When Your Customers Ask About AI: The Seller's Contract Playbook

Executive Summary

• Enterprise customers are now routinely inserting AI clauses into vendor contracts, flowing governance requirements down from their own AI policies to every supplier. Professional services firms, financial services companies, healthcare providers, and technology businesses are all being asked to represent how they use AI, whether their employees use public AI tools, and what happens when AI is wrong.
• The problem for sellers is not the question — it’s the overpromise. Four categories of representations are being requested that no mid-market company can make safely without proper governance in place: AI accuracy guarantees, IP indemnification for AI-generated work, training data warranties, and blanket confidentiality representations about public AI tools.
• The sellers capturing new contracts while managing liability do three things: disclose specifically (not generically), limit liability precisely (not by disclaiming everything), and add a short AI addendum to their standard MSA rather than trying to answer AI questions verbally.
• The regulatory floor is rising. Colorado’s AI Act (effective June 2026) creates disclosure obligations for deployers of high-risk AI. California’s SB 942 (effective January 2026) imposes content provenance requirements. Professional liability exposure exists when AI-assisted work causes client harm — and standard E&O policies have not been updated to address it.
• The goal is not to avoid AI questions. The goal is to answer them without making representations you cannot back up in litigation.

What Customers Are Actually Asking

Enterprise customers — especially those with their own AI governance programs — are adding AI questionnaires to RFPs, inserting AI riders into standard agreements, and asking pointed questions at contract renewal. The questions cluster into four categories:

Category 1: Usage disclosure. “Do you use AI in delivering services to us? Which tools? Which employees? Which processes?” These questions are almost always fair, and the right answer is specific disclosure rather than a generic “yes” or “no.” Customers want to know if a public large language model is receiving their confidential information.

Category 2: Data handling. “Does your use of AI expose our confidential information to third parties? Is our data used to train AI models?” These are the most consequential questions. The risk: a service provider whose employees use ChatGPT, Claude, or Gemini on a non-enterprise plan is feeding client data into systems that may retain it, use it for training, and surface it to other users. Enterprise plans from OpenAI, Anthropic, and Google do not train on customer data — but the consumer or free versions do. Most organizations using AI informally have not configured this.

Category 3: Output quality and accuracy. “If your AI-generated work product is wrong, who is responsible?” Customers want to know whether AI output is reviewed before delivery, whether accuracy is warranted, and what the remedy is for AI-generated errors. This is the category where sellers most often overpromise.

Category 4: IP ownership. “Who owns the work product your AI generates? Does your AI infringe third-party copyrights?” IP questions have become standard in any agreement covering deliverables. Generative AI copyright ownership remains unsettled in U.S. law — the Copyright Office has declined to register purely AI-generated works, and the training data copyright question is in active litigation across multiple federal circuits.

The Four Risky Representations Sellers Make

1. “Our work product is accurate.”

Standard professional services agreements often include a representation that work will be performed in a “professional and workmanlike manner” consistent with industry standards. When AI generates the first draft of a research memo, financial model, or contract, that representation extends to the AI’s output.

The risk: AI systems hallucinate with statistically predictable frequency. The GPT-4 hallucination rate on factual questions ranges from 3% to 19% depending on task type (Stanford HAI, 2024). Representing professional-standard accuracy without disclosing AI’s role — and the human review process in place to catch errors — exposes the provider to professional liability claims when errors occur.

The safe version: Represent that AI-generated outputs undergo human review before delivery, and that the professional’s judgment governs the final work product. Do not represent accuracy of AI outputs directly — represent the review process that validates them.

2. “Our deliverables are original and do not infringe third-party IP.”

Standard IP warranties represent that the deliverables are original and that the vendor has the right to provide them. When those deliverables are generated with AI tools trained on scraped internet data, the IP warranty is harder to make.

The risk: Training data copyright litigation is ongoing — Andersen v. Stability AI, Getty Images v. Stability AI, and the New York Times v. OpenAI are working through the courts as of early 2026. Until those cases resolve, no seller can confidently warrant that AI-generated text, code, or images are free of third-party IP claims. Only 33% of AI vendors themselves provide IP indemnification to their customers (TermScout, 2025). The seller cannot pass through protection it did not receive.

The safe version: Represent that deliverables reflect the professional’s original judgment and analysis, with AI used as a research or drafting tool. Carve out AI-generated components explicitly: “Supplier warrants that Deliverables represent Supplier’s professional judgment. Deliverables may include content generated with AI assistance; Supplier does not warrant that AI-generated components are free of third-party copyright claims, and indemnification obligations do not extend to AI-generated components used without modification.”

3. “Your confidential information is protected.”

Standard confidentiality provisions represent that the vendor will not disclose client information to third parties without consent. When employees use public AI tools, client information enters third-party infrastructure — often in violation of the vendor’s own confidentiality obligation.

