AI, Copyright and Data Scraping: The Next Governance Battlefield

Last Updated on 04/06/2026 by 75385885

The Data Gold Rush Nobody Properly Governed

Topics
show

AI Royalties: Science Fiction or Inevitable?

AI Due Diligence Will Become a Board Responsibility


AI copyright and data scraping AI intellectual property, AI copyright risk, data scraping governance, AI licensing, AI vendor risk, AI governance framework, data provenance, AI legal risk, AI compliance, knowledge governance, AI regulation, intellectual property governance

AI Governance Is Becoming Knowledge Governance

AI copyright and data scraping Artificial intelligence is often described as the new electricity, the new internet or the next industrial revolution. Yet beneath the excitement surrounding large language models, generative AI and autonomous agents lies a much less glamorous question:

Where did all the training data come from?

For years, the AI industry largely focused on capability:

  • bigger models,
  • more computing power,
  • larger datasets,
  • and increasingly sophisticated outputs.

Much less attention was paid to governance.

That is beginning to change rapidly.

Today, some of the most significant legal, ethical and governance questions in artificial intelligence are no longer about what AI can do. They concern:

  • who owns the underlying content,
  • whether that content was lawfully obtained,
  • who should be compensated,
  • and how organisations should govern AI systems built upon vast quantities of third-party data.

This debate increasingly resembles earlier governance battles involving:

  • intellectual property,
  • privacy,
  • environmental externalities,
  • and financial market regulation.

In each case, innovation moved faster than governance.

AI may be following exactly the same pattern.

This blog is part of a series of blogs on Artificial Intelligence that starts with the cornerstone AI Governance in the Boardroom: From Innovation Race to Accountability Architecture. The other blogs comprise are:

  • AI Governance vs Corporate Governance: Why Boards Are Structurally Unprepared,
  • AI Incidents: The New Operational Risk Category,
  • AI in Finance: The Next Regulatory Stress Test, and
  • Privacy-Enhancing Technologies (PETs): Can AI Become Trustworthy?

The Hidden Foundation of Generative AI

Many people imagine AI models as highly intelligent digital entities.

In reality, modern generative AI systems are fundamentally dependent on training data.

Enormous amounts of it.

Large language models learn statistical relationships from:

  • books,
  • newspapers,
  • websites,
  • academic papers,
  • source code,
  • social media content,
  • discussion forums,
  • public databases,
  • and countless other digital sources.

Without this data, the models simply would not work.

The challenge is that much of this content was created by someone else.

Authors wrote the books.
Journalists wrote the articles.
Programmers wrote the code.
Photographers created the images.
Musicians composed the songs.

AI companies did not necessarily create the underlying intellectual property that made their models possible.

That observation sits at the heart of the current governance conflict.

Read more on Copyright and Artificial Intelligence | U.S. Copyright Office or Navigating the challenges of data scraping on OECD.ai.


The Difference Between Reading and Copying

A useful analogy helps explain the controversy.

Suppose a human accountant reads:

  • 1,000 annual reports,
  • 500 IFRS publications,
  • and hundreds of governance articles.

Over time, that accountant learns patterns and develops expertise.

Nobody claims copyright ownership over the accountant’s knowledge.

Humans learn continuously from what they read.

AI developers often use a similar argument.

They argue that AI systems merely “learn” from data in a comparable way.

Critics disagree.

Because AI training is not identical to human learning.

To train a model, organisations often need:

  • copies of content,
  • massive computational processing,
  • storage,
  • indexing,
  • and statistical analysis of copyrighted works.

That introduces legal questions that do not exist in ordinary human learning.

The governance challenge therefore becomes:

At what point does learning become copying?

And at what point does copying become infringement?

These questions remain far from settled.


Why Boards Should Care

Many executives still view copyright disputes as legal department issues.

That is a mistake.

Increasingly, these disputes create:

  • strategic risks,
  • financial risks,
  • reputational risks,
  • operational risks,
  • and governance risks.

Consider a simple scenario.

An organisation adopts a third-party generative AI platform.

The AI vendor later becomes involved in major copyright litigation.

Questions may emerge:

  • Was the model trained legally?
  • Are outputs contaminated by copyrighted material?
  • Could customers face legal claims?
  • Will regulators intervene?
  • Could the platform become unavailable?
  • Are disclosures required?

Suddenly what appeared to be a technology issue becomes a board-level governance issue.

