Skip to content

Menu

Network by SubjectChannelsBlogsHomeAboutContact
AI Legal Journal logo
Subscribe
Search
Close
PublishersBlogsNetwork by SubjectChannels
Subscribe

AI Governance Is Not Just a Policy Problem – Your Contracts Matter

By Kathryn Rattigan on June 12, 2026
Email this postTweet this postLike this postShare this post on LinkedIn

AI governance is often discussed through the lens of policies, frameworks, and responsible AI principles. Those tools matter, but they are not where many of the most important AI decisions are actually being made. In practice, AI governance is increasingly happening in contracts. Vendor agreements now decide who can use data, whether customer inputs may be used for training, what rights exist around outputs, what evidence a vendor must provide, and when a customer can suspend or terminate use. Those are not just legal terms. They are operational controls.

This shift matters because AI contracts are moving from broad, aspirational language to more specific governance mechanisms. The most important example is training rights. Using data to provide a service is very different from using data to improve a model, and both are different from using that data to improve a model offered to other customers. When agreements blur those distinctions, they quietly allocate risk and value in ways that may not be obvious. Clear definitions of inputs, outputs, training, fine-tuning, and permitted use are now central to responsible AI contracting.

The practical takeaway is simple: if you want to understand an organization’s AI governance posture, read its contracts. Strong agreements do more than prohibit risky conduct. They create verifiable controls, event-based audit rights, traceability, escalation paths, and clear permissions. In many cases, better contracts can move deals faster because they give legal, security, procurement, and business teams concrete terms to evaluate. AI governance has not disappeared. It has moved into the agreement, and that is where organizations need to focus their attention.

For organizations of all types and sizes, the next step is to treat AI contract review as a core part of AI governance, not a back-end procurement exercise. Before adopting or renewing an AI tool, make sure the agreement clearly answers the key governance questions: what data can be used, for what purpose, with what limits, and with what accountability if something goes wrong.

Photo of Kathryn Rattigan Kathryn Rattigan

Kathryn Rattigan is a member of the Business Litigation Group and the Data Privacy and Security Team. She concentrates her practice on privacy and security compliance under both state and federal regulations and advising clients on website and mobile app privacy and…

Kathryn Rattigan is a member of the Business Litigation Group and the Data Privacy and Security Team. She concentrates her practice on privacy and security compliance under both state and federal regulations and advising clients on website and mobile app privacy and security compliance. Kathryn helps clients review, revise and implement necessary policies and procedures under the Health Insurance Portability and Accountability Act (HIPAA). She also provides clients with the information needed to effectively and efficiently handle potential and confirmed data breaches while providing insight into federal regulations and requirements for notification and an assessment under state breach notification laws. Prior to joining the firm, Kathryn was an associate at Nixon Peabody. She earned her J.D., cum laude, from Roger Williams University School of Law and her B.A., magna cum laude, from Stonehill College. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

Read more about Kathryn Rattigan
Show more Show less
  • Posted in:
    Intellectual Property
  • Blog:
    Data Privacy + Cybersecurity Insider
  • Organization:
    Robinson & Cole LLP
  • Article: View Original Source
LexBlog logo
Copyright © 2026, LexBlog. All Rights Reserved.
Legal content Portal by LexBlog LexBlog Logo