97 Percent Accuracy, Then a Patent Cease-and-Desist

An AI agency in Austin delivered a computer vision system to a manufacturing client. The project was a technical success — the system detected product defects with 97% accuracy. Six months later, the agency received a cease-and-desist letter from a competitor claiming the system infringed on their patent for a specific defect detection methodology. The agency's contract with the client included a broad indemnification clause — the agency agreed to indemnify the client for any IP infringement claims. The legal defense cost $180,000, and the settlement cost another $250,000. The agency had never checked for relevant patents before developing the solution, and the contract's indemnification clause had been signed without legal review.

Legal operations for AI agencies encompasses contracts, intellectual property, employment law, regulatory compliance, and risk management. Most agency founders are technical or business-minded, not legal experts. But legal issues have an outsized impact on agency health — a single bad contract clause, missed regulatory requirement, or IP dispute can cost more than a year's profit.

Core Legal Documents

Client Contracts

Master Service Agreement (MSA): The foundational contract governing the relationship between your agency and a client. Key provisions:

Scope and services:

• Define services at a high level in the MSA
• Reference specific Statements of Work (SOWs) for individual project details
• Reserve the right to modify delivery approach as long as the outcome is achieved

Pricing and payment:

• Payment terms (net-30 recommended as default)
• Late payment penalties
• Expense reimbursement policy
• Rate adjustment provisions for multi-year agreements

Intellectual property: This is the most important and most negotiated section of any AI agency contract.

• Work product ownership: Define who owns the custom work product (models, code, deliverables) created for the client. Common approaches:
• Assignment: Client owns all work product. Simple but limits your ability to reuse approaches.
• License: You retain ownership and grant the client a perpetual, exclusive license. Allows you to reuse underlying techniques.
• Hybrid: Client owns the custom deliverables. You retain ownership of pre-existing tools, frameworks, and methodologies with a license for the client's use.

• Pre-existing IP: Clearly carve out your pre-existing intellectual property — tools, frameworks, libraries, and methodologies that you bring to the engagement. The client gets a license to use them as part of the deliverable, but you retain ownership.

• Open source: Address the use of open source software. Clarify that open-source components retain their original licenses.

Confidentiality:

• Mutual NDA provisions protecting both parties' confidential information
• Define what constitutes confidential information
• Duration of confidentiality obligations (typically 2-5 years)
• Exceptions (publicly available information, independently developed, etc.)

Data handling:

• Client data ownership and permitted uses
• Data security obligations
• Data return and deletion at project completion
• Compliance with applicable privacy laws

Limitation of liability:

• Cap your liability (typically at the fees paid under the contract or some multiple thereof)
• Exclude consequential and indirect damages
• Carve out exceptions for IP infringement, confidentiality breaches, and willful misconduct

Indemnification:

• Mutual indemnification for third-party claims arising from each party's breach of the agreement
• Be cautious with IP indemnification — avoid unlimited IP indemnification commitments
• Ensure indemnification is proportional to fees and risk

Termination:

• Either party can terminate with 30-60 days written notice
• Immediate termination for material breach (with cure period)
• Payment for work completed through termination date
• Transition support obligations

Dispute resolution:

• Preferred method: mediation, then arbitration (faster and less expensive than litigation)
• Governing law and jurisdiction

Statement of Work (SOW)

Individual project agreements under the MSA:

• Detailed project scope and deliverables
• Timeline and milestones
• Team composition and roles
• Pricing (fixed price, T&M, retainer)
• Acceptance criteria for deliverables
• Change control process

Non-Disclosure Agreement (NDA)

Used before the MSA is signed, during sales and discovery:

• Mutual NDA (both parties share confidential information)
• Define confidential information broadly
• 2-3 year duration
• Standard exceptions
• Remedies for breach

Employment Agreements

For every employee:

• At-will employment (in at-will states)
• Job description and responsibilities
• Compensation and benefits
• Confidentiality and non-disclosure obligations
• Invention assignment (all work-related inventions belong to the agency)
• Non-compete and non-solicitation (where enforceable — consult local law)
• Termination provisions

Contractor Agreements

For every contractor:

• Scope of work
• Payment terms
• Confidentiality obligations
• IP assignment (all work product belongs to the agency)
• Independent contractor status confirmation (important for classification compliance)
• Termination provisions

Intellectual Property Strategy

Protecting Your IP

What to protect:

• Proprietary frameworks and methodologies
• Internal tools and accelerators
• Training data and model architectures (where applicable)
• Business processes and trade secrets
• Brand and trademarks

How to protect:

• Contracts: Ensure every client contract preserves your ownership of pre-existing IP and general knowledge
• Trade secrets: Maintain confidentiality of proprietary methods through NDAs, access controls, and employee agreements
• Copyright: Your code and documentation are automatically copyrighted. Register copyright for significant works.
• Patents: Consider patents for truly novel AI techniques or methods. Patent protection is expensive ($15,000-50,000+ per patent) and time-consuming (2-4 years) but can be valuable for highly differentiated IP.
• Trademarks: Register your agency name, product names, and logos as trademarks.

