- Published on
Services contracts for AI buyers, explained
- Authors
- Name
- Sona Sulakian
- @sonasulakian
Are you in the process of procuring an AI product? Understanding what's standard in AI vendor contracts can bolster your negotiation stance and safeguard your interests.
We compared 50 vendor contracts before and after they incorporated AI into their offerings. Here are our primary takeaways.
A web of AI usage policies
TLDR Customers should seek clarity on flow-through terms from third-party AI providers, and should keep an eye on evolving AUPs, which are becoming more dynamic and proactive in their approach to enforcement.
Many vendors use AI foundational models to power their specific use cases. These vendors generally pass down the terms of use from third-party AI providers to their customers, resulting in multiple layers of contractual obligations. So, customers must adhere to both the vendor's and the third-party service providers' terms. Such arrangements create a complex compliance landscape for data privacy and intellectual property rights.1
For example, a vendor using OpenAI may require customers to comply with OpenAI’s Usage Policies or Sharing and Publication Policy. Some vendors go further to place the burden on the customer to not “use [vendor services] in a way which would cause [vendor] to breach terms that [vendor] has agreed with OpenAI for this third party AI functionality.”2 Some vendors go even further to expect customers to create internal policies and manage risks related to AI outputs.3 To safeguard their interests, customers should resist lazy, vague statements that require compliance with an upstream vendor’s terms, request specificity in the restrictions on their usage, and push back on contractual requirements for creating internal AI usage policies, even if doing so is probably best practice.
Generally, AI vendor contracts almost always feature Acceptable Use Policies (“AUPs”). Companies like Airtable, Amplitude, Benchling, and Freshworks have adopted or updated AUPs to formalize the do's and don'ts in AI usage. Customers should stay informed about evolving AUPs. Customers should also be prepared for active enforcement measures like content scanning and usage monitoring4, which may become more common in the future, as already seen in email services like Shopify.5
AI vendor disclaimers and user responsibilities
TLDR Customers should scrutinize the AI vendor's disclaimers regarding the accuracy and uniqueness of AI-generated outputs, and understand the potential implications of these disclaimers on their specific use case.
Customers are expected to acknowledge the risks and limitations of AI, including potential inaccuracies, biases, and offensive outputs. Vendors often disclaim responsibility for decisions made based on AI outputs, don't guarantee suitability of AI output for a Customer’s use case, and encourage human review to verify outputs.6 This stance is a clear indicator that while AI can provide valuable insights and efficiencies, the ultimate responsibility for interpreting and acting on AI-generated data lies with the user.7
Many AI features, particularly chatbots, are offered as complimentary enhancements to customer experiences. As such, some vendors may justify this shift of risk by reminding users that use of AI features is “optional”.8
AI vendors are also quick to disclaim the accuracy and uniqueness of AI-generated outputs, and the possibility of similar outputs being generated for different users due to the nature of machine learning models.9 These disclaimers are a direct response to the inherent unpredictability and non-uniqueness of machine learning models.
Rights to “Usage Data” and competitive moats
TLDR Buyers should verify what rights vendors request in "aggregated and anonymized" customer usage data and for what purposes, and carefully assess non-competitive clauses in contracts to understand their impact on market insights and product development.
Vendors often state that all input and output are the customers’ data—but the aggregated takeaways from such data? Not so much. Vendors are clamoring to own and commercially exploit “aggregated and anonymized” customer usage data. Vendors aren’t coy about their potential uses of such data, which most commonly are (1) to improve their products and services and (2) to create a line of business in monetizing insights, benchmarketing, etc. using aggregated data. For example, Lucid10 and Lily11 refer to use of “statistical data” for various purposes, including improving services and machine learning.
