In brief. AI is now embedded in supply chains, hiring, pricing, diagnostics, vehicles, and the practice of law itself—and it implicates nearly every area of commercial and professional law at once. This guide surveys the terrain stage by stage: protecting AI assets and owning what AI creates; products liability; biometric and data privacy; employment discrimination; commercial transactions; antitrust; bankruptcy; healthcare; the professional-responsibility rules governing lawyers who use AI; and the shifting regulatory landscape. It reflects the law as of mid-2026, including the November 2025 USPTO inventorship guidance, the December 2025 federal executive order on state AI laws, the EU's Digital Omnibus deferral of high-risk AI deadlines, the 2025 AI-copyright rulings, and the D.C. Circuit's 2025 decision in Thaler v. Perlmutter. It is not legal advice; this area changes monthly, so verify the current state of the law before acting.
A federal judge in Manhattan opens a brief filed by experienced counsel and starts pulling the cases it cites. Varghese v. China Southern Airlines. Martinez v. Delta Air Lines. Zicherman v. Korean Air Lines. He cannot find a single one. Not in Westlaw, not in PACER, not anywhere—because none of them exist. The lawyers had asked ChatGPT to do their legal research, the chatbot had invented half a dozen plausible-sounding opinions complete with fabricated quotations and bogus internal citations, and the lawyers had filed the result without checking. In June 2023, Judge P. Kevin Castel sanctioned them under Rule 11. Mata v. Avianca, Inc., 678 F. Supp. 3d 443 (S.D.N.Y. 2023). The episode became the most famous cautionary tale in the early history of AI law, and it captures the central truth of the entire field: artificial intelligence is no longer a subject for futurists and computer scientists. It is in the room, doing the work, and getting people into trouble.
AI is embedded in the operating infrastructure of modern commerce—powering supply chains, screening job applicants, setting prices, reviewing contracts, diagnosing diseases, driving cars, and, increasingly, drafting the very legal documents that govern its use. The technology moved from the research laboratory to the boardroom with astonishing speed, and the law is racing to keep up.
For businesses deploying AI and for the lawyers advising them, the legal landscape is both vast and volatile. AI implicates virtually every major area of law: intellectual property, products liability, data privacy, employment discrimination, antitrust, commercial contracting, bankruptcy, professional responsibility, and an increasingly dense web of federal, state, and international regulation. What makes AI uniquely challenging is not the novelty of any single issue—liability, ownership, and privacy are ancient concerns—but the way AI collapses all of them into one technology that acts, learns, and produces outputs in ways existing legal frameworks were never designed to address. (A shorter, executive-level treatment of the same terrain is available in our companion piece, Artificial Intelligence Key Legal Issues: An Overview; this is the long-form version for businesses and legal professionals who need the doctrine and the citations.)
To keep the survey grounded, this guide follows one hypothetical company. Aperture AI, Inc. is a mid-sized firm that has built a single machine-learning platform and spun it into four product lines: an AI hiring tool that ranks job applicants; a dynamic pricing engine sold to retail clients; a computer-vision module licensed to a partner that builds autonomous delivery robots; and the underlying models, all trained on enormous datasets scraped and licensed from many sources. Aperture is, in miniature, the modern AI enterprise—and as we move through each area of law, its four products will show how the same company can face copyright, biometric, employment, products-liability, and antitrust exposure simultaneously, often from a single design decision.
What AI Is—And Why It Defies Easy Legal Categories
Before examining specific issues, it is worth pausing on a threshold question that pervades every area of AI law: what, exactly, is artificial intelligence? The answer matters because legal rules are built on categories—product or service, author or tool, employee or contractor—and AI has an uncomfortable habit of straddling the boundaries between them.
There is no single, universally accepted legal definition. The term generally refers to computer systems capable of performing tasks that would ordinarily require human intelligence: recognizing patterns, drawing inferences, making predictions, learning from experience, and generating outputs—text, images, code, decisions—that can be indistinguishable from human work product. The EU AI Act (Regulation (EU) 2024/1689), the world's first comprehensive AI statute, defines an AI system as a machine-based system designed to operate with varying levels of autonomy, that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers from its inputs how to generate outputs—predictions, content, recommendations, or decisions—capable of influencing physical or virtual environments.
In practice, AI spans a broad range of technologies: natural-language processing (behind chatbots and legal-research platforms), machine learning (algorithms that improve with data), artificial neural networks (the architecture underlying image recognition and generative AI), and robotic systems that pair AI with physical actuation. A useful mental model, drawn from intellectual-property practice, treats a machine-learning system as a "black box" built from four human-created components: a training set (data, with features and labels), an input query (the form in which a question is posed), an output, and the model itself. Engineers know how the box is built even when they cannot fully explain why it produces a particular answer—and, as we will see, that gap between construction and explanation is where much of the legal difficulty lives.
The legal significance of this definitional ambiguity is hard to overstate. Whether an AI-enabled offering is a "product" or a "service" determines whether strict liability applies. Whether an AI system is an "author" or an "inventor" determines whether its outputs receive IP protection. Whether an AI hiring tool is an "employment test" determines what anti-discrimination obligations attach. Whether a face-scanning algorithm produces a regulated "biometric identifier" determines whether a private right of action with five-figure-per-violation damages applies. At every turn, the analysis of AI begins with a classification question that existing categories were not built to answer—a problem Aperture confronts the moment it tries to insure, license, or defend any one of its four products.
Intellectual Property: Protecting AI and What AI Creates
The intersection of AI and intellectual property presents two distinct sets of questions. The first concerns protecting AI itself—the algorithms, source code, training data, and models that constitute a system. The second concerns owning and protecting what AI produces—the inventions, creative works, and datasets that AI systems generate. Both are central to the practice of IP law in the generative-AI era, and both are surveyed in depth in our guide to the legal protection of software.
Patent Protection for AI Technology
Certain AI technology is patentable. The U.S. Patent and Trademark Office (USPTO) recognizes AI through its classification system (Class 706, Data Processing: Artificial Intelligence) and devotes dedicated examination resources to AI applications, the volume of which has exploded—USPTO data show AI-related filings more than doubling between 2002 and 2018, with AI techniques spreading from roughly 9% to more than 42% of all technology subclasses. The threshold question, however, is whether a given AI invention clears patent-eligible subject matter under Section 101 of the Patent Act (35 U.S.C. § 101).
The challenge is familiar. The Supreme Court held in Diamond v. Chakrabarty, 447 U.S. 303 (1980), that patentable subject matter includes "anything under the sun that is made by man," but excluded abstract ideas, laws of nature, and natural phenomena. In Alice Corp. Pty. Ltd. v. CLS Bank International, 573 U.S. 208 (2014), building on Mayo Collaborative Services v. Prometheus Laboratories, Inc., 566 U.S. 66 (2012), the Court established a two-step framework: first ask whether the claims are directed to a judicial exception such as an abstract idea; if so, search for an "inventive concept"—an element or combination that transforms the claim into "significantly more" than the abstract idea itself. Because AI rests on algorithms and mathematical computation—categories the USPTO has flagged as potentially abstract—applicants must draft carefully to survive Section 101.
The USPTO's eligibility guidance gives practitioners a roadmap. Its 2019 Revised Patent Eligibility Guidance (84 Fed. Reg. 50 (Jan. 7, 2019)), updated in October 2019, added a critical "integrated into a practical application" inquiry at Step 2A: a claim is not "directed to" an abstract idea if, taken as a whole, it integrates the exception into something concrete—improving computer functionality, or configuring or controlling a real-world process or device. The agency's worked examples are instructive and worth knowing by name. In Example 39, a "method for training a neural network for facial detection"—expanding the training set and iterating to minimize false positives—is eligible because the claims do not even recite a judicial exception; the steps cannot practicably be performed in the human mind. In Example 46, a livestock-management claim that merely gathers and analyzes data to flag aberrant animal behavior is ineligible, but a parallel claim that adds the step of controlling a sorting gate to separate the flagged animals becomes eligible—even though gate-control is itself routine—because it integrates the analysis into a practical application. The lesson for Aperture's patent counsel is concrete: tie the algorithm to a tangible technological improvement or a real-world action, characterize the invention by the scale of data it processes (to show a human mind could not do it), and describe the system structurally rather than in purely functional terms. The deeper strategy is covered in our analysis of patent eligibility after Alice. Under Director John Squires (confirmed September 2025), the agency has signaled a more permissive posture on eligibility, but the drafting discipline remains essential.
