When a founder tells me their AI was trained on “public data,” my first reaction is not to take that phrase at face value. As an investor, I've seen the phrase used as a shield — sometimes legitimately descriptive, sometimes a way to dodge messy legal and ethical questions. Public data can mean many things, and the legal risks vary wildly depending on source, licensing, scraping practices, and the downstream product. Below are the questions I always ask startups to surface hidden copyright, licensing, and compliance risks before I consider writing a check.
What exactly do you mean by “public data”?
“Public” is not a legal term with a single meaning. I ask teams to define it precisely. Does it mean:
The distinction matters. Publicly viewable content can still be subject to copyright and contractual restrictions that affect how it may be used, especially for training models intended for commercial use.
What sources did you use and how did you document them?
I want a clear inventory. Ask for:
Good documentation reduces uncertainty. If a startup can’t produce records for the data pipeline, that’s a red flag: absence of provenance makes it harder to remediate later if a claim arises.
Were any explicit licenses checked and respected?
Different datasets carry different licenses. Creative Commons licenses, for example, come in many flavors — some allow commercial use, some require attribution, and some require derivative works to be shared under the same terms. I ask teams whether they performed a license audit and how they handled incompatible licenses.
If a dataset contained a CC-NC (non-commercial) clause but the startup intends to monetize a model trained on it, there’s an obvious conflict. Startups should show how they filtered or excluded such content and demonstrate the tooling or manual review used for that purpose.
How did you handle paywalled or subscription content?
Many news organizations and journals are behind paywalls. Scraping or using that content without permission can trigger both copyright and contract claims. I ask teams to state whether they used any paywalled sources and, if so, what licenses or agreements were obtained. If a model was trained on scraped paywalled content without permission, that’s a material liability.
Did you obtain any third-party licenses or data vendor agreements?
Sometimes startups buy datasets from vendors (e.g., LexisNexis, Factiva, or specialized corpora). I request copies of those contracts. Key points I look for:
If a vendor’s contract doesn’t include explicit rights for model training and commercial output, the startup may be exposed. Insist on seeing the actual agreements, not just verbal assurances.
Did you follow site terms of service and robots.txt when scraping?
Terms of service (ToS) and robots.txt files can limit scraping. While the legal enforceability of ToS varies by jurisdiction, violating them can still bring litigation or takedown demands. I ask:
Admitting to bypassing access controls is a severe risk sign. It often correlates with higher legal and reputational exposure.
Did you remove copyrighted content or personal data during preprocessing?
Data hygiene matters. I ask teams how they handled copyrighted excerpts, copyrighted images, and potentially sensitive personal data. Techniques I expect to see include:
If a dataset still includes large portions of single copyrighted works (like entire books), that’s a glaring risk. The startup should explain whether it used deduplication, chunking, or redaction to mitigate that.
Have you consulted legal counsel experienced in copyright and AI?
Given the evolving case law — from Authors Guild v. Google to recent lawsuits involving OpenAI and Stability AI — startups should have legal advice tailored to training data issues. I want to know:
Legal opinions aren’t a silver bullet, but they show the founders are thinking proactively and understand potential liabilities.
How do you handle downstream outputs that may reproduce copyrighted material?
Even if training was lawful, a model that reproduces verbatim copyrighted text or identifiable images can trigger infringement claims. I ask about safety features and guardrails, such as:
Startups working on generative text or image models should have mechanisms for detecting and preventing near-exact reproductions of copyrighted works.
What’s your plan for takedown requests or claims?
A responsible company has an incident response and takedown workflow. I look for documented processes to:
Being able to act quickly reduces legal exposure and signals maturity to investors and customers.
What are the insurance and indemnity arrangements?
Ask whether the startup has errors-and-omissions (E&O) or intellectual property insurance that explicitly covers training data and model outputs. Insurance won’t cover everything, but having limits appropriate to the risk profile is important. Also ask about indemnities in customer contracts — does the company offer indemnities that could magnify exposure?
Have you benchmarked against industry precedents and the litigation landscape?
I want to see that founders know the broader environment: ongoing lawsuits, major settlements, and regulatory developments. Are they tracking cases like the ones involving replicating copyrighted images or training models on scraped content? Are they monitoring legislative efforts in the EU, UK, or US that could change permissible uses? Startups that ignore the legal news are more likely to be blindsided.
Can you provide a risk summary and a remediation roadmap?
Finally, I expect a candid risk assessment. Rather than being defensive, good founders present a clear, prioritized list of risks and a remediation plan with timelines and costs. That might include re-scrubbing datasets, obtaining licenses for high-risk sources, deploying output filters, or purchasing insurance.
Investing is about managing uncertainty. When a startup says “we used public data,” my follow-up questions are designed to turn vagueness into measurable risk. If founders can show documentation, legal review, and practical mitigation steps, I’m far more comfortable backing them. If answers are evasive or incomplete, that “public data” claim becomes a red flag — not because training on public sources is inherently wrong, but because ambiguity around provenance and permissions is where the hidden copyright risk lives.