Buyers should verify what “anonymized” means—does it refer to just the users, or the Customer as well?12 Customers might want certain assurances that, when anonymized data is used to improve AI models, steps like data sanitation algorithms will be taken to prevent the reproduction of such data for other customers.13
Some companies no longer treat usage data as "Confidential Information" because it's crucial for product development, similar to feedback. Alation, for instance, removed "Customer Data" from its terms regarding confidentiality.14 Similarly, DataDog distinguishes between confidential Customer Data and non-confidential Customer Operational Data. And finally, Databricks removed “Customer Confidential Information” from their promise to not disclose usage data to third parties.15 Just as with feedback, vendors will want to protect intellectual property rights in the improvements that result from the use of such usage data.16
Buyers should be more wary of companies that are building AI models, compared to vendors integrating them and who more often provide fairly protective terms.17 The business models of the latter don’t depend on building and maintaining the best AI.
Additionally, vendors are incorporating non-competitive terms into their contracts to prevent customers from developing competing products. Databricks, for instance, removed the benchmarking rights18, Datadog 19 and Freshworks20 forbid the use of their services for competitive intelligence or performance benchmarking purposes, and Loom's terms are strict against building rival products.21 This reflects their efforts to protect proprietary technology in a competitive AI market. Buyers should be aware of these contractual restrictions, which could impact their ability to gather market insights or develop specific products.
Rights to AI inputs
TLDR Customers should insist on contract-based restrictions for inputs, verify their rights to share inputs, and exercise caution when sharing sensitive information without proper usage restrictions in place.
Customers often supply critical inputs like training data, testing data, and prompts to AI service providers. To safeguard these inputs, customers should insist on clear contract-based restrictions that outline how the provider can use them.22 Relying solely on ownership rights may not provide adequate protection, making contractual restrictions a more reliable choice to ensure the desired use of inputs.
Moreover, before sharing any inputs, customers must take steps to confirm that they possess the required legal rights and permissions to do so. This is particularly crucial when dealing with sensitive information such as trade secrets or personal data. In fact, providers often require customers to represent and warrant that they have obtained all necessary permissions and licenses for AI input.23 While reasonable, providers may push for overly broad warranties and indemnities for circumstances extending beyond the customer's control, such as obligations to ensure compliance with all laws and the non-infringement of third-party rights.24
Rights to AI outputs
TLDR Contracts should grant customers clear rights for intended output use, but limitations may exist in restricting third-party usage.
Contracts should grant clear usage rights to customers. Contracts should provide customers with perpetual, irrevocable, royalty-free rights to use the output as intended, free from hindrances.25 Outputs vary in risk based on their intended use. Internal or personal usage is lower risk compared to commercialization or incorporation into external products, services or marketing.
Some customers may aim to restrict third-party use of the outputs by requesting the provider to assign all intellectual property rights to the output. However, legal uncertainties may require case-specific analysis, emphasizing the importance of contractual provisions for control. In theory, this assignment grants customers the right to exclude others from reproducing, distributing, displaying, and modifying the output. But contractual provisions remain the most reliable mechanism for customers to exert control over the provider's usage of the output.
Liability, Indemnification, and Insurance Gaps
TLDR Buyers should scrutinize liability and indemnification clauses, negotiate for fairer terms, and consider adding insurance options.
While vendors are quick to disclaim and push all responsibility to the user, liability and indemnification obligations have not significantly changed to account for a mutual share of the risks.
Providers also include strong provisions waiving consequential damages and limiting liability, potentially hindering substantial recovery for customers in case of contract breaches or other claims. Common practices cap liability at 12 months of service fees, although some data-focused vendors raise it to twice that amount for breaches related to privacy, security, or confidentiality breaches.
Output-related claims typically lack indemnification protection, potentially leaving customers financially responsible for third-party legal actions regarding IP infringement or privacy violations. While vendors only indemnify for IP infringement of the technology, customers often must indemnify vendors for various issues, including content, software misuse, contract breaches, legal violations, third-party IP disputes, and misconduct.26
Insurance terms are noticeably absent from many AI vendor contracts, leaving buyers exposed to significant financial risks in case of disputes or legal actions. Buyers should consider insurance options to protect their interests.
Compliance with laws
TLDR Consider alternative mechanisms for legal compliance, such as audit rights and cooperation in regulatory matters.