Section 101 is not the only hurdle. The disclosure requirements of 35 U.S.C. § 112(a)—written description and enablement—pose a problem peculiarly suited to AI's black box. Written description requires showing the inventor "had possession" of the claimed invention (Ariad Pharmaceuticals, Inc. v. Eli Lilly & Co., 598 F.3d 1336 (Fed. Cir. 2010) (en banc)); enablement requires that a skilled artisan can make and use the invention without "undue experimentation," assessed under the factors of In re Wands, 858 F.2d 731 (Fed. Cir. 1988). Software has traditionally been treated as a "predictable" art for which high-level disclosure suffices—but deep learning strains that assumption, because even the inventor may not know why one network architecture outperforms another. As one foundational decision put it, "the scope of enablement obviously varies inversely with the degree of unpredictability." In re Fisher, 427 F.2d 833 (C.C.P.A. 1970). The USPTO has acknowledged that AI inventions may demand more detailed disclosure than other software, because while the inputs and outputs are known, "the logic between them may be unknown." Sound practice: disclose the architecture, the preprocessing of input data, multiple embodiments, flowcharts, and performance-verification results—dumping raw source code generally does not help.
Even where patenting is available, it carries trade-offs. The process takes years—an eternity in AI—and requires public disclosure, potentially surrendering trade secrets. And a patent's default term of twenty years from filing (35 U.S.C. § 154(a)(2)) may be shorter than the protection other mechanisms offer. When Aperture's engineers devise a genuinely novel training architecture, they must weigh a patent's strong exclusionary rights against the disclosure it demands.
Copyright Protection for AI Software
Copyright protects certain components of AI systems, most notably source code. An original expression of source code is protectable as a "literary work" if it is original and fixed in a tangible medium (17 U.S.C. § 102(a); Sega Enterprises Ltd. v. Accolade, Inc., 977 F.2d 1510, 1520 (9th Cir. 1992)). Visual elements—graphical interfaces, screen displays—may also qualify. But copyright has real limits here. It protects only the original expression in the code, not the functional aspects—algorithms, logic, system design—which the idea/expression dichotomy excludes (17 U.S.C. § 102(b)). Proving infringement requires evidence of actual copying, a more demanding showing than patent infringement, and the fair-use defense (17 U.S.C. § 107) can shield conduct that would otherwise infringe—a doctrine of central importance to AI training data, discussed below. AI software that incorporates open-source components raises additional ownership and enforcement complications that demand careful licensing analysis.
Training data poses its own copyright puzzle. A curated dataset is protectable only to the extent it reflects original human expression in selection, coordination, or arrangement—the Feist originality threshold (Feist Publications, Inc. v. Rural Telephone Service Co., 499 U.S. 340 (1991))—and the underlying facts and data remain free for the taking. The implication for Aperture is that its most valuable data asset is rarely protected by copyright at all; its real moat is contract and secrecy.
Trade Secret Protection for AI
For many AI developers, trade secret protection is the most important and practical form of IP. Trade secrets are protected federally under the Defend Trade Secrets Act of 2016 (18 U.S.C. §§ 1831–1839) and at the state level under versions of the Uniform Trade Secrets Act adopted by nearly every state. Protection reaches business, financial, and technical information—source code, algorithms, model architectures, model weights, and training datasets—that is not generally known, derives independent economic value from its secrecy, and is the subject of reasonable efforts to keep it secret. The advantages are substantial: no application, no registration, no public disclosure, and potentially indefinite duration so long as secrecy is maintained. For a company whose edge lies in proprietary algorithms or curated training data—exactly Aperture's situation—trade secrets may be the single most valuable asset in the portfolio.
The difficulty lies in the "reasonable efforts" requirement, which is a continuing obligation, not a one-time box to check. Because AI evolves through rapid, iterative development, new secrets emerge constantly and must be identified and protected as they arise. Companies should implement comprehensive programs—physical and digital access controls, multi-factor authentication, data-loss-prevention measures, non-disclosure agreements, written access policies, and, in an era of widespread remote work, robust protocols for securing secrets outside the office. Our guide to building a trade-secret protection program from scratch walks through the mechanics. One caution: trade secrecy offers no protection against independent development or lawful reverse engineering, and a single careless disclosure—an unguarded conference talk, an unencrypted laptop—can extinguish the asset permanently.
The three forms of protection are best understood as complementary, not competing.
| IP form | Protectable AI elements | Key advantages | Key limitations |
|---|---|---|---|
| Patent | Novel AI methods, systems, hardware | Strongest exclusionary rights; protects functionality; no need to prove copying | Section 101 hurdles; § 112 enablement strain; public disclosure; 20-year term; multi-year prosecution |
| Copyright | Source code, object code, visual elements | Automatic on creation; long duration; no registration required for protection | Protects expression only, not function; fair-use defense; requires proof of copying |
| Trade secret | Algorithms, training data, model weights, architectures | No registration or disclosure; potentially indefinite | Requires continuous reasonable efforts; lost if disclosed; no protection against independent discovery or reverse engineering |
In practice, a single AI system is protected by a portfolio: patents on the novel training method, copyright in the code, and trade secrecy over the weights and curated data—with contract stitching the whole thing together. For the elements that no statutory regime reaches well (raw data, model outputs, input-query formats), well-drafted license agreements often supply the only real protection, as discussed below.
The Ownership Problem: Who Owns What the Machine Creates?
The most provocative IP question in AI law is not how to protect AI, but who owns what AI produces. When a system generates an invention, writes code, composes music, or produces an image, does the output belong to anyone—and if so, to whom?
On inventorship and patent ownership, the Federal Circuit resolved the threshold question in Thaler v. Vidal, 43 F.4th 1207 (Fed. Cir. 2022), holding that the Patent Act requires an inventor to be an "individual," which the Supreme Court has explained "ordinarily means a human being." Mohamad v. Palestinian Authority, 566 U.S. 449, 454 (2012). Stephen Thaler had named his AI system DABUS as sole inventor; the USPTO, the district court, and the Federal Circuit all agreed that AI cannot be an inventor under current law, and the Supreme Court denied certiorari in 2023. Courts in the United Kingdom, Australia, and New Zealand reached the same conclusion; only South Africa, whose system does not substantively examine, granted a DABUS patent. We compare these national approaches in our analysis of AI and inventorship across jurisdictions.
Critically, Thaler expressly left open the far more commercially important question—whether inventions made by humans with the assistance of AI are patentable—and the answer has shifted with USPTO leadership. In February 2024, then-Director Kathi Vidal issued guidance applying the joint-inventorship factors of Pannu v. Iolab Corp., 155 F.3d 1344 (Fed. Cir. 1998), permitting patents where the human made a "significant" (more than insignificant) contribution to each claim of an AI-assisted invention. On November 28, 2025, Director Squires rescinded the Vidal guidance in its entirety and replaced it. Under the new Revised Inventorship Guidance for AI-Assisted Inventions, AI is treated simply as a tool—"analogous to laboratory equipment, computer software, research databases, or any other tool that assists in the inventive process"—and the Pannu factors apply only to determine whether multiple human beings are joint inventors, not as a gate on AI-assisted inventions. The touchstone remains human conception: at least one natural person must have conceived (significantly contributed to) each claim. In practical effect, the new guidance relaxes the barriers to patenting AI-assisted inventions, since the analysis no longer parses the human-versus-machine contribution in the single-inventor case. For Aperture, this means an engineer who used the company's own AI to help design a new sensor can be named the inventor so long as she genuinely conceived the claimed invention—AI's involvement no longer triggers a special contribution inquiry. For a fuller treatment, see our article on AI-generated inventions and ownership.
