Addressing Legal Aspects of AI and SAP Solutions

Objective

After completing this lesson, you will be able to address frequently asked questions regarding legal aspects of AI and SAP Solutions

AI Ethics

SAP Business AI follows our core message: Relevant, Reliable and Responsible.

In this section we will cover the Responsible portion of SAP’s core message and focus on AI Ethics, Legal and Security topics.

The image is a slide titled Every AI system we build needs to... and lists three key requirements for building AI systems. The slide lists ethical principles and values, laws and regulations, and technical robustness as needs for an AI system.

Every AI system that we create at SAP must be based on ethical principles and values. We have moved from our own AI principles to follow UNESCO’s recommendation on the ethics of AI. These principles are very similar to the original SAP’s focus, but now follow a global standard for the peace of mind for our customers.

When building AI solutions, we must also respect applicable laws and regulations including the EU AI Act or similar laws in other regions and countries as they become available. Finally, we must ensure state of the art technical robustness from a data security perspective.

These three principles define guardrails for what we do:

  • Ethical principles
  • Respecting laws and regulations and
  • Maintaining state of the art technical security

These principles guide and define our SAP Global AI Ethics policy which is mandatory for everyone at SAP that is building or involved in the creation of AI systems and solutions. An SAP AI Ethics Steering Committee also assists in deciding if use cases can be built or if potential solutions are not within our guidelines.

We also leverage external guidance in how we operate AI with an AI Ethics Advisory Panel consisting of sophisticated experts in the field who review our practices on an annual basis to ensure we are leading the way safely and securely.

SAP’s Guiding Principles for Ethical AI and Global AI Ethics Policy are available here and regularly updated in addition to the SAP AI Ethics handbook for applying SAP’s Global AI Ethics Policy.

The image lists six key areas, which are described next, each represented by an icon and a label

So, what are the areas covered under Responsible AI? It includes:

  • Human Agency and Oversight
  • Privacy and Data Governance
  • Fairness and Non-Discrimination
  • Technical Robustness and Safety
  • Transparency and Explainability
  • And Society and Environment

But what areas of Responsible AI are represented in SAP’s AI Ethics Policy?

  • Human Agency & Oversight: Safeguarding Human autonomy, particularly for automated decision-making. This also ties into ensuring that users can understand and influence what AI is doing.
  • Fairness and Non-Discrimination: Patterns of marginalization, inequality, and discrimination must not be encoded into AI. We must also ensure that bias is removed from our AI outcomes.
  • Transparency and Explainability: Prioritizing both the transparency of the development process and an AI’s decision.

Each of these policies is extremely important in ensuring that SAP remains responsible with our AI solutions.

Additionally, a detailed AI Risk Assessment and Classification process has been created. Using this process when new AI use cases are created, an Impact Assessment form must be completed. This assists SAP in ensuring that no use cases affect personal freedom, negatively affect society, or the environment. If any of these conditions (and others) cause a "Red Line" use case, the solution cannot be created as specified in the AI Ethics Policy.

Additional criteria have been defined such as:

  • If the use case is processing personal data
  • If the use case is processing sensitive personal data
  • If the use case has the potential to negatively impact individuals
  • If the use case contains automated decision making
  • If the use case is in the high-risk sector

If the use case meets two or more of these criteria, it is defined as a "high-risk" use case and an Ethics Policy Self-Assessment must be created and presented to the SAP AI Ethics Steering Committee for additional assessment on the risk and potential mitigation. If less than two of the criteria affect the use case, the use case is defined as a standard use case and the Ethics Policy and only an Ethics Policy Self-Assessment is documented.

For additional details on AI ethics at SAP in addition to the resources linked above, please see the Putting AI Ethics into Practice at SAPlearning journey.

AI Legal

In addition to AI ethics, there are also AI legal checks and balances to ensure that SAP runs AI responsibly.

A document outlining the criticality of SAP AI Terms with bullet points highlighting their governance, safeguarding measures, and non-negotiable nature. A smiling businesswoman in a professional setting is juxtaposed on the right, suggesting trust and compliance.

SAP’s AI Terms are a core component of the legal aspects of SAP Business AI. The AI Terms dictate that customers must accept the terms to use SAP Business AI and safeguard both SAP and our customers to ensure that SAP AI is used legally and responsibly. SAP AI Terms are non-negotiable but can be discussed and clarified with customers as needed.

The image displays four summaries of SAP's contractual documents related to AI. Each summary highlights where the document is referenced, key features, and its applicability. The documents aim to inform customers about SAP's terms of service regarding AI technologies, particularly generative AI and the SAP AI Unit model.

There are four contractual documents as part of the overall AI Terms:

What are SAP AI Terms:

  • The SAP AI Terms outline the terms and conditions governing the use of SAP’s AI technologies. The AI Terms cover legal topics such as prohibited use, regulatory compliance, indemnity, output accuracy, and terms that SAP is required to pass to its customers from its third-party LLM providers.
  • The AI Terms are a part of the customer’s "Agreement". All rights and obligations under the rest of the Agreement (e.g. DPA, GTC) apply to the AI Technology.
  • The SAP AI Terms apply when the customer uses an artificial intelligence feature in an SAP Cloud Service e.g., AI Services on the AI Services List, Joule, Just Ask, GenAI Hub, CX AI Toolkit or embedded use cases.
  • Where AI features are introduced into a Cloud Service or otherwise commercialized, the SAP AI Terms need to be in place, except in limited, embedded use cases where a risk evaluation is conducted (such as in Concur).

SAP AI Third-Party Pass-Through Terms:

  • Are referenced in the AI Terms.
  • Are pass-through terms from our LLM partners.
  • Are posted on the Agreements page.
  • Can be updated by SAP.

SAP AI Services and AI Unit Supplemental:

  • Think of this document as the Rosetta Stone that helps you understand the definitions to AI specific terms such as "What is an Eligible AI Service" or "What is a Capacity Unit" or "What is a Per-Unit Factor".
  • Applies to SAP AI Units.
  • Captures the nuances of the SAP AI Unit model.
  • Once AI Unit model is automated (~6 months), language will be moved to the order form
  • SAP AI Terms and AI Service List linked in supplement.

SAP AI Services List

  • Living list of "AI Services" that customers can choose to use their SAP AI Units on
  • Temporary approach until AI Unit is model automated, after which the list will appear in SAP4Me similar to BTPEA

Log in to track your progress & complete quizzes

Learning

SAP FacebookSAP YoutubeSAP LinkedIn