States, has reported a sharp increase in large-load and data-centre-driven interconnection pressure, making AI data-centre demand a central reliability and planning issue.<sup>5</sup></p><p>FERC&#8217;s challenge is to balance the economic demand for AI data centre capacity against the reliability obligations imposed by its statutory mandate. The liability dimension arises when grid capacity allocated to AI data centres reduces the reserve margin available for residential and commercial consumers. If a grid operator approves data centre interconnections that compromise system reliability and a blackout results, the operator&#8217;s allocation decision will be scrutinised against its reliability obligations.</p><p>The political dimension is explicit. The DOE&#8217;s Section 403 letter characterised grid access for AI data centres as a matter of economic competitiveness and national security.<sup>5</sup> The regulatory framework must accommodate political pressure for rapid interconnection while maintaining the engineering margin necessary to prevent cascading failures.</p><p><em><strong>The EU AI Act and Energy Infrastructure</strong></em></p><p>Under the EU AI Act, AI systems intended to be used as safety components in the management and operation of critical infrastructure, including electricity supply, are classified as high-risk.<sup>6</sup> AI systems used for grid control, load management, energy dispatch and network operation will fall within the high-risk regime where they are intended to operate as safety components in the management or operation of electricity supply or other covered critical infrastructure. Those dates are now politically in flux. The May 2026 Digital Omnibus provisional agreement would move standalone high-risk AI obligations to 2 December 2027 and product-embedded high-risk AI obligations to 2 August 2028, subject to formal adoption.<sup>6</sup></p><p>The practical consequence is that AI systems already deployed in European grid operations will need to be brought into compliance with the Act&#8217;s requirements, including conformity assessments, technical documentation and post-market monitoring. For grid operators, this creates a dual regulatory burden: compliance with the existing energy regulatory framework (the European Network Codes, national electricity legislation and ENTSO-E standards) and compliance with the AI Act&#8217;s horizontal requirements for high-risk AI systems.</p><p>How these two regulatory layers interact has not been fully mapped. The energy regulatory framework prescribes what the grid operator must achieve (system security, frequency stability, supply adequacy). The AI Act prescribes how the AI tools used to achieve those outcomes must be built, tested and monitored. A grid operator could be compliant with the AI Act&#8217;s requirements for its AI system and still suffer a blackout because the AI system, while meeting the Act&#8217;s technical standards, was not adequate for the specific grid conditions it encountered.</p><p><em><strong>Strategic Outlook</strong></em></p><p>The electrification of transport, heating and industrial processes is increasing demand on grids that are simultaneously transitioning from synchronous generation to variable renewable sources. AI is one of the technologies now being used to make that transition operationally manageable. The liability framework for AI-managed grids will be shaped by three dynamics.</p><p>Grid operator liability will not diminish because the operator delegates operational decisions to AI. The Iberian blackout demonstrates that the operator bears responsibility for system security regardless of the tools it deploys. The operator&#8217;s duty of care includes the selection, validation and monitoring of AI systems and the maintenance of human oversight sufficient to intervene when those systems fail.</p><p>Energy trading liability will follow the pattern established in financial markets and, more recently, in DeFi: the deployer of an algorithmic trading system is responsible for the system&#8217;s market conduct. FERC&#8217;s enforcement powers provide a sector-specific regulatory mechanism that DeFi markets lacked in the Mango Markets litigation, where the attempt to apply conventional market-manipulation doctrine produced a contested and ultimately unstable criminal result.</p><p>The AI Act&#8217;s classification of grid management AI as high-risk will create compliance obligations that go beyond existing energy regulation. The interaction between the two regulatory frameworks will produce interpretive disputes. European grid operators will face the challenge of meeting energy-security obligations with AI tools that must simultaneously satisfy the Act&#8217;s trustworthiness requirements.</p><p>The grid is the infrastructure on which every other sector depends. When AI-managed grids fail, the economic, social and political consequences will exceed those of any other AI failure outside military applications. The liability framework for that failure is being constructed now, through regulatory rulemaking, insurance market pricing and the contractual allocation of risk between grid operators, technology providers and the governments that are simultaneously mandating the energy transition and the AI deployment intended to make it work.</p><p></p><p></p><p><strong>Notes</strong></p><p>1. 2025 Iberian Peninsula blackout, 28 April 2025; power lost across Spain, Portugal and parts of southern France; approximately 55 million people affected; power interrupted for 10-20 hours. ENTSO-E expert panel factual report October 2025; final report published 20 March 2026 identified sequence of interacting factors including oscillations, voltage and reactive-power control gaps, differences in voltage-regulation practice, rapid output reductions, generator disconnections and uneven stabilisation capabilities. ENTSO-E confirmed excess renewable generation did not trigger the blackout. IEEFA, pv-magazine, ENTSO-E reporting.</p><p>2. AI grid management applications: load forecasting, renewable integration, autonomous grid control. Replacement of synchronous generators with inverter-based resources reduces system inertia and increases vulnerability to frequency disturbances. AI Frontiers, academic literature on AI grid stability.</p><p>3. NERC mandatory reliability standards administered under FERC oversight (United States). National Energy System Operator under Ofgem licence conditions (United Kingdom). European Network Codes and ENTSO-E standards (EU).</p><p>4. Federal Power Act &#167; 222, 16 U.S.C. &#167; 824v; FERC Anti-Manipulation Rule, 18 C.F.R. &#167; 1c.2. FERC civil penalties of up to USD 1 million per violation per day. Mango Markets/Eisenberg: convictions subsequently vacated by the district court (Venable, June 2025 reporting).</p><p>5. Department of Energy Section 403 directive to FERC, 23 October 2025, directing rulemaking to accelerate large-load interconnection including AI data centres. PJM Interconnection data centre interconnection demand. Technostatecraft, Utility Dive reporting.</p><p>6. EU AI Act (Regulation (EU) 2024/1689); critical infrastructure AI classified as high-risk under Article 6 and Annex III. High-risk obligations originally scheduled for August 2026. Digital Omnibus provisional agreement 7 May 2026 (Consilium press release): standalone high-risk AI obligations moved to 2 December 2027; product-embedded high-risk AI obligations moved to 2 August 2028; subject to formal adoption. Kennedys Law, Gardner Law, Consilium reporting.</p>]]></content:encoded></item><item><title><![CDATA[Autonomous Vessels, Algorithmic Navigation and the Emerging Law of Unmanned Shipping]]></title><description><![CDATA[From the IMO MASS Code to the River Drone 5 Collision: How Maritime Law Is Absorbing the Crewless Ship]]></description><link>https://www.codeontrial.ai/p/autonomous-vessels-algorithmic-navigation</link><guid isPermaLink="false">https://www.codeontrial.ai/p/autonomous-vessels-algorithmic-navigation</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Mon, 01 Jun 2026 07:41:14 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!K8oC!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F40c0d775-1406-465f-8012-f8a8263f93c2_5464x3640.jpeg" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!K8oC!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F40c0d775-1406-465f-8012-f8a8263f93c2_5464x3640.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!K8oC!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F40c0d775-1406-465f-8012-f8a8263f93c2_5464x3640.jpeg 424w, https://substackcdn.com/image/fetch/$s_!K8oC!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F40c0d775-1406-465f-8012-f8a8263f93c2_5464x3640.jpeg 848w, https://substackcdn.com/image/fetch/$s_!K8oC!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F40c0d775-1406-465f-8012-f8a8263f93c2_5464x3640.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!K8oC!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F40c0d775-1406-465f-8012-f8a8263f93c2_5464x3640.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!K8oC!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F40c0d775-1406-465f-8012-f8a8263f93c2_5464x3640.jpeg" width="1456" height="970" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/40c0d775-1406-465f-8012-f8a8263f93c2_5464x3640.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:970,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:3335013,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/200085517?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F40c0d775-1406-465f-8012-f8a8263f93c2_5464x3640.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!K8oC!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F40c0d775-1406-465f-8012-f8a8263f93c2_5464x3640.jpeg 424w, https://substackcdn.com/image/fetch/$s_!K8oC!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F40c0d775-1406-465f-8012-f8a8263f93c2_5464x3640.jpeg 848w, https://substackcdn.com/image/fetch/$s_!K8oC!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F40c0d775-1406-465f-8012-f8a8263f93c2_5464x3640.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!K8oC!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F40c0d775-1406-465f-8012-f8a8263f93c2_5464x3640.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p><em><strong>Introduction</strong></em></p><p>On 22 May 2026, the International Maritime Organization adopted the first global safety code for autonomous and AI-enabled commercial ships.<sup>1</sup> The Maritime Autonomous Surface Ships Code, agreed at the 111th session of the Maritime Safety Committee in London, establishes a goal-based framework for the design, construction, certification and operation of remotely controlled and autonomous vessels. It applies to large internationally-trading cargo ships and takes effect on 1 July 2026. The code is non-mandatory. A mandatory version is planned for adoption by 2030 at the latest, with entry into force on 1 January 2032.<sup>1</sup></p><p>The adoption is a regulatory milestone, but the legal questions it does not answer are more significant than the safety requirements it establishes. Maritime liability law was constructed around the presence of a human master exercising judgment on a physical bridge. The International Regulations for Preventing Collisions at Sea presuppose a lookout maintaining a proper watch by sight and hearing. The Hague-Visby Rules allocate carrier liability on the basis of due diligence by human agents. When the bridge is empty and the navigation is algorithmic, each of these frameworks confronts a gap between its assumptions and the technology it must now govern.</p><p>The commercial deployment of autonomous vessels is no longer theoretical. The Yara Birkeland, a 120-TEU electric container vessel, has been in commercial operation between Heroya and Brevik in Norway since 2022 and completed a fully autonomous voyage under human supervision in March 2023, though regulatory constraints mean it continues to carry a small crew.<sup>2</sup> The River Drone fleet of ten autonomous dry cargo barges is conducting commercial operations on European inland waterways.<sup>3</sup> The Netherlands amended its Inland Waterways Police Regulations from 1 January 2025 to remove the mandatory crew requirement, enabling applications for autonomous navigation.<sup>3</sup> The MASS Code will accelerate this trajectory. The law is catching up, but it is doing so by adapting existing frameworks rather than building new ones.</p><p><em><strong>The MASS Code and Its Limits</strong></em></p><p>The MASS Code addresses safety requirements across thirteen chapters, covering surveys and certificates, risk assessment, system design, software principles, safe operations management, alert management, manning and training, safety of navigation, connectivity and remote operations.<sup>1</sup> Its central structural feature is the retention of a designated master who holds absolute legal responsibility for the vessel at all times, whether physically stationed on the bridge or monitoring from a remote operations centre ashore.<sup>1</sup></p><p>This is a pragmatic regulatory choice, not a legal answer. It preserves the existing chain of liability under The International Convention for the Safety of Life at Sea (SOLAS) and flag-state law by ensuring that someone, somewhere, can be identified as the responsible human. But it does not resolve the harder questions. When an autonomous navigation system makes a routing decision that leads to a collision, the master at the remote operations centre may have had no practical opportunity to intervene. The MASS Code requires human oversight but does not define the standard of care for a remote operator monitoring multiple vessels through a digital interface rather than standing watch on a single bridge.</p><p>The experience-building phase from 2026 to 2030 is designed to generate the operational data that will inform the mandatory code. During this period, flag states may authorise trials and commercial operations under their own domestic regulatory frameworks. The regulatory landscape will be jurisdictionally fragmented until at least 2032.</p><p><em><strong>The River Drone 5 and the First Collision Involving an Autonomy-Equipped Barge</strong></em></p><p>On 5 December 2024, the autonomous barge River Drone 5 collided with a container vessel on the Scheur River near Rotterdam.<sup>3</sup> At least four containers were spilled into the waterway. The River Drone 5 is one of ten autonomous dry cargo barges, each approximately 100 metres in length with a cargo capacity of 3,850 tonnes, operated by the Dutch maritime technology firm Seafar using remote navigation systems.<sup>3</sup></p><p>The operator confirmed that the vessel was under the command of a captain on board at the time of the collision and was not operating in autonomous mode.<sup>3</sup> The distinction is critical for liability allocation: if the vessel had been navigating autonomously, the liability analysis would have engaged product liability for the navigation system, the classification society&#8217;s certification of the autonomous capability and the regulatory framework under which the vessel was authorised to operate. Because a human captain was in command, the incident falls within conventional fault-based collision law.</p><p>The incident arrived three weeks before the Netherlands activated its new inland waterway regulations permitting crewless autonomous operation from 1 January 2025.<sup>3</sup> The timing illustrates the regulatory challenge: vessels capable of autonomous operation will frequently switch between autonomous and human-commanded modes. The liability framework must accommodate both states and the transitions between them.</p><p><em><strong>Collision Liability and the COLREGs Problem</strong></em></p><p>The 1972 Convention on the International Regulations for Preventing Collisions at Sea was drafted for vessels commanded by human officers making real-time navigational decisions. Rule 5 requires every vessel to maintain a proper lookout &#8220;by sight and hearing as well as by all available means appropriate in the prevailing circumstances.&#8221; Rule 7 requires the use of &#8220;all available means&#8221; to determine risk of collision. Rule 8 requires action to avoid collision to be &#8220;positive, made in ample time and with due regard to the observance of good seamanship.&#8221;<sup>4</sup></p><p>These rules assume human sensory perception and human judgment. An autonomous navigation system does not maintain a lookout &#8220;by sight and hearing&#8221; in any conventional sense. It processes sensor data, radar returns, AIS signals and camera feeds through algorithmic decision-making. Whether this constitutes compliance with Rule 5 depends on whether &#8220;all available means appropriate in the prevailing circumstances&#8221; can encompass an autonomous sensor suite. The IMO&#8217;s regulatory scoping exercise acknowledged this ambiguity but did not resolve it. The MASS Code&#8217;s approach is to require that the autonomous system achieve functional equivalence to human-commanded navigation, without specifying how that equivalence is to be assessed in a collision inquiry.<sup>1</sup></p><p>When two autonomous vessels collide, the traditional apportionment of fault under the Brussels Collision Convention of 1910 faces a category problem. Fault in collision law is assessed against the standard of good seamanship. Good seamanship is a human standard, developed through centuries of admiralty case law and predicated on the judgment of a competent mariner. The question of whether an algorithm can exercise or fail to exercise good seamanship has no settled answer. Norwegian maritime law scholars have proposed that collision costs could be shared proportionally based on COLREGs compliance, treating technical failure as the functional equivalent of navigational error, but no court has adopted this analysis.<sup>5</sup></p><p><em><strong>Classification Society Liability</strong></em></p><p>Classification societies set the standards for ship design, construction and maintenance. Hull, cargo and P&amp;I underwriters require classification as a prerequisite to insurability. For autonomous vessels, classification societies will certify not only the physical structure of the ship but the reliability and safety of the autonomous navigation system, the sensor suite, the communications infrastructure and the software that controls the vessel.<sup>6</sup></p><p>The liability exposure is material. Classification societies have historically disclaimed responsibility for vessel safety, fitness for purpose and seaworthiness, maintaining that their role is verification against published standards rather than warranty of operational capability. This disclaimer has been tested in conventional shipping and has generally held. The question is whether the same disclaimer will survive when the classification society has certified an AI navigation system that subsequently causes a collision. The society&#8217;s assessment of autonomous capability is not a routine structural survey. It involves evaluating software reliability, sensor integration, failure-mode analysis and cybersecurity resilience. If the certified system fails and a vessel is lost, claimants will argue that the society&#8217;s certification constituted a representation of capability that induced reliance by the shipowner, charterer and cargo interests.<sup>6</sup></p><p><em><strong>P&amp;I Insurance and the Coverage Gap</strong></em></p><p>Protection and indemnity insurance covers third-party liabilities including crew injury, cargo claims, collision damage and pollution. The P&amp;I clubs that provide this cover operate as mutual associations, pooling risk across their membership. Their rules and coverage are designed around conventional crewed vessels.<sup>7</sup></p><p>Autonomous vessels introduce risks that sit outside the existing P&amp;I framework. Cyber-attack on a navigation system, software failure causing grounding, sensor malfunction leading to collision and communication loss between the vessel and its remote operations centre are all plausible casualty scenarios with no direct precedent in P&amp;I claims history. The International Group has not yet produced a uniform market wording for autonomous vessel risk. Individual clubs have indicated willingness to cover autonomous operations on a case-by-case basis, but the premium methodology, the exclusion architecture and the allocation of liability between shipowner, software provider and remote operations company remain undefined.<sup>7</sup></p><p>The insurance market is likely to follow the pattern seen in other AI-exposed sectors. For a period, autonomous risks will sit in &#8220;silent&#8221; coverage: neither expressly included nor expressly excluded. The ambiguity will probably be resolved by litigation after a casualty, not by proactive policy drafting.</p><p><em><strong>Electronic Trade Documents and Smart Bills of Lading</strong></em></p><p>The digitisation of shipping documents is proceeding on a separate but convergent track. UNCITRAL&#8217;s Model Law on Electronic Transferable Records has been enacted or adopted in legislation in at least eleven jurisdictions.<sup>8</sup> The United Kingdom&#8217;s Electronic Trade Documents Act 2023 gave digital trade documents legal equivalence with paper.<sup>8</sup> India&#8217;s Bills of Lading Act 2025 modernised the statutory framework for bills of lading in a major emerging market, but it should not be treated as equivalent to the United Kingdom&#8217;s Electronic Trade Documents Act 2023.<sup>8</sup></p><p>Blockchain-based smart bills of lading promise to automate the transfer of title to goods in transit. If an autonomous vessel carries cargo under a smart bill of lading that releases title on delivery confirmation from the vessel&#8217;s own sensors, the entire transaction from loading to title transfer could in principle occur without human intervention. The legal infrastructure is being assembled. The ICC&#8217;s 2024 Digital Trade Survey found that 49.2% of respondents were already using electronic bills of lading in some capacity. That is a respondent-usage figure, not a measure of eBLs as a proportion of all bills of lading issued.<sup>8</sup></p><p>The convergence of autonomous vessels and electronic trade documents raises liability questions that neither framework addresses in isolation. If a smart bill of lading releases title based on sensor data from an autonomous vessel and the cargo is subsequently found to be damaged, the allocation of liability between the carrier, the software provider, the sensor manufacturer and the blockchain platform operator has no precedent.</p><p><em><strong>Strategic Outlook</strong></em></p><p>Maritime law absorbs technological change slowly and through accretion. The MASS Code will not create a comprehensive law of autonomous shipping. It will provide a safety framework within which flag states, classification societies, P&amp;I clubs and commercial parties must build their own liability and contractual structures.</p><p>Three gaps will define the next decade of autonomous shipping disputes. The COLREGs gap, where the collision avoidance regime has not been rewritten for algorithmic navigation and will be interpreted by admiralty courts applying human-seamanship standards to machine decisions. The insurance gap, where P&amp;I coverage has not been restructured for autonomous risks and where the first major casualty will produce coverage litigation before it produces safety regulation. And the liability gap, where the allocation of responsibility between the remote master, the shipowner, the software provider, the classification society and the communications infrastructure operator remains contractually and doctrinally unresolved.</p><p>The shipowners and technology companies that build the first generation of commercial autonomous fleets are constructing the factual matrix from which maritime law will be remade. The direction of travel is not fixed. The law may adapt fault-based principles to autonomous operation. It may move towards strict liability for autonomous systems. Much will depend on where the first catastrophic casualty occurs and which court hears the case.</p><p></p><p></p><p><strong>Notes</strong></p><p>1. IMO Maritime Safety Committee, 111th session (MSC 111), 13-22 May 2026; adoption of the non-mandatory Maritime Autonomous Surface Ships (MASS) Code; entry into force 1 July 2026; mandatory code planned for adoption by 2030, entry into force 1 January 2032. DNV reporting on MSC 111 confirms thirteen-chapter structure and retention of designated master with absolute legal responsibility.</p><p>2. MV Yara Birkeland, 120-TEU electric autonomous container vessel, operating between Heroya and Brevik, Norway (approximately 7 nautical miles), since 2022; fully autonomous voyage under human supervision completed March 2023; continues to carry small crew due to regulatory constraints; built by Vard, owned by Yara International. Yara International reporting.</p><p>3. River Drone 5 collision, Scheur River near Rotterdam, 5 December 2024; approximately 100m autonomous barge, 3,850-tonne capacity, operated by Seafar; four containers spilled; operator confirmed vessel was under human command, not autonomous mode, at time of collision. Maritime Executive, Marine Insight and Breakbulk News reporting. Netherlands amended Inland Waterways Police Regulations (BPR) from 1 January 2025 removing mandatory crew requirement and enabling applications for autonomous navigation exemptions.</p><p>4. Convention on the International Regulations for Preventing Collisions at Sea 1972 (COLREGs), Rules 5 (lookout), 7 (risk of collision) and 8 (action to avoid collision).</p><p>5. Wiersholm, &#8216;Liability for damage caused by autonomous ships: a Norwegian perspective&#8217;, discussing fault-based collision liability under the Norwegian Maritime Code and its application to autonomous vessels; ScienceDirect, &#8216;Tortious liability for autonomous marine vehicle collisions: A suggestive move from fault-based to strict liability&#8217; (2025).</p><p>6. Skuld, &#8216;Liability of Classification Societies&#8217;; IACS classification requirements for hull, cargo and P&amp;I insurability; SAFETY4SEA, &#8216;Insurers&#8217; Considerations for Autonomous Ships&#8217;.</p><p>7. International Group of P&amp;I Clubs; SAFETY4SEA, &#8216;Insurers&#8217; Considerations for Autonomous Ships&#8217;; Riviera Maritime Media, &#8216;Autonomous shipping creates liability waves&#8217;.</p><p>8. UNCITRAL Model Law on Electronic Transferable Records (MLETR), enacted or adopted in legislation in at least 11 jurisdictions per UNCITRAL status page; UK Electronic Trade Documents Act 2023; India&#8217;s Bills of Lading Act 2025 modernised India&#8217;s bills of lading framework; it does not provide the same electronic trade document equivalence model as the UK Electronic Trade Documents Act 2023; ICC 2024 Digital Trade Survey reporting 49.2% of respondents using electronic bills of lading, with actual eBL penetration as a proportion of total bills of lading issued remaining in the low single digits.</p>]]></content:encoded></item><item><title><![CDATA[Voiceprints under BIPA]]></title><description><![CDATA[Nine class actions allege Alphabet, Amazon, Apple, Meta, Microsoft, NVIDIA, Samsung, Adobe and ElevenLabs took voice recordings from Illinois broadcasters, podcasters and audiobook narrators to train]]></description><link>https://www.codeontrial.ai/p/voiceprints-under-bipa</link><guid isPermaLink="false">https://www.codeontrial.ai/p/voiceprints-under-bipa</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Fri, 29 May 2026 04:47:48 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!UYyY!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb4833ad9-fcc3-4d9f-b612-4e5f2dcfcb8c_1456x780.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!UYyY!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb4833ad9-fcc3-4d9f-b612-4e5f2dcfcb8c_1456x780.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!UYyY!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb4833ad9-fcc3-4d9f-b612-4e5f2dcfcb8c_1456x780.png 424w, https://substackcdn.com/image/fetch/$s_!UYyY!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb4833ad9-fcc3-4d9f-b612-4e5f2dcfcb8c_1456x780.png 848w, https://substackcdn.com/image/fetch/$s_!UYyY!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb4833ad9-fcc3-4d9f-b612-4e5f2dcfcb8c_1456x780.png 1272w, https://substackcdn.com/image/fetch/$s_!UYyY!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb4833ad9-fcc3-4d9f-b612-4e5f2dcfcb8c_1456x780.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!UYyY!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb4833ad9-fcc3-4d9f-b612-4e5f2dcfcb8c_1456x780.png" width="1456" height="780" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/b4833ad9-fcc3-4d9f-b612-4e5f2dcfcb8c_1456x780.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:780,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:85688,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/199577822?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb4833ad9-fcc3-4d9f-b612-4e5f2dcfcb8c_1456x780.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!UYyY!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb4833ad9-fcc3-4d9f-b612-4e5f2dcfcb8c_1456x780.png 424w, https://substackcdn.com/image/fetch/$s_!UYyY!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb4833ad9-fcc3-4d9f-b612-4e5f2dcfcb8c_1456x780.png 848w, https://substackcdn.com/image/fetch/$s_!UYyY!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb4833ad9-fcc3-4d9f-b612-4e5f2dcfcb8c_1456x780.png 1272w, https://substackcdn.com/image/fetch/$s_!UYyY!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb4833ad9-fcc3-4d9f-b612-4e5f2dcfcb8c_1456x780.png 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Nine class actions commenced in the Northern District of Illinois between 11 and 13 May 2026 allege that Alphabet, Amazon, Apple, Meta, Microsoft, NVIDIA, Samsung, Adobe and ElevenLabs extracted voiceprints from recordings of Illinois broadcasters, podcasters and audiobook narrators in the course of training AI foundation voice models. The plaintiffs say none of this was preceded by notice, written consent or a publicly available retention policy. The statute they sue under is the Illinois Biometric Information Privacy Act 2008.</p><p><strong>The plaintiffs and the defendants</strong></p><p>The named plaintiffs include Carol Marin (CBS News, 60 Minutes, Chicago Tonight), Phil Rogers (NBC Chicago, WBBM), Robin Amer (The Washington Post and The City podcast), Yohance Lacour (You Didn&#8217;t See Nothin&#8217;), Lindsey Dorcus (audiobook narrator for Penguin Random House, Hachette and Disney), Victoria Nassif (Chicago PD; audiobooks for Penguin, Hachette and Audible) and Alison Flowers (Invisible Institute; Somebody podcast). Flowers is named in every action except those against Amazon and Apple. The plaintiffs are represented by Loevy + Loevy with Ross Kimbarovsky as lead counsel.</p><p><strong>The statute</strong></p><p>Section 10 of BIPA defines biometric identifier as a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry. Voiceprint has sat in the statutory definition since the Act was passed in 2008. Section 15 sets the obligations that BIPA actions are typically built on. Section 15(a) requires a publicly available retention and destruction schedule. Section 15(b) requires written notice and written consent before collecting a biometric identifier. Section 15(c) prohibits selling, leasing or otherwise profiting from biometric data. Section 15(d) restricts disclosure without consent or statutory exception, and Section 15(e) requires reasonable care in storage and protection. Section 20 fixes statutory damages at $1,000 for negligent violations and $5,000 for intentional or reckless violations, plus reasonable attorneys&#8217; fees, costs and injunctive relief.</p><p><strong>Damages after Clay</strong></p><p>After Cothron v. White Castle, Section 15(b) and Section 15(d) claims could accrue with each scan or transmission. That was the source of the per-scan exposure problem in workplace fingerprint litigation. A biometric timeclock used repeatedly over several years could produce thousands of alleged statutory violations for the same employee.</p><p>The Illinois General Assembly passed Public Act 103-0769 in August 2024 to narrow that exposure. For repeated Section 15(b) collection and Section 15(d) disclosure, the statute now limits recovery to one award per person, per method, for the same biometric identifier or information. On 1 April 2026, the Seventh Circuit in Clay v. Union Pacific Railroad Company, No. 25-2185, held that the amendment applies retroactively to cases pending at the time of enactment.</p><p>The result is a narrower damages framework. The question is no longer whether repeated ingestion events can multiply exposure in the same way as repeated fingerprint scans. It is whether the alleged extraction of a voiceprint from training recordings falls within BIPA at all.</p><p><strong>The Section 10 question</strong></p><p>The decisive question across the nine complaints is whether training a foundation voice model on a recording extracts a voiceprint within the meaning of Section 10. The plaintiffs say it does. A foundation voice model is trained on pitch, cadence, tone and vocal-tract characteristics. On that case, the mathematical representation those features produce inside the model is a voiceprint by another name. The defendants are likely to say it does not. On the defence view, a recording is audio data and a voiceprint is a stored mathematical identifier used to authenticate a speaker. If the data is generalised across many speakers and is not retained as a speaker-authentication template, the defence will say it is neither. Microsoft has already advanced that position in separate Teams litigation: Basich v. Microsoft Corp., W.D. Wash.