As the use of generative artificial intelligence (GenAI) proliferates, customers and vendors face unique challenges in contract negotiations. This post discusses these challenges, offering viewpoints from both perspectives.
Race to Automate
From the vendor perspective, GenAI is highly competitive among both AI model providers and vendors building “on top” of GenAI models or incorporating GenAI into existing or new products and services. Despite this competitive tension, GenAI model providers (and their “downstream” users) need to manage the inherent risks associated with GenAI, such as uncertainty with respect to rights to underlying data used in GenAI model training, the rapidly evolving regulatory landscape that is developing unevenly around the world, and capacity limitations driven by shortages and long lead times for hardware, power, and data centers necessary to run GenAI models at scale.
Practically speaking, the way that GenAI providers manage these inherent risks is by either limiting or disclaiming related responsibilities in contracts or shifting these risks to customers. The question then is—are the customers willing to accept these risks?
From the customer perspective, the business need to “get ahead” or stay ahead of the GenAI-adoption curve may warrant increased risk tolerance, as compared to other technology. The promise of potential cost savings, efficiency, and revenue-generating opportunities may lead a customer to accept more risk in the negotiations to procure access to GenAI. Even so, the difficult question is how much more risk may be reasonable for a customer to take on.
Because traditional risk assessment tools “follow the market” and evaluate the probability and impact of a risk occurring, seeking approval through typical contract review sign-offs may slow down (if not stop) deals. This is because the “market” for AI is very new and untested, which increases the probability of risk and potential scope of impact. As a result, customers are increasingly developing interim guidance for evaluating GenAI-specific risks that is specific to the industry, organization, and category of GenAI use cases.
Managing Evolving Legal Landscape
The use of GenAI gives rise to unique legal concerns, including often-cited challenges with respect to data privacy and security, intellectual property rights and infringement, and bias and accuracy of AI output. While courts and certain regulatory bodies have issued decisions or released guidance on some of these issues, the legal landscape for GenAI is expected to continue changing significantly as we gain a greater understanding of GenAI technology.
While the specifics of the legal landscape for GenAI are unclear, parties contracting for GenAI tools assume that existing laws and regulations that will sweep in the use of GenAI, as well as GenAI-specific laws and regulations, will apply to both vendors and customers, resulting in inherent interdependencies with respect to compliance and shared risk models.
With this understanding, vendors and customers look to manage this shared risk in some of the following ways:
- Information security reviews and diligence questionnaires completed by vendors (especially in regulated industries)
- Contractual transparency requirements that reflect evolving legal standards, such as those under the EU AI Act
- Change control, cost-sharing or bespoke termination rights based on changes in laws, especially for customers in highly regulated industries, such as healthcare or financial services
- Vendor commitments to test GenAI tools for compliance with laws, industry best practices or other standards of care, as well as for accuracy, bias, or defects, subject to some degree of inherent risk of GenAI usage
- Alignment on relevant policies and procedures—whether of GenAI model provider, customer, or some combination of both, to provide uniformity and consistency in key risk areas, such as those relating to compliance, bias, and inaccuracy
- Vendor or customer commitments to independent human verification of AI output, which can mitigate the risk of adverse impact of inaccuracy, but also gives rise to additional cost
- Measurable service levels for accuracy or other key GenAI metrics
Effective contract provisions are important to providing guardrails amid a rapidly evolving environment. Our technology transactions, outsourcing, and commercial contracts team has been at the forefront of drafting and negotiating agreements involving GenAI, helping customers and vendors navigate this unique contracting process.