Software as a Service (SaaS) companies far and wide are adding Generative Artificial Intelligence (Generative AI) features, such as ChatGPT, Bard, and Bing.ai) to their offerings. It’s important to note that these features come with additional legal risks and requirements. This means updates to your Terms, Privacy Policies, and agreements in general are necessary. This post assumes that your SaaS offering has a well laid out Terms, and will give you a high level overview of key updates specifically for Generative AI Features.
Content Ownership and Use of Content to Improve Services
Terms around Content Ownership are important. Not only do your Customers want to know who owns the content they submit to your Generative AI-driven solution, you should also let them know that the Content is being processed through a third party Generative AI solution. Further, Generative AI solutions utilize large language models – which require content to be analyzed and utilized to improve upon the services being offered. This means that you should let end users know that their content will be used to improve upon the large language model the solution utilizes.
Accuracy or Guarantee Disclaimer
Generative AI solutions are known to produce “hallucinations”. This is because they’re fed off basically scraping the internet, so false information is mixed in there. For example, a couple of lawyers recently utilized a Generative AI solution to do legal research – and this ended up producing fake legal cases. You should have a clear accuracy and guarantee disclaimer that lets end users know that they should not rely on the accuracy of outputs, and disclaim liability accordingly. Use at your own risk.
Use Restrictions
Terms should already include use restrictions – but with Generative AI, additional use cases should specifically be called out. These restrictions can be industry and product specific, and should relate directly to what you are using the Generative AI solution for.
Compensation Disclaimer
Generative AI solutions, by design, use your data to improve upon their services. That means every time your end user uses the solution, your product gets better – but these end users may or may not expect compensation. Best practice is to explicitly note that submitting content to your solution that you utilize to improve upon your services does not entitle the end user to compensation of any kind.
Privacy Policy Updates
Updates to your Privacy Policy should explicitly lay out that content being submitted by end users are being transmitted to a third party Generative AI solution. Further, additional disclaimers around sharing personally identifiable information, protected health information, or any other kind of sensitive personal information, should be identified and disclaimed accordingly. For example, OpenAI (makers of ChatGPT) require that you enter into a Data Processing Addendum with them if you’re planning on allowing end users to enter personal data.
Let Us Help
This is by no means a comprehensive overview of terms to add for Generative AI features. If you need further assistance, feel free to reach out.
This post is not legal advice, and does not establish any attorney client privilege between Law Office of K.S. Kader, PLLC and you, the reader.