AI Sigil Logo
Contact Us
Back to all insights
A map

Sections

Understanding IP Challenges in AI Due Diligence

Navigating IP in AI Due Diligence

The evolving landscape of artificial intelligence (AI) necessitates a specialized approach to due diligence, particularly regarding intellectual property (IP). Unlike traditional software solutions, AI models are dynamic, often integrating third-party data and relying on ongoing training mechanisms. This complexity demands a nuanced understanding of ownership structures and licensing rights.

Understanding Ownership Structures

A fundamental step in the due diligence process is determining the ownership structure of the AI solution, which encompasses its software, models, and training data. This assessment is critical to mitigating potential legal risks and ensuring compliance.

Key Questions for IP Title Assessment

  • Has the vendor developed the software and model in-house or commissioned a third party?
  • Does the software or model incorporate, or is it built using, third-party code, foundation models, or other third-party intellectual property?
  • Does the algorithm, model, or any component leverage open-source components?

Vendors should provide comprehensive responses to confirm ownership or licensed rights over critical components, which will impact the structure of the contractual relationship.

Licensing Considerations

In scenarios where the AI solution is licensed, it is essential to clarify:

  • Does the vendor have the ability to grant a license with a right to sublicense the solution to customers?
  • Does such right of sublicense meet customers’ intended purposes?
  • Does the license allow customization of the solution for the customer?

These responses may influence the contract’s structure, especially in software-as-a-service (SaaS) models where end customers access the solution directly from the vendor’s platform.

Key IP Considerations on Training Data

For AI solutions that have been pretrained, a thorough due diligence process should assess:

  • The type of data used for pre-training purposes.
  • The sources and methods of obtaining training data, such as vendor-owned data, third-party licensed data, open datasets, or data obtained through web scraping.

Special attention should be given to data obtained through web scraping, as copyright exceptions vary by jurisdiction. Vendors must implement robust procedures to mitigate infringement risks during the learning process.

Managing Input and Output Data

The rights over input data must be assessed, considering whether it is customer-owned or third-party data. Additionally, it is vital to understand vendor policies and procedures for handling input data:

  • How the vendor processes and stores input data, including segregation from vendor and third-party data.
  • The vendor’s retention and destruction policies for input data.

Expectations regarding the vendor’s use of input data should also be clarified:

  • Is the data used solely for the customer’s purposes and benefit?
  • Can the vendor use input data to improve the AI tool for other users?
  • Are there any other permissible uses?

Regarding output data, it is essential to determine whether the data produced is newly generated content or responses based on predefined rules, such as predictions or recommendations. Understanding IP rights in the output data is crucial, especially if the data will be used or distributed outside the customer’s home jurisdiction.

Business Continuity: Addressing Vendor Insolvency Risks

The ongoing maintenance and support of the AI solution pose a risk of vendor insolvency. To mitigate this, due diligence should explore whether an escrow agreement is in place, ensuring continued access in the event of vendor failure. This agreement should specify:

  • When and how customers can access the source code and relevant documentation.
  • Which usage rights are then granted.
  • Who bears the cost of maintaining access and updating the solution.

Conclusion

The due diligence process aims to map pre-existing and newly created IP rights through the AI solution, ensuring a clear understanding of:

  • Who owns what.
  • What the respective scope of rights of the parties concerned is regarding the solution and the data generated through its use.

Ultimately, the goal is to mitigate risks of IP infringement while ensuring contractual consistency between rights obtained up-front and those licensed to users, as well as between rights generated downstream and their possible upstream use.

More Insights

A shield with a digital pattern

CII Advocates for Strong AI Accountability in Financial Services

April 24, 2025 AI,AI Governance,AI Regulation,Artificial Intelligence Regulation
The Chartered Insurance Institute (CII) has urged for clear accountability frameworks and a skills strategy for the use of artificial intelligence (AI) in financial services. They emphasize the...
Read More
A regulatory checklist

Regulating AI in APAC MedTech: Current Trends and Future Directions

April 24, 2025 AI,AI Regulation,Medtech Innovation,Regulatory Compliance
The regulatory landscape for AI-enabled MedTech in the Asia Pacific region is still developing, with existing frameworks primarily governing other technologies. While countries like China, Japan, and...
Read More
Light bulb

