Key Issues in Negotiating AI Technology Vendor Contracts: IP, privacy, cybersecurity, and liability

Julia B. Jacobson
Alexandra (Sasha) Kiosse
Morgan Jones
Michael R. Overly
Ashley M. Kennedy
Tyler J. Thompson
Julia B. Jacobson | Squire Patton Boggs
Alexandra (Sasha) Kiosse | Squire Patton Boggs
Morgan Jones | Brown Rudnick LLP
Michael R. Overly | Foley & Lardner LLP
Ashley M. Kennedy | Foley & Lardner LLP
Tyler J. Thompson | Reed Smith LLP

On-Demand: October 8, 2024

6 hour CLE

This program is only available to All-Access Pass Members.
Subscribe to Federal Bar Association CLE Pass...
Co-Sponsored by myLawCLE
Get this course, plus over 1,000+ live webinars.
Learn More

Program Summary

Session I – Key Issues in AI Contracting - Julia Jacobson, Alexandra (Sasha) Kiosse

This session will provide an outline of key contracting issues that arise when selecting and engaging an AI technology vendor.

Key topics to be discussed:

  • Common uses of AI technology
  • How AI technology is similar to and different from other types of technology
  • The AI legal framework
  • Vendor selection factors unique to AI technology vendors

Session II – Negotiation Tactics for Al Technology Vendor Contracts - Julia Jacobson, Alexandra (Sasha) Kiosse

This session will review key provisions of AI vendor contracts, exploring intellectual property, privacy and cybersecurity and liability allocation provisions in AI vendor contracts. Attendees will learn how to adapt negotiation tactics to address the challenges associated with AI vendor agreements.

Key topics to be discussed:

  • Data ownership
  • Jurisdictional considerations
  • Representations and warranties
  • Indemnities and liability caps

Session III – Effective Vendor Contract Management: Minimizing risk in AI, cloud services, and
software agreements -
Mike Overly and Ashley Kennedy

Every business of every kind, type, and size relies on technology to conduct its operations. That technological environment has become ever more complex in recent years. Businesses use a variety of cloud services and locally installed software every day. To add to that environment, artificial intelligence (“AI”), is being integrated into many of those products and services. AI presents its own unique risks and rewards. In this session, we discuss the key elements of negotiating effective cloud and software agreements and addressing the specific challenges of AI in those agreements.

Key topics to be discussed:

  • Understanding the key risks and common pitfalls in cloud services and software license
    agreements
  • Common concerns presented by the integration of AI into cloud and software solutions
  • Negotiation approaches to mitigate risk

Session IV - Privacy and Security Considerations in AI Vendor Contracts – Tyler Thompson

Dealing with privacy and security contract provisions with AI agreements requires understanding the intersection of the two most dynamic areas of the law. This session will discuss when privacy provisions are required in AI agreements, how security considerations should be approached, and the interaction between AI specific regulations and privacy laws. 

Key topics to be discussed:

  • Data protection addendums in the AI context
  • Security considerations and provisions
  • Notice and transparency issues
  • Potential privacy and security risk while using AI

Session V - Considerations in Software and Cloud Services Agreements – Morgan Jones

Businesses across all industries are increasingly engaging technology service providers to perform services for or on behalf of these businesses. Inherent in every such engagement are a litany of considerations that businesses must contemplate before, during, and after such engagements to not only mitigate risks but also maximize opportunities. Such considerations depend on various factors.

Key topics to be discussed:

  • Key considerations with respect to cloud services agreements
  • Understanding software licensing agreements
  • Negotiating software licensing agreements
  • Approaching unique opportunities and challenges involving artificial intelligence and machine learning

This course is co-sponsored with myLawCLE.

Closed-captioning available

Speakers

Julia B. Jacobson_Squire Patton Boggs_myLawCLEJulia B. Jacobson | Squire Patton Boggs 

A significant portion of Julia’s practice is devoted to advising clients on an array of privacy, cybersecurity, data breach and data governance matters. She assists clients with the design and development of privacysensitive policies for the collection and use of personal data. Julia regularly advises businesses on the privacy and cybersecurity aspects of environmental, social and governance (ESG) programs, ethical data use, machine learning and artificial intelligence, vendor contracting and management and business sales, combinations and acquisitions.

