Tech & Sourcing @ Morgan Lewis

AI usage policies have become the new norm as businesses across industries adopt various AI technologies in hopes of enhancing productivity and staying competitive, with many companies now revisiting and updating their AI usage policies to become more permissive while aiming to meet any transparency requirements.

Kari Krusmark, a partner in our technology transactions, outsourcing, and commercial contracts practice, is a leading advisor in complex technology initiatives, outsourcing arrangements, and digital transformation projects. With deep background guiding global companies through high-value technology deals, evolving regulatory requirements, and vendor ecosystem shifts, Kari has a unique perspective on how organizations should prepare for the rapidly changing technology and outsourcing landscape. Her insights highlight the key trends shaping 2026 and what businesses should be doing now to stay ahead.

One of the key concepts in contracting for generative AI (GenAI) is allocating rights to data that the GenAI tool processes and generates, as well as any data used to train, test, and improve the underlying AI model. A new concern in these contracts relates to the use of a GenAI tool (or data generated by this tool) for competitive purposes and corresponding contractual restrictions. This blog post outlines some of the relevant considerations when evaluating and negotiating contractual provisions relating to these data rights and use restrictions.

We invite you to join us for the next presentation of our Tech & Sourcing webinar series Navigating the Global Landscape Through Innovation on Thursday, December 11, 2025 at 12:00 pm ET, focused on global capability centers.

On October 29, Morgan Lewis will be hosting the annual Tech & Sourcing Summit in New York. This full-day event will bring together our lawyers and industry leaders, focusing on this year’s theme: Navigating the Global Landscape through Innovation. A reception will follow the substantive portion of the program.

As companies expand their use of artificial intelligence, copyright law has become a central area of risk and uncertainty. Building on a recent Tech Marathon webinar presented by Morgan Lewis, we highlight key takeaways from recent court decisions testing fair use in AI training as well as legislative proposals on copyright disclosure and digital replicas. The landscape is shifting quickly, and technology lawyers should be prepared to help clients evaluate AI-related rights and manage risks in transactions.

As ransomware threats, data breach litigation, and supply chain cybersecurity concerns become increasingly more common and costly, buyers of tech, SaaS, and outsourcing services are giving far more weight to cyberliability insurance requirements in their contracts. While cyberinsurance provisions are becoming a routine point of negotiation in technology and outsourcing agreements, expectations on coverage, limits, and scope may vary widely.

The EU Data Act’s implementation date is already upon us. That’s right, it becomes applicable, in part, on September 12, 2025, marking a major milestone in Europe’s data transformation journey, impacting cloud services, connected products and other data-driven industries.

On 19 June 2025, the UK Parliament enacted the Data (Use and Access) Act 2025 (DUAA), marking the most significant UK data protection reform since the UK General Data Protection Regulation (UK GDPR). Rather than overhauling the current regime, DUAA introduces targeted amendments to the UK GDPR, the Data Protection Act 2018, and Privacy and Electronic Communications Regulations (PECR), aiming to support responsible data use while preserving core privacy protections.

Our Morgan Lewis colleagues recently wrote on the US administration’s new artificial intelligence action plan, specifically as the plan seeks to foster innovation and expedite the development of AI data centers and the necessary energy infrastructure required for such expansion.