On authorship and copyright ownership, the law tracks a parallel path. The Copyright Act does not define "author," but courts and the Copyright Office have consistently required human authorship. In the "monkey selfie" case, the Ninth Circuit held that a monkey had no rights in photographs it took of itself. Naruto v. Slater, 888 F.3d 418 (9th Cir. 2018). The Copyright Office applies the same principle to AI, refusing registration for works generated without sufficient human creative input. The D.C. Circuit affirmed that approach in March 2025 in another case brought by Stephen Thaler, holding that the Copyright Act's text and structure require a human author and that Thaler's machine, the "Creativity Machine," could not be the author of record. Thaler v. Perlmutter, 130 F.4th 1039 (D.C. Cir. 2025). What remains unresolved is how much human involvement suffices when AI is used as a creative tool—a question the Copyright Office's own multi-part AI study is working through, and one with enormous stakes for industries from music licensing to digital content and likeness rights. The practical upshot for Aperture: anything its models generate without meaningful human authorship may fall into a kind of public domain—free for competitors to copy—unless the company protects it some other way, through contract or trade secrecy.
AI and IP Infringement—Including the 2025 Training-Data Rulings
AI creates infringement risk on multiple fronts. On the patent side, divided-infringement problems arise when multiple actors perform different steps of a patented AI method—an image-recognition step performed by a component supplier, a vehicle-control step performed by the manufacturer—so that no single actor practices the whole claim. The drafting fix is to keep the inventive limitations in a single actor's hands or to recite environmental limitations in the preamble (Advanced Software Design Corp. v. Fiserv, Inc., 641 F.3d 1368 (Fed. Cir. 2011)). Companies should obtain freedom-to-operate opinions before launching AI products and negotiate robust indemnification in AI license agreements.
On the copyright side, the use of copyrighted works to train AI became the central legal battleground of the generative-AI era—and the courts have now begun to answer. A wave of suits by The New York Times, Getty Images, record labels, and groups of authors and artists alleged that ingesting copyrighted material to train models is unauthorized reproduction; developers responded that training is transformative fair use, invoking Authors Guild, Inc. v. Google, Inc., 804 F.3d 202 (2d Cir. 2015) (book-search digitization held transformative). The first substantive rulings arrived in 2025, and they were nuanced rather than categorical. In Thomson Reuters Enterprise Centre GmbH v. ROSS Intelligence Inc. (D. Del. Feb. 2025), the court rejected a fair-use defense for a non-generative legal-research tool built on Westlaw headnotes—the first major decision to side with a rightsholder. Then, within days of each other in June 2025, two judges in the Northern District of California found AI training to be fair use: in Bartz v. Anthropic PBC, Judge Alsup called training on lawfully acquired books "exceedingly transformative," and in Kadrey v. Meta Platforms, Inc., Judge Chhabria reached the same result but on narrow grounds, stressing that transformativeness alone is not dispositive and that market-dilution harm could doom such a defense in a better-developed case.
Crucially, Bartz distinguished the training use from Anthropic's downloading and retention of pirated copies in a permanent library, which it held was not fair use—exposure that led to a proposed settlement of at least US$1.5 billion in 2025, the largest copyright settlement in U.S. history. Both California rulings also emphasized that fair use in training does not immunize infringing outputs; a business that publishes AI-generated material remains liable if that output itself infringes.
The lesson for Aperture is twofold. First, how it acquires training data matters as much as what it trains on: lawfully licensed or purchased data stands on far firmer ground than scraped or pirated material—a point that connects to the contract and computer-fraud questions we examine in data scraping after hiQ v. LinkedIn. Second, Aperture's clients who publish the engine's outputs need indemnification and their own output-screening, because the training-stage victories do not protect them downstream. These cases continue to develop, and we track them in detail in our dedicated analysis of generative-AI copyright litigation.
Products Liability: When AI Causes Harm
As companies embed AI in physical products and decision systems, the potential for AI to cause injury, property damage, and economic loss grows. AI's capacity for autonomous action raises a foundational question existing products-liability law was not built to answer: how do you assign fault when the "actor" is a machine? Aperture confronts this directly through its computer-vision module, which steers its partner's delivery robots down public sidewalks.
Applying Traditional Liability Theories to AI
U.S. products-liability law rests on three theories—negligence, breach of warranty, and strict liability under Section 402A of the Restatement (Second) of Torts—each of which can apply to AI injuries, and each of which strains.
Negligence requires proof that the defendant failed to exercise reasonable care in design, manufacture, or the provision of warnings and instructions. In Cruz v. Raymond Talmadge d/b/a Calvary Coach, 2015 WL 13776213 (Mass. Super. Ct. Sept. 25, 2015), passengers injured when a charter bus struck a low overpass sued the makers of the GPS devices the driver had used, alleging the devices defectively routed the bus under a height-restricted overpass and failed to warn—classic design-defect and failure-to-warn theories applied to a semi-autonomous device whose outputs traced back to identifiable design choices and available data. Breach of warranty, grounded in state versions of UCC Article 2, covers express performance promises and the implied warranties of merchantability and fitness for a particular purpose—warranties that fit awkwardly over a system that "drifts" and changes after sale. Strict liability under Section 402A imposes liability without fault on sellers of products "in a defective condition unreasonably dangerous" to the user, but only if the product reaches the user "without substantial change" in its condition; it applies straightforwardly when a physical product incorporating AI malfunctions, but courts have not resolved whether a "defect" can lie in a training dataset that yields biased or incorrect outputs, or in a model that learns its way into a dangerous behavior after leaving the manufacturer's control.
The autonomous-actor problem becomes most acute with fully autonomous systems. In Nilsson v. General Motors, LLC, No. 18-471 (N.D. Cal. 2018), a motorcyclist alleged that an autonomous Chevy Bolt veered into his lane and "drove in a negligent manner"; notably, the plaintiff pleaded ordinary negligence against the vehicle itself, and GM's answer acknowledged that the Bolt "was required to use reasonable care in driving." The case settled before any substantive ruling, leaving the hard questions open: can an AI product itself be the "actor" for liability purposes? What standard of care applies—the reasonable person, or a new "reasonable machine"? And where fault cannot be traced to a human decision, should courts apply res ipsa loquitur and shift the burden to manufacturers? At least one prominent commentator argued exactly that. See David C. Vladeck, Machines Without Principles: Liability Rules and Artificial Intelligence, 89 Wash. L. Rev. 117 (2014). If one of Aperture's vision-guided robots injures a pedestrian and no one can explain why the model acted as it did—the so-called black-box problem—these unresolved questions move from the law reviews to Aperture's courtroom.
Workplace-robot cases show how liability gets apportioned in practice. In Hills v. Fanuc Robotics America, Inc. (E.D. La.), a worker pinned by a suddenly reactivating robot recovered against multiple defendants, with a jury allocating fault across the employer, the system designer, and the light-curtain manufacturer—but finding the robot maker itself not at fault. In Holbrook v. Prodomax Automation Ltd. (W.D. Mich.), the estate of a worker fatally crushed by an automated system sued the manufacturers of the robot, controllers, tooling, and safety devices on theories including res ipsa loquitur, while pointedly not suing the employer (shielded by Michigan's workers'-compensation bar) to keep the jury from apportioning fault to a party the plaintiff could not collect from. These cases foreshadow the component-and-integrator finger-pointing that an Aperture robot accident would generate: developer, integrator, hardware maker, and deployer each pointing at the others, and the plaintiff suing all of them.
| Liability theory | Application to AI | Key challenge |
|---|---|---|
| Negligence | Design defect; failure to warn; negligent training-data curation | Identifying the specific human decision that breached the duty of care |
| Breach of warranty | Express warranty on AI performance; implied warranty of merchantability | Warranties "lose value over time" as the model drifts; allocating liability across the supply chain |
| Strict liability (§ 402A) | Defective AI-enabled product causing physical harm | Defining "defect" in systems that learn and evolve after leaving the manufacturer's control |
Risk Management and Insurance
Two practical responses help. The first is documentation. A well-run AI deployment adopts an internal AI policy that addresses safety standards (failsafes that trigger human intervention, recall procedures, anticipation of foreseeable misuse), oversight and controls (clear allocation of responsibility, bias-and-drift auditing, and—critically—designing the system to record its own decisions so they can be reconstructed in litigation), and third-party governance of AI vendors. A caution comes with it: regulators and plaintiffs' lawyers read those policies too, so a company should not promise safeguards it cannot deliver.