She has helped her clients design, develop and implement compliance programs to meet the challenges of the evolving privacy and cybersecurity law landscape, including the California Consumer Privacy Act and other US state privacy and cybersecurity laws, the EU’s General Data Protection Regulation, the UK Data Protection Act 2018, cross-border personal data transfers and New York Department of Financial Services Cybersecurity Regulations, as well as to align with industry standards, including the National Institute of Standards and Technology (NIST) cybersecurity and privacy frameworks, and ESG standards and frameworks. Julia also serves as the data breach coach for several national and international clients.

 

Alexandra (Sasha) Kiosse_myLawCLEAlexandra (Sasha) Kiosse | Squire Patton Boggs

Alexandra (Sasha) Kiosse is an associate who splits her time between the Data Privacy, Cybersecurity & Digital Assets Practice and the Corporate Practice. Sasha advises national and international companies on data privacy, artificial intelligence and other emerging technology, and corporate law matters.

In the Data Privacy, Cybersecurity & Digital Assets Practice, Sasha assists clients in developing and implementing a wide range of compliance policies, notices and assessments to meet laws and industry frameworks. Her practice includes advising organizations on privacy issues associated with children’s data, cross-border data transfers, the complex data use and protection issues involved with emerging technology, and the changing US privacy and cybersecurity law landscape. Within the Corporate Practice, she advises corporate clients on merger and acquisition transactions and corporate governance.

 

Michael-R.-Overly_Foley-&-Lardner-LLP_myLawCLEMichael R. Overly | Foley & Lardner LLP

Michael Overly is a partner in Foley & Lardner’s Information Technology & Outsourcing Group and Privacy, Security and Information Management Groups. He is one of the few practicing lawyers who has satisfied the rigorous requirements necessary to obtain the Certified Information System Auditor (CISA), Certified Information Systems Security Professional (CISSP), Information Systems Security Management Professional (ISSMP), Certified in Risk and Information Systems Controls (CRISC), Certified Outsourcing Professional (COP), and Certified Information Privacy Professional (CIPP) certifications.

He writes and speaks frequently regarding negotiating and drafting technology transactions and the legal issues of technology in the workplace, email, and electronic evidence. He has written numerous articles and books on these subjects and is a frequent commentator in the national press (e.g., the New York Times, Chicago Tribune, Los Angeles Times, Wall Street Journal, ABCNEWS.com, CNN, and MSNBC) and has testified before the U.S. Congress regarding online issues.

 

Ashley M. Kennedy_myLawCLEAshley M. Kennedy | Foley & Lardner LLP

Ashley Kennedy is a Technology, Transactions, Cybersecurity & Privacy Practice Group member within Foley & Lardner’s Intellectual Property Department. Ashley provides counsel on structuring and negotiating technology agreements to create strategic and advantageous business relationships between companies. She has experience drafting and negotiating commercial agreements, including intellectual property licenses, software-as-a-service agreements, master services agreements, distribution agreements, non-disclosure agreements, and technology transfer agreements. Ashley also has experience structuring and addressing the intellectual property components of mergers and acquisitions and other corporate transactions.

 

Tyler J. Thompson_myLawCLETyler J. Thompson | Reed Smith LLP

Tyler advises clients on data privacy and protection, technology contracts and contract processes, websites and mobile apps, digital accessibility, artificial intelligence, and data issues in the franchise space. He offers clients practical and efficient legal counsel, striving to manage costs and risks with business-friendly strategies. With deep experience in digital compliance, Tyler focuses on handling all aspects of a client’s website, platform, game, or mobile app to achieve compliance while maintaining the best user experience. His practice also focuses on creating enforceable digital agreements with users. He also helps clients reduce website scraping risks.