</p><p><strong>What to watch</strong></p><p>Two thresholds will shape the litigation.</p><p>First, whether the Northern District of Illinois accepts the plaintiffs&#8217; theory that training a foundation voice model on a recording is collection of a voiceprint within Section 15(b).</p><p>Second, whether the post-Clay damages framework leaves enough exposure and settlement leverage to support coordinated nine-defendant litigation. The Section 10 voiceprint question will decide the first point. Early consolidation decisions, dismissal motions and any first settlement structure will show the second.</p><p></p><p><strong>Sources</strong></p><p>Loevy + Loevy press release, 14 May 2026.</p><p>Chicago Sun-Times, 19 May 2026.</p><p>Capitol News Illinois, 15 May 2026.</p><p>740 ILCS 14/1 et seq. (Illinois Biometric Information Privacy Act).</p><p>Public Act 103-0769 (eff. 2 August 2024).</p><p>Cothron v. White Castle System, Inc., 2023 IL 128004.</p><p>Clay v. Union Pacific Railroad Company, No. 25-2185 (7th Cir. 1 April 2026).</p><p>Basich v. Microsoft Corp., W.D. Wash. (pending).</p><p>CourtListener, Basich v. Microsoft Corporation, No. 2:26-cv-00422, W.D. Wash.</p><p>UC Today, Microsoft Teams Lawsuit: BIPA Class Action Targets AI Voice Data, 17 February 2026.</p><p>Law360, Microsoft Says Teams Info Not &#8216;Voiceprint&#8217; Under BIPA.</p>]]></content:encoded></item><item><title><![CDATA[The Pikabea Pleading and the State-Law Backstop for AI Washing in Crypto]]></title><description><![CDATA[The pleading]]></description><link>https://www.codeontrial.ai/p/the-pikabea-pleading-and-the-state</link><guid isPermaLink="false">https://www.codeontrial.ai/p/the-pikabea-pleading-and-the-state</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Thu, 28 May 2026 04:10:36 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!Yz-Y!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F66cb4382-56ff-4d5d-ba64-d53695f29262_1200x1200.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!Yz-Y!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F66cb4382-56ff-4d5d-ba64-d53695f29262_1200x1200.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!Yz-Y!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F66cb4382-56ff-4d5d-ba64-d53695f29262_1200x1200.png 424w, https://substackcdn.com/image/fetch/$s_!Yz-Y!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F66cb4382-56ff-4d5d-ba64-d53695f29262_1200x1200.png 848w, https://substackcdn.com/image/fetch/$s_!Yz-Y!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F66cb4382-56ff-4d5d-ba64-d53695f29262_1200x1200.png 1272w, https://substackcdn.com/image/fetch/$s_!Yz-Y!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F66cb4382-56ff-4d5d-ba64-d53695f29262_1200x1200.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!Yz-Y!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F66cb4382-56ff-4d5d-ba64-d53695f29262_1200x1200.png" width="1200" height="1200" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/66cb4382-56ff-4d5d-ba64-d53695f29262_1200x1200.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1200,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:84625,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/199482104?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F66cb4382-56ff-4d5d-ba64-d53695f29262_1200x1200.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!Yz-Y!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F66cb4382-56ff-4d5d-ba64-d53695f29262_1200x1200.png 424w, https://substackcdn.com/image/fetch/$s_!Yz-Y!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F66cb4382-56ff-4d5d-ba64-d53695f29262_1200x1200.png 848w, https://substackcdn.com/image/fetch/$s_!Yz-Y!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F66cb4382-56ff-4d5d-ba64-d53695f29262_1200x1200.png 1272w, https://substackcdn.com/image/fetch/$s_!Yz-Y!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F66cb4382-56ff-4d5d-ba64-d53695f29262_1200x1200.png 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p><em><strong>The pleading</strong></em></p><p>In <em>Pikabea v. Walters</em> (S.D.N.Y. 1:26-cv-03238, commenced 20 April 2026), a putative class of AI16Z / ELIZAOS purchasers sued Shaw Walters, Eliza Labs, AI16Z DAO and others. The complaint alleges that the project&#8217;s central claim, that an autonomous AI agent named &#8220;Marc AIndreessen&#8221; was managing on-chain investment decisions, was false. It alleges the agent was operated manually.&#185; Secondary reporting refers to a class said to cover approximately 3,945 affected wallet addresses across a class period running from 24 October 2024 to 20 April 2026.&#178;</p><p>The pleading further alleges that the project mimicked the &#8220;a16z&#8221; abbreviation of Andreessen Horowitz without authorisation. It alleges that a late-2025 token migration from $AI16Z to $ELIZAOS expanded supply tenfold from 1.1 billion to 11 billion. Of the expanded supply, 40 per cent is alleged to have been allocated to insiders and undisclosed private investors against a 60 per cent allocation to public holders.&#179; The token had reportedly reached a peak market capitalisation above USD 2.6 billion in early January 2025.</p><p>The complaint asserts six counts: sections 349 and 350 of the New York General Business Law (deceptive acts or practices and false advertising), the California Unfair Competition Law and False Advertising Law, negligent misrepresentation and unjust enrichment. There is no Securities Act or Exchange Act claim.</p><p>The action has been assigned to Hon. Jed S. Rakoff. At a status conference on 19 May 2026, the court declined to advance the matter because plaintiff had made only one service attempt on Walters in San Francisco; a written report on service is due by 10am on 5 June 2026. Sebastian Quinn-Watson is resident in Australia and will require Hague Convention service. AI16Z DAO&#8217;s amenability to suit is contested; DLA Piper, appearing for Walters and Eliza Labs, took the position at the same conference that &#8220;the DAO can&#8217;t be sued&#8221;.&#8311; The forum is the same district and before the same judge as <em>United States v. Heppner</em> (S.D.N.Y., 17 February 2026), the AI-privilege ruling involving a criminal defendant&#8217;s self-directed use of Claude.</p><p><em><strong>The state-law turn</strong></em></p><p>The choice is consistent with two converging pressures. The first is the SEC&#8217;s reorientation. The joint SEC/CFTC interpretive release of 17 March 2026 sets out a taxonomy of crypto-assets and signals an approach centred on classification rather than the front-foot enforcement of the Gensler era. Chairman Atkins has signalled that AI-related misstatements will be addressed under existing anti-fraud frameworks rather than through a bespoke AI-washing rule.&#8308;</p><p>The second is the prior enforcement record. The SEC&#8217;s March 2024 settlements against Delphia (USA) Inc. and Global Predictions Inc. produced civil penalties of $225,000 and $175,000 respectively for misstatements about the use of AI in investment processes. The enforcement template exists. What is uncertain is whether it will be used in crypto-token AI-agent cases where classification remains contested.&#8309;</p><p>The Pikabea complaint shows how that gap may be filled. State consumer protection statutes do not depend on a &#8220;security&#8221; classification of the token. Section 349 of the New York General Business Law requires a deceptive act in the conduct of any business directed at consumers in New York. Section 350 requires false advertising. The California UCL and FAL provide analogous coverage. The pleader does not need to win the Howey debate to advance the state-law theory.</p><p><em><strong>The English comparator</strong></em></p><p>A claim of this character would be addressed differently in the United Kingdom. Under the Digital Markets, Competition and Consumers Act 2024, in force from 6 April 2025, the CMA may issue direct infringement decisions for misleading commercial practices and impose civil penalties of up to 10 per cent of a trader&#8217;s global turnover without first obtaining a court order.&#8310; A token promotion that misrepresented the existence of an autonomous AI agent would be capable of attracting that jurisdiction. It would also fall within the FCA&#8217;s financial promotions regime for qualifying cryptoassets, in force since 8 October 2023, where breach of the section 21 financial-promotion restriction can amount to a criminal offence under section 25 of the Financial Services and Markets Act 2000.</p><p>The English direction is administrative and centralised. The American direction, at least for the moment, is private and state-based. The same misrepresented AI capability is policed through two different enforcement architectures.</p><p><em><strong>Implications for practitioners</strong></em></p><p>Three points follow. First, crypto issuers should treat any &#8220;autonomous AI agent&#8221; claim as capable of being characterised as a material representation under state consumer protection law and, in UK-facing promotion, as part of a financial promotion under FCA rules. Second, pleading strategy in US AI-washing cases may migrate towards state consumer statutes in federal forums where securities status is contested. Third, English counsel advising crypto issuers must stress-test promotional copy not against the Misrepresentation Act 1967 alone but against the DMCC Act enforcement regime, which imposes a far heavier penalty exposure.</p><p>Pikabea is the early-stage pleading. Whether the court certifies a class and whether the state-law theory survives a motion to dismiss will set the template for the next generation of AI-washing claims.</p><p><em><strong>Footnotes</strong></em></p><p>&#185; <em>Pikabea v. Walters et al</em>, No. 1:26-cv-03238 (S.D.N.Y. commenced 20 April 2026; Rakoff, J.). Justia docket; Inner City Press court report of the 19 May 2026 status conference; Burwick Law statement of 20 April 2026. Operative complaint not independently reviewed at time of writing.</p><p>&#178; Wallet-address figure (approximately 3,945) drawn from secondary reporting (Binance Square, claimdepot.com, 21 April 2026).</p><p>&#179; Allocation, supply and migration figures, market-capitalisation figure and chronology drawn from secondary reporting (claimdepot.com, 21 April 2026, citing the complaint paragraph-by-paragraph; crypto-economy.com; cryptorank.io). Independent verification against the operative complaint and the token contract remains recommended.</p><p>&#8308; SEC interpretive release issued with CFTC interpretive guidance, 17 March 2026 (SEC Press Release 2026-30; SEC Release No. 33-11412).</p><p>&#8309; <em>In re Delphia (USA) Inc.</em> and <em>In re Global Predictions Inc.</em>, SEC settled orders of 18 March 2024 (penalties of $225,000 and $175,000). Wider AI-washing template includes the June 2024 charges against the founder of Joonko Diversity Inc. (SEC Press Release 2024-70).</p><p>&#8310; Digital Markets, Competition and Consumers Act 2024, Parts 3 and 4 (consumer protection), in force 6 April 2025 (Commencement No. 2 Regulations 2025).</p><p>&#8311; Inner City Press court report, &#8220;Crypto Lawsuit Over AI16Z Is Delayed By Lax Service of Process in SF As DAO Unrepresented&#8221; (19 May 2026), reporting the live SDNY status conference before Judge Rakoff on service of process and the DAO&#8217;s amenability to suit.</p>]]></content:encoded></item><item><title><![CDATA[Privilege, AI and the Kovel Question]]></title><description><![CDATA[In United States v.]]></description><link>https://www.codeontrial.ai/p/privilege-ai-and-the-kovel-question</link><guid isPermaLink="false">https://www.codeontrial.ai/p/privilege-ai-and-the-kovel-question</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Tue, 26 May 2026 09:11:09 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!QVhd!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F098886df-b00d-4209-89fe-2a698d6c117f_1200x1200.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!QVhd!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F098886df-b00d-4209-89fe-2a698d6c117f_1200x1200.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!QVhd!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F098886df-b00d-4209-89fe-2a698d6c117f_1200x1200.png 424w, https://substackcdn.com/image/fetch/$s_!QVhd!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F098886df-b00d-4209-89fe-2a698d6c117f_1200x1200.png 848w, https://substackcdn.com/image/fetch/$s_!QVhd!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F098886df-b00d-4209-89fe-2a698d6c117f_1200x1200.png 1272w, https://substackcdn.com/image/fetch/$s_!QVhd!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F098886df-b00d-4209-89fe-2a698d6c117f_1200x1200.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!QVhd!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F098886df-b00d-4209-89fe-2a698d6c117f_1200x1200.png" width="1200" height="1200" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/098886df-b00d-4209-89fe-2a698d6c117f_1200x1200.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1200,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:76167,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/199300218?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F098886df-b00d-4209-89fe-2a698d6c117f_1200x1200.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!QVhd!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F098886df-b00d-4209-89fe-2a698d6c117f_1200x1200.png 424w, https://substackcdn.com/image/fetch/$s_!QVhd!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F098886df-b00d-4209-89fe-2a698d6c117f_1200x1200.png 848w, https://substackcdn.com/image/fetch/$s_!QVhd!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F098886df-b00d-4209-89fe-2a698d6c117f_1200x1200.png 1272w, https://substackcdn.com/image/fetch/$s_!QVhd!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F098886df-b00d-4209-89fe-2a698d6c117f_1200x1200.png 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>In <em>United States v. Heppner</em>, Judge Rakoff (S.D.N.Y., 17 February 2026) ruled that a criminal defendant&#8217;s exchanges with Anthropic&#8217;s Claude were not protected by attorney-client privilege.<sup>1</sup> That opening understates the split that followed within six weeks.</p><p><em><strong>The American split</strong></em></p><p>Three federal opinions issued between February and March now sit in tension. <em>Heppner</em> refuses both attorney-client privilege and work product protection to AI-generated material a client produced on his own initiative. <em>Warner v. Gilbarco, Inc.</em> (E.D. Mich., 10 February 2026), decided the same day as <em>Heppner</em>&#8216;s ruling, protects pro se work product on the reasoning that generative AI tools &#8220;are tools, not persons&#8221; and that treating each prompt as a waiver would &#8220;nullify work-product protection in nearly every modern drafting environment&#8221;.<sup>2</sup> <em>Morgan v. V2X, Inc.</em> (D. Colo., 30 March 2026) sits between the two. Magistrate Judge Dominguez Braswell upheld work product protection but compelled the litigant to disclose the AI tool used and prohibited uploads of confidential discovery into any platform not contractually barred from training on, retaining or sharing the inputs.<sup>3</sup></p><p>All three opinions are first-instance. None has yet been tested on appeal. The pressure point is not the privilege analysis itself, which is conventional. It is the framing of the AI tool. <em>Heppner</em> treats Claude as a non-lawyer interlocutor whose receipt of the communication destroys it. <em>Warner</em> treats the tool as an instrument of the litigant, no different from a word processor with autocomplete. <em>Morgan</em> accepts the <em>Warner</em>  framing but imposes a vendor-contract overlay borrowed from data protection practice.</p><p><em><strong>The Kovel line</strong></em></p><p>The unresolved question for practitioners is whether <em>United States v. Kovel</em>, 296 F.2d 918 (2d Cir. 1961), reaches AI. <em>Kovel</em> extended privilege to communications routed through an accountant engaged by counsel to assist in providing legal advice. Subsequent authority confirmed the principle that translators, investigators and experts hired by counsel can sit inside the privileged circle as the lawyer&#8217;s agent.</p><p><em>Heppner</em> gestures at this without resolving it. Judge Rakoff observed that the outcome could have been different had counsel directed the use of Claude and the document fed back into the lawyer&#8217;s advice loop. The immediate route is therefore not an AI privilege, but the older agency question: whether the tool was deployed at counsel&#8217;s direction for the purpose of enabling legal advice. That test will probably arrive in a civil case in which counsel has directed the use of an enterprise AI tool with contractual restrictions on training, retention and disclosure. The question will be whether the <em>Kovel</em> principle survives the translation from a human professional to a model.</p><p><em><strong>The English position and the practitioner read</strong></em></p><p>The Upper Tribunal decision in <em>Munir v Secretary of State for the Home Department</em> [2026] UKUT 81 (IAC) takes the harder position. Uploading confidential client material into a public or open AI tool (what the Tribunal called an &#8220;open-source AI tool, such as ChatGPT&#8221;) is publication to the public domain that waives legal professional privilege. Closed-source enterprise systems sit outside that holding, but the Tribunal did not extend privilege to them affirmatively. The <em>Three Rivers (No 6)</em> [2004] UKHL 48 architecture, which already constrains legal advice privilege to lawyer-client communications and litigation privilege to anticipated proceedings, leaves little room for a <em>Kovel</em>-style agency extension to consumer AI in England and Wales.</p><p>For in-house counsel the strategic position is now clear in outline. Three propositions hold across both jurisdictions. The lawyer&#8217;s direction must be documented at the point the AI tool is deployed, not reconstructed later. The vendor contract must restrict training, retention and third-party disclosure. Consumer AI tools should be excluded from any workflow that touches privileged or work product material until the appellate position is settled.</p><p>The first federal case to test <em>Kovel</em> against an enterprise AI deployment is the one to watch. Until then, <em>Heppner</em>, <em>Warner</em> and <em>Morgan</em> identify the question without resolving it.</p><p><sup>1</sup> <em>United States v. Heppner</em>, S.D.N.Y., Memorandum Opinion of 17 February 2026 (Rakoff, J.).</p><p><sup>2</sup> <em>Warner v. Gilbarco</em>, Inc., No. 2:24-cv-12333, E.D. Mich., Order of 10 February 2026 (Patti, M.J.).</p><p><sup>3</sup> <em>Morgan v. V2X</em>, Inc., D. Colo., Order of 30 March 2026 (Dominguez Braswell, M.J.).</p>]]></content:encoded></item><item><title><![CDATA[Code, Courts and the Limits of Autonomous Agreement: The Jurisprudence of Smart Contract Disputes]]></title><description><![CDATA[From Mango Markets to the Property (Digital Assets etc) Act 2025: How Legal Systems Are Absorbing Programmable Transactions]]></description><link>https://www.codeontrial.ai/p/code-courts-and-the-limits-of-autonomous</link><guid isPermaLink="false">https://www.codeontrial.ai/p/code-courts-and-the-limits-of-autonomous</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Mon, 25 May 2026 05:01:42 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!YNd6!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe0546110-0056-4238-97c7-fc1c26c2a5e2_3840x2160.jpeg" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!YNd6!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe0546110-0056-4238-97c7-fc1c26c2a5e2_3840x2160.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!YNd6!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe0546110-0056-4238-97c7-fc1c26c2a5e2_3840x2160.jpeg 424w, https://substackcdn.com/image/fetch/$s_!YNd6!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe0546110-0056-4238-97c7-fc1c26c2a5e2_3840x2160.jpeg 848w, https://substackcdn.com/image/fetch/$s_!YNd6!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe0546110-0056-4238-97c7-fc1c26c2a5e2_3840x2160.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!YNd6!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe0546110-0056-4238-97c7-fc1c26c2a5e2_3840x2160.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!YNd6!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe0546110-0056-4238-97c7-fc1c26c2a5e2_3840x2160.jpeg" width="1456" height="819" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/e0546110-0056-4238-97c7-fc1c26c2a5e2_3840x2160.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:819,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:303374,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/198863483?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe0546110-0056-4238-97c7-fc1c26c2a5e2_3840x2160.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!YNd6!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe0546110-0056-4238-97c7-fc1c26c2a5e2_3840x2160.jpeg 424w, https://substackcdn.com/image/fetch/$s_!YNd6!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe0546110-0056-4238-97c7-fc1c26c2a5e2_3840x2160.jpeg 848w, https://substackcdn.com/image/fetch/$s_!YNd6!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe0546110-0056-4238-97c7-fc1c26c2a5e2_3840x2160.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!YNd6!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe0546110-0056-4238-97c7-fc1c26c2a5e2_3840x2160.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p><em><strong>Introduction</strong></em></p><p>On 23 May 2025, Judge Arun Subramanian of the Southern District of New York granted Avraham Eisenberg&#8217;s Rule 29 motion following his Mango Markets conviction.<sup>1</sup> Eisenberg had been convicted by a jury in April 2024 on commodities fraud, commodities manipulation and wire fraud. The trial judge set aside all three counts. The ruling was not a general endorsement of &#8220;code is law&#8221;. It was narrower and more legally important. The commodities convictions failed because the government had not proved venue in the Southern District of New York. The wire-fraud count failed both because the government had not proved venue and because it had not proved a false statement or deceptive representation to the protocol. The decision exposes the difficulty of translating protocol-permitted conduct into conventional fraud doctrine, but it does not immunise manipulation as such. Federal prosecutors have appealed.<sup>1</sup></p><p>The decision crystallises a problem that courts across multiple jurisdictions are now confronting. Smart contracts execute autonomously. They do not interpret. They do not exercise discretion. They do what their code permits. When a participant exploits that code in ways the developers did not anticipate, the question of whether that conduct constitutes fraud depends on whether the protocol itself established the norms being violated. If the protocol is silent, the traditional elements of fraud may not be present. The implications for decentralised finance are practical, not theoretical and the case law emerging in 2024 and 2025 suggests that legal systems are absorbing programmable transactions into existing doctrinal frameworks rather than constructing new ones.</p><p>The emerging case law is not asking whether code is law. It is asking which layer of a decentralised system the law should treat as legally operative: the autonomous code, the governance machinery around it, or the human actors who designed, controlled and profited from both. The cases reviewed in this article divide across those three layers. Eisenberg concerns the autonomous code layer. Tornado Cash concerns the boundary between code and its human operators. Ooki DAO and the governance-exploit cases concern the human control layer. The Property (Digital Assets etc) Act 2025 provides the English-law proprietary framework within which disputes at all three layers may be resolved.</p><p><em><strong>The Mango Markets Problem</strong></em></p><p>The mechanics of Eisenberg&#8217;s scheme were straightforward in execution if complex in structure. In October 2022, he created two accounts on the Mango Markets platform. One account took a large long position in MNGO Perpetuals; the other took a corresponding short position. He then purchased MNGO tokens across multiple exchanges in sufficient volume to inflate the spot price. Because Mango Markets used an oracle feed drawing on those external exchange prices, the inflated spot price fed through to his perpetual position&#8217;s unrealised profit. That unrealised profit constituted collateral within the protocol. Against that inflated collateral, Eisenberg borrowed approximately $110 million in other tokens from the Mango Markets lending pools and withdrew them from the platform.<sup>1</sup></p><p>The scheme was public. Eisenberg identified himself on social media within days and described his actions as a &#8220;highly profitable trading strategy.&#8221; He offered to return a portion of the funds in exchange for an agreement not to pursue criminal prosecution, a negotiation conducted openly through on-chain governance proposals.</p><p>The legal question was precise: if a decentralised protocol has no rules prohibiting the conduct, is exploiting it fraud? The government&#8217;s theory had two strands. The commodities counts treated the oracle-driven price inflation as market manipulation. The wire-fraud count treated the borrowing as obtaining property by false pretences. The court separated them. It held that the commodities counts failed for want of venue. The wire-fraud count failed for want of venue and, independently, because the protocol had made no representation capable of being falsified and had no rule prohibiting the borrowing.<sup>1</sup></p><p>The appeal is pending before the Second Circuit. It will test how far venue doctrine and wire-fraud falsity constrain crypto-exploit prosecutions. It will not settle all DeFi liability. It will matter most where prosecutors seek to characterise protocol-permitted execution as deceit, rather than as manipulation, theft or unauthorised access.</p><p><em><strong>Tornado Cash and the Limits of Sanctioning Code</strong></em></p><p>On 26 November 2024, the Fifth Circuit held that the Office of Foreign Assets Control exceeded its statutory authority when it designated the immutable smart contracts of Tornado Cash under the International Emergency Economic Powers Act.<sup>2</sup> The court&#8217;s reasoning was direct. IEEPA permits the blocking of &#8220;property&#8221; in which a foreign national has an &#8220;interest&#8221;. Immutable smart contracts do not constitute property within that statutory meaning where no person owns, controls or can modify them. No person holds an ownership interest. No person exercises exclusion rights. The contracts exist on the Ethereum blockchain, executing their mixing function for anyone who interacts with them.</p><p>The Treasury Department declined to seek certiorari. On 21 March 2025, OFAC formally delisted the Tornado Cash smart contract addresses.<sup>3</sup> The sanctions designation that had been in force since August 2022 was withdrawn.</p><p>Roman Storm&#8217;s prosecution shows the same distinction operating from the other direction. In August 2025, a jury convicted him of conspiracy to operate an unlicensed money-transmitting business but deadlocked on the money-laundering and sanctions-conspiracy counts.<sup>2</sup> The result sharpens the distinction drawn in Van Loon: immutable contracts may fall outside OFAC&#8217;s property-blocking power under IEEPA, but developers and operators remain exposed to conventional criminal theories where prosecutors can prove the necessary human conduct and mens rea. As of May 2026, prosecutors were seeking an October 2026 retrial on the two deadlocked counts, while Storm continued to pursue post-trial relief from the money-transmitting conviction.</p><p>Immutable smart contracts may fall outside a particular statutory mechanism, as Van Loon held under IEEPA. That does not make the wider protocol ecosystem legally neutral. Interfaces, developers, governance participants, relayers and entities that profit from or maintain the system remain capable of regulation or prosecution where ordinary statutory elements are satisfied. The separation of code from coder is becoming a central organising principle in this area.</p><p><em><strong>DAO Liability and the Ooki DAO Precedent</strong></em></p><p>In June 2023, the Commodity Futures Trading Commission obtained a default judgment against Ooki DAO in the Northern District of California.<sup>4</sup> The court imposed a civil monetary penalty of $643,542 and a permanent trading and registration ban. The significance of the judgment lies not in the quantum but in the jurisdictional finding: the court held that Ooki DAO was an unincorporated association under California law and therefore was a &#8220;person&#8221; under the Commodity Exchange Act and could be sued, served and bound by judgment.<sup>4</sup></p><p>The CFTC had served the DAO through a &#8220;help chat&#8221; box on its website and by posting the complaint in a governance forum, methods the court accepted as adequate under the circumstances. The DAO&#8217;s failure to appear (no individual took responsibility for instructing lawyers) produced the default. But the legal architecture the court constructed survives independently of the procedural posture. If a DAO is an unincorporated association, its members may bear joint and several liability for its obligations. The harder question is whether governance participation can translate into personal exposure. Ooki establishes that the DAO itself may be treated as an unincorporated association. It does not yet establish that every voting token holder is personally liable for the DAO&#8217;s regulatory violations.</p><p>Token-holder liability therefore remains the unresolved issue. No court has yet determined whether holding a governance token and voting on a proposal creates the degree of participation necessary to establish personal liability under unincorporated association principles. The question is live. Multiple enforcement actions against DAOs are proceeding in various jurisdictions and the Ooki DAO framework provides the template that regulators are deploying. For DeFi governance participants, the practical consequence is that voting on protocol proposals may create legal exposure that a purely passive token holding would not.</p><p><em><strong>The Property (Digital Assets etc) Act 2025</strong></em></p><p>The Property (Digital Assets etc) Act 2025 received Royal Assent on 2 December 2025.<sup>5</sup> It contains one operative section, but the legal effect is material. The Act confirms that digital assets are capable of being personal property under English law notwithstanding that they are neither things in possession nor things in action. It gives statutory footing to the third-category analysis that the common law had been developing since 2019, while leaving the boundaries of that category to be worked out by the courts.</p><p>The Act&#8217;s intellectual foundations lie in the UK Law Commission&#8217;s 2023 final report on digital assets, which recommended statutory confirmation that digital assets could attract proprietary rights without fitting into either traditional category.<sup>6</sup> The Law Commission&#8217;s draft bill followed in July 2024. Parliament enacted it with minimal amendment. The Law Commission&#8217;s ongoing project on digital assets and electronic trade documents in private international law, with a consultation paper published on 5 June 2025, extends this work into cross-border questions of applicable law and jurisdiction.<sup>7</sup></p><p>The Act does not create an all-purpose law of digital assets. Its move is narrower and more useful. It confirms that an asset is not excluded from personal property rights merely because it is neither a thing in possession nor a thing in action. That statutory negative removes the threshold objection. The content of the rights, and the availability of proprietary remedies, remain questions for ordinary legal and equitable doctrine. Trust structures over crypto-assets rest on firmer ground. Security interests can in principle be structured over digital tokens, although the form and effectiveness of that security will still depend on the asset, the control arrangements and the applicable collateral regime. Interim injunctions freezing specific on-chain assets are available on conventional proprietary principles. The pre-existing case law (AA v Persons Unknown, Fetch.AI v Persons Unknown and others) had already extended these remedies, but the statutory foundation removes the doctrinal uncertainty that defendants were beginning to exploit in contested hearings.</p><p>The UK Jurisdiction Taskforce Legal Statement on cryptoassets and smart contracts, published in November 2019, was the catalyst for this legislative programme.<sup>8</sup> Its conclusion, that cryptoassets were capable of being owned and that smart contracts were capable of giving rise to binding legal obligations, was influential precisely because it was produced by senior practitioners and academics rather than by government. The Law Commission work and the 2025 Act represent the legislative endorsement of those conclusions.