The second response is insurance, and the industry is still adapting. Traditional commercial general liability, cyber, errors-and-omissions, and product-liability policies may or may not cover a given AI failure, depending on its nature and the policy wording. Every party in the AI supply chain—developer, integrator, deployer—should review existing coverage, identify gaps, and assess whether specialized AI-liability coverage is warranted. Aperture, sitting in the middle of the chain as a component supplier, should be especially attentive to how its policies and its contracts allocate the risk of a robot accident it did not directly cause but arguably enabled.
Biometric Privacy: The Sharpest Edge of AI Data Law
Before turning to the broad data-protection regimes, it is worth dwelling on the privacy law that has done the most damage to AI developers in actual courtrooms: biometric privacy. Facial recognition, voice identification, and gait analysis are all AI applications, and they all consume the most sensitive category of personal data. The statute that governs them in the most aggressive way—Illinois's Biometric Information Privacy Act—has reshaped how AI companies handle faces and voices nationwide. We treat the subject in full in biometric data privacy laws and their impact on AI development; here is the core.
The Illinois Biometric Information Privacy Act, 740 ILCS 14/ (BIPA), regulates private entities that handle "biometric identifiers"—retina or iris scans, fingerprints, voiceprints, and scans of hand or face geometry—and "biometric information" derived from them. Before collecting such data, an entity must (1) provide written notice of the collection, its specific purpose, and the retention term, and (2) obtain the subject's informed written consent (§ 15(b)); maintain a publicly available written retention-and-destruction policy, destroying data on the earlier of when the purpose is satisfied or within three years of the individual's last interaction (§ 15(a)); refrain from selling or otherwise profiting from the data (§ 15(c)); and protect the data with the reasonable standard of care for the industry (§ 15(e)).
What makes BIPA the terror of the AI industry is its remedy. Section 20 creates a private right of action with liquidated damages of $1,000 per negligent violation and $5,000 per intentional or reckless violation, plus attorneys' fees. Three Illinois Supreme Court decisions turned that remedy into existential exposure. Rosenbach v. Six Flags Entertainment Corp., 2019 IL 123186, 129 N.E.3d 1197 (Ill. 2019), held that a plaintiff need show no actual injury beyond the statutory violation to be an "aggrieved" person with standing—the violation of the right to control one's biometrics is itself the injury. Cothron v. White Castle System, Inc., 2023 IL 128004 (Ill. 2023), held that a separate claim accrues each time an entity scans or transmits an identifier without consent, "not only once upon initial collection"—a ruling with vertiginous implications for any recognition system that re-scans a user thousands of times. And the first BIPA jury trial, Rogers v. BNSF Railway Co., No. 1:19-cv-03083 (N.D. Ill. 2022), produced a $228 million verdict (since vacated for a new trial on damages) where a class of truck drivers was fingerprinted to enter rail yards—rejecting BNSF's argument that its third-party vendor, not BNSF, had done the collecting.
Two threads run directly into AI development. First, the case that should keep every facial-recognition developer awake is the Clearview AI litigation: In re Clearview AI, Inc., Consumer Privacy Litigation, 585 F. Supp. 3d 1111 (N.D. Ill. 2022), where the court refused to dismiss BIPA claims against a company that scraped billions of public web images to build a face-search database. Scraping cannot satisfy § 15(b)'s prior-written-consent requirement (the data subjects never agreed to anything), and selling search access violates § 15(c)'s bar on profiting from biometrics. Second, courts have repeatedly held that running a face-recognition algorithm on an ordinary photograph produces a regulated faceprint—even though BIPA excludes raw photographs from its definitions. See In re Facebook Biometric Information Privacy Litigation, 185 F. Supp. 3d 1155 (N.D. Cal. 2016). An AI vendor therefore cannot escape BIPA merely because its inputs are images; the geometric template the model extracts is the covered data. That principle has driven a parade of nine-figure settlements—Facebook's $650 million resolution chief among them—and prompted the 2024 Illinois amendment (SB 2979) that softened Cothron by treating repeated collection of the same person's biometric by the same method as a single violation.
Other states regulate biometrics too, but with a crucial difference: Texas's Capture or Use of Biometric Identifier Act (Tex. Bus. & Com. Code § 503.001) and Washington's biometric statute (RCW 19.375) both lack a private right of action, leaving enforcement to the state attorney general—and Texas used that authority to extract a reported $1.4 billion settlement from Meta over facial-recognition practices. For a company like Aperture deploying any face- or voice-based feature, the compliance playbook is unforgiving: obtain prior written consent, publish a retention policy, never monetize the raw biometrics, and—because vendors can incur their own § 15(b) duties—push the consent obligation contractually onto whichever party actually touches the data subject and back it with indemnification.
Data Privacy and AI: Navigating a Global Patchwork
Beyond biometrics, AI systems are data-hungry by design; their performance improves with larger and more diverse datasets—a technical imperative that collides head-on with data-protection laws built to minimize the collection and use of personal information. That tension is among the defining legal challenges of the AI era, and Aperture's hiring tool and pricing engine sit squarely within it, processing applicant and consumer data at scale.
The Fairness Problem
Many data-protection regimes require organizations to process personal information "fairly," demanding transparency, non-discrimination, and respect for individuals' reasonable expectations. AI challenges each. Machine-learning models may absorb the biases of their creators or the historical patterns in their training data, producing discriminatory outcomes that are hard to detect and harder to explain. The EU's General Data Protection Regulation (Regulation (EU) 2016/679) addresses fairness in automated decision-making directly: it defines "profiling" broadly (Article 4(4)); Article 22 gives data subjects a right not to be subject to solely automated decisions producing legal or similarly significant effects, subject to exceptions; and Articles 13–15 require organizations to disclose the existence of automated decision-making and to provide "meaningful information about the logic involved" and the "significance and the envisaged consequences" of the processing—obligations that are difficult to meet when a model functions as a black box opaque even to its developers.
In the United States, the Federal Trade Commission has historically been the most active federal enforcer, stressing in guidance that AI should be transparent, explainable, fair, and accountable, and pursuing deceptive AI practices through initiatives such as "Operation AI Comply." That posture is now in flux: under the current administration, and consistent with the December 2025 executive order discussed below, the agency has signaled a more deregulatory stance, including skepticism toward treating algorithmic-bias claims as Section 5 violations. Practitioners should not assume the FTC's earlier enforcement priorities remain in force, and should watch for a forthcoming FTC policy statement on how the FTC Act applies to AI.
Purpose Limitation and Data Minimization
Two further principles—purpose limitation and data minimization—pose structural problems for AI. Purpose limitation requires that personal data be collected for specified, explicit, legitimate purposes and not processed incompatibly with them; yet machine-learning models routinely surface unexpected correlations suggesting wholly new uses never disclosed at collection. Data minimization requires collecting no more than necessary; AI, by contrast, thrives on maximum data. Organizations must navigate the tension by defining in advance the data genuinely necessary for the model, de-identifying through pseudonymization or encryption where possible, and implementing disciplined information governance and retention schedules. When Aperture's pricing engine discovers that an applicant's commute distance predicts purchasing behavior, the question is not only whether that correlation is useful but whether using it is lawful and fair given what consumers were told.
The Emerging Regulatory Landscape
The regulatory framework is evolving rapidly and diverging sharply across jurisdictions—and it has changed materially in the months since this guide first published.
The EU AI Act (Regulation (EU) 2024/1689), in force since August 1, 2024, is the world's first comprehensive AI statute, establishing a risk-based framework that sorts systems into prohibited, high-risk, and lower-risk tiers with corresponding obligations. Its rollout is phased: the bans on prohibited practices and the AI-literacy duties took effect on February 2, 2025, and obligations for general-purpose AI models applied from August 2, 2025. The timeline for the most consequential rules, however, has since been pushed back. In November 2025 the European Commission proposed a "Digital Omnibus" to ease implementation, and in 2026 the Parliament and Council moved to defer the high-risk obligations—pushing stand-alone (Annex III) high-risk systems such as recruitment and credit-scoring tools from August 2, 2026 toward December 2, 2027, and high-risk AI embedded in regulated products (Annex I) from August 2, 2027 toward August 2, 2028, while delaying certain transparency and "watermarking" duties and adding new prohibitions on AI-generated non-consensual intimate imagery and child sexual abuse material. These changes take legal effect only on formal adoption; until then, businesses are advised to keep preparing against the original dates. Violations can draw fines up to the greater of €35 million or 7% of global turnover for the most serious breaches. Aperture's hiring tool is a paradigm Annex III high-risk system, so the deferral buys time but does not remove the obligation to build risk management, data-quality controls, human oversight, and documentation into the product.
