AI & Startup Law

What should my AI product's terms of service cover?

AI product terms must go beyond standard SaaS language to address output ownership and licensing, whether user inputs train the model (and the user's rights if they do), acceptable-use limits for AI-specific abuse like prompt injection and model extraction, and honest disclosure of non-determinism and inaccuracy. Several states now mandate AI-interaction disclosures, and the FTC pursues deceptive 'AI-washing' under Section 5. Lysinski & Associates P.C. drafts terms that match how the deployed system actually behaves.

How are AI terms of service different from standard SaaS terms?

They must address output ownership and licensing, whether user inputs train the model (and the user's rights if they do), AI-specific abuse like prompt injection and model extraction, and honest disclosure of non-determinism. Additional terms must be considered based on the configuration and industry.

Standard SaaS language does not cover these, and the gap is where regulators and plaintiffs look first.

Do I have to disclose that my product uses AI?

Increasingly yes — several states now mandate AI-interaction disclosures, and the FTC pursues deceptive 'AI-washing' under Section 5.

Verified examples include Illinois HB 3773, California's AI Transparency Act (SB 942, as amended by AB 853), and EU AI Act Article 50 — confirm each one's scope and effective date for where your users are.

What should my terms say about training on user data?

State plainly whether inputs train the model and what rights users retain — and match it to what the system actually does.

A mismatch between the terms and the system's real behavior invites FTC or plaintiff scrutiny.

What acceptable-use limits do AI products need?

Limits targeting AI-specific abuse — prompt injection, model extraction, and misuse — beyond a generic acceptable-use policy.

For agentic products, coordinate these with deployer-liability planning. See the agent-liability page.

How do I disclose AI inaccuracy honestly?

Disclose non-determinism and the possibility of inaccurate output in plain terms — and tailor it to the product, because a RAG system needs different disclaimers than a fine-tuned generative model.

Honest, architecture-specific disclosure is both a legal and a trust asset.

Talk to an attorney who builds AI

Your terms of service are the first thing a regulator or plaintiff's lawyer reads after an incident. Adam drafts terms that describe how your AI actually works — because he understands both the architecture and the requirements. (773) 777-9888.

For the firm’s related legal service, see AI vendor contracts.

(773) 777-9888 · info@lysinski.com ·

Frequently asked questions

Do I need to disclose that my product uses AI?

Increasingly yes. Several states now require disclosure when users interact with AI, and the FTC pursues deceptive 'AI-washing' under Section 5. The specific triggers and effective dates vary by state — verify the current rules for where your users are.

What should AI terms of service say about training on user inputs?

Whether user inputs are used to train or improve the model, and what rights users keep if they are. State it clearly and make sure it matches what the system actually does, because a mismatch is what draws regulatory and litigation attention.

Do I need an acceptable-use policy for my AI app?

Yes. Beyond generic misuse terms, an AI acceptable-use policy should address AI-specific abuse such as prompt injection and model extraction, and define prohibited uses tied to how your system can actually be misused.

Can I be penalized for overstating my AI ('AI-washing')?

Yes. The FTC pursues deceptive AI claims under Section 5 of the FTC Act. Describe what your product actually does and avoid overstating capability, autonomy, or accuracy in marketing and terms alike.

Which states require AI disclosures?

Verified examples include Illinois (HB 3773) and California (the AI Transparency Act, SB 942 as amended by AB 853), with the EU AI Act adding an Article 50 transparency obligation that can reach U.S. companies. The exact statutes, triggers, and effective dates change — verify the current landscape before relying on a specific rule.

How do I handle output ownership in my terms?

Define who owns AI-generated outputs and what license each side has, tailored to your product. Purely AI-generated content raises copyright questions, so the terms should set expectations rather than assume default ownership. See the AI-generated-code page.

More in AI & Startup Law

Additional Notice — Subject to Change; No Legal or Tax Advice; Specialized Counsel May Be Needed. The laws, regulations, and court decisions referenced on this page are subject to change and to differing interpretations, and their application depends on the specific facts of each situation. The information on this page is general information only, is subject to verification, and should not be relied upon. Nothing on this page is, or shall be deemed to be, legal advice, and nothing on this page is, or shall be deemed to be, tax advice. No attorney-client relationship is created by your use of this page. The Supreme Court of Illinois does not recognize certifications of specialties in the practice of law, and no certificate, award, or recognition is a requirement to practice law in Illinois. Depending on your circumstances, you may need to engage specialized counsel — for example, in securities and SEC compliance, intellectual property (including patents and trademarks), labor and employment, and jurisdiction-specific or multi-state issues, among others. Any tax matter should be addressed with a qualified certified public accountant (CPA) or other qualified tax adviser. Before acting on anything described here, consult a licensed attorney — and, for any tax question, a CPA — about your specific situation.