This AI contract tip is about the problems with using ownership when describing data rights and obligations.
Ownership is a legal status. The person who owns something has the title, and with that title comes some rights. If the title is to intellectual property, the owner has the right to exclude others from doing things (patents and trade secrets) or the exclusive right to do things (copyright and trademark). Parties can also own other property, like goods, buildings, and land.
Most AI contracts refer to data ownership, but the party with the data rarely meets the legal definition of ownership.
Instead, that party has control. They collected, enhanced, and stored the information themselves or received that data from someone else who did. Subject to any legal or contractual restrictions, the party with the data can use and share that data with others.
Talking casually about owning data isn’t that big of a deal in a lot of situations, but it is a big problem when we do that in contracts. Contracts define our relationship with our counterparties. If we have inaccurate ownership claims there, we may expose ourselves to implied warranties and an inability to enforce incorrect terms on their face.
Here are four ways to draft better data provisions in your AI product contracts:
1. Focus on rights and usage, not ownership - You don't need to discuss ownership if there's no IP involved. Instead, create contractual provisions that address what each party can do with the data. Can they analyze it? Store it? Share it with third parties? The key is specificity, not broad claims of ownership. And be precise about how long the rights last.
2. List prohibited uses - Don't rely on generic restrictions. Get specific about what they can’t do with the data. Make sure you align with any legal restrictions that apply to your data, but you may want to go beyond those laws. For example, do you also want to prohibit using the data to develop competing products or selling data-derived insights to competitors?
3. Create accountability - Standard audit rights probably aren’t enough. Look at other ways to check, including compliance certificates or data logs that show how the data is being used.
4. Customize your remedies - Look at what you need if the counterparty violates the contractual restrictions. You may leave yourself exposed if you rely on typical termination rights and contract breach claims. Update your contract to provide a better path, especially when data misuse is a legal violation.
Your contract should address what matters. Avoid the imprecise messiness of relying on ownership to do that. Instead, define exactly what rights each party has and what they can do with the data.
What other advice would you add about data ownership in contracts?
