AI disputes: moving beyond IP

As businesses move from experimenting with AI to embedding it in products, services and decision-making, disputes are likely to shift from questions of ownership and training data to questions of harm, liability and evidence.

AI disputes have, so far, largely focused on intellectual property. Many of the best-known cases have concerned the data used to train models, the ownership of outputs and the rights of creators. But as AI becomes part of everyday business operations, a broader set of claims is likely to emerge.

The panel was chaired by Ross Francis-Pike, Disputes and Investigations Partner at Slaughter and May, and brought together Rebecca Keating, Barrister at 4 Pump Court, David Dorrell, Head of Data Science at Frontier Economics, and Laura Houston, Technology, Digital, Data and IP Partner at Slaughter and May.

The most difficult disputes may not be about whether AI was used, but about how it was used, who controlled it, what caused the harm and whether the relevant decisions can be reconstructed after the event.

A fragmented regulatory landscape is creating uncertainty

The regulatory landscape for AI remains fragmented. The EU has introduced a detailed AI-specific regime through the EU AI Act. The UK has taken a more principle-based  approach, with regulators responsible for implementation using existing powers. The US position has generally been more light-touch at federal level, although that position may evolve as risks become clearer.

For cross-border businesses, this creates uncertainty. A consistent global approach to AI governance may be difficult to design, but inconsistent approaches across jurisdictions may create friction with regulators, suppliers and customers.

Even where AI regulation does not create a direct private right of action, it may still matter in litigation. For example, regulatory duties may be reflected in contracts or enforcement may trigger follow-on claims. 

The next wave of claims will be broader than IP

Several categories of AI-related claims are likely to emerge.
Some claims may look familiar. Contractual disputes may arise where an AI system does not perform as expected, or where parties disagree about whether a promised capability was ever technically achievable. Tortious claims may arise where an AI system causes harm, but the allocation of responsibility is unclear.

Other claims may be more distinctive. AI is being adopted at both speed and scale, and its operation can be opaque. That combination may increase the likelihood of group claims, because AI-driven applications and services will affect large numbers of people quickly and in ways that are difficult to trace or explain.

Financial disclosure claims may arise where AI-generated materials, such as a prospectus, contain errors. More broadly, businesses may face litigation risk if their public statements overstate their use of AI, the sophistication of their systems, or the capabilities those systems can deliver.

Competition concerns may also emerge across the AI value chain, in particular around risks linked to self-preferencing and algorithmic pricing.

Why has the wave not arrived yet?

AI claims typically lag behind real-world adoption: losses need time to crystallise, claimants need to understand what went wrong, and parties need to decide whether litigation is worth the cost and risk.

The public court record may also understate the level of activity. Some disputes may be settling privately, going through alternative dispute resolution or arbitration, or being held back by reputational concerns, funding issues and reluctance to be the test case on novel legal points.

Complex supply chains make liability harder to pin down

AI systems often have layered supply chains. A user may interact with a single application, but that application may rely on several large language models, third-party data, retrieval systems, software components and distribution platforms. This can make it hard for claimants to know where to point the finger.

Contracts will matter. AI risk is increasingly being allocated through contractual terms. But bargaining power is not even. Smaller firms may have little scope to negotiate with major AI providers and may absorb more risk than is appropriate.

Legacy contracts create another problem. AI capabilities are often added to existing outsourcing or technology arrangements that were not designed with AI risks in mind. Those contracts may say little about who is responsible for managing AI-specific risks.

Deployment choices matter as much as procurement choices

Even where a business buys an AI system from a third party, it will usually make important choices about deployment. These choices include which customers see the system, how autonomous it is, what guardrails apply and when humans intervene.

These are commercial decisions, but they also shape litigation risk. If a claimant alleges harm, the question may not only be whether the model was defective. It may also be whether the deployer calibrated it appropriately, tested it adequately, monitored it effectively and documented  the reasoning behind the decisions made.

Businesses should be able to explain why they are using AI, what risks they identified, which risks they mitigated, which risks they accepted and why. A clear, contemporaneous paper trail may become an important part of defending future claims. Waiting for perfect regulatory clarity is not realistic, but decisions made in uncertainty should be documented carefully.

Causation will be one of the hardest questions

AI disputes will often turn on causation. Did the system cause the harm? Which part of the system caused it? Would the same outcome have happened without the AI? Did the user, deployer, model provider or another supplier make the decisive choice?

All this is not new as algorithms and machine learning systems have been in use for a while. Businesses, regulators and experts have experience investigating algorithmic decision systems, including in areas such as credit scoring and ranking algorithms. But agentic AI may make the evidential task harder because these systems can make choices about which tools to use, what information to retrieve, how to combine that information and what actions to take next.

That means evidence will be critical. Parties may need to examine system design documents, logs, escalation rules, governance records and evidence of deployment decisions. Where logs are missing, incomplete or poorly structured, it may be much harder to reconstruct what happened.

For consumer-facing systems, the technical audit will not be enough. Choice architecture will also matter. How was information presented? Did the user understand they were interacting with an AI system? How did the wording, ranking or framing of recommendations affect their choices? All this is very fertile ground for behavioural economics expertise. 

Insurance will not replace governance

Whether AI risk can be transferred through insurance remains an open question. AI-specific insurance remains at an early stage, partly because there is limited claims history on which to price the risk. Existing policies may not cover all AI-related harms and may contain exclusions.

In any event, some risks cannot be transferred in a meaningful way. Reputational harm and regulatory scrutiny may remain with the business. Insurance may be part of the toolkit, but it is not a substitute for governance, supervision, training and clear accountability.

The role of evidence will be critical in AI disputes

AI disputes may look novel, but many of the underlying questions are familiar. What was promised? What went wrong? Who controlled the relevant decision? What caused the loss? What evidence proves it?

The challenge is that AI can make those questions harder to answer. Systems may be opaque. Supply chains may be complex. Regulation may be unsettled. Decisions may happen at speed and at scale.

For businesses, the best preparation is not to wait for the first claim. It is to build governance, contracts, documentation and evidence trails that can withstand scrutiny later. The organisations that can explain how their AI systems were deployed, why particular choices were made and how risks were managed will be in a stronger position when disputes arise.