This is remarkably similar to:

  • supply-chain governance,
  • ESG due diligence,
  • sanctions compliance,
  • or third-party risk management.

The organisation may not have created the problem itself.

But it may still be exposed to the consequences.


The Data Scraping Debate

One of the most contentious issues involves data scraping.

Data scraping refers broadly to the automated collection of information from websites and digital sources.

Historically, scraping has been used for:

Generative AI dramatically increased the scale.

Instead of scraping content merely to display search results, AI companies increasingly scrape data to train foundational models.

This changes the economics completely.

A newspaper publisher may spend millions creating high-quality journalism.

An AI company may then use that content as training data.

The publisher receives no direct compensation.

The AI company may subsequently generate summaries that reduce traffic to the original source.

That creates tension.

The underlying question is no longer technical.

It is economic.

Who captures the value?


The Music Industry Already Fought This Battle

Interestingly, the music industry provides a useful preview.

Two decades ago, digital technology disrupted music economics.

Consumers gained unprecedented access to content.

Creators increasingly worried about:

Eventually new governance structures emerged:

  • streaming licenses,
  • royalty frameworks,
  • collective rights organisations,
  • and legal settlements.

The system remains imperfect.

But governance eventually adapted.

AI may follow a similar trajectory.

Today’s copyright disputes may eventually evolve into:

  • licensing markets,
  • training rights frameworks,
  • collective compensation mechanisms,
  • and AI-specific intellectual property standards.

The question is not whether governance will emerge.

The question is what form it will take.


The Open Internet Assumption Is Disappearing

For decades many organisations operated under an implicit assumption:

If information is publicly accessible online, it is effectively available for use.

AI is forcing a reassessment.

Increasingly, content owners are asking:

  • Publicly visible to whom?
  • For what purpose?
  • Under which conditions?
  • With what compensation?

This debate extends far beyond media organisations.

Potential stakeholders include:

  • universities,
  • research institutions,
  • software developers,
  • consulting firms,
  • artists,
  • photographers,
  • accountants,
  • and governance specialists.

Many organisations are discovering that their intellectual capital may have become part of AI training ecosystems without explicit negotiation.

That creates a fundamentally new governance question:

How should organisations protect and monetise digital intellectual property in an AI-driven economy?


Copyright Is Only the Beginning

The debate is often framed narrowly around copyright law.

That is too limited.

The broader governance issue concerns ownership of knowledge itself.

Historically, organisations protected value through:

  • patents,
  • trademarks,
  • copyright,
  • trade secrets,
  • contractual restrictions.

AI challenges all of them simultaneously.

Consider proprietary corporate knowledge.

An employee may upload:

  • internal policies,
  • strategy documents,
  • board presentations,
  • client information,
  • or technical specifications

into external AI systems.

Even when no copyright violation occurs, governance concerns remain.

Questions emerge around:

  • confidentiality,
  • competitive advantage,
  • trade secrets,
  • data protection,
  • and information governance.

This expands the discussion far beyond intellectual property law.

The real issue becomes:

Can organisations maintain control over knowledge assets in a world where AI systems continuously absorb, process and reproduce information?


The Next Governance Frontier

For years, corporate governance discussions focused heavily on:

  • financial reporting,
  • risk management,
  • compliance,
  • cybersecurity,
  • ESG,
  • and operational resilience.

AI introduces a new layer.

The governance challenge is no longer merely controlling assets, capital and information.

It increasingly involves controlling:

  • data rights,
  • training rights,
  • digital knowledge,
  • algorithmic dependencies,
  • and intellectual property exposure.

Boards that ignore these developments may discover that some of their most valuable assets are no longer physical, financial or even human.

They are informational.

And information governance is rapidly becoming AI governance.

Lawsuits, Liability and the Rise of AI Intellectual Property Risk

The debate surrounding AI, copyright and data scraping is no longer theoretical.

For several years, the technology industry largely operated under an assumption that AI innovation would move faster than legal enforcement. Companies focused on:

  • model performance,
  • market share,
  • capital raising,
  • scaling infrastructure,
  • and product adoption.

Governance remained largely secondary.

That environment is changing rapidly.

Today, courts, regulators, publishers, authors, artists and software developers are increasingly asking a fundamental question:

Can AI companies build trillion-dollar businesses on intellectual property created by others without compensation?