In practice, achieving broad provider commitments to comply with all current and future laws and regulations can be challenging due to various factors, including uncertainties surrounding rapidly changing AI laws and regulations. For instance, Zendesk's contract explicitly disclaims any obligation or liability in the event of government or regulatory actions that restrict access to their services, highlighting the real risk posed by evolving AI laws globally.27
When vendors are unwilling to promise complete legal compliance, alternative mechanisms can include audit rights as well as vendor cooperation in compliance efforts and responses to regulatory inquiries. While vendors may resist these measures, they can serve as valuable starting points for discussions regarding the provider's compliance strategies.
For cases involving personal information in AI inputs, make sure to impose robust data privacy and security obligations on the provider. These obligations encompass compliance with data privacy laws, data sanitation measures, among other terms common to Data Processing Agreements. However, providers are likely to resist such obligations and may even prohibit customers from providing inputs containing personal information.28
Handling prolonged outages—force majeure and SLAs
TLDR Buyers should protect their access to AI services by ensuring that force majeure clauses remain broad in scope and come with a termination right for prolonged outages, and should carefully scrutinize service level terms to account for outages due to upstream service providers.
Because many (if not most) products today depend on a third party AI provider, there is a chance that outages at any of these companies could create circumstances “beyond a party's reasonable control”. Let’s say a high-profile CEO is fired and rehired in dramatic fashion, or the EU passes a strict AI law, each of these events may affect service availability. Would this constitute a force majeure event? Does that give rise to a termination right and a refund for prepaid, unused fees?
Buyers may want to have a termination right for extended periods of time without access to the services they’re paying for, whereas vendors will push back for revenue recognition reasons. Buyers will want to define force majeure events broadly to encompass any events outside a party’s reasonable control, where vendors will be more precise and closed with their list of qualifying events.
As a buyer, carefully read service level terms to ensure that they capture outages, even if not caused directly by the vendor. We already see that vendors’ service level terms often exclude issues arising from third-party service providers. Notion, for instance, specifies that downtime caused by third-party service failures won't count towards their Availability and Downtime calculations.29 This distinction is important as it acknowledges the dependency on external services and their potential impact on service functionality. Iterable adopts a similar stance, noting that their AI service is not subject to standard service level agreements and may experience performance downgrades.30 Such clauses highlight the unpredictable nature of AI services, especially when relying on external providers.
Final thoughts
It's crucial to keep abreast of key contracting trends that correspond to significant technological advancements. Understand the actions of others, the rationale behind them, and how they align with industry standards as they evolve. Ensure that your vendor review process comprehensively addresses all essential points to safeguard your rights and maintain advantageous positions within your contracts.
Footnotes
Footnotes
Customer acknowledges that, due to the nature of generative AI and the technology powering BambooHR’s AI features, BambooHR AI Output may not be unique and BambooHR AI may generate the same or similar output to BambooHR or a third party. ↩
Notion's terms require compliance with OpenAI's policies, showing how third-party terms affect user behavior and extend OpenAI's reach into Notion's customer base: “Third Party Provider Policies. If you choose to use the Notion AI feature(s), you may not use the Notion AI features in a manner that violates any OpenAI Policy, including their Content Policy; Sharing and Publication Policy; and Community Guidelines.” https://www.notion.so/notion/Notion-AI-Supplementary-Terms-fa9034c8b5a04818a6baf3eac2adddbb Lucid's terms require customers to follow subprocessor terms, like Microsoft Azure OpenAI Service: “Third-Party Terms. Lucid uses the third parties listed in our subprocessor list to host and provide the Lucid AI. You understand and agree that each service provider may have their own AI services terms and conditions. For instance, Microsoft’s Service Specific Terms related to the Microsoft Azure OpenAI Service and Code of conduct for Azure OpenAI Service apply to your Use of the Lucid AI. We may use additional third-parties to provide other features in the future and will update our subprocessor list accordingly. Agreeing to abide by third-party terms and conditions is required to access Lucid AI.” https://lucid.co/tos ↩
