Why AI regulation should focus on data quality and liability rules