How Can You Navigate Intellectual Property Laws in Artificial Intelligence?

Vendor agreements for artificial intelligence platforms typically contain broad liability caps, limitations on consequential damages, and indemnification clauses that shift risk back to the deploying organization. Courts have generally upheld these allocations, but they do not eliminate your organization's exposure to regulatory fines or third-party claims. A financial services firm using a third-party AI model for underwriting remains liable to regulators even if the vendor's contract disclaims all responsibility. The practical implication is stark: you cannot outsource legal accountability by outsourcing the AI. Instead, counsel should negotiate for vendor warranties regarding algorithmic performance, audit rights, and transparency into training methodologies.

New York courts have begun addressing AI-related negligence in commercial disputes, though published decisions remain sparse. In cases involving algorithmic error or failure to disclose AI involvement in decision-making, New York courts have applied traditional negligence principles: duty, breach, causation, and damages. The Southern District of New York has signaled in dicta that organizations deploying artificial intelligence may owe heightened duties of disclosure and testing when the system affects third-party rights. This emerging framework suggests that New York courts will likely impose a duty to validate AI systems before deployment and to disclose material limitations to users affected by AI decisions.

The Federal Trade Commission has taken the position that deploying artificial intelligence without adequate testing, transparency, or safeguards constitutes an unfair or deceptive practice. The FTC has brought enforcement actions against companies for AI-driven discrimination, false performance claims, and failure to disclose algorithmic decision-making. The agency does not require a specific statutory violation; it operates under broad authority to challenge practices that harm consumers. Organizations using AI in consumer-facing applications should anticipate FTC scrutiny and document pre-deployment testing, bias audits, and user disclosures thoroughly.

New York and other states have enacted or proposed laws requiring disclosure when artificial intelligence is used in hiring, lending, housing, and insurance decisions. These statutes often mandate that organizations inform individuals that AI was used and, in some cases, provide an explanation of the decision or a mechanism to contest it. Compliance requires integrating disclosure workflows into AI deployment and maintaining audit trails. A practical example: a financial services firm using AI for credit decisions in New York must disclose the use of AI to applicants and provide a meaningful opportunity to request human review if the applicant disputes the decision. Failure to do so exposes the firm to state attorney general enforcement and private litigation.

If an artificial intelligence system generates text, images, or code, who owns that output? Copyright law traditionally vests ownership in the human author. Courts have questioned whether AI-generated content qualifies for copyright protection at all if no human made creative choices. This ambiguity creates practical problems: if your organization uses an AI tool to generate marketing content and a competitor claims the output infringes their copyright, you may have weak grounds to defend the work as your own creation. The strategic response is to document human creative direction, editorial review, and selection of prompts used to generate AI output, establishing human authorship even if the AI performed the mechanical generation.

Organizations that build proprietary artificial intelligence models using third-party data face potential claims from data providers or rights holders. A model trained on web-scraped content, user-generated data, or licensed datasets may trigger licensing disputes or claims of unauthorized use. The legal landscape here is genuinely contested. For now, counsel should require clear data licensing agreements that explicitly permit AI training, establish data retention and deletion protocols, and audit training datasets for third-party rights. Artificial intelligence governance frameworks increasingly include data provenance tracking as a baseline compliance measure.

Organizations using artificial intelligence in high-stakes decisions should conduct pre-deployment bias audits and establish ongoing monitoring protocols. These audits test whether the AI system produces disparate outcomes across protected classes. Ongoing monitoring detects drift: as the AI encounters new data, its performance may diverge from the original training environment, introducing new biases. Counsel should ensure that bias audit results are documented, that remediation steps are taken if bias is detected, and that decision-makers understand the limitations of the system. A documented bias audit does not eliminate liability, but it demonstrates due diligence and may support a good-faith defense in regulatory proceedings.