Risks and Limitations. Artificial intelligence and machine learning technologies have known and unknown risks and limitations. You acknowledge that you are solely responsible for developing your own internal policies regarding the appropriate use of these technologies and training other Users on your account on such policies. https://www.bamboohr.com/legal/bamboohr-artificial-intelligence-addendum ↩
Alation reserves rights for usage monitoring, including tracking users and limits, reflecting a trend in active user engagement management and consequences for exceeding boundaries: “Usage Monitoring. Alation reserves the right to periodically review the number of Named Users, number of connectors, apps, objects, and Customer usage.” https://www.alation.com/msa/ ↩
Shopify's email content scanning signals a potential industry shift toward proactive AUP enforcement: “Shopify employs certain controls to scan the content of emails you deliver using the Email Services prior to delivery (“Content Scanning”). . . . By using the Email Services, you explicitly grant Shopify the right to employ such Content Scanning.” https://www.shopify.com/legal/terms ↩
Scale's agreement emphasizes AI's probabilistic nature, making customers responsible for AI-based decisions. This underscores that users must interpret and verify AI-generated data: “Decisions. Results and outcomes generated by machine learning algorithms and artificial intelligence are probabilistic and Customer should evaluate such results and outcomes for accuracy as appropriate for Customer’s use case, including by employing human review.” https://scale.com/legal/msa/ ↩
Lucid's terms highlight that customers must acknowledge the risks and limitations of AI: “By using the Lucid AI, you acknowledge and agree that (a) Lucid is not responsible for any inaccuracies or errors in the Output, (b) Lucid is not responsible for any biases or limitations of the underlying algorithms or data, and (c) Lucid is not responsible for any Output that you may find harmful or offensive.” https://lucid.co/tos Loom's terms emphasize that they do not guarantee the accuracy or suitability of AI-generated information for specific use cases: “Loom does not make any warranty as to Loom AI, output, the results that may be obtained from the use of Loom AI or the accuracy of any information obtained through Loom AI, including with respect to the factual accuracy of any output or suitability for Customer’s use case. . . . Customer should not rely on factual assertions in output without independently fact checking their accuracy. no information or advice, whether oral or written, obtained by Customer from loom or through Loom AI shall create any warranty.” https://www.loom.com/loom-ai-supplementary-terms Scale's agreement highlights the probabilistic nature of AI and machine learning outcomes, reminding customers that they are responsible for all decisions made based on the AI's output: “Decisions. Results and outcomes generated by machine learning algorithms and artificial intelligence are probabilistic and Customer should evaluate such results and outcomes for accuracy as appropriate for Customer’s use case, including by employing human review. Customer is solely responsible, and Scale will have no liability, for all decisions made, advice given, actions taken, and failures to take action based on Customer’s use of the Services or Output, including whether the Output is suitable for use in the Customer Application.” https://scale.com/legal/msa/ ↩
You acknowledge that the Lucid AI is an optional feature of the Subscription Service(s) overall and that you are free to stop using the Lucid AI at any time. https://lucid.co/tos ↩
You acknowledge that due to the nature of machine learning and the technology powering Notion AI features, Output may not be unique and Notion AI may generate the same or similar output to Notion or a third party. https://www.notion.so/Notion-AI-Supplementary-Terms-fa9034c8b5a04818a6baf3eac2adddbb ↩
Statistical Data and Analyses. Lucid owns all rights to the Statistical Data and may perform analyses on Statistical Data your Content (“Analyses”). Content utilized as part of Analyses will be anonymized and aggregated. Lucid may use Statistical Data and Analyses for its own business purposes (such as improving, testing, and maintaining a Subscription Service, training machine learning algorithms, identifying trends, and developing additional products and services). Provided that Lucid does not reveal any of your Confidential Information or the identity, directly or indirectly, of any User or entity, Lucid may publish Feedback and anonymized aggregated Statistical Data and Analyses. “Statistical Data” means data generated or related to the provision, operation or use of a Subscription Service, including measurement and usage statistics, configurations, survey responses, and performance results. https://lucid.co/tos ↩