Tyler has designed and implemented privacy compliance programs for clients ranging from Fortune 500 companies to startups, ensuring those clients are compliant with U.S. and international privacy laws. Advice on those programs includes, among other things, data retention and minimization, privacy by design, data inventories, and privacy impact assessments. Tyler is accredited by the American Bar Association and the International Association of Privacy Professionals (IAPP) as a Privacy Law Specialist. He is also certified by the IAPP as a Fellow of Information Privacy (FIP), Certified Information Privacy Professional for the United States (CIPP/US), Europe (CIPP/E), Asia, (CIPP/A) and Canada (CIPP/C) as well as a Certified Information Privacy Manager (CIPM) and Certified Information Privacy Technologist (CIPT). Tyler is also an ISACA Certified Data Privacy Solutions Engineer (CDPSE).

In the technology space, Tyler counsels on artificial intelligence (including generative AI and LLMs), open-source software, digital marketing, software licensing, and SaaS agreements. Tyler works with clients to modernize commercial contracting processes and privacy practices, enabling in-house attorneys to function more efficiently and conserve resources. He is certified by the IAPP as an Artificial Intelligence Governance Professional (AIGP). Tyler focuses on hard-to-draft agreements, combining elements of data rights, digital compliance, and emerging technologies.

Outside of the firm, Tyler practices archery, is an FAA certified private pilot, and a PADI certified SCUBA diver. He is on a mission to see every national park, MLB stadium, and good tiki bar in the United States.

 

Morgan Jones_FedBarMorgan Jones | Brown Rudnick LLP

Morgan Jones is an associate in the firm’s Corporate Practice Group and a member of the Emerging Growth Companies & Venture Capital Group. He represents early- and growth-stage technology companies through all stages of the technology lifecycle, from structuring, formation, financing, licensing, and data privacy matters through exit. He works closely with companies to launch and develop products, build customers and scale, acquire technology assets, draft a wide variety of commercial agreements, negotiate customer transactions, and strategic partnerships. He also advises companies on best practices for product development where there is little existing regulation and high potential liability, particularly in the field of artificial intelligence.

As an EU/U.S. certified information privacy professional (CIPP) and a privacy law specialist (PLS), he frequently advises companies on legal and operational compliance with various privacy laws on a global level, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) among others. Morgan uses this knowledge to regularly guide companies in responding to data breaches and cyberattacks and interacting with regulators and customers after a breach.

Morgan also regularly counsels clients in developing and maintaining their trademark portfolios, and preparing strong assets to maximize corporate value, both with consumers and with licensing marks to partners. Morgan received his J.D. from Seton Hall University School of Law and his B.S. from Rutgers University School of Engineering.

Agenda

Session I Key Issues in AI Contracting | 10:30am 11:30am
  • Common uses of AI technology
  • How AI technology is similar to and different from other types of technology
  • The AI legal framework
  • Vendor selection factors unique to AI technology vendors

Break | 11:30am 11:40am

Session II Negotiation Tactics for Al Technology Vendor Contracts | 11:40am 12:40pm

  • Data ownership
  • Jurisdictional considerations
  • Representations and warranties
  • Indemnities and liability caps

Break | 12:40pm 12:50pm

Session III –Effective Vendor Contract Management: Minimizing risk in AI, cloud services, and software agreements | 12:50pm – 3:00pm

  • Understanding the key risks and common pitfalls in cloud services and software license agreements

Break | 1:50pm 2:00pm

Session IV — Privacy and Security Considerations in AI Vendor Contracts | 3:10pm – 4:10pm

  • Data protection addendums in the AI context
  • Security considerations and provisions
  • Notice and transparency issues
  • Potential privacy and security risk while using AI

Break | 4:10pm – 4:20pm

Session V Considerations in Software and Cloud Services Agreements | 4:20pm – 5:20pm

  • Key considerations with respect to cloud services agreements
  • Understanding software licensing agreements
  • Negotiating software licensing agreements
  • Approaching unique opportunities and challenges involving artificial intelligence and machine learning

Credits

Alaska

Approved for CLE Credits
6 General

Our programs are CLE-eligible through Alaska's recognition of multi-jurisdictional reciprocity.
Alabama