In the United States, there is no single federal AI statute. Instead, a growing patchwork of state laws—led by California (whose 2025 frontier-AI transparency law, SB 53, joined earlier measures), Colorado (whose comprehensive AI Act has seen its effective date pushed back amid implementation concerns), Illinois, and Texas (whose Responsible AI Governance Act took effect at the start of 2026)—sits alongside sector-specific federal rules and agency enforcement. That state landscape is now directly contested at the federal level. After a proposed congressional moratorium on state AI regulation failed, President Trump signed an executive order on December 11, 2025, "Ensuring a National Policy Framework for Artificial Intelligence," aiming to establish a "minimally burdensome" national standard and to curtail state regulation. The order creates a Department of Justice AI Litigation Task Force—operational in January 2026—to challenge state AI laws as unconstitutional burdens on interstate commerce or as preempted; directs the Commerce Department to publish a list of state laws deemed onerous (likely targets include bias-testing, impact-assessment, and transparency mandates); conditions certain federal funding on states pausing conflicting enforcement; and directs the FTC and FCC to act, while carving out child-safety protections. Importantly, an executive order cannot by itself invalidate a state law—preemption generally requires Congress or a valid federal regulation, and courts will decide—so the existing state obligations remain enforceable for now, and a coalition of state attorneys general has signaled resistance on federalism grounds. The practical upshot for a company like Aperture is sustained uncertainty: it must continue complying with applicable state laws while monitoring an aggressive federal campaign to displace them.
Sector-specific federal rules continue to apply regardless of this skirmish. The Fair Credit Reporting Act governs automated credit decisions; the Illinois Artificial Intelligence Video Interview Act governs AI in hiring; the California Privacy Rights Act directs regulation of automated decision-making; and HIPAA governs AI that touches protected health information.
AI in the Workplace: Discrimination, Safety, and Displacement
Hiring Algorithms and Anti-Discrimination Law
One of the fastest-growing applications of AI is recruiting, screening, and hiring—precisely what Aperture's first product does. AI promises to streamline these processes by automatically sorting, ranking, and eliminating candidates with minimal human oversight. But the same technology that promises to reduce human bias can amplify it, at scale and at speed. The cautionary tale every employment lawyer cites is Amazon's experimental recruiting engine, which the company abandoned after discovering it had taught itself to penalize résumés containing the word "women's" and to downgrade graduates of two all-women's colleges—because it had been trained on a decade of the company's own male-dominated hiring data. The algorithm did exactly what it was told: it found the pattern in the data. The pattern was discrimination.
Employers using AI hiring tools must comply with anti-discrimination laws prohibiting both intentional discrimination (disparate treatment) and facially neutral practices with disproportionate effects on protected classes (disparate impact). The disparate-impact framework is statutory under Title VII (42 U.S.C. § 2000e-2(k)(1)(A)) and traces to Griggs v. Duke Power Co., 401 U.S. 424 (1971). It works in three moves. First, the plaintiff makes out a prima facie case by identifying a facially neutral practice that disproportionately harms a protected class, generally through statistics. Second, the burden of persuasion shifts to the employer to show the practice is "job related for the position in question and consistent with business necessity." Third, even if the employer carries that burden, the plaintiff may still prevail by proving a less-discriminatory alternative that serves the same legitimate interest. Intent is irrelevant—an employer that adopted an AI tool specifically to reduce bias is still liable if the tool produces a disparate impact.
How does a plaintiff prove the disparity? Usually with the four-fifths rule, drawn from the EEOC's Uniform Guidelines on Employee Selection Procedures, 29 C.F.R. § 1607.4(D): a selection rate for a protected group that is less than four-fifths (80%) of the rate for the most-favored group is generally treated as evidence of adverse impact. A worked example makes it concrete (and is hypothetical): suppose Aperture's résumé-ranking tool advances 60% of male applicants to the interview stage but only 40% of female applicants. Divide the lower rate by the higher: 40 ÷ 60 = 66.7%. Because 66.7% falls below the 80% threshold, the tool flunks the four-fifths rule, and the disparity becomes presumptive evidence of adverse impact—shifting the burden to every employer that deployed it. The Supreme Court has cautioned that the disparity must be "sufficiently substantial" to raise an inference of causation and that plaintiffs cannot rest on raw "bottom line" numbers (Watson v. Fort Worth Bank & Trust, 487 U.S. 977 (1988)), but a tool that systematically fails the four-fifths screen across a large applicant pool is a class-action waiting to happen. And because the same algorithm runs across the entire applicant pool, plaintiffs may find it unusually easy to establish the common practice needed for class certification—turning individual claims into class actions with potentially devastating exposure. If Aperture's tool systematically downranks applicants from certain ZIP codes that correlate with race, every client deploying it is exposed, and so, through indemnity, is Aperture.
Disparate treatment claims proceed under the familiar McDonnell Douglas burden-shifting framework, and here AI's opacity cuts both ways. The black box can make it hard for a plaintiff to prove intentional discrimination—but it can be equally hard for an employer to articulate the "legitimate, nondiscriminatory reason" the framework demands when the employer genuinely cannot explain why the model rejected a given candidate. "The algorithm said so" is not a defense; it is closer to an admission that no human can account for the decision.
Regulators have noticed. The EEOC issued technical assistance in May 2022 on AI and the Americans with Disabilities Act, identifying three principal ways an AI tool can violate the ADA—failing to provide a reasonable accommodation needed for an accurate assessment, "screening out" a disabled-but-qualified candidate, and posing impermissible disability-related inquiries—and followed in May 2023 with guidance on assessing adverse impact under Title VII. The ADA concerns are concrete: a tool that scores candidates on speech patterns in a recorded video interview may penalize an applicant with a stutter or a hearing impairment; one that scores facial expressions may correlate against conditions wholly unrelated to job performance; and online assessments must be accessible to applicants who are blind or deaf. Enforcement has teeth—the EEOC's 2023 settlement with iTutorGroup, where software automatically rejected older applicants, was an early marker—and the vendor itself may be on the hook. In Mobley v. Workday, Inc. (N.D. Cal.), the court allowed disparate-impact claims to proceed against an AI vendor on an agent theory, signaling that the company that builds the screening tool—Aperture's exact role—can be a defendant, not merely the employer that licenses it.
State and local law adds further layers. The Illinois Artificial Intelligence Video Interview Act (820 ILCS 42), effective in 2020, requires employers using AI to analyze video interviews to notify applicants, explain how the AI works and what it evaluates, obtain consent, and delete videos within 30 days of a request. New York City's Local Law 144, effective in 2023, prohibits the use of an automated employment decision tool unless it has passed an independent bias audit within the prior year and the employer provides specified notice to candidates. These mandates are precisely the sort of state-level requirements the December 2025 federal executive order takes aim at—another reminder that Aperture must comply with the law as it stands while the federal–state fight plays out.
Workplace Safety and AI Robotics
Deploying AI-powered robots alongside human workers raises safety concerns under the Occupational Safety and Health Act and its general-duty clause. OSHA's existing robotic-safety guidance was written for traditional industrial robots, not "intelligent" systems that work beside employees, adapt over time, and operate with varying autonomy. When an accident involving such a robot occurs, the employer may face the black-box problem in a new guise: an inability to explain why the robot did what it did, and therefore to satisfy regulators that adequate preventive steps were taken. Injured workers may also have remedies beyond workers' compensation: while comp is usually the exclusive remedy against an employer, it does not bar tort claims against third-party manufacturers or suppliers of the equipment—the expanded exposure illustrated by Hills and Holbrook above, and a risk manufacturers like Aperture must factor into their planning.