Machine Learning. Customer acknowledges that a fundamental component of the Services provided through the Platform (as defined below), whether directly or indirectly, includes a method of optimization that uses computer programming to analyze data taught and trained from Customer Materials, creating a set of algorithms that extract knowledge from such data through statistical learning (“Machine Learning”). Therefore, Customer hereby grants to Lilt a royalty-free, worldwide, perpetual, irrevocable, fully transferable and sublicenseable right and license to use, disclose, reproduce, modify, create derivative works from, distribute, and display any Customer Materials incorporated into the Machine Learning, without obligation or restriction, for purposes of creating and using the Machine Learning. Excluding Customer Materials, such Machine Learning, including the method of optimization and the algorithms, are the exclusive property of Lilt and Lilt owns all right, title, and interest to the Machine Learning. https://lilt.com/lilt-inc-master-services-agreement ↩
Alation updated its terms to remove “Customer”: “Alation may access and utilize log files and metadata derived from Customer’s use of the Alation Cloud, to maintain and improve the Alation Technology, provided that such data is aggregated or otherwise anonymized and
the Customer orthe Named Users will not be identified.” https://www.alation.com/msa/ ↩Service Data. Zendesk will, and Subscriber hereby instructs Zendesk to, access Service Data to provide, secure and improve the Services. Subscriber is solely responsible for the accuracy, content, and legality of all Service Data. When Service Data is used to improve Zendesk machine learning models, Zendesk will ensure that Service Data, including Personal Data, is not reproduced by the model to another customer, and will take necessary steps to prevent this, such as applying data sanitation algorithms to training data. https://www.zendesk.com/company/agreements-and-terms/main-services-agreement/ ↩
“
and Customer Data shall be deemed Confidential Information of Customer.” https://www.alation.com/msa/ ↩Usage Data. Notwithstanding anything to the contrary in the Agreement, Databricks may collect and use Usage Data to develop, improve, operate, and support its products and services. Databricks will not
sharedisclose any Usage Datathat includes Customer Confidential Information except eitherto any third-parties unless (a)to the extent that such Usage Datait is anonymized and aggregated such that it does not identify Customer or Customer Confidential Information; or (b) in accordance with Section 2 (Confidentiality) of this Agreement to perform the Databricks Services. ↩Neither this Agreement nor Customer’s use of the Service grants Customer or its End Users ownership in the Service, including any enhancements, modifications or derivatives of the Service. Amplitude may use techniques such as machine learning in order to improve the Services, and Customer instructs Amplitude to process its Customer Data for such purpose; provided that no Customer Data will ever be shared with any other customer and any such use by Amplitude shall comply with applicable law. For the avoidance of doubt, Customer retains all ownership of its Customer Data submitted to the Services and Amplitude retains all ownership in and to all System Data and machine learning algorithms. https://amplitude.com/msa ↩
Improving Notion AI. Notion does not use your Customer Data or permit others to use your Customer Data to train the machine learning models used to provide the Notion AI Writing Suite. Your use of the Notion AI Writing Suite does not grant Notion any right or license to your Customer Data to train our machine learning models. Artificial intelligence and machine learning models can improve over time to better address specific use cases. We may use data we collect from your use of Notion AI to improve our models when you (i) voluntarily provide Feedback to us such as by labeling Output with a thumbs up or thumbs down; or (ii) give us your permission. https://www.notion.so/Notion-AI-Supplementary-Terms-fa9034c8b5a04818a6baf3eac2adddbb ↩