The answer remains uncertain.

What is certain is that the governance implications are becoming increasingly material.


The New York Times vs AI

Perhaps the most widely known example is the legal action initiated by The New York Times.

The newspaper argues that AI systems were trained using copyrighted journalistic content and that model outputs may reproduce substantial portions of protected work.

Regardless of the eventual legal outcome, the case highlights an important governance reality.

The issue is no longer whether AI systems can technically access content.

The issue is whether organisations have a legal and economic right to use that content as training material.

For governance professionals, this distinction matters enormously.

Historically, organisations often focused on:

  • data availability,
  • data quality,
  • data security.

Increasingly they must also consider:

data legitimacy.

Where did the data originate?
Was consent obtained?
Was compensation appropriate?
Are ownership rights clear?

These questions are rapidly becoming governance questions rather than purely legal questions.


The Authors’ Revolt

The publishing industry provides another example.

Numerous authors have publicly challenged AI companies regarding the use of books in model training.

From a governance perspective, this conflict is fascinating because it exposes a clash between two fundamentally different views of value creation.

The AI industry’s perspective often resembles:

“We are creating something new by learning from existing information.”

Many creators respond:

“You are creating value by monetising content that we spent years producing.”

Neither side sees itself as acting unfairly.

That is precisely why governance becomes important.

Good governance exists largely to manage competing legitimate interests.

This mirrors earlier governance debates involving:

  • shareholders versus employees,
  • environmental costs versus economic growth,
  • privacy versus innovation,
  • competition versus regulation.

AI copyright disputes increasingly sit within that same category.


Software Developers Enter the Battlefield

The issue becomes even more complicated when software code is involved.

Many AI models have been trained on vast quantities of publicly available software repositories.

Some of this code was distributed under open-source licences.

Open source does not mean ownership disappears.

Many open-source licences include conditions regarding:

  • attribution,
  • redistribution,
  • modification,
  • and commercial use.

Governance questions therefore emerge:

  • Can AI-generated code reproduce licensed content?
  • Who owns AI-generated software?
  • Who becomes liable for infringement?
  • How should organisations verify code provenance?

These questions are particularly relevant because many organisations are rapidly adopting AI coding assistants.

The productivity gains can be extraordinary.

But governance requires understanding not only the benefits but also the liabilities.

The challenge increasingly resembles supply-chain governance.

Boards do not merely need visibility into what their organisation creates.

They need visibility into what their organisation depends upon.


The Fair Use Argument

One of the most important legal concepts in the debate is fair use.

The details vary across jurisdictions, but broadly speaking, fair use allows certain limited uses of copyrighted material without permission under specific circumstances.

AI companies frequently argue that model training represents transformative use rather than direct copying.

Critics argue the opposite.

They contend that:

  • massive copying occurred,
  • economic value was extracted,
  • and creators were not compensated.

The outcome of these disputes may ultimately reshape the economics of AI itself.

If courts increasingly require licensing arrangements, training costs could rise substantially.

That would affect:

  • profitability,
  • barriers to entry,
  • competitive dynamics,
  • and industry structure.

This is why boards should not dismiss copyright disputes as niche legal matters.

They potentially affect entire business models.


The Governance Parallel with ESG

An interesting comparison can be made with ESG.

For many years, environmental externalities were largely ignored by financial markets.

Companies could generate value while transferring certain costs elsewhere.

Eventually stakeholders began asking:

Who pays?

Who benefits?

Who bears the risks?

AI copyright disputes increasingly resemble this pattern.

The central question becomes:

Who should benefit economically from knowledge creation?

Historically, intellectual property systems attempted to answer this through:

  • patents,
  • copyright,
  • licensing,
  • and contractual arrangements.

AI challenges the boundaries of those frameworks.

In governance terms, we are witnessing a negotiation over economic rights in the digital age.


Vendor Risk Is Becoming Intellectual Property Risk

Many organisations assume intellectual property disputes are problems for AI vendors rather than users.

That assumption may prove optimistic.

Consider a familiar governance scenario.

A company adopts a third-party AI platform.

Years later:

  • litigation expands,
  • regulators intervene,
  • licensing structures change,
  • or legal precedents emerge.

Questions quickly arise:

  • Is the organisation exposed?
  • Are contractual protections sufficient?
  • Could services become restricted?
  • Are customer commitments affected?
  • Must disclosures be updated?

