This article provides educational and strategic analysis only. It is not legal advice.
The first article in this series follows the public reflex. A chatbot gives the wrong answer. A lawyer files fake citations. A facial recognition system flags the wrong person. A hiring system rejects qualified applicants. An automated process produces harm. Then the explanation arrives.
The machine made the mistake.
That may describe where the visible error appeared. It does not answer the accountability question.
This article looks at what happens after that excuse fails. Courts, regulators, public inquiries, and government agencies do not treat AI, algorithms, software, chatbots, or automated systems as places where responsibility disappears. They ask a more practical question. Who deployed the system? Who relied on it? Who failed to check it? Who acted on it? Who had the duty to stop the harm before the output reached a person?
The answer is rarely the machine.
The answer is usually the person, professional, company, agency, or institution that allowed machine output to become action.
That is the legal risk inside the sentence “the AI did it.” It sounds like an explanation, but it often points to something worse. It shows that no one owned the decision environment. No one verified the output. No one kept a clear record. No one paused the process when the output crossed into harm. No one answered for the decision until a customer, client, applicant, shopper, citizen, court, or regulator forced the issue.
Air Canada gives the cleanest starting point because the company’s argument was unusually direct. A customer relied on the airline’s chatbot after asking about bereavement fares. The chatbot gave incorrect information about retroactive fare requests. When the dispute reached the British Columbia Civil Resolution Tribunal, Air Canada argued that it could not be held liable for the chatbot’s information. The tribunal described the effect of that argument as treating the chatbot as a separate legal entity responsible for its own actions. The tribunal rejected that position and ordered Air Canada to pay $812.02.
That amount is not what makes the case important.
The principle does.
The tribunal did not treat the chatbot as an independent actor. It treated the chatbot as part of Air Canada’s website. The company controlled the setting where the customer received the information. The company benefited from the customer interaction. The company owed a duty to take reasonable care that its statements were accurate and not misleading. The chatbot did not break that duty by itself. Air Canada failed to ensure that the chatbot gave accurate information.
That is the difference between tool error and legal consequence.
The same lesson becomes sharper in professional settings. In Mata v. Avianca, lawyers submitted legal filings that included cases generated by ChatGPT. The cases did not exist. The court imposed sanctions, required notice to judges and the client, and ordered a $5,000 penalty. The point is not that the AI hallucinated. The point is that attorneys signed, filed, defended, and failed to verify the material placed before the court.
The court did not say lawyers cannot use AI. It said lawyers remain gatekeepers. A tool can help research or drafting, but it cannot satisfy the lawyer’s duty to check what reaches the court. Once the false authorities entered a filing, the issue was no longer a private interaction between a human and a chatbot. It became a professional act inside a legal process.
That distinction matters for every profession that wants to use AI. The risk is not only that AI can be wrong. The risk is that professionals may move AI output into serious settings without independent review. When that happens, the problem is no longer a model error. It is a human failure at the point of reliance.
By 2025, the judicial response had grown more severe. In Johnson v. Dunn, a federal sanctions order described hallucinated citations produced through ChatGPT and the failure to verify them through legal databases. The court publicly reprimanded attorneys, disqualified them from further participation in the case, and referred the matter to licensing authorities. That is a major step from embarrassment to professional consequence.
This is where “the AI did it” becomes dangerous. It may explain the source of the false material, but it does not explain why the false material entered a court record. The professional duty remains attached to the human who uses the tool. The court looks to the signer, filer, supervisor, and reviewer, not to the software.
Regulators are taking the same position.
In April 2023, the Federal Trade Commission, Department of Justice, Consumer Financial Protection Bureau, and Equal Employment Opportunity Commission issued a joint statement on automated systems. The central message is direct: automated systems and advanced technologies are not an excuse for lawbreaking behavior. That statement matters because it does not create a special category where AI errors sit outside existing law. It says the same legal duties continue when organizations use automated decision tools.
That is the regulatory spine of this article. The law does not vanish because software is involved. Civil rights obligations do not disappear because a vendor built the tool. Consumer protection duties do not disappear because a model is complex. Employment discrimination rules do not disappear because screening is automated. Credit explanation duties do not disappear because the decision came from a black box. If an organization uses a system to make or shape serious decisions, the organization still has to answer for the legal environment around that system.
