AI and data licensing

AI vendor reserving training rights inside a SaaS supply chain

Matter type: AI vendor contract review and pass-through obligation analysis.

Facts

My client was a downstream SaaS company building a feature that embedded a third-party AI model. The upstream AI vendor's standard terms reserved broad rights to use customer-submitted inputs for service improvement, including model training. The reservation was tucked into the data-use section in language that read at first glance as standard service-improvement boilerplate. My client's enterprise customers, in their negotiated order forms, had each prohibited the use of their data for model training. The downstream SaaS could not pass through both promises at the same time.

The deal sequence was: a Fortune-1000 enterprise customer with a strict no-training contract clause; my client's SaaS product on top; the upstream AI vendor whose model powered a feature inside that SaaS. The discovery happened during a routine vendor-diligence sweep ahead of the enterprise customer's annual security review. The enterprise customer's general counsel had flagged the upstream terms and asked for a written attestation that no enterprise customer data flowed into training.

What I did

I read the upstream AI vendor's terms in full, including the data-use section, the privacy schedule, and the order-form addenda. I cross-referenced those terms against my client's downstream enterprise contract obligations and produced a chart that showed exactly where the upstream rights and the downstream prohibitions intersected. I then drafted, on my client's behalf, a written request to the upstream AI vendor for a contractual amendment: an enterprise-tier order-form addendum disabling training use on identified workspaces, with a corresponding written confirmation suitable for pass-through to the enterprise customer.

I also drafted standby language for the downstream order form so that if the upstream vendor refused the amendment, my client could either route the feature through a different model or disclose the limitation to the enterprise customer in writing before continuing.

Outcome

After the written amendment request, the upstream AI vendor agreed to a workspace-scoped no-training addendum on enterprise tier accounts, with a written confirmation my client could attach to its enterprise customer contracts. The enterprise customer accepted the chain of written confirmations and the annual security review closed without flagging the training-rights issue. The standby disclosure language was never needed but remains in my client's playbook for future deals. Each matter turns on its facts; the outcome here does not predict the outcome on a similarly framed AI vendor negotiation.

Lesson

A SaaS company that resells or embeds a third-party AI model has a back-to-back contract problem the moment a sophisticated enterprise customer demands no-training language. The upstream model vendor's default terms almost always reserve some training right. A vendor-diligence sweep before signing an enterprise customer, not after, surfaces the conflict while there is still time to negotiate the upstream addendum. Read the upstream terms before promising the downstream commitment.

Have an AI or data licensing matter that looks similar?

Send the upstream and downstream contracts and the deal context. I read every inquiry myself.

See the AI and data practice page Email owner@terms.law
Disclaimer. This case study is an anonymized writeup of a matter I handled. Names, industries, geographies, dollar amounts, and identifying details have been changed. Past results are not a guarantee, prediction, or warranty of any future outcome. Each matter turns on its own facts and applicable law. Reading this page does not create an attorney-client relationship.