This transforms copyright disputes into vendor governance issues.

The same governance principles already apply in:

  • cloud computing,
  • outsourcing,
  • cybersecurity,
  • and sanctions compliance.

Boards increasingly recognise that third-party risk is still organisational risk.

AI should be viewed similarly.


The Data Provenance Problem

One of the most important governance concepts likely to emerge over the next decade is data provenance.

In simple terms:

Data provenance means understanding where data originated, how it was collected and how it moved through systems over time.

Financial reporting professionals will recognise the concept immediately.

A well-governed accounting environment requires traceability.

Auditors routinely ask:

  • Where did this number originate?
  • How was it transformed?
  • What evidence supports it?

AI governance increasingly requires similar discipline.

Future questions may include:

  • Where did the training data originate?
  • Which licences applied?
  • Which restrictions existed?
  • Were permissions obtained?
  • Has ownership been verified?

This may ultimately become as important as data quality itself.

Because data that is accurate but unlawfully obtained can still create major governance failures.


Why This Is Not Just a Legal Issue

One of the biggest governance mistakes would be to delegate the entire discussion to lawyers.

Lawyers are essential.

But governance requires broader thinking.

Boards must consider:

  • strategy,
  • reputation,
  • operational resilience,
  • stakeholder trust,
  • regulatory trends,
  • and long-term sustainability.

An organisation may technically win a legal argument while still losing:

  • customer trust,
  • investor confidence,
  • public legitimacy,
  • or competitive positioning.

History repeatedly demonstrates this.

Many governance crises begin as legal questions and evolve into legitimacy questions.

AI copyright disputes may follow exactly the same path.


The Rise of Knowledge Governance

Perhaps the most interesting development is that AI is forcing organisations to think differently about knowledge itself.

Historically, governance focused on:

  • financial assets,
  • physical assets,
  • people,
  • processes.

Increasingly, the most valuable corporate assets are:

  • data,
  • expertise,
  • intellectual property,
  • institutional knowledge,
  • and digital content.

AI sits directly at the intersection of all five.

This means the debate is gradually evolving beyond copyright.

The real question becomes:

How should organisations govern knowledge assets in an economy where machines can consume, analyse and reproduce information at unprecedented scale?

That question is likely to remain central long after current lawsuits are resolved.


From Legal Uncertainty to Governance Architecture

The current debate around AI, copyright and data scraping is often framed as a legal battle.

That is understandable.

After all, courts will ultimately decide many questions concerning:

  • copyright,
  • licensing,
  • fair use,
  • intellectual property ownership,
  • and liability.

Yet focusing solely on legal outcomes risks missing the bigger governance story.

History shows that whenever a new technology creates significant economic value, governance frameworks eventually emerge around it.

This happened with:

  • financial markets,
  • environmental regulation,
  • cybersecurity,
  • data privacy,
  • and corporate reporting.

AI is unlikely to be different.

The real question is not whether governance structures will emerge.

The real question is:

Which organisations will be prepared when they do?


The Next Evolution: From Scraping to Licensing

One possible future is surprisingly familiar.

Rather than unrestricted scraping, AI ecosystems may gradually evolve toward licensing frameworks.

In many industries, value chains already operate this way.

Music provides a useful example.

A streaming platform does not typically own:

  • the song,
  • the lyrics,
  • the composition,
  • or the recording.

Instead, rights holders receive compensation through licensing mechanisms.

The same principle could eventually emerge in AI.

Content creators might receive compensation for:

  • books,
  • journalism,
  • photographs,
  • software code,
  • research publications,
  • and specialised databases

used for AI training.

This would not eliminate AI innovation.

It would simply formalise economic relationships that currently remain unclear.

For boards and investors, that would reduce uncertainty.

Governance generally functions better when property rights are clear.


AI Royalties: Science Fiction or Inevitable?

An increasingly discussed concept is AI royalties.

The idea sounds radical today but would have seemed familiar to many industries throughout history.

AI copyright and data scraping

Imagine a future where:

  • publishers receive payments when their content contributes to training;
  • software developers receive compensation when code repositories are used;
  • researchers benefit from scientific knowledge incorporated into AI systems;
  • specialist content creators participate in value creation.

Such systems would be complex.

But complexity alone does not make them impossible.

Modern societies already manage:

  • copyright royalties,
  • patent licensing,
  • performance rights,
  • broadcasting rights,
  • and collective compensation systems.