</p><p>Smart contract enforceability under English law now rests on the interaction between the 2025 Act (confirming proprietary status), the existing law of contract (offer, acceptance, consideration, certainty of terms) and equitable principles (constructive trust, unjust enrichment, knowing receipt). English law has not created a new body of &#8220;smart contract law.&#8221; It has confirmed that existing principles apply to this new form of transaction.</p><p><em><strong>Governance Exploits vs Code Exploits</strong></em></p><p>An analytical distinction is emerging in the case law and enforcement practice between exploits that target smart contract code and exploits that target governance infrastructure surrounding that code. The distinction carries legal significance because the two categories engage different duties and different liability frameworks.</p><p>On 21 February 2025, the Bybit exchange lost approximately USD 1.4 billion in digital assets.<sup>9</sup> The attack did not exploit any smart contract vulnerability. The attackers, subsequently attributed to the Lazarus Group (North Korea&#8217;s state-sponsored hacking operation), compromised the development machine of a Safe{Wallet} front-end developer. They altered the user interface that Bybit&#8217;s signatories used to approve transactions, causing the display to show a legitimate transaction while the underlying payload transferred assets to attacker-controlled addresses.<sup>9</sup> This was an attack on human trust in a user interface, not on the mathematical guarantees of smart contract code.</p><p>In April 2026, two further large-scale exploits demonstrated the same pattern. On 1 April, the Drift Protocol lost approximately $285 million through a governance mechanism exploit.<sup>10</sup> On 18 April, Kelp DAO lost approximately $292 million through a cross-chain verification and control-layer failure.<sup>11</sup> Neither attack required breaking cryptographic assumptions or exploiting coding errors in the core smart contracts. Both targeted the governance and administrative layers that sit above the autonomous code.</p><p>Public blockchain-incident datasets converge on the same direction of travel, even if their classifications differ. TRM reported USD 2.87 billion stolen across nearly 150 hacks and exploits in 2025. SlowMist-linked reporting put the figure at roughly 200 incidents and more than USD 2.9 billion.<sup>12</sup> The exact count matters less than the pattern: the largest losses are increasingly associated with compromised keys, wallets, interfaces and control planes, not only with defective smart contract code.</p><p>The legal significance is direct. A pure code exploit, where a trader uses a protocol exactly as its code permits in the manner Eisenberg did at Mango Markets, may not engage traditional fraud or theft doctrines if the protocol&#8217;s rules do not prohibit the conduct. A governance exploit is different. Where attackers compromise administrative keys, corrupt oracle feeds through infrastructure attacks or manipulate front-end interfaces, the conduct engages fiduciary duties owed by key holders, tortious liability for negligent security practices and potentially criminal liability for unauthorised computer access. Protocol developers who hold administrative keys may owe duties to depositors, depending on the control retained, the representations made and the structure through which user assets are held. Multisig signatories who fail to implement adequate operational security may face claims in negligence.<sup>12</sup> The emerging analytical framework treats the smart contract itself as neutral infrastructure and locates legal liability in the human decisions surrounding its deployment and governance.</p><p><em><strong>Strategic Outlook</strong></em></p><p>The &#8220;code is law&#8221; thesis occupies a difficult position in 2026. As a defence for individuals who exploit protocols according to their rules, it has had its most significant judicial outing in Eisenberg, though the acquittal rested on venue and sufficiency rather than a broad endorsement of the principle. As a shield against sanctions, it succeeded in Van Loon: immutable contracts cannot be treated as blockable property under IEEPA. But as a comprehensive theory of how decentralised systems interact with legal order, it is failing. Courts are not creating a new body of autonomous digital law. They are absorbing smart contracts into existing categories: property (the 2025 Act), unincorporated associations (Ooki DAO), fraud (Eisenberg, albeit unsuccessfully) and sanctions (Tornado Cash).</p><p>The United Kingdom is building statutory infrastructure systematically. The Property (Digital Assets etc) Act 2025 addresses the proprietary question.<sup>5</sup> The Law Commission&#8217;s private international law project, with its June 2025 consultation paper, addresses the cross-border question.<sup>7</sup> The Law Commission has already published its DAO scoping paper. That paper did not recommend a DAO-specific legal entity, but it identified areas where further work may be needed if Government wants to clarify DAO status and regulatory reach. The approach is incremental, doctrinally conservative and designed to slot digital assets into existing legal architecture rather than construct parallel systems.</p><p>The United States remains a jurisdictional patchwork. The Eisenberg acquittal turned on venue, a question specific to the Southern District of New York.<sup>1</sup> The Fifth Circuit&#8217;s Tornado Cash holding binds courts within that circuit and will be persuasive, but not controlling, elsewhere.<sup>2</sup> The CFTC&#8217;s theory in Ooki DAO that DAOs are unincorporated associations has not been tested in contested litigation.<sup>4</sup> No federal legislation specifically addresses smart contract liability. Venue selection and circuit-specific precedent may determine outcomes more than any unified theory of smart contract law.</p><p>For practitioners advising participants in decentralised finance, whether protocol developers, governance token holders, institutional depositors or claimants pursuing stolen funds, the current landscape requires jurisdiction-specific analysis. The question is no longer whether smart contracts create legal obligations (they do, on conventional contractual principles where the elements are satisfied) but rather where liability attaches when autonomous systems produce outcomes their participants did not intend. The answer, increasingly, is that liability attaches not to the code but to the humans who designed it, deployed it, governed it and profited from it.</p><p><em><strong>Notes</strong></em></p><p>1. United States v Eisenberg, No. 23-cr-10 (SDNY), opinion of Judge Arun Subramanian, 23 May 2025; commodities counts (counts one and two) vacated for want of venue; judgment of acquittal on wire-fraud count (count three) for insufficient evidence of venue and failure to prove falsity or material misrepresentation; jury had convicted on commodities fraud, commodities manipulation and wire fraud in April 2024; appeal pending, Second Circuit No. 25-1782.</p><p>2. Van Loon v Department of the Treasury, No. 23-50669, United States Court of Appeals for the Fifth Circuit, 26 November 2024; Roman Storm, SDNY: convicted August 2025 of conspiracy to operate an unlicensed money-transmitting business; jury deadlocked on money-laundering and sanctions-conspiracy counts. Prosecutors sought an October 2026 retrial on the deadlocked counts; Storm&#8217;s post-trial Rule 29 motion remained part of the procedural posture in 2026.</p><p>3. Office of Foreign Assets Control, delisting of Tornado Cash smart contract addresses, 21 March 2025.</p><p>4. CFTC v Ooki DAO, No. 3:22-cv-05416, Northern District of California, default judgment June 2023, civil monetary penalty of $643,542 and permanent trading and registration ban.</p><p>5. Property (Digital Assets etc) Act 2025, c. 29, Royal Assent 2 December 2025.</p><p>6. UK Law Commission, &#8216;Digital Assets: Final Report&#8217; (Law Com No. 412, 2023).</p><p>7. UK Law Commission, &#8216;Digital assets and electronic trade documents in private international law&#8217; consultation paper, 5 June 2025.</p><p>8. UK Jurisdiction Taskforce, &#8216;Legal Statement on cryptoassets and smart contracts&#8217;, November 2019.</p><p>9. Bybit exchange exploit, 21 February 2025, approximately USD 1.4-1.5 billion depending on valuation date, stolen via compromised Safe{Wallet} developer machine; attributed to Lazarus Group (DPRK).</p><p>10. Drift Protocol governance exploit, approximately $285 million, 1 April 2026.</p><p>11. Kelp DAO governance exploit, approximately $292 million, 18 April 2026.</p><p>12. TRM Labs, 2026 Crypto Crime Report, reporting USD 2.87 billion stolen across nearly 150 hacks and exploits in 2025. SlowMist, 2025 Blockchain Security and AML Annual Report, reporting 200 security incidents and approximately USD 2.935 billion in losses. Travers Smith, &#8216;DeFi exploits, on-chain interventions, and the private key: recent developments in crypto asset recovery&#8217;, 30 April 2026.</p>]]></content:encoded></item><item><title><![CDATA[The TAKE IT DOWN Act Becomes a Compliance Statute]]></title><description><![CDATA[On 19 May 2026 the federal regime against non-consensual intimate imagery in the United States stopped being a piece of legislation and started being a compliance statute.]]></description><link>https://www.codeontrial.ai/p/the-take-it-down-act-becomes-a-compliance</link><guid isPermaLink="false">https://www.codeontrial.ai/p/the-take-it-down-act-becomes-a-compliance</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Sun, 24 May 2026 05:25:55 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!HudH!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd812207e-3028-4353-b471-c9029c84caf0_1600x900.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!HudH!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd812207e-3028-4353-b471-c9029c84caf0_1600x900.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!HudH!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd812207e-3028-4353-b471-c9029c84caf0_1600x900.png 424w, https://substackcdn.com/image/fetch/$s_!HudH!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd812207e-3028-4353-b471-c9029c84caf0_1600x900.png 848w, https://substackcdn.com/image/fetch/$s_!HudH!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd812207e-3028-4353-b471-c9029c84caf0_1600x900.png 1272w, https://substackcdn.com/image/fetch/$s_!HudH!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd812207e-3028-4353-b471-c9029c84caf0_1600x900.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!HudH!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd812207e-3028-4353-b471-c9029c84caf0_1600x900.png" width="1456" height="819" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/d812207e-3028-4353-b471-c9029c84caf0_1600x900.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:819,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:103080,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/198839715?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd812207e-3028-4353-b471-c9029c84caf0_1600x900.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!HudH!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd812207e-3028-4353-b471-c9029c84caf0_1600x900.png 424w, https://substackcdn.com/image/fetch/$s_!HudH!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd812207e-3028-4353-b471-c9029c84caf0_1600x900.png 848w, https://substackcdn.com/image/fetch/$s_!HudH!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd812207e-3028-4353-b471-c9029c84caf0_1600x900.png 1272w, https://substackcdn.com/image/fetch/$s_!HudH!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd812207e-3028-4353-b471-c9029c84caf0_1600x900.png 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>On 19 May 2026 the federal regime against non-consensual intimate imagery in the United States stopped being a piece of legislation and started being a compliance statute. The Federal Trade Commission published guidance and opened the enforcement window, after Chairman Ferguson had sent compliance letters to fifteen named platforms on 11 May.<sup>1</sup> A second round of warning letters followed on 20 May, addressed to twelve operators of generative &#8216;nudify&#8217; tools.<sup>2</sup> The criminal limb of the TAKE IT DOWN Act has been in force since the President signed Public Law 119-12 on 19 May 2025. The new development is that the civil and platform-side regime now bites.</p><p><em>The Statutory Architecture in Two Parts</em></p><p>Public Law 119-12 splits cleanly. The criminal limb amends 47 U.S.C. section 223 to make the knowing publication of a non-consensual intimate visual depiction a federal offence punishable by up to two years&#8217; imprisonment for adult publication offences and up to three years where the depicted individual is a minor.<sup>3</sup> The platform limb sits at a new section, 47 U.S.C. section 223a, which creates the notice-and-removal duty and the procedural skeleton around it.<sup>4</sup> Both limbs use the same definitional spine. &#8216;Intimate visual depiction&#8217; is borrowed from 15 U.S.C. section 6851, the civil cause of action created by the 2022 reauthorisation of the Violence Against Women Act. The TAKE IT DOWN Act then adds the separate concept of a &#8216;digital forgery&#8217;, covering intimate depictions created or altered using software, machine learning, artificial intelligence or other computer-generated or technological means.<sup>5</sup></p><p>That structure is important. The Act does not police platform conduct through the criminal limb. It polices it through the civil notice-and-removal duty enforced by the FTC. A platform is not a perpetrator. A platform is a recipient of valid removal requests with a 48-hour clock attached.</p><p>The FTC&#8217;s enforcement guidance reads the platform duty as applying to both authentic intimate depictions and AI-generated digital forgeries. CRS has identified a possible interpretive point in the statutory drafting, because section 223a&#8217;s notice-and-removal language is framed around &#8216;intimate visual depictions&#8217; rather than separately repeating &#8216;digital forgeries&#8217;. That issue has not yet been litigated.</p><p><em>What the FTC Actually Did on 19 May</em></p><p>On the day enforcement opened, the Commission issued a press release confirming that Section 3 of the Act was now enforceable and published its own compliance guidance for businesses.<sup>6</sup> Chairman Andrew Ferguson framed the regime in personal terms: &#8216;We stand ready to monitor compliance, investigate violations and enforce the Take It Down Act.&#8217; He added that &#8216;in the age of AI, anyone can be targeted, and that becomes even more appalling if children are involved.&#8217;<sup>7</sup></p><p>Before the enforcement date, Chairman Ferguson had sent compliance letters to fifteen major US consumer-facing platforms: Alphabet, Amazon, Apple, Automattic, Bumble, Discord, Match Group, Meta, Microsoft, Pinterest, Reddit, SmugMug, Snapchat, TikTok and X.<sup>8</sup> A second round of letters on 20 May went to twelve operators of generative tools that produce non-consensual intimate imagery from clothed photographs. The Commission did not name those twelve in its release.<sup>9</sup></p><p>The civil penalty mechanism follows the FTC Act. A violation of the platform duty is treated as an unfair or deceptive act or practice. The current per-violation civil penalty maximum, after the FTC&#8217;s annual inflation adjustment under 15 U.S.C. section 45(m), is USD 53,088. The Commission has confirmed that figure in its own enforcement guidance.</p><p><em>What the Removal Duty Looks Like in Practice</em></p><p>Section 223a sets out what makes a request valid and what the platform must then do. A valid request is in writing. It carries a physical or electronic signature of the depicted individual. It identifies the depiction and supplies sufficient information for the platform to locate it. It states a good-faith belief that the depiction is not consensual. It provides the platform with sufficient information to contact the requester.</p><p>From receipt of a valid request, the platform has 48 hours to remove the depiction. Within the same 48-hour window, the platform must also make reasonable efforts to identify and remove known identical copies. The statute does not impose a general duty to monitor proactively. It imposes a duty to act on what it has been told and what it can readily find.</p><p>The statute also confers a substantial safe harbour. A platform that disables or removes material in good faith based on facts from which non-consensual publication is apparent is not liable, regardless of whether the depiction is ultimately found to be unlawful.<sup>10</sup> The architecture rewards conservative compliance. Faced with a request that looks credible, the rational economic choice is removal first and adjudication later.</p><p><em>Why Section 230 Is Not the Shield Here</em></p><p>TAKE IT DOWN does not amend 47 U.S.C. section 230. It does not need to. The platform exposure created by section 223a does not rely on treating the platform as the publisher or speaker of user content. It treats the platform as the operator of a regulated takedown system. Whether a platform owes a private-law duty to an aggrieved third party still runs through Section 230 in the usual way. Whether a platform has discharged its federal notice-and-removal duty under section 223a is now a separate question. It is enforceable by the federal regulator and not insulated by Section 230.</p><p>That is the practical engineering of the regime. Section 230 still does what it has always done in this area, which is to bar a great many private-law claims arising out of platform hosting decisions. The TAKE IT DOWN Act runs alongside it on a different track, with a different enforcer, a different standard and a 48-hour clock.</p><p><em>The State Overlay</em></p><p>The federal regime is a floor. As at early 2026, state-law trackers put the number of US states addressing sexually explicit deepfakes at roughly 45 to 46, depending on classification. All 50 states and the District of Columbia had some form of non-consensual intimate imagery protection in place.<sup>11</sup> Several of the state regimes reach further than TAKE IT DOWN and several attach sharper remedies.</p><p>Texas is illustrative. The first iteration of section 21.165 of the Texas Penal Code reached only deepfake videos. 2025 legislation, enacted through SB 441, closed that loophole and extended the prohibition to sexually explicit deepfake media, including still images as well as video.<sup>12</sup></p><p>California is the other obvious comparator. California&#8217;s civil route began with AB 602, which created Civil Code section 1708.86, and has since been expanded, most recently by AB 621, effective 1 January 2026. SB 926, in force from 1 January 2025, criminalises the intentional creation and distribution of AI-generated sexually explicit deepfakes where the distributor knows or should know the content will cause serious emotional distress. SB 981 imposes a parallel platform mechanism, requiring social media platforms to provide a reporting route, temporarily block reported content while it is assessed and remove it from public view if it qualifies as sexually explicit digital identity theft.<sup>13</sup></p><p>The federal-state interaction will matter for compliance design. A platform that builds a TIDA-compliant intake will satisfy the federal duty but may not, on its own, satisfy the additional state duties on response time, private rights of action or scope. The forward planning question for general counsel is no longer whether to build a takedown system. It is whether to build one system that satisfies the strictest applicable state regime or to layer the federal floor with jurisdiction-specific overlays.</p><p><em>The First Amendment Question</em></p><p>Whether the Act survives first contact with the First Amendment is the most consequential open question hanging over the regime. The Congressional Research Service noted, before the Act was even passed, that because it regulates speech on the basis of its content, it could attract strict scrutiny if challenged. That formulation is conditional for a reason. A court may instead conclude that some or all of the regulated material sits inside an unprotected category, or sufficiently close to one, that a less demanding standard applies.</p><p>The opposition is well-marshalled. The Electronic Frontier Foundation argues that the notice-and-removal regime is overbroad. Its definitions reach beyond the clearest category of non-consensual intimate imagery. The 48-hour clock incentivises platforms to remove first and assess later. The absence of a counter-notice mechanism or meaningful anti-abuse process will, on the EFF&#8217;s reading, produce over-removal in practice.<sup>14</sup> The Center for Democracy and Technology, the Authors Guild, Freedom of the Press Foundation and others have aligned with the EFF on the censorship and due-process concerns.</p><p>The counter-argument has force. Non-consensual intimate imagery has been treated for two decades by US criminal and civil law as material in which the depicted individual retains a recognisable privacy and dignitary interest sufficient to defeat a general free-speech objection. The notice-and-removal regime also tracks the architecture of existing takedown systems. But the safe harbour reduces the platform&#8217;s legal risk from good-faith removal, which is exactly why critics say the statute will favour over-removal.</p><p>The realistic prediction is not that strict scrutiny will or will not apply. It is that the first facial challenge is a matter of when, not whether. The standard a court applies will be the heart of the case.</p><p><em>What to Watch in the Next Ninety Days</em></p><p>Four developments will shape the regime through the second half of 2026.</p><p>First, the FTC&#8217;s first enforcement action. The Commission has chosen warning letters in the first instance rather than an immediate sweep. The platform that becomes the test case for a 48-hour-clock missed deadline will set the early posture of the regime.</p><p>Second, the first facial challenge. The civil liberties coalition has been organised on this point since before the Act was passed. A likely doctrinal challenge would be brought by a platform with standing, on overbreadth and prior-restraint grounds. It would put the strict-scrutiny question to a federal court squarely.</p><p>Third, state attorneys general. The state-law regimes are now layered over a federal floor. State AGs will continue to bring criminal and civil actions against perpetrators and, in California, to test SB 981&#8217;s platform reporting duties. The resulting body of decisional law will give platforms more concrete operational guidance than the FTC&#8217;s compliance blog.</p><p>Fourth, the smaller-platform problem. The fifteen named platforms can build dedicated trust-and-safety operations. The longer tail of forums, image-sharing services, messaging apps and adult-content platforms cannot. The TAKE IT DOWN Act applies to them on the same terms. The realistic compliance burden will fall disproportionately on the operators least equipped to bear it.</p><p>TAKE IT DOWN does not amend Section 230. It creates a parallel FTC-enforced notice-and-removal duty at 47 U.S.C. section 223a, backed by civil penalties and reinforced by a widening state-law deepfake overlay. The duty has moved upstream from litigation defence to compliance operations. The 48-hour clock is now a feature of every covered platform&#8217;s intake. The question is whether, when the first First Amendment challenge arrives, that 48-hour clock survives in its current form.</p><p></p><p><em>Notes</em></p><p>1 Federal Trade Commission, &#8216;FTC Chairman Ferguson Advises Companies to Comply with the Take It Down Act&#8217;, press release, 11 May 2026; Federal Trade Commission, &#8216;FTC Begins Enforcing the TAKE IT DOWN Act&#8217;, press release, 19 May 2026; Federal Trade Commission, &#8216;Take It Down Act enforcement starts now: What to know about the FTC and TIDA&#8217;, business guidance blog, 19 May 2026.</p><p>2 Federal Trade Commission, &#8216;FTC Sends Warning Letters to Companies About Compliance with the TAKE IT DOWN Act&#8217;, press release, 20 May 2026.</p><p>3 TAKE IT DOWN Act, Public Law 119-12 (signed 19 May 2025), section 2, amending 47 U.S.C. section 223.</p><p>4 TAKE IT DOWN Act, section 3, adding 47 U.S.C. section 223a &#8216;Notice and removal of nonconsensual intimate visual depictions&#8217;.</p><p>5 15 U.S.C. section 6851 (Violence Against Women Act Reauthorization Act of 2022, definition of &#8216;intimate visual depiction&#8217;), as incorporated by reference in 47 U.S.C. section 223a. &#8216;Digital forgery&#8217; is separately defined in the TAKE IT DOWN Act and codified in 47 U.S.C. section 223(h).</p><p>6 Federal Trade Commission, &#8216;FTC Begins Enforcing the TAKE IT DOWN Act&#8217;, press release, 19 May 2026.</p><p>7 Federal Trade Commission, &#8216;FTC Chairman Ferguson Advises Companies to Comply with the Take It Down Act&#8217;, press release, 11 May 2026; Federal Trade Commission, &#8216;FTC Begins Enforcing the TAKE IT DOWN Act&#8217;, press release, 19 May 2026.</p><p>8 Federal Trade Commission, &#8216;FTC Chairman Ferguson Advises Companies to Comply with the Take It Down Act&#8217;, press release, 11 May 2026; addressees listed in alphabetical order by corporate name.</p><p>9 Federal Trade Commission, press release of 20 May 2026. The Commission referred to the addressees only as &#8216;twelve operators of online services that offer artificial-intelligence-powered nudification tools&#8217;.</p><p>10 47 U.S.C. section 223a (safe harbour for good-faith disabling or removal).</p><p>11 StackCyber, &#8216;Deepfake Legislation Tracker: Federal and State Laws&#8217;, updated spring 2026; supplementary review of state legislative trackers as at March 2026.</p><p>12 Texas Penal Code section 21.165, as amended by SB 441, 89th Texas Legislature, signed 20 June 2025 and effective 1 September 2025.</p><p>13 California Civil Code section 1708.86 (AB 602, 2019), as expanded by AB 621 (effective 1 January 2026); California Penal Code section 647(j) as amended by SB 926 (2024, effective 1 January 2025); California Business and Professions Code as amended by SB 981 (2024).</p><p>14 Electronic Frontier Foundation, &#8216;The TAKE IT DOWN Act: A Flawed Attempt to Protect Victims That Will Lead to Censorship&#8217;, 5 February 2025; Center for Democracy and Technology and others, joint letter to the United States Senate, February 2025.</p>]]></content:encoded></item><item><title><![CDATA[When the Case Is Already in the Textbook]]></title><description><![CDATA[A new evaluation from Copenhagen and Ume&#229; shows where machines can replicate the editorial work of human headnote writers and where they cannot]]></description><link>https://www.codeontrial.ai/p/when-the-case-is-already-in-the-textbook</link><guid isPermaLink="false">https://www.codeontrial.ai/p/when-the-case-is-already-in-the-textbook</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Sat, 23 May 2026 05:00:53 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!8UKi!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F286a8ca3-22da-4046-aa08-37c6831cc53e_1080x1080.jpeg" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!8UKi!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F286a8ca3-22da-4046-aa08-37c6831cc53e_1080x1080.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!8UKi!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F286a8ca3-22da-4046-aa08-37c6831cc53e_1080x1080.jpeg 424w, https://substackcdn.com/image/fetch/$s_!8UKi!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F286a8ca3-22da-4046-aa08-37c6831cc53e_1080x1080.jpeg 848w, https://substackcdn.com/image/fetch/$s_!8UKi!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F286a8ca3-22da-4046-aa08-37c6831cc53e_1080x1080.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!8UKi!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F286a8ca3-22da-4046-aa08-37c6831cc53e_1080x1080.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!8UKi!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F286a8ca3-22da-4046-aa08-37c6831cc53e_1080x1080.jpeg" width="1080" height="1080" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/286a8ca3-22da-4046-aa08-37c6831cc53e_1080x1080.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1080,&quot;width&quot;:1080,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:299978,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/198855172?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F286a8ca3-22da-4046-aa08-37c6831cc53e_1080x1080.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!8UKi!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F286a8ca3-22da-4046-aa08-37c6831cc53e_1080x1080.jpeg 424w, https://substackcdn.com/image/fetch/$s_!8UKi!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F286a8ca3-22da-4046-aa08-37c6831cc53e_1080x1080.jpeg 848w, https://substackcdn.com/image/fetch/$s_!8UKi!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F286a8ca3-22da-4046-aa08-37c6831cc53e_1080x1080.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!8UKi!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F286a8ca3-22da-4046-aa08-37c6831cc53e_1080x1080.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>A paper to be presented at ICAIL 2026 in Singapore (Xu et al., University of Copenhagen and Ume&#229;, posted to arXiv on 19 May 2026) sets out the first systematic evaluation of large language models on a task that the legal information industry has spent more than a century industrialising: generating the propositional statements that summarise what a case stands for. In American legal practice these are called headnotes. In doctrinal scholarship they are called legal propositions. They are the working unit of legal reasoning, the building blocks of textbooks and the index entries that allow lawyers to find authority on a point.</p><p>The study tested three open-source LLMs (GPT-OSS 120B, OLMo-3-7B-Instruct and the legal-specialised Saul-7B-Instruct) on ten decisions of the Court of Justice of the European Union. Two legally trained annotators (a final-year law student and a research assistant with a PhD in law) scored the hundred propositions generated by the two top-performing models (GPT-OSS and OLMo-3) against a five-dimension rubric the authors call LP-Eval.</p><p>The rubric does three things in sequence. It first checks that each proposition contains three required components: Stance (a normative position), Object (the legal rule itself, not a factual summary of the case) and Specification (the conditions or scope under which the rule operates). It then scores quality on a 1-3 scale across five dimensions (Source Independence, Fact Independence, Conciseness, Generality and Fidelity). Finally it asks for an overall quality score on the same 1-3 scale. Decomposing the assessment this way improves reliability and gives the rubric a second life later in the paper as a prompt template for LLM judges.</p><p><em><strong>The headline numbers</strong></em></p><p>Ninety-five of the hundred propositions were rated formally valid. The five that failed all failed for the same reason: the model summarised the facts of the case but did not articulate the legal rule (what the rubric calls the Object component). Mean overall quality was 2.5 out of 3, with fact independence at 2.96 and fidelity at 2.95.</p><p>On the surface this is a positive result for legal tech. Off-the-shelf models can generate competent doctrinal summaries of European jurisprudence with only an expert-crafted prompt, at least on the scored outputs from GPT-OSS and OLMo-3.</p><p><em><strong>The recency gap</strong></em></p><p>The recency gap is what sits beneath the headline numbers: the measured difference in LLM proposition quality between well-established CJEU authorities and recent decisions. The authors deliberately divided their sample into well-established cases (highly cited, spread across time) and recent decisions. Propositions drawn from the well-established cases scored a mean of 2.66. Those drawn from recent cases scored 2.35. The gap is significant at p&lt;0.001 and is driven principally by source independence, the dimension that captures whether a proposition can stand alone as a statement of law rather than as a paraphrase of the underlying paragraph. On that dimension, established cases score 2.52 and recent cases 2.11.</p><p>The explanation flagged by the authors is a combination of case-prominence effects and possibly training-data memorisation; the paper expressly notes the limits of causal analysis on this point. The well-established cases have been discussed in textbooks, commentary, case notes and other model outputs that LLMs may have ingested. The model behaves as though it is reproducing settled doctrine rather than reasoning to it independently. On recent, less-commented cases the model produces close paraphrase and direct citation rather than a standalone legal proposition.</p><p><em><strong>What this means for the headnote industry</strong></em></p><p>For the legal information industry this is a more interesting finding than the headline 95 per cent validity figure suggests. Westlaw and LexisNexis built their commercial value on the editorial work of human lawyers writing headnotes. Modern LLM output can replicate that work on cases that are already heavily edited and commented on. It is materially worse on the cases of highest editorial value to the publisher, those decided last week.