Software as a Service (SaaS) companies are adding Generative Artificial Intelligence (Generative AI) features to their offerings. These features come with additional legal risks and requirements, which means updates to Terms, Privacy Policies, and agreements in general are necessary. This post assumes that your SaaS offering has a well laid out Terms, and will give you a high level overview of key updates specifically for Generative AI Features.
Ownership and Use of Input and Output
Terms around use of user input and output (content) are important. Your Customers want to know who owns and sees the content shared with and generated by your Generative AI-driven solution, and you should let them know that the content is being processed through a third party. Generative AI solutions utilize large language models – which, depending on your agreement with the provider, may cause content to be analyzed and utilized to improve on the AI itself. Customers should understand that their content may be used to improve upon the large language models and the implications of sharing certain kinds of information.
Accuracy or Guarantee Disclaimer
Generative AI solutions are known to produce “hallucinations”. This is because they’re fed off basically scraping the internet, so false information is mixed in there. For example, a couple of lawyers recently utilized a Generative AI solution to do legal research and present that research in court – and this ended up producing fake legal cases. You should have a clear accuracy and guarantee disclaimer that lets end users know that they should not rely on the accuracy of outputs, and disclaim liability accordingly. Use at your own risk.
Use Restrictions
Terms should already include use restrictions – but with Generative AI, additional use cases should specifically be called out. These restrictions can be industry and product specific, and should relate directly to what you are using the Generative AI solution for.
Compensation Disclaimer
Generative AI solutions, by design, use your data to improve upon their services. That means every time your end user uses the solution, your product gets better – but these end users may or may not expect compensation. Best practice is to explicitly note that submitting content to your solution that you utilize to improve upon your services does not entitle the end user to compensation of any kind.
Privacy Policy Updates
Updates to your Privacy Policy should explicitly lay out that content being submitted by end users are being transmitted to a third party Generative AI solution. Further, additional disclaimers around sharing personally identifiable information, protected health information, or any other kind of sensitive personal information or confidential information should be identified and disclaimed accordingly. For example, OpenAI (makers of ChatGPT) require that you enter into a Data Processing Addendum with them if you’re planning on allowing end users to enter personal data.
Let Us Help
This is by no means a comprehensive overview of terms to add for Generative AI features. If you need further assistance, feel free to reach out. We’ll discuss your specific offerings and help you through generating the appropriate documentation.
This post is not legal advice, and does not establish any attorney client privilege between Law Office of K.S. Kader, PLLC and you, the reader.