Privata Vox® Blog

How AI Tools Could Compromise Intellectual Property Rights

A globe that is patterned with business-related photos is floating in an orbit and being hit with a sharp beam of light.For close to 70 years, case law and regulatory enforcement have firmly established that in order to defend its intellectual property (IP) rights, an organization must demonstrate that it has appropriately protected the information from unauthorized and unnecessary access.

In other words, courts and regulators decided long ago that they were not going to defend intellectual property rights if the organization claiming those rights was not reasonably protecting the information in the first place.

Like most people, I am both in awe of what Generative Artificial Intelligence (Gen AI) can do and baffled by how it does it. That being said, what I and most others do know is that publicly available Gen AI utilities use what’s known as a Large Language Model (LLM) to work their magic. We have also learned that such LLMs are “trained” by integrating data they find online and by questions and content users share with them.

To date, I have found a few articles on the dangers of exposing any IP to Gen AI, even if that exposure is only for help with editing or reorganizing. The authors (quite rightly) raise concerns that by exposing IP to an LLM, that information could be inadvertently divulge it to others who are looking into the same issue. The prevailing premise is that another researcher using the same public Gen AI utility to explore a similar topic is likely to ask questions that will prompt the AI to reveal the previously exposed IP.

This is a very real concern and I endorse their warnings.

What I have not found, however, is anyone discussing the possibility that exposing IP to a Gen AI tool could undermine an organization’s civil and statutory rights to defend IP ownership. As mentioned, this could result even if the IP is exposed to public Gen AI for something as innocuous as editing or reorganizing. The fact remains that it was knowingly (or negligently) released into the wild for anyone to access. The information was not protected, which, from a legal perspective, is one of the defining characteristics of IP.

And, once the fact is established that IP may have been exposed to Gen AI, that fact alone could provide cover for the accused, regardless of how the accused allegedly violated IP rights. No matter the basis of the IP owner’s complaint, the accused could simply argue that IP rights no longer apply on the basis that the information in question had been previously exposed to a public service that is specifically designed to share whatever information is shared with it.

Clearly, this issue is hypothetical. To the best of my knowledge, no court has yet weighed in. Readers are, therefore, left to determine the risk this issue actually represents.

But, even if the risk is determined to be low, it is still significant enough to amend information security policies to prohibit the exposure of proprietary (or personal) information to a public Gen AI utility. First, prohibiting the practice is likely to minimize the occurrence. Second, if an organization’s IP protections were ever called into question, formally prohibiting the practice would considerably reduce the vulnerability, even if it was determined that an employee acted contrary to the policy. The prohibition would have established that organization had taken measures to eliminate the Gen AI exposure vulnerability and expressing that intent may be all that is needed to retain the information IP status and the attendant rights.

The good news is that, probably soon, organizations will have proprietary Gen AI utilities that not only better serve their needs, but also don’t expose their proprietary information to the world at large. Until then, however, information security policies should be modified accordingly.

© 2024 Privata Vox, LLC - All Rights Reserved

Subscribe to stay up to date with new blog posts, speaking appearances, and more.

Subscribe To Updates