</p><p>Two consequences follow. Automated headnote pipelines will be most reliable on the material that already has good human headnotes and least reliable on material where the publisher would otherwise add the most value. Legacy citation networks then take on a self-reinforcing quality: the more a case is written about, the better the model performs on it; the better it performs, the more text it generates about that case; that text becomes training data for the next generation.</p><p>This is structural concentration. A handful of well-established authorities will be progressively easier for machines to summarise. Newly decided cases will sit in a persistent quality gap until enough commentary accretes to bring them into the training set of the next model.</p><p><em><strong>The judge that cannot judge novelty</strong></em></p><p>The second half of the paper tests whether LLMs can grade the work of other LLMs. With rubric guidance, GPT-OSS reaches Gwet&#8217;s AC1 of 0.91 to 0.93 with the two human annotators; inter-expert agreement is 0.94. Without the rubric, GPT-OSS agreement falls to 0.85.</p><p>The critical limitation is that LLM judges do not detect the gap between well-established and recent cases. Human annotators caught it at p&lt;0.001. The model judges did not register a statistically significant difference. An evaluation pipeline built on LLM-as-judge would risk certifying recent-case outputs as equivalent to established-case outputs, which is the precise opposite of the correction a quality-assurance system would need to make.</p><p>For any organisation considering an automated legal research stack, that finding is the one to internalise. The model that drafts the headnote and the model that audits the headnote share the same blind spot. Detecting where the system fails requires the very expertise the system is meant to replace.</p><p>The LP-Eval paper links to a public companion GitHub repository for the appendix, dataset and code. The arXiv paper itself is licensed under CC BY 4.0.</p>]]></content:encoded></item><item><title><![CDATA[Three Models of Deepfake Liability]]></title><description><![CDATA[Why the FTC's new removal duty operates outside Section 230 and why its one-sided safe harbour will reward over-removal.]]></description><link>https://www.codeontrial.ai/p/three-models-of-deepfake-liability</link><guid isPermaLink="false">https://www.codeontrial.ai/p/three-models-of-deepfake-liability</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Thu, 21 May 2026 05:29:15 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!POGA!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc5570d5e-4504-44d7-8d4e-c7a325f97ae8_1600x900.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!POGA!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc5570d5e-4504-44d7-8d4e-c7a325f97ae8_1600x900.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!POGA!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc5570d5e-4504-44d7-8d4e-c7a325f97ae8_1600x900.png 424w, https://substackcdn.com/image/fetch/$s_!POGA!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc5570d5e-4504-44d7-8d4e-c7a325f97ae8_1600x900.png 848w, https://substackcdn.com/image/fetch/$s_!POGA!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc5570d5e-4504-44d7-8d4e-c7a325f97ae8_1600x900.png 1272w, https://substackcdn.com/image/fetch/$s_!POGA!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc5570d5e-4504-44d7-8d4e-c7a325f97ae8_1600x900.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!POGA!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc5570d5e-4504-44d7-8d4e-c7a325f97ae8_1600x900.png" width="1456" height="819" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/c5570d5e-4504-44d7-8d4e-c7a325f97ae8_1600x900.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:819,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:104667,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/198529468?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc5570d5e-4504-44d7-8d4e-c7a325f97ae8_1600x900.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!POGA!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc5570d5e-4504-44d7-8d4e-c7a325f97ae8_1600x900.png 424w, https://substackcdn.com/image/fetch/$s_!POGA!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc5570d5e-4504-44d7-8d4e-c7a325f97ae8_1600x900.png 848w, https://substackcdn.com/image/fetch/$s_!POGA!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc5570d5e-4504-44d7-8d4e-c7a325f97ae8_1600x900.png 1272w, https://substackcdn.com/image/fetch/$s_!POGA!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc5570d5e-4504-44d7-8d4e-c7a325f97ae8_1600x900.png 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>The FTC began enforcing the TAKE IT DOWN Act on 19 May 2026, one year to the day after President Trump signed it.<sup>1</sup></p><p>The compliance posture that platforms now occupy is the product of three separate regulatory theories, each treating the same underlying harm. The three are not fully aligned.</p><p><em><strong>A takedown duty in parallel with Section 230</strong></em></p><p>The Act criminalises the publication of non-consensual intimate images, including computer-generated images depicting identifiable individuals, and requires covered platforms to remove such content within 48 hours of a valid notice.<sup>2</sup> The civil penalty is $53,088 per violation under FTC Act enforcement principles.<sup>3</sup></p><p>The Act does not amend Section 230 of the Communications Decency Act. It runs parallel to it. The Act includes a safe harbour for good-faith disabling or removal but offers no equivalent protection for under-removal. Section 230 does not provide a defence to an independent federal statutory notice-and-removal duty enforced by the FTC. The structural effect, if not the formal one, is that Section 230 is displaced for this category of content.</p><p>The architecture invites comparison with the DMCA notice-and-takedown framework from 1998. The DMCA created a conditional safe harbour: failure to comply risks losing that safe harbour and facing ordinary copyright liability. TIDA adds an affirmative FTC-enforced removal duty backed by civil penalties.</p><p><em><strong>Criminalising creation, the UK approach</strong></em></p><p>The UK&#8217;s response operates at the source rather than the platform layer. Section 138 of the Data (Use and Access) Act 2025 amended the Sexual Offences Act 2003 to create a criminal offence of intentionally creating a &#8220;purported sexual image&#8221; of an identifiable person without consent.<sup>4</sup> The offence took effect on 6 February 2026 and covers both AI-generated images and conventionally manipulated ones.</p><p>Platforms operate within a separate regime. The Online Safety Act 2023 treats non-consensual intimate images as a priority offence within the illegal-content duties. Failure to operate proportionate removal systems can attract Ofcom penalties of up to 10% of worldwide turnover and, in extreme cases, service-blocking orders.<sup>5</sup> The UK regulator has the larger stick. The US regulator has the lower threshold of intervention.</p><p><em><strong>Transparency at the model layer, the EU approach</strong></em></p><p>The EU does not yet treat non-consensual intimate deepfakes through a dedicated removal duty. From 2 August 2026, Article 50 of the AI Act addresses the upstream problem by requiring providers of generative systems to mark synthetic outputs in a machine-readable format. The Digital Services Act handles downstream notice-and-action for illegal content through hosting-service mechanisms, with additional risk-assessment obligations for VLOPs (Very Large Online Platforms) and VLOSEs (Very Large Online Search Engines).</p><p>The EU theory is that the harm is mitigated by detectability and procedural diligence. The US theory is that the harm requires a hard removal deadline. The UK theory is that the harm requires a criminal prohibition on the upstream act. The three are not contradictory but they impose different compliance designs on the same platform.</p><p><em><strong>Practitioner implication</strong></em></p><p>A platform with users in all three jurisdictions cannot run one workflow. The trigger for action differs (a US notice, a UK priority-offence designation, an EU complaint or risk-assessment finding), the actor differs (the FTC, Ofcom, the European Commission and national DSA coordinators) and the penalty calculus differs by orders of magnitude. The rational design is to operate to the lowest common denominator on response time and to the highest common denominator on transparency. That points toward 48-hour removal as the operational floor and machine-readable provenance as the technical ceiling once Article 50 applies.</p><p>The Section 230 question worth watching is whether TIDA&#8217;s structure becomes a model for other categories. If notice-and-removal with civil penalties survives constitutional challenge in this domain, the case for extending it to adjacent ones, including AI-generated defamation and impersonation, will be made.</p><p>Code on Trial will track that case as it develops.</p><p><em><strong>References</strong></em></p><p><sup>1</sup> Federal Trade Commission, &#8220;FTC Begins Enforcing the TAKE IT DOWN Act,&#8221; press release, 19 May 2026.</p><p><sup>2</sup> Tools to Address Known Exploitation by Immobilizing Technological Deepfakes on Websites and Networks Act (TAKE IT DOWN Act), Public Law 119-12 (2025), section 3 (notice-and-removal duty).</p><p><sup>3</sup> Civil penalty figure adjusted under the Federal Civil Penalties Inflation Adjustment Act; FTC business guidance, May 2026.</p><p><sup>4</sup> Data (Use and Access) Act 2025, section 138, amending the Sexual Offences Act 2003.</p><p><sup>5</sup> Online Safety Act 2023, illegal-content duties under Part 3 and priority offence schedules; Ofcom enforcement powers under Part 7.</p>]]></content:encoded></item><item><title><![CDATA[When the US Class Closes, the Litigation Map Stays Open]]></title><description><![CDATA[The Bartz v Anthropic fairness hearing on 14 May 2026 saw little resistance to the headline number.]]></description><link>https://www.codeontrial.ai/p/when-the-us-class-closes-the-litigation</link><guid isPermaLink="false">https://www.codeontrial.ai/p/when-the-us-class-closes-the-litigation</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Tue, 19 May 2026 05:01:43 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!PwmU!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F86b0cb07-fe38-4003-bafa-1ae7e5014f1c_1200x1200.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!PwmU!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F86b0cb07-fe38-4003-bafa-1ae7e5014f1c_1200x1200.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!PwmU!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F86b0cb07-fe38-4003-bafa-1ae7e5014f1c_1200x1200.png 424w, https://substackcdn.com/image/fetch/$s_!PwmU!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F86b0cb07-fe38-4003-bafa-1ae7e5014f1c_1200x1200.png 848w, https://substackcdn.com/image/fetch/$s_!PwmU!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F86b0cb07-fe38-4003-bafa-1ae7e5014f1c_1200x1200.png 1272w, https://substackcdn.com/image/fetch/$s_!PwmU!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F86b0cb07-fe38-4003-bafa-1ae7e5014f1c_1200x1200.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!PwmU!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F86b0cb07-fe38-4003-bafa-1ae7e5014f1c_1200x1200.png" width="1200" height="1200" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/86b0cb07-fe38-4003-bafa-1ae7e5014f1c_1200x1200.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1200,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:128980,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/198241278?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F86b0cb07-fe38-4003-bafa-1ae7e5014f1c_1200x1200.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!PwmU!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F86b0cb07-fe38-4003-bafa-1ae7e5014f1c_1200x1200.png 424w, https://substackcdn.com/image/fetch/$s_!PwmU!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F86b0cb07-fe38-4003-bafa-1ae7e5014f1c_1200x1200.png 848w, https://substackcdn.com/image/fetch/$s_!PwmU!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F86b0cb07-fe38-4003-bafa-1ae7e5014f1c_1200x1200.png 1272w, https://substackcdn.com/image/fetch/$s_!PwmU!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F86b0cb07-fe38-4003-bafa-1ae7e5014f1c_1200x1200.png 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p><em>The Bartz v Anthropic fairness hearing on 14 May 2026 saw little resistance to the headline number. But the class definition reaches the registered US works problem. It does not reach the global corpus problem.</em></p><p><em><strong>The Hearing</strong></em></p><p>On 14 May 2026 the Northern District of California held the final fairness hearing in Bartz et al v Anthropic PBC, Case No. 3:24-cv-05417, the USD 1.5 billion proposed class settlement covering eligible registered works Anthropic allegedly downloaded from pirate libraries. Judge Araceli Mart&#237;nez-Olgu&#237;n took the matter under submission. She inherited the docket from Judge William Alsup, who retired at the end of 2025, after the June 2025 summary judgment that held training on lawfully acquired books to be fair use while leaving the pirated central-library theory exposed for trial.<sup>1</sup></p><p>By the date of the hearing 447,576 of approximately 482,460 eligible works had been claimed, a rate of 92.77 percent. Class counsel from Lieff Cabraser characterised the opt-out and objection rates as minimal. The judge&#8217;s questioning concentrated on attorneys&#8217; fees and the settlement&#8217;s cost structure rather than the substantive deal terms.<sup>2</sup></p><p><em><strong>The Registration Trap</strong></em></p><p>The most consequential objection came from author George Tombs, whose works were excluded because they lacked a US copyright registration. The class definition restricts membership to works that satisfy the settlement&#8217;s eligibility criteria, including qualifying US registration. The predictable consequence is that many foreign-authored books, and many unregistered US works, fall outside the settlement entirely.</p><p>The exclusion is statutory. Section 411(a) requires registration as a precondition for bringing a US infringement action in respect of a United States work. Section 412 restricts statutory damages and attorneys&#8217; fees where registration was not timely made, and that remedy restriction applies to foreign and domestic works alike.<sup>3</sup> Neither provision extinguishes the underlying copyright, which subsists automatically in any work qualifying under Article 5(2) of the Berne Convention.<sup>4</sup> Foreign authors whose works lack qualifying US registration, and other unregistered rightsholders, retain whatever underlying copyright they have but sit outside the USD 1.5 billion settlement structure.</p><p><em><strong>The Comparative Position</strong></em></p><p>The German position has begun to be clarified by the OLG Hamburg judgment in Kneschke v LAION, 5 U 104/24, 10 December 2025.<sup>5</sup> The court held that section 44b UrhG, which implements Article 4 of Directive (EU) 2019/790, can permit text-and-data mining for AI-training datasets where no valid machine-readable opt-out has been declared. It also held that LAION, as a non-commercial research organisation, could rely separately on section 60d UrhG.<sup>6</sup> The judgment matters for foreign authors with respect to Anthropic because Anthropic is a commercial enterprise. Section 60d is unlikely to assist it, and section 44b is available only where rightsholders have failed to opt out in a machine-readable form. If the relevant copying occurred before machine-readable opt-out mechanisms were standardised or widely implemented, the German exposure will turn on how courts treat that timing problem.</p><p>In the United Kingdom, the Government&#8217;s March 2026 copyright and AI report confirmed that a broad text-and-data-mining exception with opt-out is no longer its preferred way forward.<sup>7</sup> The section 29A research exception remains narrow. Where the relevant copying occurs within the UK, unauthorised commercial training may be actionable as primary infringement under section 16 of the Copyright, Designs and Patents Act 1988, subject to proof of copying, territorial nexus and any applicable exception.<sup>8</sup> Getty Images v Stability AI is the principal English authority to date, but it left the training-stage question only partly answered because the primary copyright claim was narrowed by jurisdictional and evidential issues. UK collective management organisations and author groups are obvious potential claim-coordination vehicles, but the procedural route remains unsettled.</p><p>In France, the infringement baseline rests on article L122-4 of the Code de la propri&#233;t&#233; intellectuelle. The text-and-data-mining exceptions sit in articles L122-5 and L122-5-3, following implementation of the CDSM Directive by Ordonnance n&#176; 2021-1518.<sup>9</sup> The opt-out architecture is materially similar to Germany&#8217;s. France is an obvious forum for coordinated rights-holder action, but the procedural route remains to be seen.</p><p><em><strong>The Strategic Implication</strong></em></p><p>The unresolved question is whether the US per-work figure of approximately USD 3,000 sets a reference point for parallel European proceedings. There is no doctrinal reason it should. Damages in European jurisdictions are typically calculated by reference to a notional licence fee or to an account of profits, not to settlement values reached in unrelated US class actions. The reference may still operate informally. Anthropic&#8217;s commercial incentive will be to characterise the US settlement as substantial compensation already provided. The counter is that excluded European authors and unregistered rightsholders received nothing under that settlement and their underlying rights remain unimpaired.</p><p>If approved, Bartz will close the US registered-works class. It will not close the international copyright map. European proceedings may determine whether the global cost of the allegedly pirated training corpus remains a US-class-settlement number or becomes a materially larger cross-border exposure.</p><p><em><strong>Footnotes</strong></em></p><p><sup>1</sup> Bartz et al v Anthropic PBC, Case No. 3:24-cv-05417 (ND Cal); Order on Motion for Summary Judgment, 23 June 2025 (Alsup, J.).</p><p><sup>2</sup> Authors Alliance, &#8220;Bartz v. Anthropic Fairness Hearing: Observations and Takeaways&#8221;, 14 May 2026; Publishing Perspectives, &#8220;Anthropic Settlement Appears to Cruise Through Its Final Fairness Hearing&#8221;, 15 May 2026.</p><p><sup>3</sup> 17 U.S.C. sections 411(a), 412, 504(c).</p><p><sup>4</sup> Berne Convention for the Protection of Literary and Artistic Works, Article 5(2).</p><p><sup>5</sup> OLG Hamburg, Kneschke v LAION, Case No 5 U 104/24, 10 December 2025.</p><p><sup>6</sup> Directive (EU) 2019/790, Article 4; Urheberrechtsgesetz, sections 44b and 60d.</p><p><sup>7</sup> UK Government, Report and Impact Assessment on Copyright and Artificial Intelligence, March 2026.</p><p><sup>8</sup> Copyright, Designs and Patents Act 1988, sections 16 and 29A.</p><p><sup>9</sup> Code de la propri&#233;t&#233; intellectuelle, articles L122-4, L122-5 and L122-5-3; Ordonnance n&#176; 2021-1518.</p>]]></content:encoded></item><item><title><![CDATA[The Dual Standard: When AI Reliance Is Negligent and When Non-Use May Become Negligent]]></title><description><![CDATA[Professional Liability in the Age of Generative AI: From Sullivan & Cromwell to the SRA's Competence Consultation]]></description><link>https://www.codeontrial.ai/p/the-dual-standard-when-ai-reliance</link><guid isPermaLink="false">https://www.codeontrial.ai/p/the-dual-standard-when-ai-reliance</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Mon, 18 May 2026 05:01:02 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!r3Sm!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b75afd2-a3fc-44d8-a606-31a7d5094cd3_4060x2500.jpeg" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!r3Sm!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b75afd2-a3fc-44d8-a606-31a7d5094cd3_4060x2500.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!r3Sm!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b75afd2-a3fc-44d8-a606-31a7d5094cd3_4060x2500.jpeg 424w, https://substackcdn.com/image/fetch/$s_!r3Sm!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b75afd2-a3fc-44d8-a606-31a7d5094cd3_4060x2500.jpeg 848w, https://substackcdn.com/image/fetch/$s_!r3Sm!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b75afd2-a3fc-44d8-a606-31a7d5094cd3_4060x2500.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!r3Sm!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b75afd2-a3fc-44d8-a606-31a7d5094cd3_4060x2500.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!r3Sm!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b75afd2-a3fc-44d8-a606-31a7d5094cd3_4060x2500.jpeg" width="1456" height="897" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/3b75afd2-a3fc-44d8-a606-31a7d5094cd3_4060x2500.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:897,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:1163733,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/198118386?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b75afd2-a3fc-44d8-a606-31a7d5094cd3_4060x2500.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!r3Sm!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b75afd2-a3fc-44d8-a606-31a7d5094cd3_4060x2500.jpeg 424w, https://substackcdn.com/image/fetch/$s_!r3Sm!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b75afd2-a3fc-44d8-a606-31a7d5094cd3_4060x2500.jpeg 848w, https://substackcdn.com/image/fetch/$s_!r3Sm!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b75afd2-a3fc-44d8-a606-31a7d5094cd3_4060x2500.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!r3Sm!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b75afd2-a3fc-44d8-a606-31a7d5094cd3_4060x2500.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p><em><strong>Introduction</strong></em></p><p>On 18 April 2026, Sullivan &amp; Cromwell LLP wrote to Chief Judge Martin Glenn of the United States Bankruptcy Court for the Southern District of New York after Boies Schiller Flexner identified AI-generated errors in a Chapter 15 filing in the Prince Global Holdings proceedings. The reported errors included inaccurate citations, misstatements or misquotations of bankruptcy law and other drafting defects that should have been caught before filing.<sup>1</sup> The incident matters not because elite firms are uniquely vulnerable, but because it shows that AI risk has moved from the margins of legal practice into the core workflow of sophisticated firms.</p><p>The professional liability question is becoming unavoidable: when does reliance on AI constitute negligence, and when might failure to use AI become negligent? Those questions appear to point in opposite directions. In fact, they are converging. The emerging standard is not anti-AI and it is not pro-AI. It is a standard of competent, supervised and verified use.</p><p><em><strong>The Scale of the Problem</strong></em></p><p>The Sullivan &amp; Cromwell incident is not isolated. It is the most prominent recent example of a wider failure pattern. Damien Charlotin&#8217;s AI Hallucination Cases database tracks legal decisions in which generative AI has produced hallucinated content, or where AI use has been addressed by a court or tribunal in more than a passing reference. The database is important, but its methodology matters: it does not purport to capture every false citation in every filing. It captures the court-facing subset that has reached judicial or tribunal attention.<sup>2</sup></p><p>As at 15 May 2026, Charlotin&#8217;s tracker identified 1,450 matters worldwide, including 1,003 in the United States.<sup>3</sup> The precise number changes quickly. The direction of travel does not. What began as a few notorious filing failures has become a recurring operational risk in litigation practice.</p><p>The origin point in public consciousness remains Mata v Avianca. In June 2023, Judge P. Kevin Castel of the Southern District of New York imposed a $5,000 Rule 11 sanction after lawyers submitted an affirmation containing six non-existent judicial opinions generated by ChatGPT.<sup>4</sup> At the time, much of the profession treated Mata as a cautionary novelty. By 2026, that reading is no longer sustainable.</p><p>The sanctions environment has hardened. In Couvrette v Wisnovsky, the District of Oregon found that summary judgment briefing contained 15 non-existent cases and eight fabricated quotations. The financial outcome was not a single fine, but a combination of a $15,500 sanctions order and later fee and cost orders that together exceeded $110,000.<sup>5</sup> The distinction matters: the case should not be described simply as a &#8216;$110,000 fine&#8217;. Its real significance is broader. Courts are increasingly willing to make the cost of verification failure fall on the lawyers and parties responsible for putting false material before the court.</p><p>Court-level requirements are also multiplying. As at May 2026, Legal AI Governance identified 113 active orders and rules binding attorney filings.<sup>6</sup> The requirements vary. Some require disclosure of AI use. Some require certification that AI-assisted work has been checked. Others simply restate that Rule 11, candour and professional responsibility duties apply irrespective of the tool used. The common message is that &#8216;AI did it&#8217; is not a defence.</p><p><em><strong>The Regulatory Response</strong></em></p><p>The American Bar Association responded with Formal Opinion 512 on 29 July 2024, its first comprehensive ethics opinion on generative AI in legal practice. The opinion addresses competence, confidentiality, communication with clients, billing, candour to the tribunal and supervisory responsibilities under Model Rules 1.1, 1.4, 1.5, 1.6, 3.3, 5.1 and 5.3.<sup>7</sup> The central proposition is simple: a lawyer may use generative AI, but the lawyer remains responsible for the work product.</p><p>Formal Opinion 512 does not require lawyers to understand the model architecture of every system they use. It does require them to understand the capabilities and limitations of the tools sufficiently to use them competently. It also requires lawyers to protect confidential information, communicate with clients where AI use materially affects the representation, verify AI-generated legal analysis and citations before submission, supervise junior lawyers and non-lawyers using AI and avoid billing clients for time spent correcting avoidable AI errors.</p><p>California has moved towards a more prescriptive model. In 2026, the State Bar of California sought public comment on proposed amendments to six Rules of Professional Conduct addressing AI: competence, communication, confidentiality, candour to the tribunal, managerial responsibility and supervision of non-lawyer assistants.<sup>8</sup> If adopted, the proposals would make verification explicit. A proposed comment to the competence rule states that, when using technology including AI, a lawyer must independently review, verify and exercise professional judgment over the output. A proposed comment to the candour rule specifically requires verification of the accuracy and existence of cited authorities before submission to a tribunal.</p><p>That is not yet the same as an enacted rule. The California material should therefore be described as a proposed amendment, not as binding black-letter law. Its significance lies in the direction of regulatory movement: duties that were previously implicit in competence and candour rules are being translated into AI-specific drafting.</p><p>Colorado is useful for a different reason. It has both a disciplinary example and a rule-based development. In People v Crabill, a Colorado lawyer received a suspension of one year and one day, with 90 days actively served, after using ChatGPT-generated case law without reading or verifying it, failing to alert the court to sham cases and then falsely attributing the errors to a legal intern.<sup>9</sup> Separately, the Colorado Supreme Court approved Rule Change 2026(02), which adds commentary making clear that technology, including AI, does not diminish a lawyer&#8217;s professional responsibilities and that a lawyer who uses technology in delivering legal services may be subject to discipline for a resulting rule violation.<sup>10</sup></p><p>These regulatory materials share a common architecture. They treat AI as a tool, not as an independent professional actor. They impose verification duties. They reject any presumption that AI-generated legal output is reliable. They locate the obligation within existing competence, candour, confidentiality and supervision frameworks rather than creating a wholly new category of professional regulation.</p><p><em><strong>The English Position</strong></em></p><p>The leading English authority is Ayinde v London Borough of Haringey and Al-Haroun v Qatar National Bank, heard together and decided by the Divisional Court in June 2025.<sup>11</sup> The judgment is often described as an AI case, but that shorthand needs care. The court was dealing with the actual or suspected use of generative AI by lawyers to produce written legal arguments or witness statements that were not checked, resulting in false information being put before the court.</p><p>In the Ayinde matter, the underlying problem was the inclusion of five fake cases in judicial review materials. The provenance of the false authorities was contested; the barrister denied using AI. Ritchie J nevertheless made wasted costs orders of &#163;2,000 each against Ms Forey and Haringey Law Centre and required referral to the Bar Standards Board and the Solicitors Regulation Authority.<sup>12</sup> The Divisional Court later held that the threshold for initiating contempt proceedings was met in relation to Ms Forey, but decided not to initiate contempt proceedings or refer the case to the Law Officers.<sup>13</sup></p><p>The practical guidance from the judgment is more important than the disputed factual mechanics. The court stated that freely available generative AI tools such as ChatGPT are not capable of conducting reliable legal research. They may cite sources that do not exist, quote passages that do not appear in genuine sources and produce confident assertions that are simply untrue. Lawyers who use AI for legal research, or rely on others who have done so, have a professional duty to check the output against authoritative sources before using it in advice or before a court.</p><p>The Solicitors Regulation Authority has not adopted an ABA-style AI ethics opinion. Its approach remains principles-based. On 22 April 2026, however, the SRA opened its consultation, &#8216;Strengthening our continuing competence approach&#8217;, running until 15 July 2026.<sup>14</sup> The consultation proposes stronger requirements for solicitors to record how they identify and address learning and development needs and to participate in annual ethics discussions. It is not an AI-specific rulebook, but it sits alongside the SRA&#8217;s broader AI risk materials and compliance guidance on AI and technology.<sup>15</sup></p><p>The Law Society&#8217;s guidance on generative AI likewise has persuasive rather than binding force. Its September 2025 update expressly added references to Ayinde and Al-Haroun, and it now stresses verification against reliable and authoritative sources, supervision and risk management.<sup>16</sup> The English position is therefore less prescriptive than the emerging American model, but not less serious. The courts have made clear that false authorities in court documents may trigger wasted costs orders, regulatory referral and, in an appropriate case, contempt proceedings.</p><p><em><strong>The Emerging Dual Standard</strong></em></p><p>Professional liability in the age of generative AI is developing along two vectors at the same time. The first is negligent reliance. A lawyer who submits AI-generated legal material without proper verification may breach duties of competence, candour, supervision and care to the client. That proposition is now strongly supported by the cases, ethics opinions and regulatory materials.</p><p>The second vector is less developed but potentially more disruptive: the possibility that failure to use AI may, in some circumstances, fall below the standard of care. This proposition should not be overstated. No court has yet held a lawyer negligent simply for failing to use AI. Nor is there a general duty to use every available technology. The better formulation is narrower: where a particular AI tool has become a reasonably standard, reliable and proportionate means of improving the relevant task, a professional who fails to consider or deploy it may struggle to justify the omission if the client suffers avoidable loss.</p><p>That argument is consistent with orthodox professional negligence principles. The standard is not perfection. It is the standard of a reasonably competent professional in the relevant circumstances. In English law, Bolam and Bolitho provide useful analogies, particularly the idea that a practice accepted by a responsible body of professionals must also withstand logical scrutiny. In the solicitor context, the same essential question appears in a different form: what would a reasonably competent practitioner have done, judged by the standards of the profession at the time?</p><p>Anurag Bana&#8217;s SSRN paper on artificial intelligence, legal professional negligence and AI-covered indemnity risk articulates the point clearly: as AI becomes prevalent in legal practice, liability may arise both from using AI incorrectly and from failing to use it where its use would have been reasonably expected.