Artificial intelligence (AI) is transforming the way companies develop, deploy, and license technology. But with that transformation comes new intellectual property (IP) challenges that extend far beyond traditional software licensing. Issues around ownership of AI-generated outputs, use of training data, liability for infringement, and confidentiality must be carefully addressed in contracts to avoid costly disputes.
As regulators from Brussels to Washington expand oversight, and as investors increasingly demand IP and data security diligence in AI-heavy businesses, contracts are becoming the frontline defense for companies seeking to harness AI without jeopardizing IP assets. AI licensing is not just “software-plus” but a distinct risk class.
Recent lawsuits—such as Getty Images v. Stability AI—demonstrate how unclear licensing terms can expose businesses to litigation and regulatory risk. Below are the critical considerations that companies and their counsel should address when negotiating AI-related agreements.
Ownership of AI-Generated Improvements
AI models evolve through use, often creating fine-tuned versions informed by proprietary data. Without clear ownership provisions, vendors may attempt to reuse improvements or claim rights over refinements. In an area of unsettled or developing law, adding certainty to your agreements and relationships can help protect your IP rights and lower costs to defend unauthorized use.
Real-World Example: Amazon Web Services (AWS) allows customers to train models on its infrastructure but typically reserves broad rights to “service improvements”—potentially enabling AWS to indirectly benefit from customer fine-tuning. This underscores the importance of clearly defining who owns model refinements.
Key Strategies:
- Define “improvements” comprehensively to cover fine-tuning, prompt engineering, derivative datasets, and model outputs, while carving out standard vendor-side service updates.
- Draw a distinction between general service enhancements and customer-specific refinements, ensuring that refinements trained on your proprietary data remain your property.
- Negotiate usage restrictions so that your refinements cannot be repurposed in vendor offerings, even in anonymized or aggregated form.
- Require disclosure obligations from vendors regarding how your data has influenced improvements.
- Secure rights to audit vendor systems to verify compliance with ownership and usage restrictions.
Sample Clause: “Improvements include modifications, enhancements, fine-tuned models, and derivative works derived from the Licensed Technology. All Improvements trained on Licensee Data shall be owned exclusively by Licensee and shall not be used for other customers.”
Joint Development & Model Training
Collaborations involving data sharing or joint engineering teams can create uncertainty over ownership and usage rights. If not properly structured, joint development can inadvertently give competitors leverage.
Real-World Example: The Google DeepMind–National Health Service partnership faced controversy due to unclear data sharing and ethical boundaries in developing an AI diagnostic tool.
Key Strategies:
- Clarify ownership up front by spelling out whether resulting models are jointly owned, separately owned, or subject to a licensing arrangement.
- Use field-of-use restrictions so that even if joint models are shared, competitors cannot apply them in sensitive markets.
- Specify governance mechanisms (e.g., joint steering committees, regular reporting) to monitor contributions and outputs.
- Include data-use firewalls to ensure that shared data cannot be transferred to unrelated projects.
- Require survivability of rights (to use or access the jointly developed model) upon termination.
Sample Clause: “Each Party shall retain ownership of its data contributions but grants the other a royalty-free, non-exclusive license solely to train the jointly developed model for use within the agreed field.”
Training Data & Output Rights
The value of AI depends on high-quality data. Without contractual safeguards, your proprietary data could train competitors’ models or be retained beyond the relationship.
Real-World Example: Zoom’s 2023 update to its terms of service allowed AI model training on customer interactions, prompting backlash and a fast policy reversal.
Key Strategies:
- Define “data” clearly to include raw data, metadata, embeddings, synthetic data, and derivative datasets.
- Impose clear retention and deletion rules—including backups, caches, and shadow copies.
- Limit vendor’s right to generate synthetic data from your datasets unless expressly authorized.
- Include monitoring obligations requiring vendors to certify that your data isn’t used in broader training pipelines.
- Specify audit logs and reporting for data usage and access.
- Consider escrow of fine-tuned models to preserve access in case the vendor discontinues service.
Sample Clause: “Licensee Data shall be used solely to provide Services to Licensee and shall not be used for training or refining models deployed for third parties.”