Pending CLE Approval
6 General

Arkansas

Approved for CLE Credits
6 General

Arizona

Approved for CLE Credits
6 General

California

Approved for CLE Credits
6 General

Colorado

Pending CLE Approval
6 General

Connecticut

Approved for CLE Credits
6 General

District of Columbia

No MCLE Required
6 General Hours

Delaware

Pending CLE Approval
6 General

Florida

Approved via Attorney Submission
7 General

Receive CLE credit in Florida via attorney submission.
Georgia

Approved for CLE Credits
6 General

Hawaii

Approved for CLE Credits
6 General

Iowa

Pending CLE Approval
6 General

Idaho

Pending CLE Approval
6 General

Illinois

Pending CLE Approval
6 General

Indiana

Approved for Self-Study Credits
6 General

Kansas

Pending CLE Approval
6 General

Kentucky

Pending CLE Approval
6 General

Louisiana

Pending CLE Approval
6 General

Massachusetts

No MCLE Required
6 General Hours

Maryland

No MCLE Required
6 General Hours

Maine

Pending CLE Approval
6 General

Michigan

No MCLE Required
6 General Hours

Minnesota

Approved for Self-Study Credits
6 General

Missouri

Approved for Self-Study Credits
7.2 General

Mississippi

Pending CLE Approval
6 General

Montana

Pending CLE Approval
6 General

North Carolina

Pending CLE Approval
6 General

North Dakota

Approved for CLE Credits
6 General

Our programs are CLE-eligible through North Dakota’s recognition of multi-jurisdictional reciprocity. Section 1, Policy 1.14
Nebraska

Pending CLE Approval
6 General

myLawCLE reports attendance to Nebraska on each attorney's behalf for all programs. Please do not self-report.
New Hampshire

Approved for CLE Credits
6 General

As of July 1, 2014, the NHMCLE Board no longer provides pre- or post-approval of courses. Attendees must self-determine whether a program is eligible for credit, and self-report their attendance online at www.nhbar.org, based on qualification provisions of Rule 53.
New Jersey

Approved for CLE Credits
7.2 General

Our programs are CLE-eligible through New Jersey's recognition of multi-jurisdictional reciprocity, except for the courses required under BCLE Reg. 201:2
New Mexico

Approved for Self-Study Credits
6 General

Nevada

Approved for Self-Study Credits
6 General

New York

Approved for CLE Credits
7.2 General

Our programs are CLE-eligible through New York’s Approved Jurisdiction Group “A”.
Ohio

Pending CLE Approval
6 General

Oklahoma

Pending CLE Approval
7 General

Oregon

Pending CLE Approval
6 General

Pennsylvania

Approved for Self-Study Credits
6 General

Rhode Island

Pending CLE Approval
7 General

South Carolina

Pending CLE Approval
6 General

South Dakota

No MCLE Required
6 General Hours

Tennessee

Approved for Self-Study Credits
6 General

Texas

Pending CLE Approval
6 General

Utah

Pending CLE Approval
6 General

Virginia

Not Eligible
6 General Hours Hours

Vermont

Approved for CLE Credits
6 General

Washington

Approved via Attorney Submission
6 Law and Legal

Receive CLE credit in Washington via Attorney Submission. myLawCLE will supply Washington state attorneys with instructions on how to gain credit.
Wisconsin

Approved for CLE Credits
6 General

West Virginia

Pending CLE Approval
7.2 General

Wyoming

Pending CLE Approval
6 General

More CLE Webinars
Upcoming CLE Webinars
Insurance and Bad Faith Litigation in Fire Loss Cases
Insurance and Bad Faith Litigation in Fire Loss Cases Thu, March 20, 2025
On-Demand
Live Replay
Divorce Law 101 (2025 Edition)
Divorce Law 101 (2025 Edition) Fri, March 21, 2025
Live Webcast
Gun Trust 101 (2025 Edition)
Gun Trust 101 (2025 Edition) Fri, March 21, 2025
On-Demand
Live Replay
Ethical Strategies with Law Firm Podcasts
Ethical Strategies with Law Firm Podcasts Mon, March 24, 2025
Live Webcast
AI-Generated Trade Secret Litigation
AI-Generated Trade Secret Litigation Wed, March 26, 2025
Live Webcast
1031 Exchanges 101 (2025 Edition)
1031 Exchanges 101 (2025 Edition) Thu, March 27, 2025
On-Demand
Live Replay