Guest post by Mark Marfe, Pinsent Masons 

Development of AI systems adds a new twist to the typical considerations when licensing technology from third parties. In our example, we have a manufacturing business that opts to work with a third party supplier to develop new models that optimise the manufacturer's factories. Model development involves the supplier accessing the manufacturer's data and analysing that data against desired results to build models based on sample data. Some of these data may be of core importance and highly confidential (e.g. plant designs and process algorithms). The manufacturer will understandably wish to limit access to the data (both in terms of personnel and purposes) it has created (especially to its "crown jewels"). Read the full story.

The manufacturer will want to consider ownership of any newly created IP (i.e. who will own the deliverables created from the work package for models). It goes without saying that there will still be a need for a licence of any pre-existing IP the supplier owns that the deliverables rely on. The supplier will wish to be free to work on other projects including for the manufacturer's competitors. The supplier could achieve this by transferring the IP rights in the trained models to the manufacturer, but everything else remains with the supplier. The supplier then grants a licence to the manufacturer to use new IP (e.g. the copyright in code and documentation) created during the project. IP ownership is a point for negotiation between the parties, and the outcome will depend on the project in question. However, the data in play raises its own issues and should ideally be considered separately from the IP.

AI tools are only as good as the data on which they are trained. The results delivered by AI tools primarily rely on the input data. Therefore, it is essential that sufficient reliable and representative data is collected and used. However, the challenge for the data provider (the manufacturer in our example) is that data is not really "owned"; instead, there are "ownership-like" rights that subsist over them. These rights provide limited protection. "Anonymising" or reducing the data shared with the supplier is unlikely to assist as this significantly reduces the value the manufacturer will receive from the model. Because the manufacturer does not own its data by default (nor can it simply limit what data it provides), the manufacturer needs to build and maintain data "ownership" into its contract with the supplier. This means being alive to agreeing to terms requested by the supplier that may erode that ownership. For example, consider how derived materials are treated and used and take care when agreeing to time limits on non-disclosure and non-use obligations. This is important because it could mean that sensitive data shared with the supplier can be legitimately published on the internet or given to a competitor after the time limit expires.

Confidentiality is a wide-ranging and valuable tool to restrict the use of data. However, this depends on the data/information in question being kept confidential. At the planning stage of an AI project, a well-organised business can take various planning steps to ensure that:

  • internal stakeholders are aware of internal policies and procedures concerning confidentiality and that technical and organisational security measures and authorisations (in terms of who can and needs to access such data) are in place;

  • confidentiality agreements and non-disclosure agreements adapted to the specific purpose of the AI project are in place before any discussions begin concerning any element of the process; and

  • IT are aware of the correct access controls that need to be in place regarding the project and that permissions/authorisations are set for where data/information relating to the project is stored on internal/external systems.