<sup>17</sup> Recent professional negligence commentary takes a similar position: AI is not generally mandatory, but the real question is whether a reasonably competent professional would have used it in the client&#8217;s interests in the particular circumstances.<sup>18</sup></p><p>The point is easiest to see in verification. A lawyer who asks a public chatbot to produce case law and files the result without checking it is plainly exposed. But consider the inverse case: a firm has access to a reliable citation-checking, document-comparison or disclosure-analysis tool; the tool is widely used for the task; the cost of using it is proportionate; and the error that later causes loss is precisely the kind of error the tool would probably have caught. In that scenario, failure to use AI is not negligence because AI exists. It is negligence, if at all, because the professional failed to use an available and reasonably standard quality-control method.</p><p>The practical tension is acute. A lawyer who uses AI without verification may be negligent. A lawyer who refuses to use AI where it has become an ordinary part of competent practice may also become exposed. The safe ground is not abstention. It is disciplined adoption: use AI where it adds value, understand its limits, verify its output, supervise its use and preserve human professional judgment as the final decision-making layer.</p><p><em><strong>Indemnity and Insurance Implications</strong></em></p><p>Professional indemnity insurers now face the dual standard as both a coverage and pricing problem. The negligent reliance vector produces familiar claims in new clothing: failed applications, adverse costs orders, lost procedural opportunities, confidentiality breaches and client losses caused by unverified work product. The failure-to-use vector is more novel: claims alleging that a lawyer failed to use an available technology that would have prevented the loss.</p><p>Coverage questions remain unresolved. United States commentary on lawyers&#8217; professional liability policies notes that many policies do not expressly exclude AI use, but coverage may depend on whether the conduct falls within the policy definition of professional services and whether exclusions for intentional acts, fraud, fee disputes or technology failures are engaged.<sup>19</sup> Some professional liability insurers have also begun experimenting with AI-specific exclusions or endorsements.<sup>20</sup></p><p>The hardest cases will sit between negligence and recklessness. An isolated failure to check an AI-assisted draft may be characterised as negligence. Repeated submission of fabricated authorities after warning signs have been raised, or a deliberate refusal to verify citations known to have come from a generative tool, may be characterised very differently. Coverage will turn on policy wording, governing law and the factual findings in the underlying claim.</p><p>The NAIC Model Bulletin on the use of AI systems by insurers, adopted in December 2023, is relevant but only indirectly.<sup>21</sup> It addresses insurer use of AI in insurance operations, including governance, risk management and compliance with insurance law. It does not solve the professional indemnity question of how insurers should underwrite or respond to claims arising from insured lawyers&#8217; use, misuse or non-use of AI.</p><p>For underwriters, the risk is now two-sided. Traditionally, technology risk in professional indemnity was framed as a risk of using defective systems. AI introduces the additional possibility of technology abstention risk: the allegation that competent practice required the use of a tool and the insured failed to use it. That does not mean underwriters should require blanket AI adoption. It means proposal forms, renewal questions and risk engineering will need to move beyond asking whether a firm uses AI and start asking how AI is governed, supervised, verified and documented.</p><p><em><strong>Strategic Outlook</strong></em></p><p>The standard of care is moving. Expected work product quality will rise as reliable AI-assisted methods become normalised. Firms that ban AI entirely face one liability vector. Firms that permit uncontrolled AI use face another. Both approaches are inferior to governed use.</p><p>The first strategic imperative is verification. Every firm should have a clear rule that AI-generated legal authorities, quotations, factual propositions and analytical conclusions must be checked against authoritative sources before submission to a court, delivery to a client or use in advice. The rule should apply not only to partners and associates, but also to trainees, paralegals, knowledge teams, external consultants and anyone else contributing to legal work product.</p><p>The second imperative is supervision. AI use should be treated like any other delegated work stream. A partner is not excused because the first draft came from an AI tool rather than a junior lawyer. A recent US sanction against a managing partner for a junior lawyer&#8217;s AI-related citation error illustrates the same point in operational terms.<sup>22</sup> The supervision question is the same: who checked it, against what source, using what process and where is the evidence that the check occurred?</p><p>The third imperative is training. The profession has spent too much time debating whether AI should be used and too little time teaching practitioners how to use it responsibly. Competence training needs to cover prompt design, tool selection, confidentiality, privilege, hallucination risk, citation verification, document comparison, disclosure workflows, billing treatment and escalation protocols. The SRA&#8217;s continuing competence consultation points in this direction even if it does not prescribe AI-specific rules.</p><p>The fourth imperative is insurance engagement. Firms should not wait for a claim before asking how their professional indemnity policy treats AI-assisted legal work. They should understand whether AI use is within the scope of covered professional services, whether any AI-specific exclusions apply, whether sanctions and fee-shifting orders are covered and what notification obligations arise when an AI-related error is discovered.</p><p>The dual standard is likely to sharpen over the next three to five years. Courts will continue to sanction negligent reliance. At some point, a failure-to-use allegation is likely to be tested in a professional negligence claim, most probably where a client can show that a readily available verification, disclosure or drafting tool would have caught the error that caused the loss. The claim may or may not succeed. Its arrival should surprise no one.</p><p>The profession cannot resolve this tension by choosing one vector over the other. It can resolve it only by occupying the disciplined middle ground: deploying AI tools competently, verifying their output rigorously, supervising their use systematically and maintaining human judgment as the irreducible core of legal practice. Firms that master that discipline will reduce cost, improve quality and protect themselves. Firms that do not will be exposed in both directions: for unverified AI reliance and, in time, potentially for failing to adopt standard AI-assisted checks.</p><p><em><strong>Notes</strong></em></p><p>1. Reuters, &#8217;Sullivan &amp; Cromwell law firm apologizes for AI hallucinations in court filing&#8217;, 21 April 2026; Legal Cheek, &#8217;Sullivan &amp; Cromwell apologises after AI hallucinations appear in court document&#8217;, 22 April 2026.</p><p>2. Damien Charlotin, AI Hallucination Cases Database, methodology note: database tracks legal decisions where the use of AI, whether established or merely alleged, is addressed in more than a passing reference by a court or tribunal; it does not track the wider universe of all false citations or uses of AI in court filings.</p><p>3. Damien Charlotin, AI Hallucination Cases Database, last updated 15 May 2026, identifying 1,450 cases worldwide and 1,003 USA matters. The database is live and should be rechecked immediately before publication.</p><p>4. Mata v Avianca, Inc., No. 22-cv-1461, 678 F Supp 3d 443 (SDNY 2023), sanctions order dated 22 June 2023.</p><p>5. Couvrette v Wisnovsky, No. 1:21-cv-00157-CL (D Or), Opinion and Order on sanctions, 12 December 2025, 2025 WL 4109655; Opinion and Order on fee/cost allocation, 23 March 2026, ECF No. 225; subsequent merits order, 30 March 2026, ECF No. 227.</p><p>6. Legal AI Governance, Federal and State Court Orders on AI tracker, identifying 113 active orders and rules binding attorney filings.</p><p>7. American Bar Association, Formal Opinion 512, Generative Artificial Intelligence Tools, 29 July 2024.</p><p>8. State Bar of California, Proposed Amendments to the Rules of Professional Conduct Related to Artificial Intelligence, public comment material, 2026; public comment deadline 4 May 2026.</p><p>9. People v Zachariah C. Crabill, 23PDJ067, Colorado Office of the Presiding Disciplinary Judge, 22 November 2023.</p><p>10. Colorado Supreme Court, Rule Change 2026(02), approved 8 January 2026.</p><p>11. Ayinde v London Borough of Haringey and Al-Haroun v Qatar National Bank QPSC [2025] EWHC 1383 (Admin), Divisional Court, 6 June 2025.</p><p>12. R (Ayinde) v London Borough of Haringey [2025] EWHC 1040 (Admin), Ritchie J; summarised in the Divisional Court judgment at [2025] EWHC 1383 (Admin).</p><p>13. Ayinde and Al-Haroun [2025] EWHC 1383 (Admin), discussion of contempt threshold and decision not to initiate contempt proceedings.</p><p>14. Solicitors Regulation Authority, Strengthening our continuing competence approach, consultation opened 22 April 2026 and closing 15 July 2026.</p><p>15. Solicitors Regulation Authority, Risk Outlook report on the use of artificial intelligence in the legal services sector, updated 23 April 2026; SRA compliance tips on AI and technology, updated 9 February 2026.</p><p>16. The Law Society of England and Wales, Generative AI: the essentials, 1 October 2025, Updates: September 2025.</p><p>17. Anurag Bana, &#8217;Artificial Intelligence, Legal Professional Negligence and the Rise of AI-Covered Indemnity Risk&#8217; (SSRN, abstract dated 2025; PDF posted 9 April 2026).</p><p>18. Cripps, &#8217;When is it negligent for a professional to use or ignore AI?&#8217;, 7 May 2026.</p><p>19. Reuters Legal News, &#8217;From innovation to exposure: artificial intelligence risks for legal professionals&#8217;, 14 July 2025.</p><p>20. Reuters Legal News / Westlaw Today, &#8217;Insuring against productive laziness: attorney use of artificial intelligence&#8217;, 22 December 2025.</p><p>21. National Association of Insurance Commissioners, Model Bulletin: Use of Artificial Intelligence Systems by Insurers, adopted 4 December 2023.</p><p>22. Reuters Legal News, &#8216;US judge says senior lawyers must pay for mistakes by subordinates using AI tools&#8217;, 1 May 2026.</p>]]></content:encoded></item><item><title><![CDATA[Connecticut Joins the State AI Map]]></title><description><![CDATA[Colorado Has Already Hit the Pause Button]]></description><link>https://www.codeontrial.ai/p/connecticut-joins-the-state-ai-map</link><guid isPermaLink="false">https://www.codeontrial.ai/p/connecticut-joins-the-state-ai-map</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Fri, 15 May 2026 05:02:03 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!Aikr!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F02915581-4de9-4e37-afb1-9c5b22dad154_1200x1200.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!Aikr!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F02915581-4de9-4e37-afb1-9c5b22dad154_1200x1200.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!Aikr!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F02915581-4de9-4e37-afb1-9c5b22dad154_1200x1200.png 424w, https://substackcdn.com/image/fetch/$s_!Aikr!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F02915581-4de9-4e37-afb1-9c5b22dad154_1200x1200.png 848w, https://substackcdn.com/image/fetch/$s_!Aikr!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F02915581-4de9-4e37-afb1-9c5b22dad154_1200x1200.png 1272w, https://substackcdn.com/image/fetch/$s_!Aikr!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F02915581-4de9-4e37-afb1-9c5b22dad154_1200x1200.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!Aikr!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F02915581-4de9-4e37-afb1-9c5b22dad154_1200x1200.png" width="1200" height="1200" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/02915581-4de9-4e37-afb1-9c5b22dad154_1200x1200.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1200,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:155192,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/197477973?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F02915581-4de9-4e37-afb1-9c5b22dad154_1200x1200.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!Aikr!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F02915581-4de9-4e37-afb1-9c5b22dad154_1200x1200.png 424w, https://substackcdn.com/image/fetch/$s_!Aikr!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F02915581-4de9-4e37-afb1-9c5b22dad154_1200x1200.png 848w, https://substackcdn.com/image/fetch/$s_!Aikr!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F02915581-4de9-4e37-afb1-9c5b22dad154_1200x1200.png 1272w, https://substackcdn.com/image/fetch/$s_!Aikr!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F02915581-4de9-4e37-afb1-9c5b22dad154_1200x1200.png 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Connecticut&#8217;s General Assembly passed SB 5 on 1 May 2026 by 131&#8211;17 in the House and 32&#8211;4 in the Senate. Governor Lamont&#8217;s office has signalled he will sign. If signed, the Connecticut Artificial Intelligence Responsibility and Transparency Act will become one of the most significant state AI packages to clear a US legislature in this cycle. It arrives in a landscape where the first such package, Colorado SB 24-205, has its enforcement temporarily suspended in federal court.</p><p><em><strong>The Connecticut framework</strong></em></p><p>SB 5 targets three domains. AI companions must disclose that the user is interacting with AI at the start of an interaction and at hourly intervals during continuous use.<sup>1</sup> Large generative AI providers above a one-million-user threshold face synthetic-content provenance obligations, with the C2PA technical standard identified as one relevant methodology.<sup>2</sup> Automated employment decision tools used as a substantial factor in hiring, promotion, discipline or discharge carry compliance obligations for developers and notice obligations for deployers.<sup>3</sup></p><p>The effective dates are staggered. Core provisions begin on 1 October 2026. AI companion obligations begin on 1 January 2027. Public summaries diverge on the precise commencement of the synthetic-content and employment deployer obligations. The enrolled bill text controls. Freshfields places the provenance obligation on 1 October 2026 and the employment deployer obligation on 1 October 2027.<sup>4</sup> Davis Wright Tremaine describes a broader watermarking obligation for synthetic digital content beginning 1 October 2027.<sup>5</sup> DLA Piper describes SB 5 as a set of linked but distinct AI bills rather than a single governance statute.<sup>6</sup> For in-scope providers, the legal effect may converge. The compliance date is what matters.</p><p><em><strong>The Colorado litigation, the DOJ intervention and the enforcement pause</strong></em></p><p>Colorado SB 24-205, the Colorado Artificial Intelligence Act, has a statutory effective date of 30 June 2026 after the delay enacted by SB 25B-004.<sup>7</sup> The litigation posture has now overtaken the statutory timetable.</p><p>xAI commenced federal proceedings on 9 April 2026 in <em>X.AI LLC v Weiser</em>, No. 1:26-cv-01515 (D. Colo.), pleading First Amendment, Commerce Clause, due process and equal protection challenges across six counts.<sup>8</sup> On 24 April 2026, the US Department of Justice lodged a statement of interest and intervened on Equal Protection grounds, focused on the bias-audit and algorithmic-discrimination architecture of the statute.<sup>9</sup> On 27 April 2026, the District of Colorado granted a joint motion temporarily suspending enforcement of the Colorado AI Act pending further legislative or rulemaking developments and the outcome of xAI&#8217;s preliminary-injunction motion.<sup>10</sup></p><p>That order alters the analytical frame for every state AI bill that follows the Colorado model. Connecticut is the immediate comparator. The dormant Commerce Clause and First Amendment lines that xAI is running against Colorado could be adapted to Connecticut&#8217;s provenance regime and AI companion disclosure regime, although the statutory architecture is different. The DOJ Equal Protection theory, however, is narrower and depends on the bias-audit architecture of the Colorado statute. Connecticut does not import that architecture in the same form.</p><p><em><strong>The practitioner clock and Article 50</strong></em></p><p>The EU AI Act, Regulation 2024/1689, Article 50(2), requires providers of AI systems generating synthetic audio, image, video or text content to ensure outputs are marked in a machine-readable format and detectable as artificially generated or manipulated. Article 50(4) imposes disclosure obligations on deployers producing content constituting a &#8220;deep fake&#8221;. The Article 50 obligations apply from 2 August 2026 under Article 113.<sup>11</sup></p><p>Connecticut&#8217;s provenance obligation, on the Freshfields reading, takes effect on 1 October 2026, two months after Article 50. Providers building C2PA-compatible provenance for EU compliance should be well placed to meet the technical component of Connecticut&#8217;s provenance regime if their user base brings them within scope, subject to the final enrolled text and implementing guidance. The thresholds are asymmetric. The EU obligations bind providers and deployers regardless of user size, with limited research and security exceptions. The Connecticut threshold is one million monthly active users. A smaller generative AI provider that escapes Connecticut will still be caught by Article 50.</p><p>The technical question of how to mark synthetic content is convergent across the EU, Connecticut and the C2PA-aligned platform stack. The legal exposure question is fragmented. The Colorado enforcement pause makes clear that state AI regulation is unstable before the second state&#8217;s first effective date arrives. Practitioners should treat state-law compliance calendars as operationally provisional, while treating provenance architecture, particularly C2PA-style implementation, as a likely direction of travel.</p><p>_____</p><p><sup>1</sup> Connecticut SB 5, AI companion notice provisions; see DLA Piper, <em>Unpacking SB5: Connecticut&#8217;s new AI law</em>, May 2026.</p><p><sup>2</sup> Connecticut SB 5, generative AI provenance provisions; see Freshfields, <em>Connecticut Poised to Enact One of the Nation&#8217;s Most Comprehensive AI Laws</em>; Transparency Coalition AI, TCAI Bill Guide: SB 5.</p><p><sup>3</sup> Connecticut SB 5, AEDT provisions; see Freshfields; Shipman &amp; Goodwin, <em>Connecticut&#8217;s AI Responsibility and Transparency Act: Key Impacts on the Workplace</em>.</p><p><sup>4</sup> Freshfields, <em>Connecticut Poised to Enact One of the Nation&#8217;s Most Comprehensive AI Laws</em>.</p><p><sup>5</sup> Davis Wright Tremaine, <em>Connecticut Adopts AI Transparency, Safety, and Consumer Protection Law</em>.</p><p><sup>6</sup> DLA Piper, <em>Unpacking SB5: Connecticut&#8217;s new AI law</em>, May 2026: SB 5 described as &#8220;not a broad governance statute&#8221; but &#8220;a set of separate AI bills linked together&#8221;.</p><p><sup>7</sup> Colorado SB 24-205, Colorado Artificial Intelligence Act, effective date delay enacted by SB 25B-004, shifting commencement from 1 February 2026 to 30 June 2026.</p><p><sup>8</sup> X.AI LLC v Weiser, No. 1:26-cv-01515 (D. Colo. filed Apr. 9, 2026).</p><p><sup>9</sup> DOJ press release, <em>Justice Department Intervenes in xAI Lawsuit Challenging Colorado&#8217;s Algorithmic Discrimination Statute</em>, 24 April 2026.</p><p><sup>10</sup> Order, <em>X.AI LLC v Weiser</em>, No. 1:26-cv-01515 (D. Colo. Apr. 27, 2026), per Norton Rose Fulbright, xAI Sues, DOJ Intervenes, Enforcement of Colorado AI Act Suspended.</p><p><sup>11</sup> EU Regulation 2024/1689 (the AI Act), Articles 50 and 113.</p>]]></content:encoded></item><item><title><![CDATA[The Jurisprudential Evolution of Agentic Commerce]]></title><description><![CDATA[A Comparative Analysis of Legal Frameworks and Litigation Trends in the US, UK, and EU]]></description><link>https://www.codeontrial.ai/p/the-jurisprudential-evolution-of</link><guid isPermaLink="false">https://www.codeontrial.ai/p/the-jurisprudential-evolution-of</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Mon, 11 May 2026 06:02:48 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!SvNv!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0a3413d1-c4b7-4e0a-9102-9c3b21eefe0f_3556x2000.jpeg" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!SvNv!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0a3413d1-c4b7-4e0a-9102-9c3b21eefe0f_3556x2000.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!SvNv!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0a3413d1-c4b7-4e0a-9102-9c3b21eefe0f_3556x2000.jpeg 424w, https://substackcdn.com/image/fetch/$s_!SvNv!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0a3413d1-c4b7-4e0a-9102-9c3b21eefe0f_3556x2000.jpeg 848w, https://substackcdn.com/image/fetch/$s_!SvNv!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0a3413d1-c4b7-4e0a-9102-9c3b21eefe0f_3556x2000.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!SvNv!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0a3413d1-c4b7-4e0a-9102-9c3b21eefe0f_3556x2000.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!SvNv!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0a3413d1-c4b7-4e0a-9102-9c3b21eefe0f_3556x2000.jpeg" width="1456" height="819" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/0a3413d1-c4b7-4e0a-9102-9c3b21eefe0f_3556x2000.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:819,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:451140,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/197104766?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0a3413d1-c4b7-4e0a-9102-9c3b21eefe0f_3556x2000.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!SvNv!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0a3413d1-c4b7-4e0a-9102-9c3b21eefe0f_3556x2000.jpeg 424w, https://substackcdn.com/image/fetch/$s_!SvNv!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0a3413d1-c4b7-4e0a-9102-9c3b21eefe0f_3556x2000.jpeg 848w, https://substackcdn.com/image/fetch/$s_!SvNv!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0a3413d1-c4b7-4e0a-9102-9c3b21eefe0f_3556x2000.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!SvNv!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0a3413d1-c4b7-4e0a-9102-9c3b21eefe0f_3556x2000.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>In November 2025, Amazon sued Perplexity AI in the Northern District of California over Comet, Perplexity&#8217;s AI browser agent. The case raises a deceptively simple question: can a user authorise an AI agent to access a password-protected marketplace on their behalf where the platform owner has expressly prohibited automated access? On 9 March 2026, Judge Maxine Chesney answered that question at the preliminary injunction stage in Amazon&#8217;s favour, holding that Amazon had shown strong evidence of unauthorised access. The Ninth Circuit&#8217;s subsequent administrative stay means the point is not yet settled. But the litigation has already framed the central legal issue for agentic commerce: the difference between user authority and platform authorisation.<sup>5,6,17</sup></p><p>The Amazon v. Perplexity litigation matters because it is beginning to articulate the boundary between user authority and platform control. Globally, the commercial architecture is shifting from traditional e-commerce to agentic commerce. This transition is marked by the delegation of consumer decisions to autonomous AI systems.<sup>1,2</sup> This shift moves beyond passive assistance to a state where AI agents sense their environment, plan multi-step workflows and execute transactions with little to no human supervision.<sup>1,2</sup> McKinsey research suggests that by 2030, agentic commerce could orchestrate between three trillion and five trillion dollars in global revenue, with the US retail sector alone accounting for up to one trillion.<sup>3,4</sup> However, this rapid integration of autonomous agents into commerce has outpaced existing legal structures, creating a &#8220;regulatory grey zone&#8221; across the United States, the United Kingdom and the European Union.<sup>3</sup> The Amazon litigation now provides one of the first major attempts to map the boundaries of that zone.</p><p><em><strong>The Conceptual Architecture of Agentic Commerce</strong></em></p><p>To understand the legal challenges posed by agentic commerce, one must first distinguish these systems from earlier forms of automation. While earlier systems followed predefined, rule-based processes, agentic AI uses Large Language Models (LLMs) and reasoning frameworks to pursue high-level objectives over time.<sup>2,7</sup> These systems possess four core capabilities: autonomy from continuous supervision; goal-orientation; multi-step reasoning across disparate data sources; and the ability to act across multiple services or platforms.<sup>2,7</sup></p><p>In a commercial context, agentic systems operate at three levels of increasing sophistication. At the first level, agents interact directly with merchant platforms, mimicking human browsing to find and purchase goods. This pattern is termed &#8220;agent-to-site&#8221; transactions.<sup>1</sup> At the second level, systems transact with other agents, negotiating terms without human intermediaries.<sup>1,8</sup> At the third level, intermediary systems coordinate complex interactions across a global network of platforms, creating what may be called &#8220;multi-agent ecosystems.&#8221;<sup>1</sup></p><p>This shift moves the consumer from &#8220;using tools&#8221; to &#8220;delegating outcomes.&#8221;<sup>2,9</sup> Legally, this creates a &#8220;third actor problem.&#8221; The traditional bilateral relationship between consumer and merchant is complicated by an autonomous intermediary that may lack legal personality but can bind its principal to contracts, often without the principal knowing the specific terms.<sup>3,10</sup></p><p><em><strong>US Litigation and the Precedent of Platform Authorisation</strong></em></p><p>In the United States, the legal position on agentic commerce is being shaped primarily through the Computer Fraud and Abuse Act of 1986 (CFAA), a statute originally drafted to combat hacking that is now being tested against autonomous shopping agents.<sup>11,12,13</sup></p><p><em>The Test Case: Amazon.com Services LLC v. Perplexity AI, Inc.</em></p><p>In November 2025, Amazon filed suit against Perplexity AI in the Northern District of California, alleging that the developer&#8217;s &#8220;Comet&#8221; browser agent was configured to access password-protected Amazon customer accounts to browse products and complete purchases.<sup>5,6,16</sup> According to Amazon&#8217;s complaint, the agent deliberately concealed its automated nature by spoofing its User-Agent string to appear as a standard Google Chrome session, thereby evading Amazon&#8217;s bot detection systems.<sup>5,14,15,16</sup> Amazon contended that it issued at least five warnings and deployed technical barriers, which Perplexity bypassed within 24 hours.<sup>5,16</sup></p><p>Judge Maxine Chesney&#8217;s preliminary injunction rests on several key legal findings. First, the court ruled that user permission is not legally equivalent to platform authorisation. While a user may consent to an AI agent using their credentials, the platform owner retains the right to refuse that agent access to its infrastructure.<sup>6,18</sup> Second, the court found that by bypassing technical blocks and disguising its identity, Perplexity likely violated the CFAA&#8217;s prohibition on accessing a protected computer &#8220;without authorization.&#8221;<sup>6,19,20</sup> Third, the injunction rested partly on evidence that uncontrolled AI agents interfere with Amazon&#8217;s advertising systems, which require accurate detection of automated traffic to maintain billing integrity for advertisers.<sup>14</sup></p><p>The Ninth Circuit Court of Appeals granted an emergency administrative stay of the injunction on March 16, 2026, allowing Perplexity to continue operations while the merits of the appeal are considered.<sup>24,25,26</sup> Perplexity&#8217;s defence argues that the CFAA does not prohibit accessing public websites and that the &#8220;access&#8221; in question is performed by the human consumer, not the company.<sup>25</sup></p><p><em>Evolution of the CFAA and Parallel Scraper Litigation</em></p><p>Amazon v. Perplexity represents the next step in a line of scraper cases. In hiQ Labs, Inc. v. LinkedIn Corp., the Ninth Circuit established that scraping publicly available data (where no login is required) does not constitute unauthorised access under the CFAA.<sup>12,20,27</sup> The Amazon case shifts the focus to &#8220;gated&#8221; environments. The court cited Facebook, Inc. v. Power Ventures, Inc., which established that once a platform owner explicitly withdraws permission via a cease-and-desist letter, any further access constitutes a CFAA violation even if account holders provide their credentials.<sup>6,11,20</sup> The distinction is not simply scraping versus non-scraping; it is public web access versus access to account-protected or technically restricted environments after permission has been withdrawn.</p><p>A further parallel is Ryanair v. Booking.com. In July 2024, a Delaware jury found that Booking.com violated the CFAA with an &#8220;intent to defraud&#8221; by screen scraping the airline&#8217;s website to resell tickets with unauthorised fees.<sup>28,29</sup> Ryanair&#8217;s win is consistent with a line of cases in which courts have been more receptive to platform-control arguments where access is technically restricted, commercial or contrary to express withdrawal of permission.<sup>28,29</sup></p><p><em>Privacy and Consumer Protection Claims in the US</em></p><p>Litigation in the United States is also extending into privacy and background-check statutes. In Ambriz v. Google LLC, plaintiffs allege that Google&#8217;s AI-powered Cloud Contact Center functions as a &#8220;third-party listener&#8221; that analyses call data without proper consent.<sup>11,12</sup> A separate class action filed in January 2026 targets Eightfold AI, alleging that its AI-powered hiring tools violate the Fair Credit Reporting Act (FCRA) and California&#8217;s Investigative Consumer Reporting Agencies Act (ICRAA).<sup>30</sup> The complaint argues that by assembling individualised reports from diverse internet sources to assess job suitability, the AI service becomes a &#8220;consumer reporting agency&#8221; subject to strict disclosure and accuracy requirements.<sup>30</sup></p><p>US courts have also begun sanctioning lawyers for submitting AI-generated filings that include fabricated case citations, as seen in Mata v. Avianca, Inc..<sup>31,32,33</sup> These rulings confirm that AI is a tool and that human professionals bear ultimate responsibility for the accuracy of information submitted under their name.<sup>31,33</sup></p><p><em><strong>The UK Approach: Sectoral Regulation and Business Responsibility</strong></em></p><p>The United Kingdom has avoided the EU&#8217;s path of horizontal statutory AI regulation, opting instead for a &#8220;pro-innovation,&#8221; sectoral approach.<sup>34,35,36,37</sup> Oversight is distributed among existing regulators: the Competition and Markets Authority (CMA), the Information Commissioner&#8217;s Office (ICO), and the Financial Conduct Authority (FCA).<sup>9,36,38</sup></p><p><em>CMA Guidance: Direct Accountability for AI Agents</em></p><p>On March 9, 2026, the CMA published detailed guidance on complying with consumer law when using AI agents.<sup>9</sup> The regulator&#8217;s core position is that businesses cannot outsource their legal responsibilities to autonomous code; they are as accountable for the actions of their AI agents as they are for those of their human employees.<sup>9,39</sup></p><p>The CMA&#8217;s guidance can be reduced to three practical compliance duties. First, businesses must embed consumer protection principles into agent design, ensuring that agents respect statutory rights, provide accurate pricing, and avoid misleading omissions.<sup>9,39,40</sup> Second, businesses need appropriate human oversight and monitoring to catch hallucinations, inaccurate outputs and other failures that could mislead consumers or cause financial loss.<sup>9,39,40</sup> Third, if an agent is found to be non-compliant or making errors, the business must act immediately to refine prompts or workflows.<sup>9,40</sup> Failure to correct an identified breach promptly will result in accountability.</p><p>Under the Digital Markets, Competition and Consumer Act 2024 (DMCC Act), the CMA has the power to impose administrative fines of up to 10 per cent of a company&#8217;s global turnover for consumer law breaches, including misleading sales practices delivered by AI systems.