Permitted Benchmarking. You may perform benchmarks or comparative tests or evaluations (each, a “Benchmark”) of the Platform Services and may disclose the results of the Benchmark other than for Beta Services. If you perform or disclose, or direct or permit any third party to perform or disclose, any Benchmark of any of the Platform Services, you (i) will include in any disclosure, and will disclose to us, all information necessary to replicate such Benchmark, and (ii) agree that we may perform and disclose the results of Benchmarks of your products or services, irrespective of any restrictions on Benchmarks in the terms governing your products or services.↩“. . . use or permit others to use the Services other than for Customer’s operations and as described in the applicable Order, Documentation and this Agreement.” https://www.datadoghq.com/legal/msa/ ↩
“Customer agrees not to use the Freshworks Technology . . . for competitive intelligence or performance benchmarking purposes.” https://www.freshworks.com/terms/ ↩
“Customer will not and will ensure Authorized Users do not: (a) reproduce, modify, adapt, or create derivative works of the Services; . . . use the Services to build competitive products. . . . Any use of data mining, robots, or similar data gathering and extraction tools or framing all or any portion of the Services without Loom’s permission is strictly prohibited. . . . Restrictions. Customer may not use Loom AI to: (i) develop foundation models or other large scale models that compete with Loom AI. . .” https://www.loom.com/terms ↩
Mixpanel’s terms are clear in what the vendor and its upstream service providers may do with inputs and outputs: “You retain all right, title, and interest (including all intellectual property rights) in and to any Input or Output. Mixpanel’s subprocessor for the AI Features, OpenAI L.L.C. (“OpenAI”), is contractually prohibited from utilizing Inputs or Outputs to train or improve its models for its own purpose. By default, Mixpanel will not use any Input or Output to train or improve the AI Features. However, in order to assist Mixpanel in enhancing the functionality of the AI Features, you may, at your sole discretion, “opt-in" to provide Mixpanel with a perpetual license to access, use, process, copy, distribute, perform, export, and display any Input and Output in connection with improving the AI Features by enabling this in the Mixpanel Admin console. More information about Mixpanel’s AI Features, including how to opt-out from enabling the AI Features in your Mixpanel instance or opt-in to enable Mixpanel to use Inputs to improve the AI Features, is available here.” https://mixpanel.com/legal/gen-ai-service-addendum/ ↩
“Customer represents and warrants that it has made all disclosures and has all rights, consents and permissions necessary to use its Customer Data with the Benchling Services without violating or infringing Laws, third-party rights (including intellectual property, publicity or privacy rights) or any terms or privacy policies that apply to any Third-Party Services and Customer Data.” https://www.benchling.com/master-services-agreement ↩
“You are also responsible for ensuring that any AI Content complies with all applicable laws, regulations, and terms before generating, using, or sharing it.” https://squareup.com/us/en/legal/general/sq-generativeai-terms ↩
“You retain all rights in your Inputs and Outputs, subject to the rights you granted to us in these terms.” https://squareup.com/us/en/legal/general/sq-generativeai-terms ↩
“Customer will defend Company from and against all claims brought against Company arising or resulting from Customer’s misuse of the Software or Service, Customer’s breach of the terms of this Agreement, or any claims that Customer content violates any third-party rights.” https://www.responsive.io/msa-02-dec-19 ↩
“Zendesk shall have no obligation or liability to Subscriber if a governmental or regulatory action restricts access to the Services, and Subscriber agrees that this Agreement and any Service Order expressly exclude any right to access the Services from a jurisdiction where such governmental or regulatory restriction is in effect.” https://www.zendesk.com/company/agreements-and-terms/main-services-agreement/ ↩
“You will not provide Input or attempt to generate Output through Lucid AI that contains any personal information or Protected Information.” https://lucid.co/tos ↩
Service Level Terms Are Not Applicable. Notwithstanding anything to the contrary in your Agreement or the Service Level Terms, downtime of Notion AI that results from a failure of a third party service will not be included in the Availability and Downtime calculations. https://www.notion.so/Notion-AI-Supplementary-Terms-fa9034c8b5a04818a6baf3eac2adddbb ↩
Except where expressly stated, Iterable AI is not supported or subject to any Service Legal Agreements that have been (or may be) agreed between the parties and Iterable reserves the right to downgrade performance of Iterable AI at any time. https://iterable.com/trust/additional-ai-terms-of-use/ ↩