Workforce Displacement
When AI automates tasks once done by people, resulting layoffs must comply with the Worker Adjustment and Retraining Notification (WARN) Act and state equivalents. Employers must also ensure automation-driven layoffs do not disparately impact protected classes—a particular concern under the Age Discrimination in Employment Act, since experienced (older) workers may be disproportionately affected when AI replaces functions they traditionally performed. In unionized workplaces, the decision to implement AI and its effects on bargaining-unit employees may be mandatory subjects of collective bargaining.
Commercial Transactions: Licensing, Risk Allocation, and Data Rights
Organizations acquiring AI from third parties—and vendors like Aperture supplying it—face transactional issues that demand careful attention from information-technology and commercial counsel. The drafting fundamentals are covered in our guide to drafting software license agreements; a few AI-specific points deserve emphasis, and they begin with a recognition that an AI deal is not one transaction but five.
A traditional software license licenses one thing: the software. An AI agreement must separately address five components, asking for each who provides it, who uses it, how it is used, and who owns it: (1) the AI solution itself—the model and algorithms; (2) the training data and training instructions; (3) the production data fed in during operation; (4) the AI output; and (5) the AI "evolutions"—the improved versions that emerge as the model trains on customer data. Get any one of these wrong and the deal can misfire. A cloud agreement that sweeps "AI output" into a generic "customer content" definition, for instance, may oblige the customer to warrant that it owns all rights in content the vendor's model generated—an undertaking no customer should give. And where the model is non-static and several parties feed it, the agreement should name a contractual owner of the evolutions or, at minimum, guarantee the customer continued access to the most recently trained version.
Representations, warranties, and indemnification. AI agreements must address the vendor's representations about performance, accuracy, and legal compliance. Because customers integrate AI into mission-critical functions—production lines, marketing, hiring—failure can be catastrophic. The non-infringement warranty deserves particular scrutiny, because an AI system may independently produce infringing code or outputs in operation, and the 2025 training-data rulings confirm that output-stage infringement is a live risk even where training was fair use. Worse, the standard indemnity carve-outs—no coverage for the customer's modifications, unauthorized combinations, or use beyond the licensed scope—can swallow the indemnity entirely for AI, because using AI inherently involves modification (training), combination (with the customer's data), and evolution beyond any fixed scope. A customer that accepts those exclusions reflexively "may find itself without any IP infringement protection at all." Limitation-of-liability caps, in turn, should be calibrated to the potential scale of harm, which for a system controlling a production line or processing personal data may dwarf the contract's fees.
Performance warranties and SLAs. The conventional warranty that software will conform to "the documentation or specifications" fits AI poorly, because the model drifts and the warranty loses value over time. The better approach ties warranties to defined outcomes—but outcomes are hard to specify, as a now-infamous facial-recognition deployment showed when a traffic-enforcement system "recognized" a bus executive whose face appeared on a passing advertisement and issued her a jaywalking citation. A warranty that the system "accurately matches images to the most likely human" was technically satisfied and substantively useless.
Data rights and aggregation. AI services agreements frequently let the vendor aggregate and anonymize customer data to improve the system for all users. Customers gain from a larger data universe—broader data often makes the model more accurate—but are understandably wary of authorizing the use of their proprietary data to benefit competitors. Negotiating ownership, aggregation, anonymization, and confidentiality terms is therefore central to any AI services deal. Where the data includes personal information, the parties must also satisfy applicable privacy laws—obtaining consents and implementing protections that meet the GDPR, the CCPA, HIPAA, BIPA, and other regimes. When Aperture offers retail clients a discount in exchange for the right to fold their sales data into its pricing model, that single clause implicates competitive sensitivity, privacy compliance, and—as the next section shows—antitrust.
AI and Antitrust: The Algorithmic Collusion Problem
AI pricing algorithms can absorb vast competitive intelligence and adjust prices in real time—capabilities that create value but also significant antitrust risk, and the precise risk Aperture's pricing engine generates for the retailers that use it. The exposure takes two forms.
Facilitated collusion occurs when competitors use AI tools to implement or police a traditional price-fixing agreement. This is settled, easy-to-prosecute liability: in the Department of Justice's first online-marketplace prosecution, David Topkins pleaded guilty after agreeing with competitors to fix prices of posters sold on Amazon and adopting a shared pricing algorithm to coordinate. United States v. Topkins (N.D. Cal. 2015). The algorithm there was merely a tool implementing an agreement illegal per se under Section 1 of the Sherman Act (15 U.S.C. § 1). A related and increasingly litigated theory is the "hub-and-spoke" conspiracy, in which competitors who knowingly feed their data into and take prices from a common third-party pricing service may be found to have agreed with one another through the shared "hub"—though liability still requires proof of an agreement among the users at the "rim."
Autonomous collusion is the harder problem. As systems grow more sophisticated, they may independently converge on supracompetitive pricing without any human communication—each algorithm "learning" that avoiding aggressive price competition maximizes profit, effectively reaching a tacit understanding with rival algorithms. Whether that constitutes an "agreement" under the antitrust laws is genuinely unsettled, because Section 1 reaches only concerted action—"a unity of purpose or a common design and understanding or a meeting of the minds" (Copperweld Corp. v. Independence Tube Corp., 467 U.S. 752 (1984))—and not mere "conscious parallelism," which "is not in itself unlawful" (Brooke Group Ltd. v. Brown & Williamson Tobacco Corp., 509 U.S. 209 (1993)). The European Commission has suggested companies should be responsible for their AI systems' anticompetitive behavior and should build compliance into algorithmic design from the outset; U.S. enforcers have urged caution against deterring beneficial pricing innovation, while warning that an agreement to use algorithms to coordinate is a straightforward Section 1 violation.
To minimize exposure, companies deploying pricing algorithms should maintain current records of the AI's design objectives and competitive rationale (a documented purpose to "lessen competition" is poison), monitor outputs for patterns suggesting coordination, retain the ability to override the algorithm, and assess whether competitors are using the same or similar tools in the same market. Aperture, which sells one engine to many competing retailers, should be acutely aware that widespread adoption of a single pricing tool across a market is itself a fact pattern enforcers find interesting—and the precise structure that hub-and-spoke theories are built to reach.
AI in Bankruptcy: Protecting IP Assets
The treatment of AI in bankruptcy follows established IP principles, with some nuances. AI systems are typically protected by a mix of patents, copyrights, and trade secrets—all "intellectual property" under Section 101(35A) of the Bankruptcy Code (11 U.S.C. § 101(35A)). When a debtor owns AI software outright, it is property of the estate under Section 541 and may be sold free and clear of claims. Complications arise when the debtor has licensed AI to third parties. Section 365(n) protects non-debtor IP licensees, letting them retain their license rights even if the debtor rejects the executory contract; and where the debtor is the licensor of a patent or non-exclusive copyright, courts have generally held it cannot sell the IP free and clear of the rights licensees retain. See Sunbeam Products, Inc. v. Chicago American Manufacturing, LLC, 686 F.3d 372, 377–78 (7th Cir. 2012). Licensees should understand these protections; developers like Aperture should structure their licensing relationships with bankruptcy scenarios in mind, so that a counterparty's insolvency does not strand a mission-critical model—or, worse, free the model's weights into the hands of a competitor that buys the carcass at auction.
Healthcare AI: HIPAA Compliance and Fiduciary Obligations
AI in healthcare—diagnostic tools, wellness apps, retirement-plan robo-advisors—carries a distinct set of obligations. Under HIPAA, an AI developer may be a "business associate" of a covered entity if it creates, receives, maintains, or transmits protected health information on a provider's or plan's behalf; HHS guidance analyzes the question by asking whether the app operates on behalf of the consumer or the covered entity. A developer that is a business associate must meet HIPAA's privacy and security requirements and enter a Business Associate Agreement, obligations backed by an increasingly active HHS enforcement program. In the retirement context, AI robo-advisors raise ERISA fiduciary questions: plan sponsors must determine whether a tool provides investment "education" (not fiduciary) or "advice" (fiduciary), and must monitor AI providers' performance and fees with the same diligence applied to human advisors. The alignment of AI decision-making with ERISA's prudent-expert standard and duty of loyalty remains an evolving area. AI-enabled medical software may also be a regulated device subject to FDA oversight—another classification question with large consequences.