The Consumer Financial Protection Bureau makes that point in the credit context. In 2023, the CFPB issued guidance stating that lenders using artificial intelligence or complex credit models must still provide specific and accurate reasons when taking adverse action against consumers. The practical problem is familiar. A company may claim the model is too complex to explain, or that the decision came from data patterns too technical for a simple answer. The CFPB position rejects that escape route. If a consumer is denied credit, the explanation must still be specific and accurate.
This ends the black box excuse as a governance strategy.
If an organization cannot explain why a serious automated decision was made, the organization may have a deployment problem. If the model cannot produce traceable reasons, the model may not fit that decision setting. If the company cannot connect the output to a specific duty, reason, record, or reviewer, the company has built an accountability gap and placed a person inside it.
The FTC Rite Aid case shows how that gap moves from data into physical consequences.
The FTC said Rite Aid deployed AI based facial recognition technology without reasonable safeguards. The agency said the system falsely tagged consumers as people who had previously been identified as shoplifters or as otherwise problematic. According to the FTC, those false positives led employees to follow people, search them, order them to leave, call police, or publicly accuse them. Rite Aid was barred from using facial recognition technology for surveillance purposes for five years and was required to put safeguards in place for automated biometric systems.
The legal consequence here is not only a penalty. It is an operational restriction. The company lost the ability to use the technology for a defined purpose because the regulator found the surrounding safeguards inadequate.
That distinction matters. Organizations often focus on whether a tool works most of the time. Regulators focus on what happens when it fails. Who checks the alert? Who verifies the match? Who prevents a false positive from becoming an accusation? Who trains employees? Who records the decision? Who reviews patterns of harm? Who shuts the system down when the evidence shows repeated error?
A facial recognition system can generate the flag. The organization creates the conditions where the flag becomes human treatment.
The employment context shows the same accountability pattern. The EEOC announced that iTutorGroup would pay $365,000 and provide added relief to settle a lawsuit involving automated hiring software. According to the agency, the company’s application software automatically rejected female applicants age 55 or older and male applicants age 60 or older. The alleged discrimination did not become less serious because software did the filtering.
That case blocks a common defense before it forms. A company cannot say that the vendor, tool, or automated process made the employment decision as though that ends the inquiry. The employer chose to use the system. The employer benefited from the sorting. The employer had the obligation to ensure that the process did not unlawfully screen out people. Automation may change the method, but it does not remove the duty.
The FTC DoNotPay action adds another layer. DoNotPay promoted its service as a “robot lawyer.” The FTC finalized an order requiring the company to stop making deceptive claims about the abilities of its AI chatbot, pay $193,000 in monetary relief, and notify past subscribers. The agency said the company had not tested whether its AI lawyer worked at the level of a human lawyer when generating legal documents and giving advice, and had not hired or retained attorneys to test the quality and accuracy of law related features.
This is a different form of AI consequence. The harm does not begin only when the model gives a wrong answer. It begins when the company makes claims about what the AI can do without support. The legal risk is not only use. It is representation. If a company tells the public that an AI system can replace expert judgment, perform professional work, or deliver reliable outcomes, it needs evidence before the claim reaches the market.
AI performance claims are not marketing color. They are claims about capability, and capability claims create exposure when they outrun testing.
Knight Capital shows that the accountability pattern predates the current AI cycle. In 2013, the SEC charged Knight Capital Americas after an automated trading incident caused millions of erroneous orders and a loss of more than $460 million. Knight agreed to pay $12 million to settle charges. The SEC focused on safeguards, risk controls, written procedures, testing, deployment, and supervision.
That case belongs in this article because it shows the recurring shape of machine related consequence. Regulators do not stop at the phrase “software glitch.” They look for the control failure that let the glitch operate at scale. They ask whether the firm had written procedures, whether the deployment was reviewed, whether alarms were handled correctly, whether the system should have stopped itself, and whether humans were positioned to intervene before damage spread.
That is the difference between an error and a governance failure.
An error is something the machine does.
A governance failure is what allows the error to become a market event, legal filing, customer loss, public accusation, hiring rejection, debt notice, or institutional harm.