<sup>9,41</sup></p><p><em>English Common Law and AI Liability</em></p><p>The UK Jurisdiction Taskforce (UKJT) launched a consultation in January 2026 on a draft Legal Statement on liability for AI harms under English private law.<sup>42,43,44</sup> The statement holds that under English law, AI does not have legal personality and therefore cannot be held responsible for physical or economic harm.<sup>44,45,46</sup> Liability must instead be attributed to legal persons through existing principles of negligence.<sup>44,45,46</sup></p><p>The UKJT analysis examines vicarious liability, asking whether an employer may be vicariously liable for an employee&#8217;s negligent use of AI, though generally not for the AI system itself.<sup>45,46</sup> It also considers professional standard of care, asking whether a professional may be liable for breach of duty by failing to perform due diligence on an AI system before using it for client work, and conversely, whether failure to use AI where a reasonable professional would do so might also constitute a breach.<sup>45,46</sup> The analysis further addresses factual causation. The &#8220;black box&#8221; nature of AI, where the internal reasoning behind a specific output is opaque, may require courts to approach causation differently through evidential assumptions or expert testimony.<sup>46,47</sup> Because the UKJT statement remains a draft consultation document, it should be treated as influential guidance on likely common-law analysis, not as a binding statement of law.</p><p><em>Hallucinations in UK Courts and Tribunals</em></p><p>By early 2026, the UK legal system had recorded at least 31 reported instances of AI hallucinations in litigation, including fictitious case citations and misrepresented legal norms.<sup>48</sup> In Taiwo v. Homelets of Bath Ltd (2025), the High Court issued a warning after a litigant submitted a skeleton argument referencing cases that did not exist.<sup>49,50</sup> The managing partner in Choksi v. IPS Law LLP (2025) submitted a witness statement found to contain fabricated authorities, leading to costs orders and potential referrals to regulators.<sup>50,51</sup> In Hassan v. ABC International Bank, a tribunal found 46 inaccurate citations (9 fictitious and 37 misrepresentations) and concluded the conduct was reckless and unreasonable, justifying a costs order.<sup>50</sup></p><p>The judiciary has updated its AI Guidance for Judicial Office Holders twice in 2025 to address these risks, emphasising that confidentiality must be maintained and that AI use must protect the integrity of the administration of justice.<sup>48,52,53</sup></p><p><em><strong>The European Union: The Horizontal Statutory Model</strong></em></p><p>In Brussels, the EU has enacted the world&#8217;s first horizontal law regulating Artificial Intelligence: the EU AI Act.<sup>54,55,56,57</sup> While the Act does not specifically name &#8220;agentic AI,&#8221; its definition of AI systems focuses on machine-based systems that operate with varying levels of autonomy and adaptiveness. This definition clearly encompasses autonomous agents.<sup>58,59,60,61</sup></p><p><em>The AI Act and High-Risk Agentic Systems</em></p><p>Under the EU AI Act&#8217;s tiered, risk-based approach, some agentic systems used in commerce may be high-risk, but only where they fall within the Act&#8217;s product-safety route or one of the Annex III use cases, such as creditworthiness, employment, access to essential services or other decisions affecting fundamental rights.<sup>54,61,64</sup> Ordinary retail discovery or checkout agents should not be described as high-risk merely because they are autonomous. One unresolved question is whether &#8220;human control&#8221; must be exercised in real-time at the moment of an autonomous purchase, or whether setting parameters in advance constitutes sufficient oversight.<sup>3,54</sup></p><p><em>Liability and the Revised Product Liability Directive</em></p><p>The Commission officially withdrew the proposed AI Liability Directive in 2025. The revised Product Liability Directive (PLD) now does part of the practical work that the AI liability package was expected to perform: it brings software, including AI systems, within the concept of a product and updates disclosure and evidential rules for technically complex claims.<sup>63,67,68,69,70</sup> It should not, however, be described as a full replacement for the withdrawn AI Liability Directive.</p><p>Under the revised PLD, strict liability applies: manufacturers are liable for damages caused by product defects.<sup>69,70</sup> In cases of extreme technical complexity, courts may mandate disclosure of evidence and create a rebuttable presumption that the AI system was defective.<sup>67</sup> Importers from third countries are held to the same standards where their AI outputs are used within the Union.<sup>67</sup></p><p>Some commentators and payments-sector observers have suggested a future category of &#8220;supervised digital agents,&#8221; sitting between human users and autonomous machine actors.<sup>3</sup> That idea is not yet a settled EU legislative category and should be presented as a possible future governance model rather than current law. The concept would formalise delegation credentials and tamper-evident behavioural logs for autonomous action systems.<sup>3,67</sup></p><p><em>GDPR and CJEU Clarifications on Automated Decision-Making</em></p><p>Under the General Data Protection Regulation (GDPR), AI agents processing personal data remain subject to Article 22, which provides individuals the right not to be subject to a decision based &#8220;solely on automated processing&#8221; that produces legal consequences or substantially affects their interests.<sup>37,66,71,72</sup></p><p>Recent CJEU case law has sharpened these rights. In the Schufa Case, the Court ruled that an automated creditworthiness score constitutes an automated &#8220;decision&#8221; if it plays a decisive role in a lender&#8217;s choice, even if a human nominally makes the final determination.<sup>67,71</sup> In the D&amp;B Case, the Court held that meaningful information about the logic involved must be provided in an intelligible form, while trade-secret concerns may require procedural balancing rather than simple refusal.<sup>71,73</sup> Consumers also retain the right to challenge AI-driven outcomes and request human review whenever a decision may affect them.<sup>74</sup></p><p>These rulings indicate that as AI agents take on more commerce tasks (insurance risk assessment, dynamic pricing), they will face more demanding transparency and explainability requirements.<sup>58,61,73</sup></p><p><em><strong>Systemic Effects and Strategic Implications of Agentic Commerce</strong></em></p><p>Agentic commerce marks a turning point for the web, as it shifts from a human-readable medium to one that is machine-actionable.<sup>4,75,76</sup></p><p><em>The End of Permissionless Scraping and the Rise of AEO</em></p><p>The Amazon v. Perplexity ruling, if upheld on appeal, signals the beginning of the end for permissionless AI access to gated commercial platforms.<sup>75</sup> For years, parts of web scraping operated in a legal grey zone, but the court&#8217;s endorsement of platform control suggests that the practice of quietly extracting data and seeking forgiveness afterwards is drawing to a close.<sup>22,77</sup></p><p>For merchants, this requires a shift from Search Engine Optimization (SEO) to &#8220;Answer Engine Optimization&#8221; (AEO).<sup>3,78</sup> Brands must now make their product data, pricing, and return policies machine-readable so that AI agents can find, evaluate, and transact with them.<sup>3,18,76</sup> Cloudflare&#8217;s &#8220;Markdown for Agents&#8221; is an early technical response to this trend, allowing enabled sites to serve Markdown versions of HTML pages to AI agents through content negotiation.<sup>76</sup></p><p><em>The Race for Standardised Transactional Protocols</em></p><p>A competition is under way to define the communication standards for agentic commerce. Two primary models are emerging. Google&#8217;s Universal Commerce Protocol (UCP), launched in early 2026, establishes a common language between AI agents, merchant systems, and payment providers.<sup>18,79,80,81</sup> Google says UCP was co-developed with Shopify, Etsy, Wayfair, Target and Walmart and endorsed by more than 20 ecosystem participants, including Mastercard, Visa, Stripe, Adyen and The Home Depot.<sup>80,81</sup> It allows agents to identify themselves and transact through infrastructure that the retailer controls.<sup>18,81</sup></p><p>The second model is OpenAI and Stripe&#8217;s Agentic Commerce Protocol (ACP), which embeds the entire shopping journey within conversational interfaces like ChatGPT, with Instacart already offering &#8220;Instant Checkout&#8221; features via ACP.<sup>79,80</sup></p><p>Both protocols aim to reduce the friction that leads to abandoned carts while giving merchants a way to monetise bot traffic that might otherwise bypass traditional advertising surfaces.<sup>79,82,83,84</sup></p><p><em>Consumer Agency vs. Manipulative &#8220;Dark Patterns&#8221;</em></p><p>While agentic commerce offers genuine time savings and reduced decision fatigue for consumers, it also introduces new risks.<sup>2</sup> Consumer advocacy groups like Bureau Europ&#233;en des Unions de Consommateurs (European Consumer Organisation) have warned that AI agents could steer users toward outcomes that benefit the developers or the retailers paying the highest commissions, rather than the consumer&#8217;s actual interest.<sup>85,86,87</sup></p><p>The CMA and European Commission are particularly concerned about &#8220;dark patterns&#8221; (interface designs that mislead consumers into decisions they would not otherwise make, such as false countdown timers or manufactured scarcity messaging).<sup>39,88,89</sup> In the agentic era, these patterns could become invisible to the human user, occurring as &#8220;agent-to-agent&#8221; interactions where one bot deceives another.<sup>88</sup></p><p>Algorithmic collusion also merits attention. Competition authorities in the UK and EU have made algorithmic pricing a priority.<sup>90,91</sup> The concern is that if multiple competitors use the same pricing algorithm or share commercially sensitive data through a common third-party provider, it could produce coordinated price increases without any explicit human communication. This phenomenon is termed &#8220;agentic collusion.&#8221;<sup>9,90,91,92</sup> In February 2026, the CMA launched an investigation into hotel chains suspected of sharing information through a common data services provider.<sup>90</sup> Polish competition authorities confirmed multiple ongoing investigations into collusion via algorithmic tools in the banking and pharmaceutical sectors in late 2025.<sup>90</sup> In the United States, Agri Stats litigation illustrates the same hub-and-spoke concern in a data-services setting, even though it is not itself an AI-agent case. In January 2026, Agri Stats agreed to resolve a meat-workers wage-suppression class action, and in May 2026 the DOJ and several states announced a proposed settlement of their meat-pricing case.<sup>90,93</sup></p><p><em><strong>Conclusions and Strategic Implications</strong></em></p><p>The transition to agentic commerce exhibits a widening gap between what the technology can do and what the law has settled on.<sup>3</sup> The Amazon v. Perplexity litigation has, at least at the preliminary injunction stage, framed the central platform-access issue for agentic commerce: user-delegated authority is not necessarily the same thing as platform authorisation.<sup>6,18</sup> As agentic systems enter commercial deployment, the question before courts and regulators is shifting from &#8220;is it possible?&#8221; to &#8220;who is responsible when it fails?&#8221;<sup>3,95,96</sup></p><p>For stakeholders in the digital economy, four priorities warrant attention. First, AI developers should move toward &#8220;permissioned AI&#8221; architectures that secure both user credentials and explicit platform authorisation via official APIs. This &#8220;Dual Authorisation&#8221; model stands in contrast to the user-permission-only model that Perplexity attempted.<sup>20,75,81</sup></p><p>Second, organisations must implement regularly updated compliance records and detailed audit logs as required by the EU AI Act and recommended by the CMA.<sup>9,35,40,66,97</sup> This includes real-time monitoring of agent behaviour to detect hallucinations, bias and potential collusive patterns before they generate serious liability.<sup>9,39,97</sup> Such &#8220;Governance by Design&#8221; embeds accountability into the systems themselves rather than relying on post-facto enforcement.</p><p>Third, businesses should be transparent when using AI agents, particularly where a consumer&#8217;s knowledge that they are dealing with an AI (rather than a human) would affect their decision to proceed.<sup>9,39,40</sup> &#8220;Transparent Consumer Disclosure&#8221; is not merely a compliance obligation; it also respects the autonomy of individuals making delegated purchasing decisions through agentic systems.</p><p>Fourth, companies should review and update technology contracts to address agentic transactions, defining the scope of authority granted to AI and setting out mechanisms for dispute resolution and indemnification.<sup>1,98</sup> Standard disclaimers written for passive software may no longer be legally adequate for autonomous systems that execute high-value contracts.<sup>98</sup> This &#8220;Contractual Risk Allocation&#8221; approach forces organisations to grapple explicitly with the liability surface created when machines bind their principals to commercial obligations.</p><p>As the global market for agentic commerce grows toward five trillion dollars by 2030, the legal frameworks of the United States, United Kingdom and European Union will continue to be tested.<sup>3,4</sup> The cases decided over the next two to three years will determine whether agentic commerce develops on a permissioned, regulated basis or whether the law trails the technology by a decade, as it has before.</p><p></p><p></p><p><em><strong>References</strong></em></p><p><sup>1</sup> Digital commerce redefined: The growing impact of agentic commerce --- Linklaters / TechInsights. https://techinsights.linklaters.com/post/102lwgk/digital-commerce-redefined-the-growing-impact-of-agentic-commerce</p><p><sup>2</sup> Agentic AI and consumers --- GOV.UK. https://www.gov.uk/government/publications/agentic-ai-and-consumers/agentic-ai-and-consumers</p><p><sup>3</sup> Agentic Commerce: When AI Buys on Your Behalf --- European Business Magazine. https://europeanbusinessmagazine.com/business/agentic-commerce-when-ai-buys-on-your-behalf-who-pays-whos-liable/</p><p><sup>4</sup> The agentic commerce opportunity --- McKinsey. https://www.mckinsey.com/capabilities/quantumblack/our-insights/the-agentic-commerce-opportunity-how-ai-agents-are-ushering-in-a-new-era-for-consumers-and-merchants</p><p><sup>5</sup> Judge blocks Perplexity&#8217;s AI bot from shopping on Amazon --- GeekWire. https://www.geekwire.com/2026/judge-blocks-perplexitys-ai-bot-from-shopping-on-amazon-in-early-test-of-agentic-commerce/</p><p><sup>6</sup> Court Finds AI Agent May Violate Federal Law by Accessing Amazon Accounts Without Authorization --- Cooley. https://www.cooley.com/news/insight/2026/2026-03-17-court-finds-ai-agent-may-violate-state-federal-law-by-accessing-amazon-accounts-without-authorization</p><p><sup>7</sup> Agentic AI in Financial Services: Regulatory and Legal Considerations --- Hogan Lovells. https://www.hoganlovells.com/en/publications/agentic-ai-in-financial-services-regulatory-and-legal-considerations</p><p><sup>8</sup> Amazon vs. Perplexity: A Lawsuit Over AI Agents that Shop --- Marketing AI Institute. https://www.marketingaiinstitute.com/blog/amazon-sues-perplexity</p><p><sup>9</sup> Free agent? New UK guidance on agentic AI for businesses --- Ashurst. https://www.ashurst.com/en/insights/free-agent-not-quite-new-uk-guidance-on-agentic-ai-for-businesses/</p><p><sup>10</sup> Agentic commerce: can the law of contract adapt? --- Gilbert + Tobin. https://www.gtlaw.com.au/insights/agentic-commerce-can-the-law-of-contract-adapt</p><p><sup>11</sup> How 2 Tech Statutes Are Being Applied To Agentic AI --- Weil, Gotshal &amp; Manges LLP. https://www.weil.com/-/media/files/pdfs/2026/february/law360\--how-2-tech-statutes-are-being-applied-to-agentic-ai.pdf</p><p><sup>12</sup> AI Agents Are Raising New Questions of Fraud and Privacy Liability --- PYMNTS.com. https://www.pymnts.com/cpi-posts/ai-agents-are-raising-new-questions-of-fraud-and-privacy-liability/</p><p><sup>13</sup> Computer Fraud and Abuse Act (CFAA) --- NACDL. https://www.nacdl.org/Landing/ComputerFraudandAbuseAct</p><p><sup>14</sup> Amazon wins order blocking access by Perplexity&#8217;s AI shopping agent --- Reuters. https://www.reuters.com/legal/litigation/amazon-wins-order-blocking-access-perplexitys-ai-shopping-agent-2026-03-10/</p><p><sup>15</sup> Federal judge blocks Perplexity&#8217;s AI browser from making Amazon purchases --- CyberScoop. https://cyberscoop.com/amazon-perplexity-comet-browser-injunction/</p><p><sup>16</sup> Amazon vs. Perplexity AI: Court Blocks Comet Shopping Agent (2026) --- ALM Corp. https://almcorp.com/blog/amazon-vs-perplexity-ai-comet-shopping-agent-court-ruling/</p><p><sup>17</sup> Court Blocks Perplexity from Accessing Amazon in Agentic AI Lawsuit --- The Fashion Law. https://www.thefashionlaw.com/court-blocks-perplexity-from-accessing-amazon-systems-in-agentic-ai-lawsuit/</p><p><sup>18</sup> The Authorization Gap: What Amazon&#8217;s Perplexity Injunction Reveals --- Winning with Walmart. https://winningwithwalmart.com/the-authorization-gap-what-amazons-perplexity-injunction-reveals-about-the-commerce-layer-walmart-is-building-differently/</p><p><sup>19</sup> Amazon.com Services LLC v. Perplexity AI Inc., No. 3:25-cv-09514, Preliminary Injunction Order (N.D. Cal. Mar. 9, 2026).</p><p><sup>20</sup> hiQ Labs, Inc. v. LinkedIn Corp., 31 F.4th 1180 (9th Cir. 2022); Facebook, Inc. v. Power Ventures, Inc., 844 F.3d 1058 (9th Cir. 2016).</p><p><sup>21</sup> Computer Fraud and Abuse Act Update: Supreme Court decides Van Buren v. U.S. https://hh-law.com/blogs/blog-intellectual-property-litigation-protection-and-prosecution-dtsa-ai-artificial-intelligence-lawyers/cfaa-van-buren-v-united-states/</p><p><sup>22</sup> Van Buren v. United States, 593 U.S. 374 (2021).</p><p><sup>23</sup> Amazon.com Services LLC v. Perplexity AI Inc., Complaint, No. 3:25-cv-09514 (N.D. Cal. filed Nov. 2025).</p><p><sup>24</sup> Appeals court temporarily pauses order blocking Perplexity&#8217;s AI shopping agent on Amazon --- CyberScoop. https://cyberscoop.com/perplexity-comet-ai-shopping-agent-amazon-lawsuit-ninth-circuit-stay/</p><p><sup>25</sup> Court Temporarily Lifts Order Banning Perplexity From Amazon --- MediaPost. https://www.mediapost.com/publications/article/413555/court-temporarily-lifts-order-banning-perplexity-f.html</p><p><sup>26</sup> Court temporarily allows Perplexity AI shopping &#8216;agents&#8217; on Amazon --- Westlaw Today. https://today.westlaw.com/Document/Ia1b3afe0222811f1bf7dc89c10580585/View/FullText.html</p><p><sup>27</sup> The Legal Landscape of Web Scraping --- Quinn Emanuel. https://www.quinnemanuel.com/the-firm/publications/the-legal-landscape-of-web-scraping/</p><p><sup>28</sup> Ryanair Wins Legal Case Against Booking.com Over Screen Scraping --- Simple Flying. https://simpleflying.com/ryanair-wins-case-booking-screen-scraping-reselling-tickets/</p><p><sup>29</sup> Ryanair wins Booking.com &#8216;screen scraper&#8217; case --- Aviation Business News. https://www.aviationbusinessnews.com/industry-news/ryanair-wins-booking-com-screen-scraper-case/</p><p><sup>30</sup> Groundbreaking Lawsuit Tests Whether AI Hiring Tools Trigger FCRA Compliance --- Ogletree. https://ogletree.com/insights-resources/blog-posts/groundbreaking-lawsuit-tests-whether-ai-hiring-tools-trigger-fcra-compliance/</p><p><sup>31</sup> Lawyer Fined for Using AI-Generated Legal Documents with Fake Citations --- Spellbook. https://www.spellbook.legal/learn/lawyer-fined-using-ai-legal-fake-citations</p><p><sup>32</sup> Mata v. Avianca, Inc., No. 22-cv-1461 (S.D.N.Y. 2023), sanctions order.</p><p><sup>33</sup> Federal Court Rules Client&#8217;s AI-Generated Documents Not Privileged --- JD Supra. https://www.jdsupra.com/legalnews/federal-court-rules-client-s-ai-6386760/</p><p><sup>34</sup> The Future of Legal AI in the UK: Trends to Watch in 2025 --- Qanooni. https://qanooni.ai/blog/the-future-of-legal-ai-in-the-uk-trends-to-watch-in-2025/</p><p><sup>35</sup> AI regulation: a comparative overview of the UK, EU and US --- Stevens &amp; Bolton. https://www.stevens-bolton.com/insights/102kd49/ai-regulation-a-comparative-overview-of-the-uk-eu-and-us/</p><p><sup>36</sup> AI regulation in the UK: The role of the regulators --- Bird &amp; Bird. https://www.twobirds.com/en/insights/2026/uk/ai-regulation-in-the-uk-the-role-of-the-regulators</p><p><sup>37</sup> Agentic AI in the workplace --- Prettys Solicitors LLP. https://prettys.co.uk/articles/agentic-ai-in-the-workplace/</p><p><sup>38</sup> AI and the FCA: our approach. https://www.fca.org.uk/firms/innovation/ai-approach</p><p><sup>39</sup> Complying with consumer law when using AI agents --- GOV.UK. https://www.gov.uk/government/publications/complying-with-consumer-law-when-using-ai-agents/complying-with-consumer-law-when-using-ai-agents</p><p><sup>40</sup> Agentic AI and consumer law: the CMA&#8217;s guidance for businesses --- Lewis Silkin LLP. https://www.lewissilkin.com/insights/2026/03/13/agentic-ai-and-consumer-law-the-cmas-guidance-for-businesses-102mmud</p><p><sup>41</sup> CMA launches first DMCCA enforcement cases --- RPC Legal. https://www.rpclegal.com/snapshots/consumer/winter-2025/cma-launches-first-dmcca-enforcement-cases-and-finalises-price-transparency-guidance/</p><p><sup>42</sup> UK Jurisdiction Taskforce launches consultation on liability for AI harms --- Henderson Chambers. https://www.hendersonchambers.co.uk/2026/01/22/uk-jurisdiction-taskforce-launches-consultation-on-liability-for-ai-harms/</p><p><sup>43</sup> UK Jurisdiction Taskforce launches consultation on liability for AI harms --- Practical Law. https://uk.practicallaw.thomsonreuters.com/w-049-2237</p><p><sup>44</sup> UKJT publishes consultation on its Legal Statement on Liability for AI Harms --- Bird &amp; Bird. https://www.twobirds.com/en/insights/2026/uk/uk-jurisdiction-taskforce-publishes-consultation-on-its-legal-statement-on-liability-for-ai-harms</p><p><sup>45</sup> UKJT consultation: Liability for AI harms under English private law --- CMS. https://cms.law/en/gbr/legal-updates/ukjt-consultation-liability-for-ai-harms-under-english-private-law</p><p><sup>46</sup> UK Jurisdiction Taskforce consults on draft legal statement on liability for AI harms --- HSF Kramer. https://www.hsfkramer.com/notes/litigation/2026-01/uk-jurisdiction-taskforce-consults-on-draft-legal-statement-on-liability-for-ai-harms</p><p><sup>47</sup> What are the litigation trends in 2026? --- Taylor Wessing. https://www.taylorwessing.com/en/insights-and-events/insights/2026/03/what-are-the-litigation-trends-in-2026</p><p><sup>48</sup> Fake cases... Will hallucinations stop? --- Counsel Magazine. https://www.counselmagazine.co.uk/articles/fake-cases-will-hallucinations-stop-</p><p><sup>49</sup> Taiwo v. Homelets of Bath Ltd \[2025\] EWHC 3173 --- Leathes Prior. https://www.leathesprior.co.uk/news/taiwo-v-homelets-of-bath-ltd-ors-2025-ewhc-3173-kb-03-december-2025</p><p><sup>50</sup> AI Hallucination Cases Database --- Damien Charlotin. https://www.damiencharlotin.com/hallucinations/</p><p><sup>51</sup> The increasing legal liability of AI hallucinations --- VinciWorks. https://vinciworks.com/blog/the-increasing-legal-liability-of-ai-hallucinations-why-uk-law-firms-face-rising-regulatory-and-litigation-risk/</p><p><sup>52</sup> Artificial Intelligence (AI) --- Judicial Guidance (October 2025). https://www.judiciary.uk/guidance-and-resources/artificial-intelligence-ai-judicial-guidance-october-2025/</p><p><sup>53</sup> Key developments in AI disputes in 2025 --- Taylor Wessing. https://www.taylorwessing.com/en/insights-and-events/insights/2026/01/key-developments-in-ai-disputes-in-2025</p><p><sup>54</sup> EU AI Act: What It Means for Agentic Commerce --- Edgar, Dunn &amp; Company. https://www.edgardunn.com/articles/the-new-rules-for-ai-inside-the-eus-bold-legislation</p><p><sup>55</sup> EU AI Act 2026 Updates: Compliance Requirements and Business Risks --- Legal Nodes. https://www.legalnodes.com/article/eu-ai-act-2026-updates-compliance-requirements-and-business-risks</p><p><sup>56</sup> What The EU AI Framework And UK&#8217;s Approach Mean For Your Agreements --- Docusign. https://www.docusign.com/en-gb/blog/what-the-eu-ai-framework-and-uks-approach-mean-for-your-agreements</p><p><sup>57</sup> EU AI Act: first regulation on artificial intelligence --- European Parliament. https://www.europarl.europa.eu/topics/en/article/20230601STO93804/eu-ai-act-first-regulation-on-artificial-intelligence</p><p><sup>58</sup> How to use agentic AI in line with the EU AI Act --- CX Network. https://www.cxnetwork.com/artificial-intelligence/articles/how-to-use-agentic-ai-in-line-with-the-eu-ai-act</p><p><sup>59</sup> Agentic AI, Risk and Compliance Under the EU AI Act --- CMS.law (Sweden). https://cms.law/en/swe/legal-updates/agentic-ai-and-the-eu-ai-act2</p><p><sup>60</sup> High-risk AI in the European Union --- DLA Piper Intelligence. https://intelligence.dlapiper.com/artificial-intelligence/?t=06-high-risk-uses&amp;c=EU</p><p><sup>61</sup> Agentic AI, Risk and Compliance Under the EU AI Act --- CMS.law (Austria). https://cms.law/en/aut/legal-updates/agentic-ai-and-the-eu-ai-act2</p><p><sup>62</sup> Red Lines under the EU AI Act --- FPF. https://fpf.org/blog/red-lines-under-the-eu-ai-act-understanding-prohibited-ai-practices-and-their-interplay-with-the-gdpr-dsa/</p><p><sup>63</sup> AI laws in 2026: the current EU--US landscape --- Blocshop. https://www.blocshop.io/blog/ai-laws-in-2026-the-current-euus-landscape-and-how-it-shapes-software-development</p><p><sup>64</sup> Annex III: High-Risk AI Systems --- EU AI Act. https://artificialintelligenceact.eu/annex/3/</p><p><sup>65</sup> Article 16: Obligations of Providers of High-Risk AI Systems --- EU AI Act. https://artificialintelligenceact.eu/article/16/</p><p><sup>66</sup> EU AI Act vs GDPR: How They Work Together --- GuruSup. https://gurusup.com/blog/eu-ai-act-vs-gdpr</p><p><sup>67</sup> Agentic law in the European Union: Governing autonomous AI agents --- Jurisconsul. https://www.jurisconsul.com/post/agentic-law-in-the-european-union-governing-autonomous-ai-agents</p><p><sup>68</sup> 2026: the year AI grows up --- Taylor Wessing. https://www.taylorwessing.com/de/interface/2025/predictions-2026/2026-the-year-ai-grows-up</p><p><sup>69</sup> The EU AI Act: What Businesses Need To Know --- Skadden. https://www.skadden.com/insights/publications/2024/06/quarterly-insights/the-eu-ai-act-what-businesses-need-to-know</p><p><sup>70</sup> The Agentic AI Revolution: Managing Legal Risks --- Squire Patton Boggs. https://www.squirepattonboggs.com/insights/publications/the-agentic-ai-revolution-managing-legal-risks/</p><p><sup>71</sup> EU AI Act and GDPR: Tracing CJEU case law on automated processing --- Covington. https://www.cov.com/-/media/files/corporate/publications/2025/10/eu-ai-act-and-gdpr-tracing-cjeu-case-law-on-automated-processing-and-decision-making.pdf</p><p><sup>72</sup> Artificial intelligence --- UK Regulatory Outlook February 2026 --- Osborne Clarke. https://www.osborneclarke.com/insights/regulatory-outlook-february-2026-artificial-intelligence</p><p><sup>73</sup> CJEU Clarifies GDPR Rights on Automated Decision-Making and Trade Secrets. https://www.insideprivacy.com/gdpr/cjeu-clarifies-gdpr-rights-on-automated-decision-making-and-trade-secrets/</p><p><sup>74</sup> Consumers&#8217; right to explanation under AI decision making --- BEUC. https://www.beuc.eu/sites/default/files/publications/BEUC-X-2026-003\_Consumers\_right\_to\_explanation\_under\_AI\_decision\_making.pdf</p><p><sup>75</sup> Amazon Blocks Perplexity AI Scraping: Key Implications --- i10X. https://i10x.ai/news/amazon-perplexity-ai-scraping-lawsuit</p><p><sup>76</sup> Cloudflare launches AI Audit and blocks unauthorized AI bots --- Cloudflare Blog. https://blog.cloudflare.com/ai-audit/</p><p><sup>77</sup> Web scraping after hiQ v. LinkedIn: the legal landscape --- Perkins Coie. https://www.perkinscoie.com/en/news-insights/web-scraping-legal-landscape.html</p><p><sup>78</sup> Amazon&#8217;s lawsuit against Perplexity rattles AI-driven search --- Hotel News Resource. https://www.hotelnewsresource.com/article139310.html</p><p><sup>79</sup> Google&#8217;s Universal Commerce Protocol and the Race to Wire Agentic Shopping --- Opus Research. https://opusresearch.net/2026/01/15/googles-universal-commerce-protocol-and-the-race-to-wire-agentic-shopping/</p><p><sup>80</sup> Agentic commerce AI tools, protocol for retailers, platforms --- Google Blog. https://blog.google/products/ads-commerce/agentic-commerce-ai-tools-protocol-retailers-platforms/</p><p><sup>81</sup> Walmart Partners with Google To Pioneer Agent-Led Commerce --- RetailWire. https://retailwire.com/discussion/walmart-google-agentic-commerce/</p><p><sup>82</sup> Agentic AI poses new challenges around online payments --- Pinsent Masons. https://www.pinsentmasons.com/out-law/news/agentic-ai-challenges-online-payments</p><p><sup>83</sup> Should Amazon Be Banning AI Shopping Agents From its Platform? --- RetailWire. https://retailwire.com/discussion/should-amazon-banning-ai-shopping-agents/</p><p><sup>84</sup> Amazon Injunction Could Change the Future of Agentic Commerce --- PYMNTS.com. https://www.pymnts.com/amazon/2026/amazon-injunction-could-change-the-future-of-agentic-commerce/</p><p><sup>85</sup> Watchdog Issues Warning About Letting AI Run Your Life --- Futurism. https://futurism.com/artificial-intelligence/ai-agent-manipulation</p><p><sup>86</sup> EU: BEUC published position paper on consumers&#8217; right to explanation --- DataGuidance. https://www.dataguidance.com/news/eu-beuc-published-position-paper-consumers-right</p><p><sup>87</sup> Consumers&#8217; right to explanation under AI decision making --- BEUC. https://www.beuc.eu/position-paper/consumers-right-explanation-under-ai-decision-making</p><p><sup>88</sup> AI shopping agents: How will UK Consumer Law apply? --- CMS. https://cms.law/en/gbr/legal-updates/ai-shopping-agents-how-will-uk-consumer-law-apply</p><p><sup>89</sup> Complying With the DSA, AI Act, and GDPR --- Goodwin Law. https://www.goodwinlaw.com/en/insights/publications/2025/07/insights-practices-antc-three-laws-one-challenge</p><p><sup>90</sup> When Bots Set Prices: CMA Highlights Real World Risks of Algorithmic Pricing --- Akin Gump. https://www.akingump.com/en/insights/alerts/when-bots-set-prices-cma-highlights-real-world-risks-of-algorithmic-pricing</p><p><sup>91</sup> AI and collusion: frontiers, opportunities and challenges --- CMA. https://competitionandmarkets.blog.gov.uk/2026/03/04/ai-and-collusion-frontiers-opportunities-and-challenges/</p><p><sup>92</sup> EU Regulations Are Not Ready for Multi-Agent AI Incidents --- TechPolicy.Press. https://www.techpolicy.press/eu-regulations-are-not-ready-for-multiagent-ai-incidents/</p><p><sup>93</sup> US Justice Dept settles Agri Stats case --- Reuters. https://www.reuters.com/world/us-justice-dept-settles-agri-stats-case-2026-05-07/</p><p><sup>94</sup> UKJT Public Consultation: Liability for AI Harms under the Private Law of England and Wales --- LawtechUK. https://lawtechuk.io/ukjt/public-consultation-liability-for-ai-harms-under-the-private-law-of-england-and-wales/</p><p><sup>95</sup> 2026 AI Legal Forecast: From Innovation to Compliance --- Baker Donelson. https://www.bakerdonelson.com/2026-ai-legal-forecast-from-innovation-to-compliance</p><p><sup>96</sup> Could agents be the next stumbling block for Europe&#8217;s AI rules? --- Euractiv. https://www.euractiv.com/news/could-agents-be-the-next-stumbling-block-for-europes-ai-rules/</p><p><sup>97</sup> Driving compliance with EU&#8217;s AI Act through Agentic AI agents --- Consultancy.eu. https://www.consultancy.eu/news/12432/driving-compliance-with-eus-ai-act-through-agentic-ai-agents</p><p><sup>98</sup> Agentic AI: The liability gap your contracts may not cover --- Clifford Chance. https://www.cliffordchance.com/insights/resources/blogs/talking-tech/en/articles/2026/02/agentic-ai-and-the-liability-gap-your-contracts-may-not-cover.html</p>]]></content:encoded></item><item><title><![CDATA[The Bartz Architecture Goes East]]></title><description><![CDATA[Five publishers and Scott Turow sued Meta Platforms and Mark Zuckerberg on 5 May 2026 in the Southern District of New York for willful copyright infringement in the development of the Llama models1. The complaint pleads that Zuckerberg and other Meta executives authorised and directed the torrenting of more than 267 TB of pirated material, including from LibGen, Anna&#8217;s Archive, Sci-Hub and other pirate sites. Three points are doing the analytical work in the complaint. Forum is the most important.]]></description><link>https://www.codeontrial.ai/p/the-bartz-architecture-goes-east</link><guid isPermaLink="false">https://www.codeontrial.ai/p/the-bartz-architecture-goes-east</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Thu, 07 May 2026 04:56:48 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!0ljy!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb875be56-77aa-415a-b125-44dcf93afbda_1200x1200.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!0ljy!