In addition, licensing can also be used to help address issues of confidentiality, usage considerations or limitations and, increasingly, learning and other issues which often may be experiential and machine-aided in connection with the collection, use and disclosure of data. For example, secondary usage or derivative usage of data, which may not be subject to copyright or trade secret protection is increasingly addressed by contract. Similarly, residuals which refer to information in nontangible form, which may be remembered by persons with access to confidential information are something increasingly important for parties to consider when exchanging confidential information with other parties. Not only can the information generated by a business relationship be valuable but who has a right to secrecy with respect to it and whether and how the counter-party can use it has become of such great importance that the entire enterprise value of certain businesses has been written off when rights in underlying data were questioned and more recently acquisitions transactions have had their purchase price changed or deals fail to close because of uncertainty about data rights.

With this in mind, it is helpful to understand common contractual provisions used in licensing relating to the collection, use and disclosure of data.

Key provisions

Representations, warranties and covenants

In contracts, representations are legally binding assurances that certain facts are true while warranties provide that if a stated fact is not true, that the recipient of the product or service covered by the assertion of fact will be protected from loss. In contrast, a covenant states that something will or cannot be done and affirmatively obligates a party making a representation and warranty. Breach of a covenant could result in money damages or an obligation for specific performance. When negotiating a contract for AI products or services, the representations, warranties, and covenants should be specific to artificial intelligence to address the risks associated with the use of such technology. Examples of such representations, warranties, and covenants include:

• Sufficient rights to use the technology – Many customers may require warranties that state that the vendor has sufficient rights and/or licenses to provide the technology. These come in the form of affirming original creation and/or appropriate licenses, as well as an express representation and warranty of non-infringement. This representation and warranty allow the customer to assert an “innocent infringer” defense to certain IP claims as well as requiring the vendor to stand behind its intellectual property. However, as a vendor, it may be difficult to provide such representation and warranty since it is difficult to find and assess potential threats and a vendor may never be sure that it is free from threats of IP infringement. This is especially difficult with the evolving landscape of artificial intelligence and the concept of copyright protection as discussed throughout this guide.
• Consents from individuals – As discussed throughout this guide, data protection laws worldwide rely largely on obtaining the user’s consent before processing or using that user’s data. Vendors want to ensure that customers have obtained consent from such individuals to provide personal data or personal information to the vendor in the input data as well as stating that the customer is not prohibited from using the data beyond the stated purpose for which consent was given.
• Performance of the AI model – Performance of the AI model is important to ensure that it is working in accordance with any specifications and documentation provided by a vendor. Additionally, a customer may request a warranty and a covenant that certain performance obligations are to be met, including results to be achieved, accuracy, and operability in the customer’s environment. These warranties and covenants may be valuable to a customer to ensure the AI model works as its intended and for a customer’s purpose. In turn, a vendor may precisely define and limit the expected performance since AI model development is complex and iterative. A vendor may want to allocate the risk to the customer in determining whether the AI model is suitable for a customer’s business.
• Security related – There are many issues with regards to cyber security vulnerabilities in AI. Customers may request proper reps/warranties ensuring adequate proactive and responsive cybersecurity policies and procedures.
• Physical equipment with embedded API – When a vendor sells physical equipment that includes artificial intelligence, customers should ensure that the representations and warranties in the contract that also cover injuries, damages and even death that could be caused by customer and its users use of the AI enabled machines and devices.
• Miscellaneous – Customers should consider how they will use artificial intelligence in their business. If they intend to incorporate AI into mission critical functions, such as automating production lines, then the representations and warranties about the AI system may address the potential business impact of a total system failure and extended downtime. In situations where the AI includes a facial recognition tool, the risk caused by AI may be allocated to the developers to ensure that the model was built so that the results of any output data are not deceptive and are free of bias and discrimination.