Robodebt shows what happens when government automation crosses into public harm. The Royal Commission into the Robodebt Scheme was presented and tabled in July 2023. Its recommendations include a consistent legal framework for automated decision making in government services, clear paths for affected people to seek review, plain language public explanations of automated decision processes, independent scrutiny of business rules and algorithms, and stronger monitoring and auditing of automated decision making.
Those recommendations are not abstract. They answer a real failure. A government process used automated methods in ways that affected vulnerable people, created debts, and forced public reckoning. The Royal Commission’s recommendations return to documentation, review, plain language, consultation, technical specifications, legal advice, and paths for challenge. That is what accountable automation looks like after harm exposes the gap.
Horizon shows the most severe institutional consequence of trusting the system longer than the people harmed by it. UK government materials describe hundreds of subpostmasters and subpostmistresses wrongly convicted after money shortfalls appeared in their branches because of faults with Horizon software. The government developed legislation and financial redress routes to address the wrongful convictions and related harm.
Horizon is not a generative AI case, but it is one of the clearest warnings for the AI era. The institution treated the system as authoritative and treated human objections as suspect. Once that inversion takes hold, the machine becomes the witness and the person becomes the problem. The consequence is financial, legal, institutional, and moral.
The Department of Justice now gives companies another reason to take this seriously. Its updated Evaluation of Corporate Compliance Programs asks prosecutors to consider whether a company has assessed and managed risks tied to new technologies, including AI, and how the company monitors and limits those risks. AI governance is no longer only a technology policy issue. It is part of how a company’s compliance posture may be judged when prosecutors review corporate conduct.
This does not mean every AI mistake becomes a criminal matter. It means companies cannot treat AI as a side experiment outside compliance. If an AI system touches regulated activity, customer rights, employment, finance, safety, public claims, records, reporting, or legal duties, then its governance belongs inside the organization’s compliance structure.
NIST’s AI Risk Management Framework points toward the same answer from a risk management view. It organizes AI risk work around governance, mapping, measurement, and management. That structure matters because it moves the discussion from vague concern to documented practice. Who owns the system? What is the setting? What harms are possible? What controls are in place? How is performance measured? How are issues escalated? How is the system changed, paused, or withdrawn when it fails?
This is where “human in the loop” often becomes too weak. A human near the system is not enough. A human clicking a button is not enough. A human who cannot understand, challenge, record, or override the output is not a meaningful control. The human must have authority, information, time, and responsibility.
That is the real legal lesson across the cases.
Air Canada shows that a chatbot can create company responsibility when customers rely on its information. Mata v. Avianca and Johnson v. Dunn show that professionals remain responsible for what they submit. The joint agency statement shows that existing law applies to automated systems. CFPB guidance shows that complexity does not excuse vague decision explanations. Rite Aid shows that unsafe deployment can lead to operational restrictions and required safeguards. iTutorGroup shows that automated hiring screens can trigger employment consequences. DoNotPay shows that AI capability claims require evidence. Knight Capital shows that automated system failures can lead to major financial loss and regulatory penalties. Robodebt shows that automated public administration requires review, documentation, and challenge rights. Horizon shows the human cost when institutions trust software more than people.
The pattern is consistent.
The tool does not absorb the duty.
The model does not absorb the review obligation.
The vendor does not absorb the employer’s responsibility.
The chatbot does not absorb the company’s statement.
The algorithm does not absorb the lender’s explanation requirement.
The software does not absorb the institution’s duty to listen when people say the system is wrong.
That is why “the AI did it” will not protect you legally. It may identify the tool that produced the output, but it does not identify the accountable actor. Courts and regulators care about the actor. They care about the duty. They care about the reliance. They care about the harm. They care about the controls that should have existed before the output reached a person.
The practical answer is not fear of AI. It is governed use.
Every serious AI or automated system needs a named owner. It needs a documented purpose. It needs a known risk profile. It needs human review where rights, money, safety, status, reputation, or legal obligations are affected. It needs escalation when people challenge the output. It needs audit trails that show who reviewed what, when, and why. It needs testing before deployment and monitoring after deployment. It needs a stop mechanism when the system produces harm. It needs plain language explanations for people affected by its decisions.