Legal Ethics: When the Lawyer Is the One Using AI
Every other section of this guide treats AI as something a client deploys. This one turns the lens around, because the professional-responsibility rules now bind the lawyers reading it. Generative AI has swept into legal practice—drafting, research, document review, contract analysis—and with it has come a fast-growing body of ethics guidance and, more memorably, sanctions.
Start with the cautionary tale from the introduction. In Mata v. Avianca, Inc., 678 F. Supp. 3d 443 (S.D.N.Y. 2023), Judge Castel imposed Rule 11 sanctions on two lawyers who submitted a brief citing six nonexistent judicial decisions that ChatGPT had fabricated, complete with invented quotations and fake citations. The lawyers had not checked the cases; one had even asked the chatbot whether the cases were real, and accepted its reassurance that they were. The court found the conduct involved bad faith and "conscious avoidance," and the sanctions order became a fixture of judicial education programs nationwide. It has been followed by a steady drumbeat of similar episodes—lawyers and even some pro se litigants sanctioned, fee awards reduced, briefs stricken—and by a wave of standing orders in which individual judges require disclosure or certification regarding the use of generative AI in filings. The doctrinal point is simple and old: Rule 11 requires that legal contentions be warranted by existing law and that factual contentions have evidentiary support, and a lawyer cannot outsource that certification to a machine.
The organized bar has now supplied a framework. ABA Formal Opinion 512 (July 2024) maps the existing Model Rules onto generative AI, and the mapping is worth knowing rule by rule:
- Competence (Rule 1.1). The duty of competence, read with Comment 8's technology obligation, requires a lawyer to understand "the benefits and risks" of the generative-AI tools she uses—including, critically, the tendency to "hallucinate" plausible but false output. A lawyer need not become a computer scientist, but she must understand the tool well enough to use it responsibly and to catch its errors.
- Confidentiality (Rule 1.6). Inputting client information into a generative-AI tool may disclose it—to the vendor, to the model's training pipeline, or to other users. A lawyer must evaluate the tool's terms of use and data-handling (Does it train on inputs? Can chat history and training be disabled? Where is data stored?) and, in many cases, obtain the client's informed consent before feeding confidential information into a third-party system. The analysis parallels the bar's earlier cloud-computing and cybersecurity opinions, which required reasonable due diligence on outside vendors.
- Communication (Rule 1.4). A lawyer may need to discuss with the client the benefits and risks of using AI on the matter and, where the client's circumstances or the engagement terms require it, obtain consent—especially where confidential data will be shared with an outside tool.
- Candor to the tribunal (Rule 3.3) and meritorious contentions (Rule 3.1). A lawyer must verify AI-generated research and citations before relying on them. Mata is Rule 3.3 and Rule 11 made flesh: a citation is a representation to the court, and a lawyer is responsible for its accuracy regardless of which tool produced it.
- Supervision (Rules 5.1 and 5.3). A generative-AI tool is treated as a kind of non-lawyer assistance that the lawyer must supervise; managers must establish policies giving reasonable assurance that the firm's AI use conforms to the rules. The principle that an associate's or paralegal's mistakes are the supervising lawyer's responsibility extends to the model's mistakes too. Cf. People v. Calvert, 280 P.3d 1269 (Colo. 2011) (discipline for inadequate supervision of a non-lawyer assistant).
- Fees (Rule 1.5). Fees must be reasonable. It is proper to bill a client for a tool's out-of-pocket cost, but improper to bill hours for work the tool performed in seconds—a lawyer cannot charge a full research rate for a task generative AI completed instantly, and any efficiency gains generally inure to the client's benefit.
The throughline is the same one that runs through the rest of this guide: AI is a tool, and the human remains responsible. "It is the attorney and not the AI tool that is ultimately responsible to the client." For practitioners building this into their practice, the operational checklist is short—choose tools with appropriate confidentiality protections, never put privileged material into a public model without vetting its terms, verify every citation and factual assertion the model produces, disclose AI use where a standing order or the client requires it, and bill only for human work. Our broader treatment of social media and technology in legal practice touches adjacent professional-responsibility themes, and a law firm's own technology choices raise related governance questions explored in running a law firm on open-source technology.
A Practical Compliance Checklist for AI Deployment
The themes above reduce to a set of concrete steps a company can take across functions.
On intellectual property, conduct a comprehensive audit of AI assets, deciding which elements are best protected by patent, copyright, or trade secret; implement robust trade-secret protection programs for proprietary algorithms and training data; obtain freedom-to-operate opinions before launch; ensure AI-assisted inventions reflect genuine human conception sufficient to support a patent; and review all training data for copyright exposure, paying special attention to how the data was acquired.
On biometric and data privacy, map all personal-data flows through AI systems; treat any face-, voice-, or fingerprint-based feature as a BIPA-grade risk requiring prior written consent, a published retention policy, and a no-monetization rule; assess compliance with the GDPR, the EU AI Act, applicable state privacy and AI laws, and sector rules; implement algorithmic-fairness testing and bias auditing; prepare meaningful transparency disclosures about automated decision-making; and establish data-minimization and retention protocols.
On products liability and risk management, review insurance coverage for AI-specific risks; negotiate clear liability allocation in procurement and licensing agreements; build systems that record their own decisions for forensic reconstruction; implement post-deployment monitoring of performance and safety; and document design decisions and safety testing for every AI-enabled product.
On employment, audit AI hiring and screening tools for disparate impact using the four-fifths rule before deployment and on an ongoing basis; ensure recruitment platforms are accessible under the ADA; comply with state and local mandates such as the Illinois AI Video Interview Act and NYC Local Law 144's bias-audit requirement; monitor AI-driven safety systems and document OSHA compliance; and negotiate automation clauses in collective-bargaining agreements where applicable.
On contracting, address all five AI components (solution, training data, production data, output, evolutions) explicitly; scrutinize indemnity carve-outs that can swallow AI infringement protection; tie warranties to defined outcomes rather than static specifications; and calibrate liability caps to the real scale of potential harm.
On antitrust, document the design objectives and competitive rationale of any pricing algorithm; monitor outputs for patterns suggesting coordination; retain override capability; and assess whether competitors are running the same tools in the same markets.
On professional responsibility, for any lawyer or law department using AI: verify every output, protect client confidences, supervise the tool as you would a junior associate, and bill only for human labor.
Frequently Asked Questions
Can an AI system be named as the inventor on a patent or the author of a copyright? No. The Federal Circuit held in Thaler v. Vidal that a patent inventor must be a human "individual," and the D.C. Circuit held in Thaler v. Perlmutter, 130 F.4th 1039 (D.C. Cir. 2025), that a copyrightable work must have a human author. AI cannot hold either right. What is permitted is patenting and copyrighting works that humans create with the help of AI, provided a human made the conception (for patents) or supplied sufficient creative input (for copyright). The November 2025 USPTO guidance now treats AI as an ordinary tool in the inventorship analysis.
Is it legal to train an AI model on copyrighted material? It depends—and the 2025 rulings drew a sharp line. Two federal courts held that training on lawfully acquired works can be transformative fair use (Bartz v. Anthropic; Kadrey v. Meta), but the same Bartz court held that downloading and stockpiling pirated copies was not fair use, exposure that drove a $1.5 billion-plus settlement. And fair use at the training stage does not immunize infringing outputs. The safest posture is to license or lawfully acquire training data and to screen outputs.
Does the four-fifths rule mean an AI hiring tool is automatically illegal if it fails the 80% threshold? Not automatically, but it shifts the legal burden. Failing the four-fifths rule is generally treated as evidence of disparate impact, which requires the employer to prove the practice is job-related and consistent with business necessity—and even then the plaintiff can win by showing a less-discriminatory alternative exists. Because the same algorithm affects every applicant, a failing tool is a strong candidate for a class action. Audit before you deploy.
Our company only uses a third-party AI vendor's tool. Are we still exposed? Yes. The employer that uses a biased hiring tool remains liable under Title VII regardless of who built it—and, after Mobley v. Workday, the vendor can be a defendant too. Liability flows along the chain, which is why indemnification, audit rights, and clear contractual risk allocation matter so much.
