Skip to content 
Artificial intelligence tools are now embedded in the day-to-day operations of most Melbourne businesses – from marketing automation and customer service chatbots to contract drafting assistance and financial modelling. And most of those tools were adopted faster than the contracts governing their use were reviewed.
That gap is a legal risk. Here’s what to look for before you sign, and what to check in agreements you’ve already committed to.
Who Owns What the AI Produces?
Intellectual property ownership in AI-generated outputs is one of the most contested and rapidly evolving areas of technology law. When your team uses an AI tool to generate copy, code, designs, or analysis, several questions arise:
- Does the AI vendor claim any ownership or licence over the outputs?
- If the model was trained on third-party data, are there IP risks in the outputs?
- Does your business need to disclose AI use to clients or regulators?
- Do your employment contracts address who owns AI-assisted work produced by your team?
Many SaaS and AI tool agreements contain provisions that are easy to miss – rights to use your data to train models, restrictions on commercial use of outputs, or limitations on liability for outputs that infringe third-party rights.
Data Privacy and AI: The Australian Context
Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, businesses handling personal information have obligations around collection, use, storage, and disclosure. When you feed customer data, employee data, or sensitive business information into an AI tool, you’re potentially triggering those obligations.
Key questions to ask before deploying any AI tool that handles personal information:
- Where is the data processed and stored – is it within Australia, or transferred overseas?
- Does the vendor’s privacy policy permit them to use your data beyond delivering the service?
- What data retention and deletion practices does the vendor follow?
- Is the tool covered by your existing privacy policy and data handling disclosures?
Failing to address these questions before deployment is much more costly to fix after a privacy incident.
SaaS Liability Clauses: What You’re Actually Agreeing To
Standard SaaS agreements are written by vendors, for vendors. The liability provisions almost universally favour the platform. Common issues to watch for:
- Liability caps – many agreements cap the vendor’s liability at the fees paid in the prior month or year, regardless of the damage caused
- Exclusion of consequential loss – if a platform outage or data breach costs your business clients or revenue, you may have no claim for those losses
- Unilateral variation rights – many agreements allow the vendor to change terms, pricing, or features on relatively short notice
- Termination and data access – what happens to your data if the vendor terminates the agreement, or you do? What are the data return and deletion timelines?
For low-value tools, these provisions may be acceptable risks. For tools that are operationally critical or handle sensitive data, negotiation is often possible – especially for business customers.
AI in Client-Facing Work: Disclosure and Professional Obligations
If you’re using AI tools in delivering services to clients – drafting documents, producing analysis, generating recommendations – there are questions around disclosure that vary by profession and context. Legal, financial, medical, and accounting services each have their own regulatory frameworks that may intersect with AI use.
Beyond regulatory requirements, there’s a commercial and reputational dimension: clients increasingly want to know whether AI was involved in work they’ve paid for. Getting ahead of this conversation – through clear terms of engagement and sensible disclosure practices – is better than having it forced upon you.
Building AI Into Your Legal Infrastructure
The businesses best positioned for AI adoption are those that treat it as a legal and operational matter, not just a technology decision. That means:
- Reviewing vendor agreements before adoption, not after
- Establishing internal policies for AI tool use by employees
- Ensuring IP assignment clauses in employment contracts are fit for purpose
- Building AI disclosure and data handling into client engagement terms
None of this needs to slow down adoption. It just needs to happen in parallel.
The Practical Takeaway
AI is moving fast. The legal infrastructure around it is catching up. Melbourne businesses that take a structured approach to AI contracts and data governance now will be better placed as regulation tightens and disputes emerge.
At Morcos Law Group, we work with technology businesses, startups, and scaling companies to review and negotiate technology agreements, build IP protection strategies, and navigate the evolving regulatory landscape around AI.