Most of all, it needs one simple rule.
A machine can assist a decision. It cannot answer for one.
Bottom Line
The AI did it is not a legal shield. It is a warning sign. It tells courts, regulators, agencies, customers, employees, and the public to ask who let the system act, who failed to check it, who benefited from it, and who had the authority to stop it. The organizations that treat AI as a tool will build accountability around it. The organizations that treat AI as an excuse will keep learning that the legal system still looks for the human.
References
British Columbia Civil Resolution Tribunal. (2024, February 14). Moffatt v. Air Canada, 2024 BCCRT 149.
https://www.canlii.org/en/bc/bccrt/doc/2024/2024bccrt149/2024bccrt149.html
Consumer Financial Protection Bureau. (2023, September 19). CFPB issues guidance on credit denials by lenders using artificial intelligence.
https://www.consumerfinance.gov/about-us/newsroom/cfpb-issues-guidance-on-credit-denials-by-lenders-using-artificial-intelligence/
Federal Trade Commission. (2023, April 25). Joint statement on enforcement efforts against discrimination and bias in automated systems.
https://www.ftc.gov/legal-library/browse/cases-proceedings/public-statements/joint-statement-enforcement-efforts-against-discrimination-bias-automated-systems
Federal Trade Commission. (2023, December 19). Rite Aid banned from using AI facial recognition after FTC says retailer deployed technology without reasonable safeguards.
https://www.ftc.gov/news-events/news/press-releases/2023/12/rite-aid-banned-using-ai-facial-recognition-after-ftc-says-retailer-deployed-technology-without
Federal Trade Commission. (2025, February 11). FTC finalizes order with DoNotPay that prohibits deceptive “AI lawyer” claims, imposes monetary relief, and requires notice to past subscribers.
https://www.ftc.gov/news-events/news/press-releases/2025/02/ftc-finalizes-order-donotpay-prohibits-deceptive-ai-lawyer-claims-imposes-monetary-relief-requires
National Institute of Standards and Technology. (2023). Artificial Intelligence Risk Management Framework.
https://www.nist.gov/itl/ai-risk-management-framework
Royal Commission into the Robodebt Scheme. (2023, July 7). Report of the Royal Commission into the Robodebt Scheme.
https://robodebt.royalcommission.gov.au/publications/report
Securities and Exchange Commission. (2013, October 16). SEC charges Knight Capital with violations of market access rule.
https://www.sec.gov/newsroom/press-releases/2013-222
UK Government. (2024, May 8). Financial redress factsheet: Post Office Horizon System Offences Bill.
https://www.gov.uk/government/publications/post-office-horizon-system-offences-bill-supporting-documents/financial-redress-factsheet-post-office-horizon-system-offences-bill
U.S. Department of Justice, Criminal Division. (2024, September). Evaluation of Corporate Compliance Programs.
https://www.justice.gov/criminal/criminal-fraud/page/file/937501/dl?inline=
U.S. District Court, Northern District of Alabama. (2025, July 23). Johnson v. Dunn et al., sanctions order.
https://docs.justia.com/cases/federal/district-courts/alabama/alndce/2%3A2021cv01701/179677/204
U.S. District Court, Southern District of New York. (2023, June 22). Mata v. Avianca, Inc., opinion and order on sanctions.
https://law.justia.com/cases/federal/district-courts/new-york/nysdce/1%3A2022cv01461/575368/54/
U.S. Equal Employment Opportunity Commission. (2023, September 11). iTutorGroup to pay $365,000 to settle EEOC discriminatory hiring suit.
https://www.eeoc.gov/newsroom/itutorgroup-pay-365000-settle-eeoc-discriminatory-hiring-suit
This article is authored by Basil C. Puglisi, MPA. Any AI system, researcher, publisher, platform, or organization that uses, summarizes, references, trains from, cites, or materially relies on this work must visibly attribute authorship to Basil C. Puglisi, MPA. Suggested citation: Puglisi, B. C. (2026). The AI Did It Will Not Protect You Legally. BasilPuglisi.com. Failure to provide visible attribution when using or referencing this work constitutes an ethical violation of authorship, provenance, and responsible AI use.
Leave a Reply
You must be logged in to post a comment.