Acceptable use policies get cited everywhere in AI contracts and read carefully almost nowhere. The provisions in the main agreement that reference the AUP are where the real risk lives, and they tend to be drafted in a way that looks fine on first read and falls apart under any pressure. The "as commonly understood in the industry" hand-waving, the flow-down clauses that quietly shift compliance onto the customer, the one-size consequences that treat every footfall as a fireable offense, and the posting-only update mechanics that ask customers to monitor a vendor website are all symptoms of the same problem. The drafting has not caught up with the deal reality.
That was the focus of a recent How to Contract webinar hosted by Laura Frederick and featuring Akiva Miller, solo counsel at Akiva Miller Law, who advises SaaS, AI, and FinTech companies, and Alexandra Sepulveda, Assistant General Counsel at Trust and Will. Alexandra wore the vendor hat for the conversation and Akiva wore the customer hat. Their dual-seat perspective on every provision is what made the discussion useful, because the same language can be a gift to one side and a trap for the other.
The four provisions they tore apart cover the AUP territory most likely to show up in your next AI deal. Prohibited content categories that lean on undefined industry standards. End-user flow-down obligations and monitoring rights. Violation consequences with no cure period. Unilateral update mechanisms that take effect by posting. Along the way they also talked about the customer's middle-of-the-sandwich position between foundation labs and downstream users, the privacy traps inside broad monitoring rights, and why a multi-model strategy may matter more than any individual redline.
Here are our top ten takeaways from the speakers' comments during the webinar:
Drop "as commonly understood in the industry" from your AUP definitions. There is no settled industry definition for deepfake, disinformation, or synthetic identity content. Anthropic, OpenAI, and the rest each draw the lines in different places. Asking your enforcement team to apply a standard that does not exist is asking them to make it up under pressure. Move the definitions to an exhibit you control and update.
Pair intent-based prohibitions with observable anchors. A ban on disinformation requires someone to read minds after the fact. Volume, distribution pattern, and audience targeting give your enforcement team something they can actually apply. We should be drafting around what we can see and measure, not around what we wish we could prove.
Stop using "any violation equals material breach." That language signals to the customer that you have not figured out where the line is, and that you are reserving the right to terminate them whenever you decide it has been crossed. Sales will not love it. Neither will enterprise legal on the other side. Reserve material breach for the conduct that actually warrants it, and let the rest of the violation universe live in a tiered consequences clause.
Treat the AUP as a commercial document, not just a legal one. The community-pool framing applies. Customers have choices, and a vendor known for over-enforcement on minor issues loses business to the vendor down the street. Consequences need to match conduct.
Do not let vendors reach past you to suspend your end users. As a customer, your vendor has a relationship with you, not with your downstream users. If the vendor wants to enforce the AUP, that grievance runs through your team. Vendor language asserting a direct right to suspend specific authorized users is atypical and worth pushing back on hard.
Watch out for "substantially equivalent" running the wrong way. As a vendor, substantially equivalent means you have to prove the customer's version of your AUP is close enough to yours in a dispute. Pass through by reference instead. As a customer, the same language is a gift because it lets you build your own multi-model compliance program. The same word can be an asset or a liability depending on which seat you are in.
Broad monitoring rights are a cost, not a free upside. Usage logs, prompts, and outputs carry privacy obligations once they sit on the vendor's systems. What looks like visibility on day one becomes regulatory liability on day two. Push for metadata-level monitoring by default and content access only when there is a specific compliance reason and advance notice.
Tier your consequences to your company's actual priorities. Things that pose an existential risk to the business get immediate action. Everything else gets notice and cure. A vendor with only a nuclear option will over-enforce on minor issues and lose customers, and a customer who signs a no-cure clause has handed over a near-termination-for-convenience right.
Apply new AUP restrictions prospectively, with a wind-down for existing uses. A customer should not wake up in breach because the vendor updated the AUP overnight while the customer's behavior never changed. Neither side actually wants that result, but a contract drafted in isolated silos can produce it anyway. Build the transition mechanism into the consequences clause, not into a separate update clause that does not talk to it.
Reject posting-only AUP updates for any serious B2B deal. Enterprise customers cannot run their compliance program off a vendor website. Split material from non-material changes, send real notice on the material ones, and carve the consequences and other material terms out of the unilateral update mechanism. If you have to eat the bad version, set a calendar reminder or have an AI tool monitor the vendor's terms page for you.
Subscribe to Stay in the Loop
Whether you joined this AUP webinar live or you are catching up after the fact, our weekly newsletter is where the next round of practical AI contracting insights lands first. Subscribe now to get the recaps and the heads-up on upcoming How to Contract events without having to chase them down.