Managing Open Source

AI development relies heavily on open source software. Managing open source compliance is essential:

License types to know:

• Permissive (MIT, Apache, BSD): Allow commercial use with minimal restrictions. Generally safe for agency work.
• Copyleft (GPL, AGPL): Require derivative works to be distributed under the same license. Can create problems for client deliverables.
• Commercial: Paid licenses that may restrict use in client projects.

Open source policy:

• Maintain an approved list of open source licenses for client work
• Require review before using copyleft-licensed software in client deliverables
• Document all open source components used in each project
• Ensure license compliance (attribution, license inclusion, source availability where required)

Employment Law

Compliance Essentials

• Classification: Properly classify workers as employees or contractors. Misclassification creates significant legal and tax liability. Use the IRS guidelines and state-specific rules.
• Wage and hour: Comply with federal and state wage and hour laws. Understand overtime requirements for non-exempt employees.
• Anti-discrimination: Comply with federal and state anti-discrimination laws in hiring, compensation, and termination.
• Leave requirements: Comply with FMLA, state leave laws, and your own PTO policies.
• At-will employment: Understand the limitations of at-will employment in your jurisdiction.
• Termination: Follow proper procedures for termination to minimize legal risk. Document performance issues, follow your PIP process, and consult legal counsel before terminating.

Remote Work Legal Considerations

Remote employees create legal complexity:

• State tax nexus: Having an employee in a state may create tax obligations in that state
• Employment law: The employee's state's employment laws may apply, even if your agency is based elsewhere
• Workers compensation: You may need workers comp coverage in the employee's state
• Business registration: Some states require registration if you have employees working there

Insurance

Essential Coverage

• General liability: Covers bodily injury and property damage claims. $1-2 million per occurrence is standard.
• Professional liability (E&O): Covers claims of negligence, errors, or omissions in your professional services. $1-2 million per occurrence. This is your most important coverage.
• Cyber liability: Covers data breaches, cyber attacks, and related costs (notification, forensics, legal defense, regulatory fines). $1-2 million minimum, higher if you handle sensitive data.
• Workers compensation: Required in most states if you have employees.
• Employment practices liability (EPLI): Covers claims of discrimination, harassment, wrongful termination, and other employment-related issues.

Optional but Recommended

• Directors and officers (D&O): Covers claims against company leadership. Important if you have investors or an advisory board.
• Key person insurance: Life and disability insurance on key individuals whose loss would significantly impact the business.
• Commercial property: If you have office space or significant equipment.

Building Legal Operations

At Small Scale (Under 15 People)

• Outside counsel: Relationship with a business lawyer who reviews contracts, advises on employment issues, and handles disputes
• Standard templates: MSA, SOW, NDA, employment agreement, and contractor agreement reviewed by counsel
• Basic compliance: Proper worker classification, employment law compliance, insurance coverage
• Annual legal budget: $10,000-25,000

At Mid Scale (15-35 People)

• Outside counsel: Same as above, with more frequent engagement
• Contract management: Centralized repository for all contracts with tracking of key terms and renewal dates
• IP management: Regular review of IP protection strategies, open source compliance
• Compliance program: Documented policies for data handling, privacy, and security
• Annual legal budget: $25,000-75,000

At Larger Scale (35+ People)

• In-house legal (or fractional general counsel): Regular legal support for contracts, employment, IP, and compliance
• Contract management system: Dedicated tool for contract lifecycle management
• Compliance infrastructure: Formal compliance program with training, monitoring, and auditing
• IP portfolio management: Active management of trademarks, patents (if applicable), and trade secret protection
• Annual legal budget: $75,000-200,000+

Your Next Step

This week:

• Review your standard client contract. When was it last updated? Has a lawyer reviewed it?
• Check that every employee has a signed employment agreement with confidentiality, invention assignment, and non-solicitation provisions.
• Verify your insurance coverage — do you have E&O, cyber liability, and appropriate limits?

This month:

• Have your standard contracts (MSA, SOW, NDA, employment agreement, contractor agreement) reviewed by a business lawyer experienced with technology services.
• Implement a contract repository so all signed agreements are stored in one place with key terms tracked.
• Review your open source usage and create an approved license list.

This quarter:

• Conduct a legal compliance audit covering employment law, data privacy, IP protection, and insurance.
• Build a contract management process with defined approval workflows and renewal tracking.
• Engage with a lawyer to develop an IP protection strategy for your most valuable assets.
• Review and update your insurance coverage based on your current risk profile.

Legal operations may feel like a cost center, but it is actually risk management — the practice of preventing expensive problems before they occur. An agency that invests modestly in legal infrastructure avoids the catastrophic costs of contract disputes, IP claims, employment lawsuits, and compliance penalties. Prevention is always cheaper than cure.