By: Natalie Johnson
Boards do not typically realize their legal playbook needs updating until a new technology has already been deployed and the exposure is live. The instinct to adopt AI and emerging technology for cost reduction and operational efficiency is sound. The problem is that deployment without structured diligence creates liability that can outweigh every efficiency gain the technology was meant to deliver.
Peter Steckelman, an entertainment and sports legal executive, has spent his career advising boards and executives on the gap between the promise of new technology and the legal and regulatory consequences of deploying it without adequate process. “It’s not that the playbook is broken,” Steckelman reflects. “It needs to evolve. And that evolution has to include diligence, tabletop exercises, and best-and-worst-case scenario analysis, the same corporate rigor a board would apply to any significant business decision.”
Diligence Before Deployment, Not After
The risks boards most commonly overlook in emerging technology are those that appear to be operational rather than legal. Data leaks, inadvertent sharing outside technical parameters, and regulatory contravention in certain jurisdictions surface as IT problems until a regulator arrives, and then become board-level liability. The operational success of the technology becomes irrelevant when the cost of the cleanup exceeds the benefit it delivers.
Steckelman’s position is that legal diligence on technology adoption should mirror the diligence applied to any material business decision. Risk culture, scenario modeling, and game theory are not abstract exercises. They are the structured process that allows a board to demonstrate, when challenged, that deployment was a considered decision rather than an unchecked one. A board that can show exactly what it reviewed, what risks it identified, and what mitigation it put in place before going live is in a fundamentally different position than one that cannot. The difference shows up most clearly when a regulator comes asking.
Clarity Through Transparency on Biometric and Fan Data
As venues and platforms collect biometric and performance data on athletes and fans at scale, the boards sitting inside those ecosystems face a specific and growing legal exposure. The temptation to interpret a broad disclosure buried in a ticket purchase as sufficient consent for expansive data use is a reputational and legal trap. “Clarity through transparency” is the standard Steckelman applies, and it is more demanding than most boards currently meet.
“The worst thing you can do is keep it secret,” Steckelman states. “When your image becomes part of a fan experience for a third-party product you have no connection to, and you didn’t know anything about it, that’s when the reputational harm problem arrives.” Boards need to make explicit to fans and athletes what data is being collected, how it will be used, who will receive it, and what opt-in and opt-out mechanisms exist. That transparency is not just an ethical standard. It is the legal protection that keeps a data monetization strategy from becoming a liability that damages the brand it was meant to serve.
Reducing Board Liability Requires More Than Updated Terms
When legal frameworks lag behind technology, boards face a genuine liability question, and the answer is not to wait for the frameworks to catch up. Liability for acting is technically present whenever new technology is deployed in a regulatory grey area. What determines the board’s actual exposure is the quality of the good-faith effort made before deployment.
Updating the terms of service by changing one word and adjusting the date does not constitute due diligence. Steckelman looks for specifics about what changed between the old and new versions, why it changed, and what documented communication was provided to stakeholders, business partners, fans, and audiences about what the technology does and what their rights are.
When a board can walk a regulator through six concrete actions taken before deployment, two things happen. The regulator’s inquiry changes character, and the board’s exposure narrows significantly. “The liability for acting has to be analyzed case by case,” Steckelman notes. “But it can be significantly mitigated by demonstrating that diligence, by showing the good faith efforts that we took care of and communicated.” That is what responsible board governance of emerging technology actually looks like in practice.
Follow Peter Steckelman on LinkedIn for more insights on board-level legal strategy, emerging technology risk, and building the governance frameworks that protect organizations when regulatory expectations shift.
Disclaimer: The content in this article is provided for general knowledge. It does not constitute legal advice, and readers should seek advice from qualified legal professionals regarding particular cases or situations.