The risk: Consumer-facing AI products (free or low-tier ChatGPT, Claude, Gemini plans) retain conversation history and may use it for model training. OpenAI’s business terms prohibit using customer data for training, but those protections apply to the API and ChatGPT Enterprise — not the free web interface that many employees use by default. A firm whose employees use free ChatGPT for client work is, in practice, breaching its standard confidentiality obligations every time they do.

The safe version: Disclose which AI tools are used and confirm those tools are enterprise-configured. “Supplier uses [specific tools] under enterprise agreements that prohibit training on customer data. Supplier maintains a written AI acceptable use policy prohibiting employees from entering client confidential information into consumer-tier AI products.” This representation is narrow enough to be accurate and specific enough to be meaningful.

4. “AI-generated work product belongs to you.”

Customers often want full IP assignment of deliverables, including AI-generated components. The clean version of this representation requires the vendor to have rights to assign — which, for AI-generated content, depends on the vendor’s agreement with the AI provider.

The risk: Most AI vendor terms grant the customer a license to use AI-generated outputs, not ownership of the underlying generation process. OpenAI’s terms assign outputs to the customer subject to usage policies. Anthropic’s terms similarly grant usage rights. The assignment chain is: AI provider assigns outputs to the seller; seller assigns to the client. That chain generally holds for text and code — but breaks for fine-tuned models and embeddings, which most AI vendors treat as their property. A seller who fine-tunes a model on client data and then represents that the model belongs to the client may be assigning something it does not own.

The safe version: Distinguish between standard deliverables (assignable) and AI model components (not assignable). “Supplier assigns all rights in Deliverables to Client. For clarity, Deliverables do not include AI models, training weights, embeddings, or fine-tuned parameters, which remain the property of Supplier’s AI tool providers.”

The Three Things That Protect You

1. A short AI addendum to your standard MSA

Verbal answers to AI questions do not protect sellers. A short addendum — one page, attached to the master services agreement — does three things: discloses which AI tools are in use, specifies the confidentiality configuration of those tools, and carves out AI-generated components from IP warranties. It takes a GC two hours to draft once and applies to every client engagement.

The addendum does not need to be comprehensive. It needs to be specific. “Supplier uses Claude (Anthropic) and ChatGPT (OpenAI) under enterprise agreements with no-training-on-data configurations. Employees are prohibited by written policy from using consumer-tier AI products on client work.” That is defensible. “We take data security seriously and use AI responsibly” is not.

2. A written AI acceptable use policy that employees have actually signed

The most common seller vulnerability: a firm represents to a client that confidential information is protected from AI systems, and an employee with a free ChatGPT account does not know that policy exists. The client’s confidential information goes into OpenAI’s training pipeline, and the seller has just breached its contract.

The fix is not complicated. An AI acceptable use policy specifying which tools are approved, which configurations are required, and what client data may and may not be entered — combined with employee acknowledgment signatures — creates the documentation to back up the confidentiality representation. It also creates the foundation for the disclosure clause in the addendum.

3. Human review before AI outputs become deliverables

The professional liability risk from AI is not that AI produces bad outputs. It is that bad AI outputs reach the client without professional review. The standard of care in every professional services context — legal, accounting, consulting, financial advisory, engineering — requires professional judgment to govern the final work product.

Building and documenting a review process — not as bureaucracy, but as a genuine quality gate — does two things simultaneously: it reduces the actual error rate, and it creates the factual record needed if a client later claims the deliverable was deficient. “The draft was generated by AI and delivered without review” is a malpractice allegation. “The draft was generated by AI and reviewed by a licensed professional before delivery” is defensible standard practice.

Key Data Points

The Regulatory Floor You Are Standing On

Even without client-mandated contract language, four regulatory frameworks create baseline disclosure and governance obligations for sellers using AI in service delivery:

Colorado AI Act (SB 24-205, effective June 2026): Applies to “deployers” of high-risk AI systems, which includes any AI system making “consequential decisions” affecting employment, lending, education, housing, or healthcare. Professional services firms using AI in hiring, credit analysis, or medical documentation are covered. Required: risk management policy, consumer notification that AI was used, and an appeals process for consequential AI decisions. Penalty: $20,000 per violation per consumer.

California AI Transparency Act (SB 942, effective January 2026): Applies to AI providers with over 1 million monthly users — meaning it governs the tools sellers use, not sellers themselves. Relevant to sellers because major AI vendors must now provide content provenance tools and watermarking, which enterprise customers will begin requiring sellers to implement as a pass-through condition.

Utah AI Policy Act (HB 452, effective May 2024): Requires disclosure when a consumer interacts directly with AI in a context where they would reasonably believe they are interacting with a human. Applies to customer service AI, AI chatbots, and AI-generated client communications. Selling companies using AI for outbound client communications in Utah must disclose it.

