Tom Cedoz

Checklist · AI & emerging risk

Buying an AI Tool: A Vendor Contract Risk Checklist

A standard SaaS template was not written for a tool that ingests your data, generates outputs you will rely on, and changes underneath you. This checklist covers the AI-specific terms that template misses — grouped by deal term, with what to look for and a typical ask for each. It is general information, not legal advice, and AI contracting norms are moving fast; treat the asks as starting positions and confirm specifics against current law and your own facts.

Updated June 2026· 8 deal terms· Prints to 2 pages

How to use this

Work through the eight terms below before signing an agreement for an AI tool or an AI-enabled service. Each adds something a conventional software contract does not contemplate, because conventional software does not train on what you feed it, does not generate text or decisions you act on, and does not silently change models between Tuesday and Thursday. The vendor’s base paper will usually be a SaaS template lightly dressed for AI; the gaps are predictable, and most of them favor the vendor by default.

Two framing points. First, none of this shifts your own legal duties. If the tool helps make an employment, credit, or other consequential decision, the obligations to verify, to avoid discrimination, and to be able to explain the decision remain yours — “the vendor’s algorithm did it” is not a defense. The contract allocates risk between you and the vendor; it does not absolve you to regulators, employees, or courts. Second, the two terms that move the most risk — whether the vendor trains on your data, and who indemnifies you when an output infringes IP — are precisely the two most often absent from the template. Pin both down in writing.

1. Outputs and intellectual property

Establish who owns what the tool produces, whether you can use it commercially, and whether your prompts and outputs are protected as your confidential information. Ownership of AI outputs is unsettled and varies by jurisdiction and by how the output was generated; do not assume the contract’s allocation matches what the law will recognize.

2. Your data and model training

This is the term most often defaulted against you. Many tools train or improve their models on customer inputs unless you opt out — sometimes that setting is on by default and buried in a referenced policy rather than the signed agreement. Get the answer in the contract, not a webpage the vendor can revise unilaterally.

3. IP-infringement indemnity

An AI output can reproduce protected material, and training data can carry infringement claims. If a third party sues because an output infringed a copyright, trademark, or patent, the question is who defends and pays. Several major vendors now offer some form of output-IP indemnity, but scope, conditions, and caps vary widely — read what is actually promised.

4. Accuracy, performance, and human oversight

AI vendors frequently disclaim all reliance — the tool is provided “as is,” outputs “may be inaccurate,” and you bear all consequences. Taken literally, a blanket no-reliance clause guts the value of a tool you are buying precisely to rely on. The goal is not a guarantee of perfection; it is representations and service levels honest enough to mean something, paired with a clear, written allocation of the human-review role.

5. Model changes and versioning

The model you evaluated may not be the model you use next quarter. Vendors update, swap, or deprecate underlying models routinely, and behavior can shift materially without any change to the interface. A tool you validated for a sensitive use can quietly become a different tool.

6. Transparency and auditability

For consequential outputs — especially employment, credit, insurance, and other regulated decisions — you may have to explain or defend an output. You cannot do that if the tool is a black box and the contract gives you no right to look inside.

7. Compliance support for decision tools

If the tool informs hiring, promotion, lending, or other regulated decisions, a growing body of law may require bias auditing, notice, validation, or accommodation — for example, frameworks discussed under NYC Local Law 144, Illinois’s automated-decision and video-interview statutes, the Colorado AI Act, the EU AI Act, and EEOC guidance. These vary by jurisdiction, and their scope, effective dates, and applicability are moving; confirm current status before relying on any of them. The vendor cannot discharge your obligations, but it should hand you the materials and cooperation you need to meet them. See AI in Hiring and Employment.

8. Exit

Plan the divorce while drafting the marriage. When the relationship ends, you want your data back in a usable form, confirmation it is gone from the vendor’s systems, and no operational hostage situation.

Quick reference

TermThe AI-specific riskTypical ask
Outputs and IPUnclear ownership; outputs treated as vendor’sYou own or broadly license outputs; inputs and outputs are your confidential information
Data and trainingTraining on your data, often on by defaultTraining off in writing; defined retention, deletion, sub-processors, DPA
IP indemnityOutput or training data infringes a third partyVendor defends and indemnifies; carved out of the liability cap
Accuracy and SLAsBlanket as-is disclaimer guts the tool’s valueHonest reps and SLAs; human-oversight role defined in writing
Model changesTool silently becomes a different toolNotice of material changes; version pinning or transition window
TransparencyBlack box you must explain to a regulatorExplainability and audit rights for consequential outputs
Compliance supportDecision tool triggers your regulatory dutiesBias-audit and validation materials; cooperation with your obligations
ExitData stranded or never deletedReturn in usable format; certified deletion across sub-processors

These are starting positions, not rules, and the regulatory items in particular are moving quickly. Confirm scope, effective dates, and applicability against the current law in your jurisdictions and against your own risk tolerance. For the general clauses an AI deal shares with any commercial contract — the cap, termination, dispute resolution — see Contract Risk Review: The Key Terms, Triaged.

The thing behind the thing

Two AI-specific terms move the most risk and are missing from most templates: whether the vendor trains on your data (frequently on by default) and who indemnifies you when an output infringes someone’s IP. Pin both down in the signed agreement — and remember that even a perfect contract does not transfer your duty to verify, to avoid discrimination, and to be able to explain a decision to the people it affects.