Can lawyers use ChatGPT and similar tools for legal work? Yes, with care. ABA Formal Opinion 512 confirms that generative AI is permissible if the lawyer satisfies the duties of competence, confidentiality, communication, candor, supervision, and reasonable fees. The non-negotiable rule, underscored by Mata v. Avianca, is verification: never file AI-generated citations or factual assertions without independently confirming them.
Does the December 2025 federal executive order mean we can ignore state AI laws? No. An executive order cannot by itself preempt or invalidate a state statute; that generally requires congressional action or a valid federal regulation, and courts will decide the question. State laws—Illinois's BIPA and AI Video Interview Act, NYC's Local Law 144, Colorado's and Texas's AI statutes, California's privacy and frontier-AI rules—remain enforceable while the litigation plays out. Comply now; monitor the federal campaign closely.
Conclusion: Preparing for a Rapidly Evolving Landscape
Artificial intelligence is not a single legal issue—it is a force multiplier that touches every area of commercial and professional law at once, as Aperture's four product lines illustrate. The companies that navigate this landscape successfully will be those that integrate legal analysis into AI strategy from the earliest stages of development, rather than treating compliance as an afterthought. That means assembling cross-functional teams—IP counsel, privacy lawyers, employment specialists, commercial and transactional attorneys, and technical advisors who can translate between legal requirements and engineering realities.
The law here is anything but static. The EU AI Act is still being phased in, and its timeline was rewritten in 2026. U.S. federal policy is actively trying to displace a fast-growing body of state law, with the courts yet to weigh in. Legislatures are introducing AI bills by the hundreds, and courts are deciding cases of first impression on inventorship, authorship, training data, biometric privacy, vendor liability, and—not least—the duties of the lawyers who use these tools. Several of the most important authorities, from the 2025 fair-use rulings and Thaler v. Perlmutter to the USPTO's reversal on AI-assisted inventorship and the proliferation of Mata-style sanctions, landed within the past two years. Practitioners who stay current—and who understand not only the law as it is but the direction in which it is moving—will be best positioned to advise clients through one of the most dynamic periods in the history of commercial regulation.
Our intellectual property and technology practice works at the intersection of these issues, advising companies across the full spectrum of AI legal risk—from patent prosecution and trade-secret protection to IP litigation, commercial licensing, and regulatory compliance. For companies developing, deploying, or acquiring AI systems, the time to engage experienced counsel is before the first line of code is written.
Related Articles
- Artificial Intelligence Key Legal Issues: An Overview — the shorter, executive-level companion to this guide.
- AI-Generated Inventions: Who Owns What the Machine Creates — a deep dive on inventorship and patent ownership.
- Artificial Intelligence and Inventorship: Global Perspectives — how the DABUS question played out around the world.
- Copyright Infringement Claims Against Generative AI: The New York Times, Getty, and What Comes Next — the training-data litigation in detail.
- Biometric Data Privacy Laws and Their Impact on AI Development — BIPA, Clearview, and the consent problem.
- Legal Protection of Software: Copyrights, Patents, Trade Secrets, and Contracts — the IP toolkit for AI code.
- Patent Eligibility After Alice — surviving Section 101 for software and AI.
- Drafting Software License Agreements: Key Terms and Negotiation Points — the contracting fundamentals behind AI deals.
- The Right of Publicity Meets Digital Doubles: Deepfakes, AI Avatars, and Celebrity Likeness — AI and likeness rights.
- Data Scraping After hiQ v. LinkedIn — the legality of gathering training data.
This article is for informational purposes only and does not constitute legal advice, and the law governing AI is changing rapidly—several authorities cited here are recent and may evolve. For guidance on a specific AI-related matter, please consult qualified counsel and confirm the current state of the law.
Selected Authorities
Statutes and regulations: 35 U.S.C. §§ 101, 112, 154(a)(2) (Patent Act); 17 U.S.C. §§ 102, 107 (Copyright Act); 18 U.S.C. §§ 1831–1839 (Defend Trade Secrets Act); 11 U.S.C. §§ 101(35A), 365(n), 541 (Bankruptcy Code); 42 U.S.C. § 2000e-2 (Title VII); 29 C.F.R. § 1607.4(D) (four-fifths rule); 740 ILCS 14/ (Illinois BIPA); 820 ILCS 42 (Illinois AI Video Interview Act); NYC Admin. Code (Local Law 144); Tex. Bus. & Com. Code § 503.001 (Texas CUBI); RCW 19.375 (Washington biometric law); Regulation (EU) 2024/1689 (EU AI Act); Regulation (EU) 2016/679 (GDPR).
Cases: Diamond v. Chakrabarty, 447 U.S. 303 (1980); Mayo v. Prometheus, 566 U.S. 66 (2012); Alice Corp. v. CLS Bank International, 573 U.S. 208 (2014); Thaler v. Vidal, 43 F.4th 1207 (Fed. Cir. 2022); Thaler v. Perlmutter, 130 F.4th 1039 (D.C. Cir. 2025); Mohamad v. Palestinian Authority, 566 U.S. 449 (2012); Pannu v. Iolab Corp., 155 F.3d 1344 (Fed. Cir. 1998); Naruto v. Slater, 888 F.3d 418 (9th Cir. 2018); Authors Guild v. Google, 804 F.3d 202 (2d Cir. 2015); Thomson Reuters v. ROSS Intelligence (D. Del. 2025); Bartz v. Anthropic (N.D. Cal. 2025); Kadrey v. Meta Platforms (N.D. Cal. 2025); Sega Enterprises v. Accolade, 977 F.2d 1510 (9th Cir. 1992); Feist Publications v. Rural Telephone, 499 U.S. 340 (1991); Enfish v. Microsoft, 822 F.3d 1327 (Fed. Cir. 2016); McRO v. Bandai Namco, 837 F.3d 1299 (Fed. Cir. 2016); Ariad v. Eli Lilly, 598 F.3d 1336 (Fed. Cir. 2010) (en banc); In re Wands, 858 F.2d 731 (Fed. Cir. 1988); Cruz v. Talmadge, 2015 WL 13776213 (Mass. Super. Ct. 2015); Nilsson v. General Motors, No. 18-471 (N.D. Cal. 2018); Griggs v. Duke Power, 401 U.S. 424 (1971); Watson v. Fort Worth Bank & Trust, 487 U.S. 977 (1988); Mobley v. Workday (N.D. Cal.); Rosenbach v. Six Flags, 129 N.E.3d 1197 (Ill. 2019); Cothron v. White Castle, 2023 IL 128004 (Ill. 2023); Rogers v. BNSF Railway, No. 1:19-cv-03083 (N.D. Ill. 2022); In re Clearview AI Consumer Privacy Litigation, 585 F. Supp. 3d 1111 (N.D. Ill. 2022); United States v. Topkins (N.D. Cal. 2015); Copperweld v. Independence Tube, 467 U.S. 752 (1984); Brooke Group v. Brown & Williamson, 509 U.S. 209 (1993); Sunbeam Products v. Chicago American Manufacturing, 686 F.3d 372 (7th Cir. 2012); Mata v. Avianca, 678 F. Supp. 3d 443 (S.D.N.Y. 2023).
Agency, ethics, and executive materials: USPTO Revised Inventorship Guidance for AI-Assisted Inventions (Nov. 28, 2025) (rescinding the Feb. 13, 2024 guidance); USPTO 2019 Revised Patent Subject Matter Eligibility Guidance (84 Fed. Reg. 50) and October 2019 Update (Examples 39 and 46); EEOC Technical Assistance on the ADA and AI (May 2022) and on assessing adverse impact under Title VII (May 2023); ABA Formal Opinion 512 (July 2024); Executive Order, "Ensuring a National Policy Framework for Artificial Intelligence" (Dec. 11, 2025); EU "Digital Omnibus on AI" (proposed Nov. 2025; 2026 agreement deferring high-risk obligations). The law in this area changes frequently; confirm current authorities before relying on them.
Secondary sources: David C. Vladeck, Machines Without Principles: Liability Rules and Artificial Intelligence, 89 Wash. L. Rev. 117 (2014); contemporary 2025–2026 analyses of the AI fair-use rulings, the Bartz v. Anthropic settlement, the USPTO inventorship guidance, the EU Digital Omnibus, the December 2025 executive order, and Mata-line sanctions decisions.