Illinois Artificial Intelligence Video Interview Act and similar state laws: AI used in hiring decisions — including screening resumes, analyzing video interviews, or scoring assessments — triggers disclosure and consent obligations in Illinois, Maryland, and Washington DC. Companies selling HR services or using AI in their own hiring face compliance obligations that extend into client-facing contracts when those clients are covered employers.

None of these require sellers to stop using AI. They require sellers to know what they are using, disclose it appropriately, and govern it with documented policies.

What This Means for Your Organization

Most mid-market professional services firms, financial services companies, and healthcare organizations are already using AI in their service delivery — either deliberately or because employees adopted it informally. The question is no longer whether AI is in the mix. The question is whether the contracts say anything coherent about it.

The firms that are winning in this environment are doing something specific: they are treating the customer’s AI question as an opportunity to demonstrate governance maturity rather than a threat to deflect. “We use these three tools under enterprise agreements. Here is our policy. Here is our review process” is a better answer than “we use AI responsibly” — and it wins contracts from enterprise clients who have been burned by suppliers who could not answer the question at all.

The addendum approach takes a GC two hours. The acceptable use policy takes an afternoon. The review process documentation is something most professional firms already have in practice — it just needs to be written down. None of this requires expensive tooling or outside consultants. It requires being specific about something your organization is already doing.

If you are in a contract negotiation right now where the customer has sent an AI questionnaire or AI rider, I am glad to think through the specific representations at issue — brandon@brandonsneider.com

Sources

1. TermScout — AI vendor contract certification analysis (2025). Data on IP indemnification rates (33%), regulatory compliance warranties (17%), broad data usage claims (92%). Credibility: HIGH — independent contract analysis platform with primary data from actual vendor agreements.

2. Stanford HAI — “AI Index Report” (2024). Hallucination rate data for GPT-4 and comparable LLMs on factual tasks (3–19% range). Credibility: HIGH — Stanford University independent research center, primary benchmarking data.

3. Jones Walker LLP — “AI Vendor Liability Squeeze: Courts Expand Accountability While Contracts Shift Risk” (2025). Market analysis of vendor liability caps (88% cap at monthly fee). Credibility: HIGH — Am Law 200 firm, AI-specific litigation practice.

4. IBM/Ponemon Institute — Cost of a Data Breach Report (2025, n=600 organizations). AI acceptable use policy adoption (37%). Credibility: HIGH — annual longitudinal study, independent research methodology.

5. ThoughtRiver — “AI Clauses in Commercial Contracts: A Practical Guide” (2025). Analysis of AI clause prevalence across SaaS, professional services, and distribution agreements; 30-60 day advance notice becoming standard. Credibility: MEDIUM-HIGH — AI contract analysis platform with access to large commercial contract dataset.

6. Taft Law / Taft Technology and AI Insights — “The Expanding Prevalence of AI Clauses in Contracts” (November 2025). Safe vs. risky seller representations; training data provenance warranty risk; privacy guarantee limitations. Credibility: HIGH — Am Law 200 firm, AI transactions practice.

7. Colorado General Assembly — SB 24-205 (Colorado Artificial Intelligence Act), effective June 30, 2026. High-risk AI deployer obligations, $20,000 per-violation penalty, risk management requirements. Credibility: HIGH — primary legal source.

8. California Legislature — SB 942 (California AI Transparency Act), effective January 2026. Content provenance requirements, watermarking obligations for covered AI providers. Credibility: HIGH — primary legal source.

9. Gouchev Law — “How AI Provisions in Client Service Agreements Can Protect Providers from IP Headaches” (2025). IP allocation clauses, disclaimer of AI output warranties, limitation caps, indemnification structures. Credibility: MEDIUM-HIGH — boutique technology law firm, practitioner-oriented guidance.

10. Morgan Lewis — “Negotiating AI Provisions in Commercial and Technology Contracts: Where the Market Is Heading” (April 2026). Regulatory responsibility allocation, performance standard provisions, transition planning requirements. Credibility: HIGH — Am Law 10 firm, technology transactions practice.

11. Margolis PLLC — “AI Terms and Indemnity in Commercial Contracts” (2025). Output-based claims, data rights disputes, bias and discrimination indemnity allocation, content similarity liability. Credibility: MEDIUM-HIGH — IP and technology practice, practitioner-oriented analysis.

12. eve.legal — “Disclosing AI Usage to Your Clients: Best Practices for Legal Teams” (2025). Engagement letter approach, safe disclosure language, billing transparency, client dialogue recommendations. Credibility: MEDIUM — legal technology platform, practitioner perspective.

Brandon Sneider | brandon@brandonsneider.com March 2026