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb875be56-77aa-415a-b125-44dcf93afbda_1200x1200.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!0ljy!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb875be56-77aa-415a-b125-44dcf93afbda_1200x1200.png 424w, https://substackcdn.com/image/fetch/$s_!0ljy!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb875be56-77aa-415a-b125-44dcf93afbda_1200x1200.png 848w, https://substackcdn.com/image/fetch/$s_!0ljy!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb875be56-77aa-415a-b125-44dcf93afbda_1200x1200.png 1272w, https://substackcdn.com/image/fetch/$s_!0ljy!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb875be56-77aa-415a-b125-44dcf93afbda_1200x1200.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!0ljy!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb875be56-77aa-415a-b125-44dcf93afbda_1200x1200.png" width="1200" height="1200" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/b875be56-77aa-415a-b125-44dcf93afbda_1200x1200.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1200,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:87966,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/196653535?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb875be56-77aa-415a-b125-44dcf93afbda_1200x1200.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!0ljy!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb875be56-77aa-415a-b125-44dcf93afbda_1200x1200.png 424w, https://substackcdn.com/image/fetch/$s_!0ljy!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb875be56-77aa-415a-b125-44dcf93afbda_1200x1200.png 848w, https://substackcdn.com/image/fetch/$s_!0ljy!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb875be56-77aa-415a-b125-44dcf93afbda_1200x1200.png 1272w, https://substackcdn.com/image/fetch/$s_!0ljy!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb875be56-77aa-415a-b125-44dcf93afbda_1200x1200.png 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Five publishers and Scott Turow sued Meta Platforms and Mark Zuckerberg on 5 May 2026 in the Southern District of New York for willful copyright infringement in the development of the Llama models<sup>1</sup>. The complaint pleads that Zuckerberg and other Meta executives authorised and directed the torrenting of more than 267 TB of pirated material, including from LibGen, Anna&#8217;s Archive, Sci-Hub and other pirate sites. Three points are doing the analytical work in the complaint. Forum is the most important.</p><p><em><strong>The Forum Is the Strategy</strong></em></p><p>Three cases now frame the book-training branch of the AI copyright docket. Bartz v Anthropic<sup>2</sup> in the Northern District of California, where Judge Alsup held that Anthropic&#8217;s training use was fair use but refused to excuse the separate acquisition and retention of pirated works from LibGen and PiLiMi. The $1.5 billion settlement received preliminary approval on 25 September 2025 and remains subject to final approval. Kadrey v Meta<sup>3</sup>, also NDCal, where Judge Chhabria granted Meta summary judgment on the record before him on 25 June 2025 with the express warning that the ruling did not establish that Meta&#8217;s use of copyrighted works to train Llama was lawful as a general proposition. And now Elsevier v Meta in the Southern District of New York.</p><p>The publishers&#8217; choice of venue is not coincidental. SDNY now has its own active AI copyright docket, including The New York Times v OpenAI before Judge Stein<sup>4</sup>. SDNY judges have not opined on the acquisition/use split that Judge Alsup applied in Bartz. Filing east of the Sierra Nevada gives the publishers a clean bench.</p><p><em><strong>The Pleading Choices</strong></em></p><p>Two pleading choices structure the case.</p><p>First, the complaint centres acquisition. Judge Alsup&#8217;s reasoning in Bartz turned on a clean conceptual division. Training on legally acquired copies was treated as transformative under Campbell v Acuff-Rose. The antecedent unlawful download of seven million books from LibGen and PiLiMi was independently actionable. The Elsevier complaint mirrors that division. It alleges over 267 TB of pirated material was torrented after Zuckerberg and other Meta executives authorised and directed the process, an executive-level decision in April 2023 to abandon publisher licensing negotiations and a knowing infringement theory under 17 U.S.C. &#167; 504(c). Statutory damages on willful infringement can run to $150,000 per eligible work. If the allegations are proved, even at a fraction of that ceiling the exposure dwarfs the Anthropic settlement of $3,000 per work across roughly 500,000 books.</p><p>Second, the complaint names Zuckerberg personally. Naming Zuckerberg is not cosmetic. The complaint pleads direct infringement against him and, in the alternative, contributory infringement. The Rule 12 fight will therefore be whether the pleaded facts show knowledge, authorisation and material contribution, rather than merely apex status at Meta. The doctrinal frame remains Gershwin Publishing v Columbia Artists Management (2d Cir. 1971), Sony, Grokster and In re Aimster.</p><p><em><strong>The Comparative Lens</strong></em></p><p>UK practitioners are watching Getty Images v Stability AI for a different reason. The High Court&#8217;s 2025 judgment did not decide the central training-copying question under UK copyright law. It rejected important parts of Getty&#8217;s case and found only limited trade mark infringement. The comparison with Elsevier v Meta is therefore structural, not doctrinal: both cases turn on source material, provenance and what can be proved about training data. The US dispute is filtered through fair use. The UK dispute is not, but that does not mean UK claimants can ignore proof of copying, territoriality or subsistence.</p><p>EU regulatory attention has centred on the AI Act&#8217;s training-data transparency obligation under Article 53 of Regulation (EU) 2024/1689<sup>5</sup>, in force for general-purpose AI providers since 2 August 2025 with transitional rules for pre-existing models. Article 53 may produce public-facing and regulatory material relevant to provenance disputes, but it is not a substitute for US discovery. It is an evidential pressure point, not an evidence pipeline.</p><p><em><strong>What to Watch in the Next Ninety Days</strong></em></p><p>Three near-term decisions matter. First, the motion-to-dismiss schedule on the personal claims against Zuckerberg. Second, any consolidation or transfer motion under 28 U.S.C. &#167; 1404 that could pull the case back to NDCal. Third, whether any party seeks coordination or consolidation of related SDNY AI copyright actions under Rule 42(a).</p><p>Anthropic showed why the acquisition record can drive settlement economics. The Bartz architecture has now travelled east. The economic question is whether SDNY will produce a Bartz-style holding without trial, or whether Meta will litigate the alleged willful-infringement record and the corporate-officer point to judgment.</p><p></p><p><em><strong>Notes</strong></em></p><p><sup>1</sup> Elsevier Inc., Cengage Learning, Inc., Hachette Book Group, Inc., Macmillan Publishing Group, LLC, McGraw Hill LLC, Scott Turow and S.C.R.I.B.E., Inc. v Meta Platforms, Inc. and Mark Zuckerberg, Civil Action No. 26-cv-3689 (S.D.N.Y., complaint filed 5 May 2026).</p><p><sup>2</sup> Bartz et al. v Anthropic PBC, No. 3:24-cv-05417 (N.D. Cal.) (Alsup, J.). Summary judgment opinion on fair use 23 June 2025. Settlement preliminary approval 25 September 2025; final approval pending (fairness hearing listed 14 May 2026).</p><p><sup>3</sup> Kadrey et al. v Meta Platforms, Inc., No. 3:23-cv-03417 (N.D. Cal.) (Chhabria, J.). Summary judgment for Meta on training fair use 25 June 2025.</p><p><sup>4</sup> The New York Times Co. v OpenAI, Inc. and Microsoft Corp., No. 1:23-cv-11195 (S.D.N.Y.) (Stein, J.).</p><p><sup>5</sup> Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 (the AI Act). Article 53 obligations on providers of general-purpose AI models entered into application on 2 August 2025, with transitional rules for models placed on the market before that date.</p>]]></content:encoded></item><item><title><![CDATA[The Reviewable Record]]></title><description><![CDATA[AI in CFTC Registration Triage and the Administrative Procedure Act]]></description><link>https://www.codeontrial.ai/p/the-reviewable-record</link><guid isPermaLink="false">https://www.codeontrial.ai/p/the-reviewable-record</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Tue, 05 May 2026 04:01:01 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!FUxY!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7e426683-f0a5-4426-9f07-188071c65da9_1500x940.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!FUxY!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7e426683-f0a5-4426-9f07-188071c65da9_1500x940.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!FUxY!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7e426683-f0a5-4426-9f07-188071c65da9_1500x940.png 424w, https://substackcdn.com/image/fetch/$s_!FUxY!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7e426683-f0a5-4426-9f07-188071c65da9_1500x940.png 848w, https://substackcdn.com/image/fetch/$s_!FUxY!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7e426683-f0a5-4426-9f07-188071c65da9_1500x940.png 1272w, https://substackcdn.com/image/fetch/$s_!FUxY!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7e426683-f0a5-4426-9f07-188071c65da9_1500x940.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!FUxY!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7e426683-f0a5-4426-9f07-188071c65da9_1500x940.png" width="1456" height="912" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/7e426683-f0a5-4426-9f07-188071c65da9_1500x940.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:912,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:126171,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/196401383?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7e426683-f0a5-4426-9f07-188071c65da9_1500x940.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!FUxY!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7e426683-f0a5-4426-9f07-188071c65da9_1500x940.png 424w, https://substackcdn.com/image/fetch/$s_!FUxY!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7e426683-f0a5-4426-9f07-188071c65da9_1500x940.png 848w, https://substackcdn.com/image/fetch/$s_!FUxY!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7e426683-f0a5-4426-9f07-188071c65da9_1500x940.png 1272w, https://substackcdn.com/image/fetch/$s_!FUxY!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7e426683-f0a5-4426-9f07-188071c65da9_1500x940.png 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>On 27 April 2026, CoinDesk reported that CFTC Chairman Michael Selig said the Commission is using, or building, artificial intelligence tools to assist with crypto registration applications.<sup>1</sup> The reported use case is administrative triage: flagging incomplete filings, identifying clearly deficient submissions and helping prioritise the staff queue. The reporting also indicates that AI is being applied to trading data and to surveillance for fraud, market manipulation and insider trading. Reporting around Selig&#8217;s 16 April 2026 appearance before the House Agriculture Committee linked the deployment of AI tools to reduced staffing and to the agency&#8217;s need to supervise expanding crypto and prediction-market responsibilities.<sup>2</sup></p><p><em><strong>Triage at the regulatory gateway</strong></em></p><p>Two structural facts give the disclosure analytical weight. The CFTC is the primary federal regulator for crypto derivatives. Following the SEC/CFTC joint interpretation of 17 March 2026, the Commission has committed to administering the Commodity Exchange Act consistently with the SEC&#8217;s interpretation of when a non-security crypto asset may become, or cease to be subject to, an investment contract.<sup>3</sup> AI is therefore operating close to the gateway of regulatory classification, registration and market access, at the moment when the boundary between securities-law treatment and commodity-law treatment of crypto assets is the most active question in US crypto regulation.</p><p><em><strong>The 1946 framework</strong></em></p><p>Section 706 of the Administrative Procedure Act (APA), enacted in 1946, requires reviewing courts to set aside agency action found to be arbitrary, capricious, an abuse of discretion, contrary to law, procedurally defective or, in some cases, unsupported by substantial evidence, on the basis of the whole record.<sup>4</sup> Motor Vehicle Manufacturers Association of US Inc v State Farm Mutual Automobile Insurance Co, 463 US 29 (1983), held that the agency must articulate a satisfactory explanation for its action including a rational connection between the facts found and the choice made. The administrative record fixes the basis of judicial review.</p><p>When the agency&#8217;s first-pass review is automated, the question is what the record contains. A flag triggered by an AI tool is not, on its own, an explanation. A rejection rationalised as &#8220;clearly deficient&#8221; without a human articulation of which fact controlled cannot satisfy State Farm in the form courts have applied since 1983. The Supreme Court&#8217;s abandonment of Chevron deference in Loper Bright Enterprises v Raimondo, 144 S Ct 2244 (2024), reinforces the point: reviewing courts are less likely to accept agency characterisation by default where the legal basis for action is contested.</p><p><em><strong>Comparative jurisdiction</strong></em></p><p>The EU has addressed comparable public-law risk through classification. Annex III of the AI Act covers certain public-sector AI uses, including those used by public authorities to assess eligibility for essential public services and to assist in the administration of justice. Such systems are high-risk. Article 14 requires that high-risk systems be designed and developed to enable effective human oversight during use, with the burden falling on providers and deployers.<sup>5</sup> Registration triage of the kind the CFTC is now performing is not necessarily mapped one-for-one onto Annex III, but the architectural framework for classifying public-sector AI is in place.</p><p>The UK has adopted the Algorithmic Transparency Recording Standard. Current GOV.UK guidance treats it as mandatory for central government departments and certain arm&#8217;s-length bodies within scope, where tools significantly influence decision-making with public effect or directly interact with the public, and recommends it more broadly across the public sector. The United States has federal AI governance guidance, but no equivalent statutory high-risk classification regime and no APA-specific transparency framework for automated regulatory triage. The disclosure of CFTC AI use was made in a press interview rather than a notice-and-comment proceeding, which is itself a procedural data point.</p><p><em><strong>Strategic implication</strong></em></p><p>For practitioners advising crypto applicants, the immediate question is whether to plead the issue. A denied or stalled application that has been triaged by AI presents a State Farm record problem. Until the Commission publishes its protocols, denial letters should be treated as potentially actionable on APA grounds, not merely as procedural setbacks. Litigation pressure will drive disclosure of model documentation, training data and human review thresholds. That pressure is the most likely path to a US analogue of public-sector AI oversight, arrived at through judicial review rather than legislation.</p><p></p><p></p><p><sup>1</sup> CoinDesk, &#8220;CFTC&#8217;s AI Will Review U.S. Crypto Registration Applications, Chairman Tells CoinDesk&#8221; (27 April 2026).</p><p><sup>2</sup> CoinDesk, &#8220;U.S. CFTC&#8217;s Selig Says AI Has Helped Make Up for Staffing Cuts at Key Crypto Watchdog&#8221; (16 April 2026); House Agriculture Committee hearing transcript, oral evidence of Chairman Michael Selig, 16 April 2026.</p><p><sup>3</sup> SEC Press Release 2026-30, &#8220;SEC Clarifies the Application of Federal Securities Laws to Crypto Assets&#8221; (17 March 2026).</p><p><sup>4</sup> 5 U.S.C. &#167; 706.</p><p><sup>5</sup> Regulation (EU) 2024/1689 of 13 June 2024, Articles 6 and 14 and Annex III. High-risk obligations are currently scheduled to apply from 2 August 2026.</p>]]></content:encoded></item><item><title><![CDATA[Global Liability Frameworks for Autonomous Vehicle Accidents]]></title><description><![CDATA[By late 2024, Waymo&#8217;s robotaxi fleet had logged more than 25 million fully autonomous public-road miles across the United States.[50] Yet a single accident in which an autonomous vehicle fails to predict or avoid a collision forces the legal system to confront its most consequential allocation problem: who bears responsibility when the dynamic driving task was performed not by a human but by software?[1] Autonomous vehicles do not create liability from nothing.]]></description><link>https://www.codeontrial.ai/p/global-liability-frameworks-for-autonomous</link><guid isPermaLink="false">https://www.codeontrial.ai/p/global-liability-frameworks-for-autonomous</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Mon, 04 May 2026 07:01:00 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!dK1h!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F690c412b-f016-4cc0-958d-d4e69cdfc044_4191x3353.jpeg" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!dK1h!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F690c412b-f016-4cc0-958d-d4e69cdfc044_4191x3353.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!dK1h!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F690c412b-f016-4cc0-958d-d4e69cdfc044_4191x3353.jpeg 424w, https://substackcdn.com/image/fetch/$s_!dK1h!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F690c412b-f016-4cc0-958d-d4e69cdfc044_4191x3353.jpeg 848w, https://substackcdn.com/image/fetch/$s_!dK1h!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F690c412b-f016-4cc0-958d-d4e69cdfc044_4191x3353.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!dK1h!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F690c412b-f016-4cc0-958d-d4e69cdfc044_4191x3353.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!dK1h!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F690c412b-f016-4cc0-958d-d4e69cdfc044_4191x3353.jpeg" width="1456" height="1165" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/690c412b-f016-4cc0-958d-d4e69cdfc044_4191x3353.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1165,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:1943364,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/196330492?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F690c412b-f016-4cc0-958d-d4e69cdfc044_4191x3353.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!dK1h!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F690c412b-f016-4cc0-958d-d4e69cdfc044_4191x3353.jpeg 424w, https://substackcdn.com/image/fetch/$s_!dK1h!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F690c412b-f016-4cc0-958d-d4e69cdfc044_4191x3353.jpeg 848w, https://substackcdn.com/image/fetch/$s_!dK1h!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F690c412b-f016-4cc0-958d-d4e69cdfc044_4191x3353.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!dK1h!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F690c412b-f016-4cc0-958d-d4e69cdfc044_4191x3353.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>By late 2024, Waymo&#8217;s robotaxi fleet had logged more than 25 million fully autonomous public-road miles across the United States.[50] Yet a single accident in which an autonomous vehicle fails to predict or avoid a collision forces the legal system to confront its most consequential allocation problem: who bears responsibility when the dynamic driving task was performed not by a human but by software?[1] Autonomous vehicles do not create liability from nothing. They move the liability question from the driver&#8217;s conduct at the moment of impact to the design, deployment, monitoring and insurance of the system that performed the dynamic driving task. For over a century, legal frameworks governing road traffic anchored liability in human agency. The &#8220;driver&#8221; was the central locus of both control and responsibility.[1, 2] As the dynamic driving task (DDT) moves from human cognition to algorithms, the traditional negligence model is no longer sufficient on its own. It remains relevant, but it now operates alongside product liability, insurance-first compensation, safety-case regulation and data-based accident reconstruction.[2, 3, 4]</p><p>The emerging pattern is not the abolition of liability, but its redistribution. In Level 1 and Level 2 systems, liability remains substantially anchored in human supervision. At Levels 3 and 4, the legal analysis moves to the operational design domain, the handover or fallback architecture, the entity responsible for the automated driving system (ADS), the insurer-first compensation mechanism and the evidential record generated by the vehicle. The central question is no longer simply whether a driver was negligent, but whether the system was authorised, safely deployed, properly monitored, adequately updated and capable of proving what it did.[4, 5, 6]</p><p>Across the United States, the United Kingdom, Europe, Asia, and Australasia, regulators face the &#8220;pacing problem&#8221;: the inherent lag between technological innovation and legal frameworks that can regulate it.[7] Some jurisdictions have adopted &#8220;light-touch&#8221; guiding principles to foster innovation. Others have enacted proactive statutes that redefine the nature of vehicle operation and insurance.[7, 8, 9, 10] This analysis examines these diverging and converging frameworks, focusing on the mechanisms of liability, the role of data in accident reconstruction, and the evolution of motor insurance in an era of automated mobility.</p><p><em>The Hierarchical Framework of Automation and Legal Agency</em></p><p>Central to liability analysis is the taxonomy of driving automation established by the Society of Automotive Engineers (SAE). The SAE defines six levels ranging from no automation (Level 0) to full automation (Level 5).[11, 12, 13] SAE levels are not liability rules. They are the technical vocabulary through which statutes, insurers and courts decide whether the human, the ADS, the operator or the product supplier was responsible for the relevant part of the driving task.[5]</p><p><em>Classification of Driving Automation and Liability Thresholds</em></p><p>Most consumer vehicles currently available in ordinary use remain Level 1 or Level 2 driver-assistance systems, with the human driver responsible for monitoring and control.[11] The liability frontier lies in Level 3 and Level 4 systems, where the ADS may perform the dynamic driving task within an operational design domain (ODD). In these systems, the human may still be required to act as a &#8220;fallback-ready user&#8221; or &#8220;user-in-charge&#8221;.[14, 16, 17]</p><p>This transitional phase introduces a zone of legal ambiguity, particularly when the system requests the human to resume control. The determination of whether a human had a &#8220;reasonable time&#8221; to react to such a demand will be central to future litigation.[14, 18] Courts will have to define the temporal and cognitive boundaries of human transition readiness - a question with little direct precedent in conventional traffic law.</p><p><em>The United States: A Laboratory of Jurisdictional Patchworks</em></p><p>In the United States, the regulatory environment reflects a distinctive tension between federal safety authority and state-level statutory experimentation.[19, 20] To date, no comprehensive federal statute governs autonomous vehicle civil liability. The definition of a vehicle &#8220;operator&#8221; varies sharply across state lines.[20]</p><p><em>Federal Safety Authority and the Standing General Order</em></p><p>At federal level, the United States regulates autonomous vehicles (AVs) primarily through vehicle safety authority rather than a unified civil-liability statute. The National Highway Traffic Safety Administration&#8217;s (NHTSA) Standing General Order requires identified manufacturers and operators to report certain crashes involving ADS or Level 2 advanced driver-assistance system (ADAS) vehicles. The agency uses that data to identify safety concerns, investigate potential defects and, where necessary, require unsafe vehicles or equipment to be remedied.[11, 19, 20, 44]</p><p>Federal Motor Vehicle Safety Standards (FMVSS) were originally designed for vehicles with human controls. Manufacturers seeking to test vehicles without steering wheels or brake pedals must often request exemptions.[19, 20] Federal preemption (where federal law would override inconsistent state laws) remains unresolved. Current and earlier versions of the SELF DRIVE Act, most recently reintroduced by Representative Bob Latta in February 2026, have yet to clarify this jurisdictional boundary.[19]</p><p><em>State Statutory Innovation: California, Florida, and Arizona</em></p><p>As of late 2024, more than 35 states have enacted legislation or executive orders related to autonomous vehicles.[19, 20] These statutes represent the front line of legal evolution, with states adopting markedly different philosophies on liability and operator responsibility.</p><p>California has established one of the world&#8217;s most rigorous regulatory frameworks. Vehicle Code Sections 38750 through 38755 govern testing and deployment.[18, 21] Manufacturers must obtain specific permits and maintain $5 million in insurance or proof of self-insurance.[21, 22] California&#8217;s 2026 AV regulations, announced by the DMV on 28 April 2026, introduce a &#8220;Notice of AV Noncompliance&#8221; mechanism. Contemporary reporting indicates that, from 1 July 2026, law enforcement will be able to issue notices for driverless-vehicle traffic violations, triggering DMV investigation and potential permit consequences.[45, 49]</p><p>Florida adopted a contrasting approach intended to attract manufacturers.[19] Florida&#8217;s House Bill 311 (2019) explicitly designates the ADS itself as the &#8220;operator&#8221; when engaged. This decouples liability from human presence.[19] The law permits operation of vehicles without a licensed human occupant, provided the vehicle meets federal safety standards.[19] By legally designating the system as the operator, Florida created a statutory path for shifting liability from individuals to technology-deploying entities.[19]</p><p>Arizona&#8217;s framework is driven primarily by executive orders, particularly Executive Order 2018-04, which mandates that all automated driving systems comply with federal and state safety standards.[19] Arizona has positioned itself as a &#8220;test bed&#8221; for innovation. It established a designated oversight committee and requires companies to register their intended ODD.[19]</p><p><em>The Evolution of Tort and Product Liability in US Case Law</em></p><p>In the absence of a unified federal liability statute, US courts apply traditional tort principles and product liability theories to autonomous vehicle accidents.[4] A visible shift has occurred: from &#8220;driver error&#8221; as a cause of action to &#8220;design defect&#8221; or &#8220;failure to warn&#8221;.[6] In cases involving semi-autonomous systems like Tesla&#8217;s Autopilot, plaintiffs have successfully argued that manufacturers bear liability for systems that fail to monitor driver engagement adequately or that encourage foreseeable misuse. In Benavides v Tesla, Judge Beth Bloom denied Tesla&#8217;s post-trial motion after a jury award of $242.57 million, including $200 million in punitive damages, in a defective-design and product-liability case concerning Autopilot.[6, 46]</p><p>As vehicles reach Levels 4 and 5, claims are likely to be framed increasingly through product-liability concepts, treating the ADS not as a legal driver but as part of a product and service system whose design, warnings, updates and operational limits can be tested in litigation.[6]</p><p>Negligent entrustment and related owner-responsibility theories may also evolve where owners or operators fail to maintain software updates, sensors or calibration requirements.[6]</p><p><em>The United Kingdom: A Proactive Statutory Model</em></p><p>Westminster has positioned itself as a global leader in autonomous vehicle regulation through the Automated and Electric Vehicles Act 2018 (AEVA) and the subsequent Automated Vehicles Act 2024.[10, 24] Its approach is distinctly proactive, seeking to resolve &#8220;regulatory disconnection&#8221; before mass commercialisation of self-driving technology.[7]</p><p><em>The Automated and Electric Vehicles Act 2018: The &#8220;Insurer-First&#8221; Model</em></p><p>AEVA 2018 introduced a novel insurance and liability model for connected and autonomous vehicles (CAV).[7] It resolves the question of &#8220;who is liable&#8221; by establishing a &#8220;single insurance&#8221; policy covering both driver and vehicle.[7]</p><p>Under the AEVA 2018, if an accident is caused by an automated vehicle &#8220;driving itself,&#8221; the insurer is primarily liable to compensate any third party who suffers damage, including the &#8220;driver&#8221; who may be an occupant not actively driving.[7, 25] This first-instance insurer liability ensures swift compensation. The injured party need not identify or prove a specific software or sensor failure before recovering.[14]</p><p>Once the insurer has compensated the victim, the Act provides a statutory right of recourse. The insurer can recover costs from the party responsible for the accident, such as the vehicle manufacturer or a third-party software provider.[7, 14] This two-stage process protects consumers while holding technology providers accountable through insurance subrogation.[7]</p><p><em>The Automated Vehicles Act 2024 and the ASDE</em></p><p>Building on a four-year review by the Law Commission of England and Wales and the Scottish Law Commission, the Automated Vehicles Act 2024 established a framework for safe deployment of self-driving vehicles on British roads.[10, 24] The legislation introduces key legal roles and responsibilities that redefine the boundaries of liability.</p><p>A &#8220;bright line&#8221; distinction runs through the 2024 Act: driver support features on one side, self-driving systems on the other.[24] When a vehicle is authorised as &#8220;self-driving&#8221; and the ADS is engaged, the human &#8220;user-in-charge&#8221; is explicitly exempted from criminal responsibility for the dynamic driving task.[24] This marks a turning point in road traffic law. It removes the traditional burden of &#8220;care and control&#8221; from the human occupant and places responsibility for the way the authorised self-driving feature drives, for regulatory purposes, on the Authorised Self-Driving Entity (ASDE), while third-party compensation remains channelled primarily through the AEVA 2018 insurer-first model.[14, 24] However, the user-in-charge remains responsible for &#8220;non-driving&#8221; tasks such as ensuring the vehicle is insured and that passengers wear seatbelts.[14]</p><p>Both Law Commissions recommended that ASDEs disclose safety-relevant data to regulators and insurers.[14] This duty of transparency is intended to ensure that civil claims are decided fairly and that systemic risks are identified and mitigated before they cause further accidents.[14]</p><p><em>Continental Europe: Harmonising AI and Product Liability</em></p><p>Across the EU, autonomous vehicle liability is being reshaped by a broader initiative to update the legal framework for the digital age. Key drivers include modernisation of product liability law and regulation of artificial intelligence.[26, 27, 28]</p><p><em>The Revised Product Liability Directive (EU) 2024/2853</em></p><p>The most consequential development in European liability law is the revision of the Product Liability Directive (PLD), which came into force on 8 December 2024. Member States have until 9 December 2026 to transpose it; the old PLD continues for products placed on the market or put into service before then.[27] Once implemented, the new directive expressly brings software, including AI systems and related digital services, within the strict product-liability framework, whether embedded in a device or accessed via cloud services.[26, 27, 28]</p><p>Key innovations of the revised PLD include several changes that reshape liability across the product lifecycle. Software is now treated as a product and manufacturers of AI systems and digital components are liable for defects in software, including those arising from algorithmic errors or data quality issues.[6, 26] Lifecycle liability has expanded beyond the moment a product is &#8220;placed on the market.&#8221; Manufacturers who retain control through software updates or digital services remain liable for defects that arise after the product enters service.[28, 29] Providers of &#8220;connected digital services&#8221; that are essential for vehicle function (such as real-time navigation or mapping services) can be held jointly and severally liable alongside the vehicle manufacturer.[26, 29] Any entity that substantially modifies a product becomes liable as a &#8220;manufacturer&#8221; for the modified components.[26, 28, 29]</p><p>The directive also addresses information asymmetry by alleviating the burden of proof for victims.[27, 28] Given the limited explainability of AI, courts are now empowered to order disclosure of technical evidence.[28] If a manufacturer fails to comply with a disclosure order, the defectiveness of the product is presumed.