Client claims they own code written with GitHub Copilot - do they have a case?

Using a throwaway bc my boss knows my main. Look, i'm a freelance software developer and I'm in a weird dispute with a client about code ownership.

Background: I built a custom web application for a client. Contract says I retain copyright to the code and they get an exclusive license to use it. Standard freelance developer setup.

I used GitHub Copilot extensively while writing the code - probably 30-40% of the codebase was generated or heavily assisted by Copilot. I'd write a comment describing what I needed, and Copilot would generate the function. I'd review it, modify it, integrate it. Normal Copilot usage.

Now the client wants to acquire the company and the acquirer is doing IP due diligence. They discovered I used Copilot and are claiming:

1. I don't actually own the copyright because AI-generated content isn't copyrightable
2. GitHub/Microsoft might own the code because Copilot generated it
3. The code might be derived from GPL-licensed code that Copilot was trained on
4. They want me to rewrite all the Copilot-assisted code or they're walking away from the deal

This seems insane to me. Copilot is just a tool, like an IDE or Stack Overflow. Do they actually have a point here legally? Am I going to have to rewrite 40% of a codebase I spent 6 months building?

Great outcome. The 5% escrow is very reasonable - I've seen buyers ask for 20-30% on AI code concerns.

One final tip for everyone: If you're building software that might be part of an acquisition someday, consider adding language to your development contracts NOW that explicitly addresses AI tool usage.

Something like: "Developer may use AI-assisted coding tools (including but not limited to GitHub Copilot) in creating the Work. Developer represents that they will exercise creative judgment in using such tools and that all Work will constitute sufficient human authorship to qualify for copyright protection."

This won't eliminate buyer concerns but it shows you were thinking about it from the start and taking responsibility for the output tbh.

For anyone dealing with trade secret theft: act fast. The longer you wait, the harder it is to get an injunction. Most courts want to see that you took immediate action to protect your confidential information.

Trademark registration takes 8-12 months right now. If you need immediate protection, common law trademark rights exist from the date you first use the mark in commerce. Registration just gives you additional benefits.