The bigger challenge is attribution.

Unlike music streaming, AI models do not easily identify which individual source influenced a specific output.

That makes compensation mechanisms technically difficult.

But technical difficulty rarely prevents governance solutions forever.

Markets usually find a way when sufficient economic value exists.


Data Provenance May Become the New Audit Trail

One of the most important governance concepts likely to emerge from this debate is data provenance.

Financial reporting professionals already understand a similar principle.

A well-governed accounting system allows users to trace:

  • where numbers originated,
  • how they were transformed,
  • who approved them,
  • and how conclusions were reached.

Future AI governance may increasingly require similar traceability for data itself.

Questions may include:

  • Where did the training data originate?
  • Which licences applied?
  • Which restrictions existed?
  • What permissions were obtained?
  • Has ownership been verified?

This effectively creates a form of digital chain-of-custody.

In auditing, weak audit trails create control weaknesses.

In AI governance, weak data provenance may increasingly create:

  • legal risks,
  • compliance risks,
  • reputational risks,
  • and strategic risks.

Data provenance may eventually become as important as data quality.

Because information that is accurate but improperly sourced can still create significant governance failures.


AI Due Diligence Will Become a Board Responsibility

Today, organisations routinely perform due diligence in areas such as:

AI copyright and data scraping
  • acquisitions,
  • suppliers,
  • cybersecurity,
  • sanctions compliance,
  • environmental risk,
  • and financial reporting.

AI governance may require a similar discipline.

Before adopting an AI platform, boards and audit committees may increasingly ask:

  • What data was used to train the model?
  • How is intellectual property managed?
  • What litigation exposure exists?
  • Which jurisdictions are affected?
  • What contractual protections apply?
  • What happens if regulations change?

These questions resemble vendor governance more than technology governance.

And that distinction matters.

The greatest risks may not originate inside the organisation itself.

AI copyright and data scraping AI intellectual property, AI copyright risk, data scraping governance, AI licensing, AI vendor risk, AI governance framework, data provenance, AI legal risk, AI compliance, knowledge governance, AI regulation, intellectual property governance

AI copyright and data scraping AI copyright and data scraping AI copyright and data scraping AI copyright and data scraping AI copyright and data scraping AI copyright and data scraping AI copyright and data scraping AI copyright and data scraping AI copyright and data scraping AI copyright and data scraping

They may originate within third-party AI ecosystems upon which organisations increasingly depend.


The Emerging Role of Audit Committees

Audit committees are likely to become increasingly involved in AI-related intellectual property governance.

Historically, audit committees focused on:

  • financial reporting,
  • internal controls,
  • fraud prevention,
  • compliance,
  • and risk management.

AI increasingly touches all of these areas.

Consider a seemingly simple example.

An AI-assisted reporting tool is used to:

  • summarise management reports,
  • analyse contracts,
  • review disclosures,
  • or support financial reporting.

Questions may arise:

  • Is the source data reliable?
  • Is confidential information protected?
  • Can outputs be verified?
  • Are intellectual property rights respected?
  • Are audit trails available?

These are not purely technical questions.

They are governance questions.

As AI becomes embedded into operational processes, audit committees may increasingly oversee:

  • AI governance frameworks,
  • data governance,
  • intellectual property risk,
  • and AI-related control environments.

The Trade Secret Challenge

Copyright is only one side of the story.

Many organisations possess valuable information that is not protected primarily by copyright.

Instead, value resides in:

  • know-how,
  • methodologies,
  • client knowledge,
  • pricing structures,
  • strategy documents,
  • technical expertise,
  • and operational experience.

These assets often qualify as trade secrets.

The challenge is that employees increasingly interact with external AI systems.

A well-intentioned employee might upload:

  • internal policies,
  • governance manuals,
  • strategic analyses,
  • client documentation,
  • or technical procedures

into an AI platform to obtain assistance.

No malicious intent exists.

Yet competitive value may still leave the organisation.

This creates a governance issue that extends beyond copyright law entirely.

The challenge becomes:
How do organisations preserve proprietary knowledge in AI-enabled environments?

That question is likely to become increasingly important.


AI Governance Is Becoming Knowledge Governance

One reason this topic matters so much is that AI fundamentally changes the economics of knowledge.

Historically, organisations created value by combining:

  • capital,
  • labour,
  • assets,
  • and expertise.