[28] If technical complexity makes it excessively difficult for a claimant to prove a defect, the claimant only needs to show that it is likely the product was defective or that a causal link exists.[28]</p><p><em>Germany: The StVG Amendments and the Technical Supervisor</em></p><p>Germany, as Europe&#8217;s leading automotive manufacturer, implemented specific domestic laws to support Level 3 and Level 4 automation.[16, 30] The German Road Traffic Act (StVG) was amended in 2017 to allow conditionally automated driving and further amended in 2021 to create a framework for autonomous driving without a driver present.[16, 30]</p><p>A unique feature of the German framework is the &#8220;Technical Supervisor&#8221; (Technische Aufsicht).[12, 16] For Level 4 vehicles, while no driver is required on board, a natural person must monitor the vehicle externally. That person must be capable of deactivating it or authorising specific manoeuvres if the system encounters an error.[12, 16] The Technical Supervisor is not treated as the driver, but may be exposed under general tort principles if their monitoring or intervention falls below the required standard.[16]</p><p>Germany maintains a strict &#8220;holder&#8221; liability system, but with increased caps.[16] The maximum liability for the &#8220;vehicle holder&#8221; (usually the owner) in accidents involving automated systems has doubled to &#8364;10 million for personal injury and &#8364;2 million for property damage.[16] This ensures victims have access to substantial compensation through the owner&#8217;s mandatory insurance. The insurer retains a right of recourse against the manufacturer if a product defect is identified.[16]</p><p><em>The EU AI Act and Its Interplay with Liability</em></p><p>Many AI systems used in automated driving will be treated as high-risk under the EU AI Act (Regulation (EU) 2024/1689) where they are safety components of vehicles or vehicle systems subject to EU type-approval or conformity assessment.[6, 28] The AI Act is not itself a civil-liability statute, but its duties on risk management, data governance, transparency, logging, human oversight, robustness and cybersecurity may inform the applicable standard of care. Non-compliance may therefore become relevant evidence, although claimants will still need to establish the elements of the civil claim under national law.[6, 28]</p><p><em>Asia: State-Led Coordination and the Supervisory Model</em></p><p>Asia has emerged as a high-growth region for autonomous vehicles. China, Japan, and South Korea have each adopted state-led strategies that prioritise safety assurance and commercial deployment.[31, 32]</p><p><em>China: Shenzhen&#8217;s Milestone and National Taxonomy</em></p><p>China does not yet have a comprehensive national AV liability regime. General tort, product liability, transportation accident liability and insurance rules remain the baseline nationally.[32] The national standard for the classification of driving automation (GB/T 40429-2021) aligns closely with SAE levels and the &#8220;Safety Guideline for the Use of Autonomous Vehicles in Transportation Services&#8221; (2023) establishes the groundwork for commercialisation, but specific liability allocation remains a matter of local regulation and general law.[32]</p><p>Shenzhen&#8217;s 2022 &#8220;Regulations on the Administration of Intelligent and Connected Vehicles&#8221; provided the first concrete local rules for intelligent and connected vehicle (ICV) management.[3] The Shenzhen regulations clarify responsibility at different automation levels. For vehicles with a driver, the driver remains primarily responsible for traffic violations.[3] For driverless ICVs, the owner or user is responsible, but they have a clear right of recourse against the manufacturer if a system defect caused the accident.[3] This model shifts risk from vehicle damage and third-party liability to product and operational liability.[3]</p><p><em>Japan: Specified Automated Operation and the 2027 Roadmap</em></p><p>Japan&#8217;s policy roadmap targets Level 4 deployment on public roads nationwide by 2027, though this remains a stated ambition rather than a legislated deadline.[31] To support this ambition, Japan amended its Road Traffic Act in 2022 to define &#8220;Specified Automated Operation&#8221; (SAO).[34] SAO is legally separated from &#8220;driving,&#8221; allowing for driverless transportation services under strict permission systems.[34, 35]</p><p>Under Japanese law, the &#8220;SAO implementer&#8221; must obtain permission from the Prefectural Public Safety Commission and appoint an &#8220;SAO Supervisor&#8221;.[34] This supervisor is responsible for remote monitoring and must ensure that a person is sent to the scene of any accident to take necessary measures.[34] Japan&#8217;s approach maintains a hierarchical attribution framework where liability is distributed based on the negligence level of involved parties. However, increasing emphasis falls on the manufacturer&#8217;s responsibility for cybersecurity and system integrity.[2, 35]</p><p><em>South Korea: The Accident Investigation Committee</em></p><p>South Korea enacted the &#8220;Act on Promotion and Support of Commercialization of Autonomous Vehicles&#8221; (AVA) to create a supportive environment for the industry.[36, 37] Like the UK, South Korea amended its &#8220;Act on Guarantee of Automobile Accident Compensation&#8221; in 2020 to ensure that victims are first covered by the vehicle owner&#8217;s insurance.[35, 37]</p><p>A key feature of the South Korean system is the &#8220;Accident Investigation Committee&#8221; under the Ministry of Land, Infrastructure and Transport (MOLIT).[36] This committee is responsible for collecting and analysing data from the vehicle&#8217;s mandatory &#8220;autonomous driving information recording device&#8221; (DSSAD) to identify the technical cause of an accident.[36] This government-led investigation process is designed to provide swift relief to victims and provide an objective basis for the insurer&#8217;s subrogation claims against manufacturers.[36] In April 2026, Korea launched an Autonomous Vehicle Accident Liability Task Force to develop standards for accident responsibility and compensation procedures ahead of broader commercialisation.[48]</p><p><em>Australasia: Pragmatic Harmonisation and Safety Duties</em></p><p>Australia and New Zealand have approached autonomous vehicle liability through the lens of national harmonisation and adaptation of existing transport laws.[39, 47]</p><p><em>Australia: The National Automated Vehicle Safety Law (AVSL)</em></p><p>The Australian National Transport Commission (NTC) has led a programme to develop an &#8220;end-to-end&#8221; regulatory framework.[39, 47] In 2022, infrastructure and transport ministers agreed to develop a National Automated Vehicle Safety Law (AVSL). Current laws do not yet allow automated vehicles on public roads in the manner contemplated and the AVSL remains under development as part of a nationally consistent framework.[39, 47]</p><p>The primary subject of regulation under the proposed AVSL is the &#8220;Automated Driving System Entity&#8221; (ADSE), the corporation that assumes responsibility for the ADS.[39, 47] Australian ministers have reached consensus that the ADSE would be &#8220;legally in control&#8221; of the vehicle when the ADS is operating.[39, 47] The developing AVSL will enforce a &#8220;General Safety Duty&#8221; on ADSEs, requiring them to manage in-service safety risks &#8220;so far as is reasonably practicable&#8221;.[40] This approach moves away from a pure fault-based model toward a &#8220;safety assurance&#8221; model. The entity must prove it has followed best practices in development and deployment.[40]</p><p><em>New Zealand: The &#8220;Technology-Taker&#8221; Strategy</em></p><p>New Zealand has historically adopted a more observational stance, describing itself as a &#8220;taker of technology&#8221; that evaluates the success of other jurisdictions before committing to its own regulations.[13, 41] However, the Ministry of Transport has initiated a work programme to clarify where responsibility sits across the SAE levels.[13]</p><p>A primary concern in New Zealand is that current offence provisions are directed almost entirely toward human drivers.[13] The Ministry is exploring whether to adapt existing regulations or create a &#8220;bespoke set&#8221; for intelligent transport systems.[9] New Zealand is reviewing vehicle inspection settings, including the treatment of safety technologies, but its AV liability framework remains at work-programme rather than enacted comprehensive-regime stage.[41]</p><p><em>Cross-Cutting Determinants of Liability: Data and Insurance</em></p><p>Regardless of jurisdiction, the practical adjudication of autonomous vehicle accidents depends on two factors: the availability of high-fidelity data and the evolution of motor insurance products.</p><p><em>Data Storage: EDR vs. DSSAD</em></p><p>Regulators are mandating specialised data recorders to resolve the &#8220;black box&#8221; problem of AI decision-making.[42]</p><p>Event Data Recorders (EDR) and Data Storage Systems for Automated Driving (DSSAD) serve different evidentiary purposes. EDR provides the &#8220;how&#8221; of a crash: speed, braking, g-forces. DSSAD provides the &#8220;who&#8221;: was the system engaged, did it issue a transition demand, was the driver attentive.[42] Jurisdictions including California and South Korea have already mandated these systems as a precondition for deployment.[18, 42]</p><p><em>The Insurance Pivot: From Frequency to Severity</em></p><p>The insurance industry, led by global insurers such as Allianz, is recalibrating its models for the &#8220;new mobility era&#8221;.[43] Industry consensus holds that while accident frequency will decline substantially (potentially by 35 percent by 2040), the severity and cost of each claim will increase.[43]</p><p>This shift is driven by multiple factors. Technological complexity means that a minor bumper impact that once cost &#8364;500 to repair now involves replacement and recalibration of expensive light detection and ranging (LiDAR) and radar units, driving repair costs higher.[43] Product liability has shifted. Insurers are moving from insuring &#8220;human error&#8221; to insuring &#8220;system performance,&#8221; which requires closer collaboration with original equipment manufacturers (OEMs).[43] Cyber risk is emerging as a new underwriting category. New products are being designed to cover emerging threats such as software failures and cyberattacks that could lead to mass-collision events.[43]</p><p><em>Conclusion: The Path Toward Global Synthesis</em></p><p>The global review of autonomous vehicle liability reveals not the abolition of traditional doctrine, but its layering. Liability is being reallocated through insurance-first compensation, product liability, safety duties and data obligations. In place of the individual driver as the sole bearer of liability, a composite model is emerging where the manufacturer, the software developer and the fleet operator each bear responsibility calibrated to their role in the system.</p><p>The United States continues to rely on state-level statutory experimentation and judicial evolution. The United Kingdom and South Korea have provided a blueprint for &#8220;victim-first&#8221; insurance models that prioritise social stability over immediate fault-finding. The European Union has redefined the concept of a &#8220;product&#8221; itself to ensure that software is no longer a legal shield for manufacturers.</p><p>The successful deployment of autonomous vehicles will ultimately depend on &#8220;trust through accountability&#8221;.[43] For this trust to be realised, legal frameworks must ensure three outcomes: data access remains unrestricted for accident investigation, insurance models are sufficient to cover systemic failures and the &#8220;bright line&#8221; between human and machine control remains unambiguous.</p><p>As we approach 2030, the convergence of international standards will likely form a new &#8220;Lex Automatica&#8221;: a global body of law that balances the immense safety potential of automation with the enduring legal requirement for justice and compensation.</p><p></p><p></p><p></p><p>References</p><p>1 Navigating Liability in the Age of Autonomous Vehicles, https://www.wshblaw.com/experience-navigating-liability-in-the-age-of-autonomous-vehicles</p><p>2 Liability for Autonomous Vehicle Torts: Who Should Be Held Responsible? - MDPI, https://www.mdpi.com/2032-6653/16/12/665</p><p>3 Urban Transport of China Legislation of Intelligent Connected Vehicles Management and Innovative Practice in Shenzhen, https://www.chinautc.com/upload/accessorychinautc/20243/20243271415151704641.pdf</p><p>4 Comparing Tort Liability Frameworks in Autonomous Vehicle Accident Governance, https://www.researchgate.net/publication/399538965_Comparing_Tort_Liability_Frameworks_in_Autonomous_Vehicle_Accident_Governance</p><p>5 Comparing Tort Liability Frameworks in Autonomous Vehicle Accident Governance - MDPI, https://www.mdpi.com/2032-6653/17/1/32</p><p>6 Who&#8217;s Liable When AI Takes the Wheel? New Frontiers - Jones Day, https://www.jonesday.com/-/media/files/publications/2025/10/civil-liability-and-risk-mitigation-strategies-for-autonomous-vehicles/files/who-is-liable-when-ai-takes-the-wheel-white-paper/fileattachment/who-is-liable-when-ai-takes-the-wheel-white-paper.pdf?rev=c3f3cde57338496d9c5015c13e586480</p><p>7 Automated and Electric Vehicles Act 2018: An Evaluation in light of Proactive Law and Regulatory Disconnect, https://ejlt.org/index.php/ejlt/article/view/702/966</p><p>8 Regulation 2025, https://www.transport.govt.nz/assets/Uploads/Report/Reg-2025-Scenarios-and-Findings.pdf</p><p>9 Regulation 2025 - Emerging insights, https://www.transport.govt.nz/assets/Uploads/Report/Regulation-2025-Emerging-Insights.pdf</p><p>10 Automated and Electric Vehicles Act 2018 regulatory report July 2023 &#8211; December 2024 - GOV.UK, https://assets.publishing.service.gov.uk/media/67cf248ed38a67eb3afaa669/automated-and-electric-vehicles-act-2018-regulatory-report-july-2023_december-2024.pdf</p><p>11 Automated Vehicle Safety - NHTSA, https://www.nhtsa.gov/vehicle-safety/automated-vehicles-safety</p><p>12 Automated and Autonomous Driving. Legal Framework. - Mercedes-Benz Group, https://group.mercedes-benz.com/technology/autonomous-driving/driving/legal-framework.html</p><p>13 Automated Vehicles Work Programme - Ministry of Transport, https://www.transport.govt.nz/area-of-interest/technology-and-innovation/autonomous-vehicles-work-programme</p><p>14 Automated vehicles &#8211; Law Commissions drive forward regulatory..., https://www.dlapiper.com/insights/publications/2022/02/automated-vehicles-law-commissions</p><p>15 LIABILITY FOR DAMAGES CAUSED BY AUTONOMOUS DRIVING VEHICLES FROM THE EU LAW PERSPECTIVE, https://ojs.srce.hr/eclic/article/download/38091/18173/165820</p><p>16 Expert Guide: Autonomous Vehicles Law in Germany - CMS, https://cms.law/en/int/expert-guides/cms-expert-guide-to-autonomous-vehicles-avs/germany</p><p>17 Autonomous Vehicles - Ministry of Transport, https://www.transport.govt.nz/assets/Uploads/Ministry-of-Transport-AVs-background-paper-two-International-Developments.pdf</p><p>18 California Code, Vehicle Code - VEH &#167; 38750 - Codes - FindLaw, https://codes.findlaw.com/ca/vehicle-code/veh-sect-38750/</p><p>19 Autonomous Vehicles | Self-Driving Vehicles Enacted Legislation, https://www.ncsl.org/transportation/autonomous-vehicles</p><p>20 The Current State of Self-Driving Car Regulations in the U.S. - Urban SDK, https://www.urbansdk.com/resources/the-current-state-of-self-driving-car-regulations-in-the-u-s</p><p>21 Autonomous vehicles law and regulation in California, United States - CMS, https://cms.law/en/int/expert-guides/cms-expert-guide-to-autonomous-vehicles-avs/california-united-united-united</p><p>22 Title 13, Division 1, Chapter 1 Article 3.7 &#8211; Testing of Autonomous Vehicles &#167; 227.00. Purpose. (a) The regulations in this a - California DMV, https://www.dmv.ca.gov/portal/uploads/2020/06/Adopted-Regulatory-Text-2019.pdf</p><p>23 California&#8217;s Autonomous Vehicle Noncompliance Notices: A Defense Strategy Guide for Manufacturers - Bulldog Law, https://www.thebulldog.law/california-s-autonomous-vehicle-noncompliance-notices</p><p>24 Automated vehicles - Law Commission, https://lawcom.gov.uk/project/automated-vehicles/</p><p>25 Automated and Electric Vehicles Act 2018 - Legislation.gov.uk, https://www.legislation.gov.uk/ukpga/2018/18</p><p>26 New German Product Liability Regime: Broader Scope, Potentially Higher Exposure, https://www.gtlaw.com/en/insights/2026/1/new-german-product-liability-regime-broader-scope-potentially-higher-exposure</p><p>27 Liability for defective products - European Commission, https://single-market-economy.ec.europa.eu/single-market/goods/free-movement-sectors/liability-defective-products_en</p><p>28 Navigating product liability in high-security sectors: Addressing AI ..., https://www.whitecase.com/insight-alert/navigating-product-liability-high-security-sectors-addressing-ai-driven-risks-under</p><p>29 Germany: Update On Product Liability Law | A&amp;O Shearman - JDSupra, https://www.jdsupra.com/legalnews/germany-update-on-product-liability-law-8120247/</p><p>30 Legal framework for automated and autonomous driving and teledriving in the EU and Germany - Taylor Wessing, https://www.taylorwessing.com/en/insights-and-events/insights/2026/02/legal-frameworks-for-autonomous-driving-and-teledriving</p><p>31 Regulations for Autonomous Vehicles: Where Do Countries Stand in 2024-2030? (Global Policy Trends) | PatentPC, https://patentpc.com/blog/regulations-for-autonomous-vehicles-where-do-countries-stand-in-2024-2030-global-policy-trends</p><p>32 Expert Guide: Autonomous Vehicles Law &amp; Regulation in China, https://cms.law/en/int/expert-guides/cms-expert-guide-to-autonomous-vehicles-avs/china</p><p>33 Amendment to the Road Traffic Act for L4 automated driving National Police Agency of Japan - UNECE Wiki, https://wiki.unece.org/download/attachments/351698946/WP.1%20IWG-SUAT-12-02%20%28J%29%20Amendment%20to%20the%20Road%20Traffic%20Act%20for%20Lv4%20AD%20%28NPAofJP%29.pdf?api=v2</p><p>34 2025 Global Guide to Autonomous Vehicles, https://www.city-yuwa.com/wp/wp-content/uploads/2025/05/2025-Global-Guide-to-Autonomous-Vehicles-Japan-Chapter-.pdf</p><p>35 Recent trends in regulations on autonomous vehicles in Korea, https://www.ibanet.org/article/19FCDD11-A0B1-41F1-97AB-F32E144311F8</p><p>36 act on the promotion of and support for commercialization of autonomous vehicles - Statutes of the Republic of Korea, https://elaw.klri.re.kr/eng_service/lawViewContent.do?hseq=69828</p><p>37 COMPULSORY MOTOR VEHICLE LIABILITY SECURITY ACT, https://elaw.klri.re.kr/eng_service/lawView.do?hseq=70198&amp;lang=ENG</p><p>38 2024&#8211;27 National Connected and Automated Vehicle (CAV) Action ..., https://www.infrastructure.gov.au/sites/default/files/documents/2024-27-national-connected-and-automated-vehicle-action-plan.pdf?</p><p>39 In-service safety for automated vehicles - National Transport Commission, https://www.ntc.gov.au/sites/default/files/assets/files/NTC-Decision-RIS-In-service-safety-for-AVs.pdf</p><p>40 National Transport Commission, General Safety Duty for Automated Vehicles - Decision Regulation Impact Statement, https://www.ntc.gov.au/transport-reform/automated-vehicle-program</p><p>41 Automated Vehicles Work Programme - Ministry of Transport New Zealand, https://www.transport.govt.nz/area-of-interest/technology-and-innovation/autonomous-vehicles-work-programme</p><p>42 Study on Standardization of Data Retrieval Tools for DSSAD based on SAE J1698 - The Korean Society of Automotive Engineers, http://journal.ksae.org/_common/do.php?a=full&amp;b=22&amp;bidx=4273&amp;aidx=47352</p><p>43 Allianz Motor Day 2025: Hands Off &#8211; The Safety Promise of Autonomous Driving, https://www.allianz.com/content/dam/onemarketing/azcom/Allianz_com/press/document/motor-day-2025-report-hands-off-safety-promise-autonomous-driving.pdf</p><p>44 NHTSA Standing General Order on Crash Reporting, https://www.nhtsa.gov/laws-regulations/standing-general-order-crash-reporting</p><p>45 California DMV, New Autonomous Vehicle Regulations Strengthen Oversight and Enforcement (28 April 2026), https://www.dmv.ca.gov/portal/news-and-media/new-autonomous-vehicle-regulations-strengthen-oversight-and-enforcement-authorize-trucks-and-transit/</p><p>46 Benavides v Tesla Inc, Case No. 1:2021cv21940 (SD Fla), Post-Trial Order (Judge Beth Bloom), https://law.justia.com/cases/federal/district-courts/florida/flsdce/1%3A2021cv21940/593426/612/</p><p>47 Office of Future Transport Technology - Automated Vehicles, Australian Government, https://www.infrastructure.gov.au/infrastructure-transport-vehicles/transport-strategy-policy/office-future-transport-technology/automated-vehicles</p><p>48 Seoul Economic Daily, Korea Launches Task Force on Autonomous Vehicle Accident Liability (7 April 2026), https://en.sedaily.com/finance/2026/04/07/korea-launches-task-force-on-autonomous-vehicle-accident</p><p>49 Los Angeles Times, California can ticket robotaxis that violate traffic laws (1 May 2026), https://www.latimes.com/california/story/2026-05-01/california-can-ticket-robotaxis-that-violate-traffic-laws-heres-how</p><p>50 Waymo, New Swiss Re study: Waymo is safer than even the most advanced human-driven vehicles (December 2024), https://waymo.com/blog/2024/12/new-swiss-re-study-w</p>]]></content:encoded></item><item><title><![CDATA[The Quiet Architecture of Sanctions]]></title><description><![CDATA[Economic Fury and the Private Execution Layer of OFAC Enforcement]]></description><link>https://www.codeontrial.ai/p/the-quiet-architecture-of-sanctions</link><guid isPermaLink="false">https://www.codeontrial.ai/p/the-quiet-architecture-of-sanctions</guid><dc:creator><![CDATA[Nick Rowles-Davies]]></dc:creator><pubDate>Thu, 30 Apr 2026 04:01:12 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!k8T-!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbff96c05-07c1-47cf-bd60-874a4a74f6ee_1200x1200.jpeg" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!k8T-!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbff96c05-07c1-47cf-bd60-874a4a74f6ee_1200x1200.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!k8T-!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbff96c05-07c1-47cf-bd60-874a4a74f6ee_1200x1200.jpeg 424w, https://substackcdn.com/image/fetch/$s_!k8T-!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbff96c05-07c1-47cf-bd60-874a4a74f6ee_1200x1200.jpeg 848w, https://substackcdn.com/image/fetch/$s_!k8T-!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbff96c05-07c1-47cf-bd60-874a4a74f6ee_1200x1200.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!k8T-!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbff96c05-07c1-47cf-bd60-874a4a74f6ee_1200x1200.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!k8T-!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbff96c05-07c1-47cf-bd60-874a4a74f6ee_1200x1200.jpeg" width="1200" height="1200" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/bff96c05-07c1-47cf-bd60-874a4a74f6ee_1200x1200.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1200,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:117282,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.codeontrial.ai/i/195856964?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbff96c05-07c1-47cf-bd60-874a4a74f6ee_1200x1200.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!k8T-!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbff96c05-07c1-47cf-bd60-874a4a74f6ee_1200x1200.jpeg 424w, https://substackcdn.com/image/fetch/$s_!k8T-!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbff96c05-07c1-47cf-bd60-874a4a74f6ee_1200x1200.jpeg 848w, https://substackcdn.com/image/fetch/$s_!k8T-!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbff96c05-07c1-47cf-bd60-874a4a74f6ee_1200x1200.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!k8T-!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbff96c05-07c1-47cf-bd60-874a4a74f6ee_1200x1200.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>On 23 April 2026 Tether froze $344 million USD&#8366; across two TRON addresses in coordination with OFAC and US law enforcement.<a class="footnote-anchor" data-component-name="FootnoteAnchorToDOM" id="footnote-anchor-1" href="#footnote-1" target="_self">1</a> The following day OFAC updated Bank Markazi&#8217;s SDN List entry by adding two TRX digital currency addresses, with linkages to the IRGC-Qods Force and Hizballah.<a class="footnote-anchor" data-component-name="FootnoteAnchorToDOM" id="footnote-anchor-2" href="#footnote-2" target="_self">2</a> Treasury Secretary Scott Bessent framed the wider sanctions campaign as part of Economic Fury.<a class="footnote-anchor" data-component-name="FootnoteAnchorToDOM" id="footnote-anchor-3" href="#footnote-3" target="_self">3</a></p><p><em>From Citibank to TRON: the architectural shift</em></p><p>The $1.75 billion seizure underlying Bank Markazi v Peterson depended on assets held in a New York bank account, a statute, 22 U.S.C. section 8772, that identified the relevant enforcement proceeding and judicial enforcement under the Foreign Sovereign Immunities Act. The 2026 action depended on none of these. Tether International has redomiciled from the British Virgin Islands to El Salvador and now operates as Tether International, S.A. de C.V.; its token terms nevertheless continue to use BVI governing law.<a class="footnote-anchor" data-component-name="FootnoteAnchorToDOM" id="footnote-anchor-4" href="#footnote-4" target="_self">4</a> The frozen assets were USDT tokens on the TRON blockchain. The freeze occurred before judicial review, before OFAC&#8217;s public SDN List update the following day and before any constructive trust or judgment was imposed.</p><p>This is a different legal architecture from anything the US has previously deployed against Bank Markazi. In Peterson, Justice Ginsburg&#8217;s majority opinion (6-2, Roberts CJ and Sotomayor J dissenting) held that Congress had not invaded the judicial power by directing the disposition of specific assets in pending litigation.<a class="footnote-anchor" data-component-name="FootnoteAnchorToDOM" id="footnote-anchor-5" href="#footnote-5" target="_self">5</a> The dissent warned that the legislative branch had effectively decided a particular case. The 2026 mechanism does not even reach those waters. There is no statute directing courts. There is no judgment. There is a private issuer freezing tokens in coordination with OFAC and US law enforcement.</p><p><em>The GENIUS Act formalises the issuer-freeze model</em></p><p>The 10 April 2026 FinCEN-OFAC joint Notice of Proposed Rulemaking, issued under the GENIUS Act (S.1582, 119th Congress), would require every permitted payment stablecoin issuer to maintain technical capability to block, freeze and reject impermissible transactions, including transactions occurring on secondary markets via smart contracts.<a class="footnote-anchor" data-component-name="FootnoteAnchorToDOM" id="footnote-anchor-6" href="#footnote-6" target="_self">6</a> The proposed rule treats issuers as financial institutions under the Bank Secrecy Act, mandates risk assessments, internal controls, training and audit, and obliges issuers to comply with lawful orders. Comments close on 9 June 2026.</p><p>Once finalised, the rule will convert issuer-level freeze capability from a voluntary practice into a condition of operating as a US-permitted payment stablecoin issuer. Issuers of USDC, PYUSD and other payment stablecoins will be subject to that obligation where they operate through a PPSI structure.</p><p><em>The cross-jurisdictional gap</em></p><p>The UK and EU sanctions regimes already apply to cryptoassets. The cross-jurisdictional gap is more specific: neither the UK stablecoin regime nor MiCA yet appears to impose a GENIUS-style issuer-level obligation to maintain native technical capability to block, freeze and reject secondary-market stablecoin transactions through smart-contract control.</p><p>In the UK, FSMA 2023 and the developing FCA/Bank of England regimes focus principally on authorisation, backing assets, redemption, safeguarding, prudential requirements, operational resilience and systemic payment risk. UK sanctions law may still require cryptoassets to be frozen where they are funds or economic resources of a designated person, but that is not the same as requiring every stablecoin issuer to maintain smart-contract-level blocking infrastructure.<a class="footnote-anchor" data-component-name="FootnoteAnchorToDOM" id="footnote-anchor-7" href="#footnote-7" target="_self">7</a></p><p>In the EU, MiCA imposes authorisation, reserve, redemption, governance and disclosure obligations on asset-referenced tokens and e-money tokens. Sanctions enforcement continues to operate through EU asset-freeze regulations and Member State enforcement structures. There is no MiCA equivalent of the GENIUS Act&#8217;s PPSI-level technical freeze capability.<a class="footnote-anchor" data-component-name="FootnoteAnchorToDOM" id="footnote-anchor-8" href="#footnote-8" target="_self">8</a></p><p>The result is that, for a period, US regulation reaches more directly into the issuer-level technical architecture of stablecoin control than the equivalent UK or EU stablecoin regimes do. For Iranian, Russian and other sanctioned counterparties, the practical implication is that USDT and USDC are exposed to Treasury-driven issuer action in a way that GBP or EUR denominated stablecoins issued solely under UK or EU regimes may not be.</p><p><em>Forward implication</em></p><p>The Bank Markazi action will be cited and copied. It is a clean operational precedent for OFAC: identify wallets, coordinate with the issuer, freeze the tokens and then add the addresses publicly to the SDN entry. Practitioners advising sanctioned counterparties, or counterparties exposed to sanctions risk, should assume that stablecoin balances issued by entities with native freeze functionality and material US sanctions exposure may be frozen at issuer level before any judicial process. For US-permitted payment stablecoin issuers, the proposed GENIUS Act rule would turn that capability into a regulatory condition of issuance.</p><p>The Bank Markazi v Peterson architecture has not been overturned. It has been bypassed.</p><p></p><div class="footnote" data-component-name="FootnoteToDOM"><a id="footnote-1" href="#footnote-anchor-1" class="footnote-number" contenteditable="false" target="_self">1</a><div class="footnote-content"><p>Tether press release, &#8220;Tether Supports Freeze of More Than $344 Million in USD&#8366; in Coordination with OFAC and U.S. Law Enforcement&#8221;, 23 April 2026.</p></div></div><div class="footnote" data-component-name="FootnoteToDOM"><a id="footnote-2" href="#footnote-anchor-2" class="footnote-number" contenteditable="false" target="_self">2</a><div class="footnote-content"><p>OFAC, &#8220;Iran-related Designations; Counter Terrorism and Iran-related Designation Update; Issuance of Iran-related General License&#8221;, Recent Actions, 24 April 2026.</p></div></div><div class="footnote" data-component-name="FootnoteToDOM"><a id="footnote-3" href="#footnote-anchor-3" class="footnote-number" contenteditable="false" target="_self">3</a><div class="footnote-content"><p>U.S. Department of the Treasury, &#8220;Economic Fury Targets Global Network Fueling Iran&#8217;s Oil Trade and Shadow Fleet&#8221;, 24 April 2026.</p></div></div><div class="footnote" data-component-name="FootnoteToDOM"><a id="footnote-4" href="#footnote-anchor-4" class="footnote-number" contenteditable="false" target="_self">4</a><div class="footnote-content"><p>Tether, Legal Terms, noting that Tether International Limited has redomiciled from the British Virgin Islands to El Salvador and is now Tether International, S.A. de C.V.; Tether website terms, governing law clause.</p></div></div><div class="footnote" data-component-name="FootnoteToDOM"><a id="footnote-5" href="#footnote-anchor-5" class="footnote-number" contenteditable="false" target="_self">5</a><div class="footnote-content"><p>Bank Markazi v Peterson, 578 U.S. 212 (2016), argued 13 January 2016, decided 20 April 2016.</p></div></div><div class="footnote" data-component-name="FootnoteToDOM"><a id="footnote-6" href="#footnote-anchor-6" class="footnote-number" contenteditable="false" target="_self">6</a><div class="footnote-content"><p>FinCEN and OFAC, &#8220;Permitted Payment Stablecoin Issuer Anti-Money Laundering/Countering the Financing of Terrorism Program and Sanctions Compliance Program Requirements&#8221;, 91 Fed. Reg. 18582, 10 April 2026.</p></div></div><div class="footnote" data-component-name="FootnoteToDOM"><a id="footnote-7" href="#footnote-anchor-7" class="footnote-number" contenteditable="false" target="_self">7</a><div class="footnote-content"><p>Office of Financial Sanctions Implementation, HM Treasury, &#8220;Financial Sanctions Guidance: Cryptoassets&#8221;, confirming that cryptoassets fall within the definitions of funds and economic resources for UK financial sanctions purposes.</p></div></div><div class="footnote" data-component-name="FootnoteToDOM"><a id="footnote-8" href="#footnote-anchor-8" class="footnote-number" contenteditable="false" target="_self">8</a><div class="footnote-content"><p>Regulation (EU) 2023/1114 of the European Parliament and of the Council of 31 May 2023 on markets in crypto-assets (MiCA), OJ L 150/40, 9 June 2023; European Banking Authority, regulatory technical standards and guidelines on asset-referenced tokens and e-money tokens issued under MiCAR.</p></div></div>]]></content:encoded></item></channel></rss>