๐Ÿ”AI RiskAtlas
โ† Risk Taxonomy
#20

IP infringement

Risk taxonomy

Definition

Data provided as input to a Gen AI system or product is used to create output/content that violates IP rights owned by another individual, organisation, or entity.

Controls & guardrails that address this

5

Grouped by control function, with the AI lifecycle stage(s) to apply each and the other risks it addresses. Filter by control category below.

Control category
Preventive ยท 4
Preliminary IP risk assessment of data sources

Conduct a preliminary IP risk assessment for all planned training data sources at design stage.

Lifecycle stage1 โ€“ Use Case Context & Design
IP rights verification and licensing at acquisition

Verify IP rights for all training data at acquisition. Obtain licences or waivers before incorporating protected material.

Lifecycle stage2 โ€“ Data Acquisition & Processing
Output filters suppressing IP-protected content

Implement output filters to detect and suppress reproduction of IP-protected content.

Lifecycle stage3 โ€“ Onboarding, Build & Review
Output sampling for near-verbatim training reproduction

Sample model outputs for near-verbatim reproduction of training data during build-stage legal review.

Lifecycle stage3 โ€“ Onboarding, Build & Review
Detective ยท 1
Production monitoring of IP infringement complaints

Monitor production outputs for IP infringement incidents. Log and investigate all IP complaints within defined SLA.

Lifecycle stage5 โ€“ Usage, Monitoring & Change
Open these in the Control Library โ†’

Other risks in Legal & Regulatory

AI RiskAtlas is an educational model of how GenAI & agentic systems work and fail. Architectures and payloads are illustrative and simplified for learning โ€” not operational guidance. Real-world cases are summarised from public reporting.

Sources & further reading โ†’ยทBuilt by Shi Yuan โ†—