The AI Contract Conundrum: Beyond Standard Terms

As artificial intelligence becomes increasingly integrated into business operations worldwide, companies must now re-examine their traditional contracting methods to handle the unique complexities AI brings to commercial relationships. As suppliers increasingly adopt AI (ranging from customer service automation to predictive logistics and generative content), companies must update their contractual and regulatory frameworks to include dedicated AI clauses in standard agreements.

Against this backdrop, the following elements should be considered when reviewing supply contracts involving AI:

• Disclosure Obligations: Suppliers should be required to reveal whether, where and how AI is used in delivering services, allowing customers to assess risks appropriately. This is key for customers to know at the outset to build trust with the supplier and to be able to draft appropriate contractual provisions accordingly. 
• Performance Warranties and Acceptance Testing: Traditional software contracts include straightforward performance warranties and acceptance criteria, but contracts where AI systems play a part a different approach is required. A key concern with AI systems is the potential for biased outputs and the variability in results from similar inputs, which can make standard testing methods unreliable. Introducing AI system specific testing is a developing area and one that should be considered from the outset of contracting with the inclusion of warranties regarding consistency, accuracy, and fairness in AI outputs, alongside testing and validation obligations for the supplier. Record-keeping is also likely to be of greater important compared to traditional software contracts to ensure that there is an appropriate audit trail of any testing of the AI system in case there are issues later with the performance or outputs of the system.
• Data Rights: AI systems are dependent on data for both initial training and ongoing operation, creating a complex web of rights and obligations. Where data being processed by an AI system includes personal data, unique risks with data protection issues arise and may trigger the need for a data protection impact assessment (at which point input from the supplier may be necessary). Customers procuring AI systems should ensure that implementation and use comply with applicable data protection legislation, and may wish to include specific warranties and indemnities in contracts to address supplier compliance with these obligations. Contracts should also address whether suppliers may use customer data for unrelated purposes, such as training or product improvement. If permitted, the contract should clearly define authorised uses and include assurances of lawful processing and compliance. 
• Intellectual Property: AI supply contracts must clearly define ownership and usage rights across both the system and its outputs. Suppliers typically retain IP in off-the-shelf systems, including pre-existing (background) and newly created (foreground) elements. Where bespoke modifications are involved to the AI system, customers may seek ownership or exclusive rights, but should assess whether such rights offer practical value, especially if the underlying system remains supplier owned. An exclusive licence may offer a workable compromise, granting continued use and limiting supplier reuse, though it may attract higher fees for ongoing support.
• Liability and Risk Allocation: The scope of liability in AI contracts often hinges on the nature of the system and the parties’ bargaining power. Off-the-shelf solutions typically offer limited room for negotiation, while bespoke systems may allow greater flexibility. A key issue is liability for inaccurate outputs, especially with generative AI, which can produce plausible but incorrect results. Suppliers may seek to disclaim responsibility, placing the burden of verification on the customer. Clients should assess whether the system’s value justifies the effort required to validate outputs and negotiate terms accordingly.
• Confidentiality and Information Security: When contracting for an AI system, customers should carefully consider the supplier’s confidentiality and information security measures. A key concern is whether any data entered into the system (especially sensitive or proprietary information) could be exposed or accessed by other customers using the same platform. To address this, contracts should include security provisions tailored to the unique risks posed by AI systems, such as the possibility of unintended data sharing, system manipulation, or inaccurate outputs caused by flawed or biased training data. Suppliers, in turn, will need to assess what AI-specific safeguards they can reasonably commit to within the contract.
• Changes: As the legal landscape governing AI continues to evolve, contracts must remain flexible. Including clear change control procedures and change-of-law clauses allows businesses to update agreements in response to legal shifts, rather than remain tethered to outdated terms. A crucial element to consider in relation to such clauses is who is responsible for implementing necessary changes and who bears the cost. Regulatory considerations also extend to termination rights; customers must ensure they retain adequate termination rights not only when suppliers fail to comply with regulations, but critically, when the customer's continued receipt of services would itself constitute a regulatory breach, regardless of whether the supplier remains technically compliant with their own obligations.

AI integration in commercial arrangements is today's reality. The question is not whether your organisation will encounter AI in supplier relationships, but whether you will be prepared. While the elements outlined above are important considerations when it comes to effective AI contracting, the rapid evolution of technology and emerging regulatory frameworks make this a dynamic, specialised field requiring ongoing review. 

At Bird & Bird, we regularly advise clients on the legal and commercial aspects of AI related contracting, providing deep sector knowledge and practical experience to help structure agreements. If you’d like to discuss any aspect of AI contracting further, please do not hesitate to get in touch.