IP infringement indemnification looked simple on the page and was anything but in practice. The clause read short, the issues underneath it ran in every direction, and the language interacted with definitions, license grants, warranties, and limitations of liability in ways that were easy to miss. Lawyers who tried to fix a too-broad scope by piling on carve-outs ended up with provisions that were technically consistent and practically unworkable.
A How to Contract webinar hosted by Laura Frederick brought together two lawyers who have spent a lot of time on the wrong end of this provision. Joanna Valencia, a fractional General Counsel for various tech, AI, and security companies, worked the vendor side. Laurie Ehrlich, VP of Legal Strategy at Icertis, worked the customer side. Both have negotiated and litigated enough of these clauses to know where the real exposure lives, which made the back-and-forth genuinely useful.
The conversation walked through the scope of covered claims, the modification and combination exclusions, and the knowledge and conduct exclusions. It covered why "directly or indirectly" was not boilerplate, why "any component thereof" could swallow the whole indemnity, how to rewrite the carve-outs on causation instead of approval, and how to make the cure right actually work when it mattered.
Here are our top ten takeaways from the speakers' comments during the webinar:
Read the provision as a system before redlining a single word. A broad scope could not be fixed with exclusions. The definitions, scope, exclusions, cure, and limitation of liability worked together, and a redline that solved one of those in isolation often broke another. The first move on any IP indemnification clause was to map the moving pieces and then decide where to push.
Build separate definitions for general deliverables and indemnified deliverables. The general deliverables definition did work across the agreement, while indemnified deliverables narrowed the indemnity trigger to what the vendor could actually warrant. Joanna's approach kept customer deployment choices out of the vendor's exposure. Laura's variation used two definitions, one broad and one narrow, and pointed the indemnity at the unobtrusive one so the heavy lifting happened in the defined terms rather than in the operative language.
Limit covered IP to rights you can clear. Joanna's working default was valid, enforceable US patents and registered copyrights because those were the rights a vendor could investigate before signing. Moral rights and unregistered foreign rights created exposure no one could price. Adjust for the deal. Web and graphics work pulled trademark back in. Software-only deals usually did not.
Treat "directly or indirectly" as a substantive term. Indirectly pulled in claims that arose from customer modifications and combinations even when the vendor had done nothing wrong. The vendor's job in indemnification was the cause of the infringement, not every downstream use case. If you accepted "indirectly," you should have narrowed the use rights and the combination language to match.
Watch "or any component thereof" closely. Component could mean an output from customer input in AI products, a third-party piece pulled out of its licensed combination, or open source code the vendor never intended to indemnify standalone. The word looked harmless and could swallow the entire indemnity. Generally either define component or replace it with a tighter trigger.
Fix the modification exclusion on causation, not approval. The AI-drafted version turned on whether the vendor had given prior written approval. That was the wrong question. The right question was whether the modification caused the alleged infringement. A "would not have occurred but for" formulation lined up with standard causation analysis and stopped customers from arguing that an approved modification turned a customer-caused problem into a vendor liability.
Tie the combination exclusion to the deliverable standing alone. Combinations changed constantly in any real IT environment. Conditioning the exclusion on prior specification or written approval was unworkable from the customer side and underprotective from the vendor side. The cleaner test was whether the infringement would have occurred from use of the deliverables standing alone.
Strengthen the knowledge standard with a diligence floor. Actual knowledge alone let customers plead strategic ignorance in spaces where patent risk was well documented. Joanna's standard required diligence "appropriate for a commercial party entering a transaction of this nature." Laurie's customer-side caveat was that the knowledge had to be specific to this deliverable and this use, not a general awareness somewhere in the customer's organization. Both points held.
Make unauthorized use turn on prohibitions, not on unstated permitted uses. Most contracts did not affirmatively list every permitted use of the deliverables. They listed prohibitions, often through an acceptable use policy. The exclusion attached cleanly to the prohibitions and got messy when it attached to "not authorized" language that invited off-label use fights.
Demand functional equivalence and implementation support on the non-infringing alternative. A replacement that lost the feature the customer relied on was not a real cure. Significant implementation costs needed to fall on the vendor when the vendor was the one driving the change. Reasonable time without a defined floor became a litigation hook. Define the timeline and define the equivalence standard, or the cure right was theater.
Subscribe to Stay in the Loop
This is the kind of teardown our weekly newsletter delivers, alongside notice of upcoming webinars and recaps of past ones. Subscribe now so you get the next provision-by-provision breakdown straight to your inbox.
