Copyright Risks in Generative AI Training Data and Outputs

Pine IP Firm
July 5, 2026
Checklist for copyright risks in generative AI training data and outputs
Generative AI copyright risk should be reviewed through data provenance, storage, market effect, and output control.

Copyright disputes around generative AI are no longer limited to the abstract question of whether “AI training is fair use.” Recent U.S. cases and policy materials show that practical risk turns on more specific questions: where the data came from, how it was copied or stored, whether original files remain after training, and whether the AI service or its outputs substitute for the right holder's market.

For companies building or using AI systems, the key issue is data governance. Legal review should cover the entire data supply chain, not only the final model output.

Bartz v. Anthropic: training and unlawful data storage are separate issues

The significance of Bartz v. Anthropic is not that AI training is always fair use. The important point is that the court separated different acts in the AI development process. Use for model training, digitization of lawfully purchased printed books, and the creation or retention of a central library of pirated copies were not treated as one identical act.

That distinction matters for corporate practice. Even if a model does not reproduce the original text in its final output, the risk at the data acquisition stage may remain. A company should be able to explain whether the data was lawfully obtained, whether source files were retained after training, whether other teams could access them, and whether they could be reused for other projects.

Thomson Reuters v. Ross: competing with the licensing market weakens fair use

Thomson Reuters v. Ross Intelligence illustrates another important risk. The defendant used legal research materials to develop a service that would compete with Westlaw. The court viewed the use as commercial and competitive, and considered potential harm to licensing and derivative markets.

Companies should be especially careful when using professional databases, news, legal content, educational materials, images, music, or other high-value content for which licensing markets already exist. If the AI product competes with the content owner's market, the fair use defense becomes harder.

Kadrey v. Meta: a favorable result is not a safe harbor

In Kadrey v. Meta, Meta obtained a favorable fair use result, but the case should not be read as a blanket permission for AI training. The court emphasized the plaintiffs' failure to prove concrete market harm. A different evidentiary record could lead to a different result.

As generative AI can produce outputs at massive scale, market substitution and market dilution will remain central issues. Companies should not assume that model training is safe merely because some AI defendants have prevailed in particular cases.

Output risk: AI-generated does not mean freely usable

Training data is only one part of the problem. When a company uses AI-generated images, ad copy, reports, characters, code, music, or video for business, it should ask two questions. First, can the company claim copyright protection in the output? Second, does the output create infringement risk against a third party?

Human creative contribution remains important. A prompt alone may not be enough to create protectable authorship. The company should keep records showing who selected, arranged, edited, modified, or finalized the output. At the same time, if the output substantially reproduces protected expression from another work, the fact that AI was used will not automatically remove infringement risk.

Practical governance checklist

  • Classify data by source: proprietary, licensed, public domain, open license, crawled web data, third-party supplied data, unknown-source data, and suspected pirated data.
  • Separate training copies from retention copies and document deletion, access control, and reuse restrictions.
  • Introduce output review controls, including similarity checks, long-text reproduction prevention, source attribution for RAG systems, and human review before commercial use.
  • Review vendor terms for model training use, ownership of outputs, indemnity, and restrictions on sensitive uploads.
  • Define internal policies on what employees may and may not submit to public AI tools.

Pine IP Firm's view

AI copyright risk cannot be solved by one disclaimer. It requires a governance system from data collection to model development, service launch, output review, and contract management. Companies should review the data supply chain before relying on fair use and should document human contribution when AI outputs become business assets.