Increasingly, expertise itself becomes the asset.

And AI systems operate directly on expertise.

This means governance is evolving.

Traditional governance focused heavily on:

Future governance will increasingly include:

  • data stewardship,
  • intellectual property stewardship,
  • knowledge stewardship,
  • and algorithmic stewardship.

This is a profound shift.

Many boards have already developed:

  • cyber committees,
  • ESG oversight,
  • digital transformation programmes.

The next evolution may involve governance structures focused specifically on knowledge assets.


Lessons from Cybersecurity

Cybersecurity offers an instructive comparison.

Twenty years ago many organisations viewed cybersecurity primarily as an IT issue.

Today it is clearly a board issue.

Why?

Because cybersecurity ultimately concerns:

  • trust,
  • resilience,
  • reputation,
  • operational continuity,
  • and stakeholder confidence.

AI governance appears to be following a similar path.

Initially the discussion focused on:

  • technology,
  • innovation,
  • capability.

Increasingly it focuses on:

  • accountability,
  • ownership,
  • rights,
  • transparency,
  • and governance.

That transition is highly significant.

Because once a topic becomes a trust issue, it inevitably becomes a board issue.


What Boards Should Do Today

The legal landscape remains uncertain.

Waiting for perfect clarity is therefore unrealistic.

Boards can nevertheless begin strengthening governance immediately.

Practical actions include:

Map AI dependencies

Understand where AI is already used throughout the organisation, including shadow AI and third-party tools.

Assess intellectual property exposure

Identify where proprietary content, client data or confidential information may interact with AI systems.

Strengthen data governance

Ensure ownership, permissions and usage rights are documented clearly.

Review vendor contracts

Evaluate contractual protections relating to:

  • copyright,
  • indemnification,
  • confidentiality,
  • and regulatory change.

Build AI literacy

Directors do not need to become AI engineers. They do need sufficient understanding to challenge management assumptions effectively.

Establish governance accountability

Determine which committees and executives are responsible for AI-related intellectual property and data governance risks.

These actions will remain valuable regardless of how courts ultimately decide current disputes.


Conclusion — The Next Governance Battlefield

The debate surrounding AI, copyright and data scraping is often portrayed as a conflict between technology companies and content creators.

That description is too narrow.

What we are really witnessing is a broader negotiation about ownership, value creation and accountability in a knowledge-driven economy.

AI did not create these questions.

It simply made them impossible to ignore.

The organisations that navigate this transition successfully will not necessarily be those with the largest models or the fastest deployment.

They will be those capable of governing:

  • knowledge,
  • data,
  • intellectual property,
  • and trust

with the same discipline that previous generations applied to:

  • financial capital,
  • operational assets,
  • and corporate reporting.

Because the next major governance battlefield may not concern factories, financial instruments or supply chains.

It may concern information itself.

And in an AI-driven economy, information is rapidly becoming the most valuable asset of all.

FAQ’s – AI intellectual property

FAQ 1 – What is data scraping and why is it controversial in AI?

Greggs UK retail strategy

Data scraping is the automated collection of information from websites, databases and other digital sources. For many years, scraping was commonly used by search engines, comparison websites and researchers. The rise of generative AI has changed the scale dramatically.

Large AI models are often trained on enormous datasets containing:
– books,
– articles,
– websites,
– software code,
– images,
– and public online content.

The controversy arises because much of that content was created by third parties who may not have granted explicit permission for AI training purposes.

Supporters argue that AI systems learn from information similarly to humans reading books and articles. Critics argue that large-scale copying, storage and processing of copyrighted material goes far beyond ordinary learning.

From a governance perspective, the question is not merely legal. It concerns:
– ownership,
compensation,
– accountability,
– and economic value creation.

Boards increasingly need to understand whether AI systems rely on content that may later become subject to litigation, licensing requirements or regulatory intervention.

FAQ 2 – Why should boards care about AI copyright disputes?

Greggs UK retail strategy

Many organisations initially view copyright disputes as matters for legal departments. In reality, they increasingly create strategic governance risks.

An organisation may adopt a third-party AI platform believing it is merely purchasing technology. Years later, courts or regulators may conclude that the platform relied on improperly sourced training data.

Potential consequences include:
– litigation,
– licensing costs,
– operational restrictions,
– reputational damage,
– vendor instability,
– and changing regulatory obligations.

