As the GenAI market is evolving, so are the levels of protection which GenAI providers are willing to offer to their customers. Most recently, there have been developments in how far GenAI providers are prepared to go to safeguard their customers against the risk that, by using GenAI products, they may be liable for third-party infringement claims.
In September, Microsoft announced its "Copilot Copyright Commitment", under which it agreed (in relation to its commercial Copilot offering) to "defend customers against copyright infringement and pay the amount of any adverse judgments or settlements that result from the lawsuit". In what could be seen as the next move in the battle for dominance in the GenAI market, Google followed suit last month with a blog post heralding its introduction of a "two-pronged, industry-first approach" to protecting customers against copyright infringement risk.
What is Google offering?
Google's changes to their terms relate to Duet AI in Google Workspace and certain Google Cloud Services and consist of two new indemnities.
One of the two new indemnities offered by Google, like Microsoft's equivalent, focusses on the output generated by the GenAI products. However, where Microsoft also expressly offers protection regarding customers' use of the GenAI products themselves, Google's second indemnity instead relates to Google's own use of training data underlying its services. This may be because Google considers that use is already suitably protected by its existing general service indemnification relating to infringement of third-party intellectual property rights. However, it seems odd that Google did not choose to be more explicit and announce a three-pronged, instead of two-pronged, approach.
Similarly to Microsoft whose protection is offered only "as long as the customer used the guardrails and content filters [Microsoft has] built into [its] products", Google has caveated both indemnities as being subject to customers' compliance with the restrictions and protections Google puts in place.
Shared fate or pure hype?
Google has marketed this as being part of its commitment to a "shared fate" with its customers. Whether there really is a genuine recognition by GenAI providers that they need to take on a fair share of the many risks associated with GenAI remains to be seen. However, what can be determined at this point in time is whether the protection being offered is likely be meaningful in practice. In Google's case, the answer to this is: sort of.
The fact that the scope of the protections includes not only the output but also the training data is useful and will hopefully lead other GenAI providers to follow suit, particularly since several of the first GenAI legal cases which have been filed focus on the training piece (e.g. Thomson Reuters Enterprise Centre Gmbh and West Publishing Corp., v Ross Intelligence Inc.). The way that Google has aligned these indemnities with its existing intellectual property infringement indemnity is also in some respects helpful as, for example, it means that they are not subject to any monetary cap.
However, like its existing indemnity, these new indemnities are limited in a number of ways, including: (i) the products to which they apply; (ii) the losses they entitle customers to recover (as is the case with Google's other indemnity protections, they allow only for settlement amounts approved by Google and damages finally awarded by a court); and (iii) the steps they require customers to take (e.g. use of all tools made available by Google to help ensure responsible use of generated output).
As such, while announcements like this demonstrate an increasing level of maturity in the terms being offered to customers and a move towards increased responsibility being taken by providers, there is still a long way to go before there is a fair balance of responsibilities between the parties.
Customers of GenAI products should therefore: (i) continue to exercise caution in the way that they use such products and incorporate them into their business models; (ii) ensure that due regard is paid to supplier terms prior to any deployment; and (iii) put their own checks and balances in place to help mitigate the risk of copyright infringement and other risks associated with use of these products.