Indemnity & Risk Allocation
AI systems can inadvertently infringe third-party IP, creating legal exposure for licensees. Contracts must clearly allocate risk.
Real-World Example: The Getty Images v. Stability AI suit, in which Stability was accused of scraping millions of copyrighted images for training data, shows how customer reliance on vendors’ compliance can create legal exposure.
Key Strategies:
- Scope indemnity broadly by covering not just IP infringement, but also data privacy violations, algorithmic bias claims, and regulatory penalties.
- Carve out exceptions for licensee-provided infringing data, but limit them narrowly.
- Require ongoing compliance representations (e.g., vendor confirms training data was lawfully acquired and used).
- Tie indemnity to performance obligations (e.g., prompt defense, cooperation, choice of counsel).
- Require minimum insurance coverage amounts for cyber liability and AI-specific risks, with the licensee named as an additional insured.
Sample Clause: “Licensor shall indemnify and defend Licensee against claims arising from AI-generated outputs or training processes that infringe third-party IP rights.”
Confidentiality & Data Security
AI models risk memorizing and leaking sensitive data. Businesses must address these risks directly.
Real-World Example: Samsung engineers accidentally leaked proprietary code into ChatGPT, which could later be retrieved by queries due to memorization.
Key Strategies:
- Mandate encryption in transit and at rest, secure enclaves, and differential privacy where feasible.
- Address inadvertent memorization risks by requiring testing and red-teaming to confirm confidential data is not embedded in weights.
- Include “data localization” or “on-premises only” restrictions for sensitive sectors such as healthcare or finance.
- Require incident response commitments, including notification within a defined period if data leakage or memorization is detected.
- Prohibit subcontracting or offshore processing without written consent.
- Include certification of destruction, with penalties for noncompliance, in post-termination obligations.
Sample Clause: “Confidential Information shall not persist in model weights or logs post-termination and shall be deleted and certified within 30 days.”
Final Recommendations
AI licensing agreements require a different approach than traditional software contracts. Businesses and their respective legal teams should:
- Update contract templates with AI-specific provisions: Traditional software templates don’t contemplate issues like training data usage, AI-generated improvements, or liability for biased or infringing outputs. Incorporating AI-specific definitions, ownership provisions, indemnities, and deletion requirements at the template stage saves time and reduces negotiation gaps.
- Negotiate data ownership and output rights before vendors access sensitive data: Once a vendor has trained on your data, it’s difficult (and sometimes impossible) to claw back rights or confirm deletion. Addressing ownership of refinements, derivative datasets, embeddings, and outputs before engagement ensures control and avoids disputes down the line.
- Align agreements with emerging regulations, including the EU AI Act and U.S. FTC guidance: AI regulation is fast-moving and jurisdiction-specific. Contracts should require vendors to comply with applicable laws, provide ongoing certifications of compliance, and notify you of regulatory inquiries. This proactive approach reduces exposure to fines or enforcement actions.
- Consider provisions around transparency, ethics, and algorithmic accountability for high-risk applications: For sectors such as healthcare, finance, and employment, regulators are increasingly focused on explainability and fairness. Agreements should require vendors to provide documentation of training data provenance, bias testing results, and model performance metrics, as well as cooperation during audits or regulatory reviews.
- Implement audit and monitoring rights: Because AI systems are dynamic, a “set-and-forget” contract is not enough. Build in rights to audit data use, review model refinements, and monitor compliance on an ongoing basis. This ensures contractual promises translate into operational safeguards.
- Establish clear exit and transition provisions: Vendor lock-in is a major risk in AI deals. Agreements should include obligations to return or delete data, provide transition assistance, and (where appropriate) escrow trained models to ensure business continuity if the relationship ends.
In conclusion, AI regulation will converge with ESG and responsible AI frameworks. Expect cross-border complexity where models trained in one jurisdiction create obligations in another. Investors and acquirers increasingly demand AI-specific representations and warranties during due diligence.
Engaging counsel experienced in both IP law and AI regulation is critical to structuring agreements that protect innovation, manage risk, and ensure compliance. Without these safeguards, companies risk costly disputes, regulatory penalties, and the unintended loss of valuable intellectual property.
[View source.]