New York’s AI Legislation: Key Changes Employers Must Know

April 24, 2025 AI,AI Regulation,Artificial Intelligence Regulation,Regulatory Compliance
In early 2025, New York proposed the NY AI Act and the AI Consumer Protection Act to regulate the use of artificial intelligence, particularly addressing algorithmic discrimination in employment...
Read More
A circuit board with a warning sign

Managing AI Risks: Effective Frameworks for Safe Implementation

April 24, 2025 AI,AI Governance,AI Regulation
This article discusses the importance of AI risk management frameworks to mitigate potential risks associated with artificial intelligence systems. It highlights various types of risks, including...
Read More
A compass to signify guidance and direction in navigating the AI landscape.

Essential Insights on the EU Artificial Intelligence Act for Tech Companies

April 24, 2025 AI,AI Ethics,AI Regulation,European Union AI Governance
The European Union has introduced the Artificial Intelligence Act (AI Act), which aims to manage the risks and opportunities associated with AI technologies across Europe. This landmark regulation...
Read More
1. A robot figurine 2. A circuit board 3. A book titled "AI Ethics"Selected: A book titled "AI Ethics"

South Korea’s Landmark AI Basic Act: A New Era of Regulation

April 24, 2025 AI,AI Governance,AI Regulation
South Korea has established itself as a leader in AI regulation in Asia with the introduction of the AI Basic Act, which creates a comprehensive legal framework for artificial intelligence. This...
Read More
A blueprint

EU AI Act and DORA: Mastering Compliance in Financial Services

April 24, 2025 AI,EU AI Compliance
The EU AI Act and DORA are reshaping how financial entities manage AI risk by introducing new layers of compliance that demand transparency, accountability, and quantifiable risk assessments...
Read More
A lock and key set representing security and access

AI Governance: Bridging the Transatlantic Divide

April 24, 2025 AI,AI Governance,AI Regulation,International Policy
Artificial intelligence (AI) is rapidly reshaping economies, societies, and global governance, presenting both significant opportunities and risks. This chapter examines the divergent approaches of...
Read More
A toolbox

EU’s Ambitious Plan to Boost AI Development

April 24, 2025 AI,AI Regulation,Global AI Policy,Regulatory Frameworks
The EU Commission is launching a new strategy to reduce barriers for the deployment of artificial intelligence (AI) across Europe, aiming to enhance the region's competitiveness on a global scale. The...
Read More

Ready to become AI compliant?

Take the first steps in your transformation towards international AI compliance.

Book a Discovery Call See Frameworks

Explore

Need More Assistance?

Our expert sales team is here to answer your questions, just leave your email and we’ll get in touch.

Research & Market Studies
A digital energy meter
AI Safeguards: A Step-by-Step Guide to Building Robust Defenses
As AI becomes more powerful, protecting against its misuse is critical. This requires well-designed "safeguards"...
A light bulb
Algorithmic Audits: A Practical Guide to Fairness, Transparency, and Accountability in AI
Algorithmic auditing is crucial for ensuring AI systems are fair, transparent, and accountable. A comprehensive...
A compass
AI Explainability: A Practical Guide to Building Trust and Understanding
As AI systems exert increasing influence over our lives, understanding how they arrive at conclusions...
A shield symbolizing protection against unregulated AI practices.
AI Governance: Transparency, Ethics, and Risk Management in the Age of AI
AI is rapidly transforming society, creating both opportunities and risks. A proposed AI governance framework...
Latest News on AI Compliance
A broken shield
Assessing the High-Risk Landscape of AI in Insurtech
The Insurtech sector is increasingly intersecting with AI regulations, particularly regarding the classification of AI...
A compliance checklist
Essential Insights on the EU AI Act for Machine Builders
The EU AI Act, which defines four levels of risk for AI systems, aims to...
A robot arm
Revamped Federal AI Policies: A New Era of Innovation and Efficiency
On April 3, 2025, the OMB released two revised policies aimed at guiding federal agencies...
A magnifying glass highlighting the importance of scrutiny and clarity in regulations.
EU Seeks Stakeholder Input on Upcoming AI Guidelines
The European Commission is inviting stakeholders to provide input on upcoming guidelines for general-purpose AI...

© 2023 AI Sigil

Medium Envelope