This is similar to other governance areas where organisations rely on third parties, such as:
– cloud computing,
outsourcing,
– cybersecurity providers,
– and supply-chain partners.

Boards do not need to become intellectual property specialists. They do need to understand their organisation’s exposure.

Good governance increasingly requires asking:
– Where did the data originate?
– What rights exist?
– What contractual protections apply?
– How dependent are we on specific AI vendors?

AI copyright risk is rapidly evolving into a boardroom issue rather than merely a legal issue.

FAQ 3 – What is data provenance and why will it become important?

Hannah Ritchie climate book

Data provenance refers to the ability to trace where data originated, how it was collected and how it moved through systems over time.

Financial professionals may recognise a similar concept from auditing. Auditors routinely require evidence showing:
– where figures originated,
– how calculations were performed,
– and how conclusions were reached.
AI governance increasingly requires similar traceability.

Future governance questions may include:
– Where did the training data originate?
– Was permission obtained?
– Which licences applied?
– Were restrictions respected?
– Can ownership be demonstrated?

Data provenance effectively becomes a digital chain of custody for information.

This matters because data can be technically accurate yet still create governance problems if it was obtained improperly.

As AI regulation matures, organisations may need increasingly sophisticated documentation around:
– data sources,
– licensing arrangements,
– ownership rights,
– and usage permissions.

Data provenance could become as important to AI governance as audit trails are to financial reporting.

FAQ 4 – How does AI affect intellectual property beyond copyright?

realistic climate optimism

Copyright receives most media attention, but the governance challenge extends much further.

Many organisations create value through:
– methodologies,
– pricing models,
– governance frameworks,
– technical expertise,
– client knowledge,
– and internal procedures.

These assets are often protected as trade secrets rather than copyrighted works.

The challenge is that employees increasingly interact with external AI platforms. Without malicious intent, staff may upload:
– board papers,
– policies,
– procedures,
– client documents,
– or strategic analyses
into AI tools to obtain assistance.

In doing so, valuable organisational knowledge may leave controlled environments.

The governance issue therefore becomes broader than copyright law. It concerns:
– confidentiality,
– competitive advantage,
– knowledge protection,
– and information stewardship.

Boards increasingly need policies governing which information may interact with external AI systems and under what circumstances.

Future AI governance may be as much about protecting knowledge assets as it is about protecting intellectual property rights.

FAQ 5 – Could AI eventually require licensing and royalty systems?

polder model’s problems

Many governance experts believe AI may gradually move toward licensing frameworks similar to those already used in music, publishing and broadcasting.

Today, AI systems often train on enormous volumes of third-party content. Creators increasingly argue that value is being extracted without adequate compensation.

Possible future models include:
– content licensing agreements,
– collective compensation mechanisms,
– royalty structures,
– industry-wide training rights,
– or AI-specific intellectual property frameworks.

Such systems would not necessarily slow innovation. Instead, they could create greater certainty around ownership and value distribution.

The challenge lies in attribution.

Unlike music streaming, AI models do not easily reveal which individual source contributed to a specific output. This makes compensation technically difficult.

However, history suggests that when sufficient economic value exists, markets eventually develop governance structures around ownership and compensation.

Boards should therefore monitor developments closely, as future licensing frameworks could materially affect AI economics, vendor strategies and organisational costs.

FAQ 6 – What practical actions should boards take today?

can the polder model be renewed

The legal landscape surrounding AI, copyright and data scraping remains uncertain. Waiting for complete clarity is therefore not a realistic governance strategy.

Boards can already take practical steps.

These include:
– mapping AI dependencies,
– identifying third-party AI vendors,
– reviewing intellectual property exposure,
– strengthening data governance,
– assessing confidentiality risks,
– and improving AI literacy among directors.

Particular attention should be paid to:
– vendor contracts,
– indemnification clauses,
– ownership provisions,
– licensing obligations,
– and regulatory developments.

Organisations should also evaluate how employees interact with AI tools and whether sensitive information could inadvertently leave controlled environments.

Most importantly, boards should recognise that AI governance increasingly overlaps with knowledge governance.

The most valuable organisational assets are often no longer physical assets or financial capital. Increasingly, they consist of:
– data,
– expertise,
– intellectual property,
– and institutional knowledge.

Protecting and governing those assets may become one of the most important board responsibilities of the AI era.

AI copyright and data scraping