Enterprise SaaS Contracts Are Secret AI Training Licenses

Enterprise SaaS Contracts Are Secret AI Training Licenses

Standard clauses buried in enterprise software agreements are giving artificial intelligence (AI) vendors sweeping rights to train models on source code, financial records, legal documents and customer data. Most companies don’t know the exposure exists.

The Federal Trade Commission (FTC) put companies on notice in February 2024. A business that collects user data under one set of privacy commitments cannot unilaterally revise those commitments to enable AI training — doing so quietly may be unfair or deceptive under the FTC Act.

The risk traces back to contract language written before generative AI existed. Provisions allowing vendors to “improve,” “build” or “enhance” their products can extend to AI training and fine-tuning. Both apply unless customers negotiate explicit limits.

Standard SaaS Clauses Now Double as AI Training Licenses

In a conventional SaaS arrangement, customer data is stored, processed and returned. In an AI engagement, the vendor may seek to use that data or derivatives of it to train, fine-tune or improve models that serve other customers or the vendor’s own products. Most agreements signed in the past two or three years draw no such distinction.

An analysis of data from TermScout, a contract certification platform that evaluates the fairness and favorability of tech contracts from Stanford Law School’s CodeX center, found 92% of AI contracts claim data usage rights beyond what is necessary for service delivery, far exceeding the market average of 63%. Many allow vendors to use customer data for competitive intelligence purposes, the TermScout data shows.

The exposure goes beyond a document being seen by a competitor. A model trained on proprietary workflows or deal structures absorbs commercially valuable patterns and can reproduce them in products sold to the vendor’s other customers.

Design software company Figma was hit with a proposed class-action lawsuit in California federal court in November 2025, Reuters reported. Plaintiffs alleged the company used customer designs and intellectual property without permission to train its generative AI tools. The lawsuit alleged Figma automatically opted users into allowing their data to train its AI software without informing them. Figma denied using customer data to train models without explicit authorization.

After customers feared updated terms granted Adobe broad rights over their content, the company clarified its policies and committed not to train AI systems using customer data, Axios reported. But Adobe uses a licensed image collection to train its Firefly generative AI engines and also shares the generated revenue with image providers.

AI Vendors Cap Liability While Customers Absorb Compliance Risk

AI vendor transactions introduce a distinct set of risks SaaS frameworks were never designed to address.

The IP protection gap is wide. Only 33% of AI vendors offer protection from third-party IP claims, the Stanford analysis found. This is lower than the market average of 58%. Most enterprise customers have no contractual recourse if a vendor’s model produces infringing output from their data.

Enterprise customers are pushing back on vendor rules that create ambiguity around permissible AI use, PYMNTS reported. Compliance concerns are deterring investment in AI workflows that might later violate operational policies.

In an article on the legal intelligence platform Mondaq, Juanita DeLoach, partner at Dallas-based firm Barnes and Thornburg, recommends explicit restrictions on whether customer data, prompts and outputs can be used to train models that serve other clients. Agreements should define what counts as training data; they should require notification before model changes; and they should specify who owns patterns and insights the model derives from customer data, DeLoach wrote.

Only 17% of AI contracts clearly commit to following all applicable laws, the Stanford CodeX analysis found. In standard SaaS agreements, the rate is 36%. Compliance liability sits with the customer even when the AI system belongs to the vendor.

Buyers are pushing for expanded protections, clearer risk allocation and stronger oversight clauses, PYMNTS reported. Enterprises want visibility into how models are trained, what data sources they rely on and how decisions are made.

Rapid model updates mean the model a customer evaluates during procurement may bear little resemblance to the model running in production six months later.