Foundation Model Liability

Foundation model liability is the legal exposure that attaches to the developers of large general-purpose AI models (OpenAI, Anthropic, Google DeepMind, Meta, Mistral, and similar firms) and, derivatively, to the enterprises that build downstream applications on those models. The liability runs in two directions. Direct claims target the developer for the model's training (copyright infringement claims like Bartz v. Anthropic and Thomson Reuters v. ROSS) and for the model's outputs in deployed contexts the developer controls. Downstream claims target the deployer that put the model into production, with potential indemnification from the developer under enterprise contracts.

The model developer's exposure is concentrated in training-data copyright, model output safety, and regulatory action under emerging frameworks like the EU AI Act. The largest financial events to date have been training-data settlements: Anthropic's $1.5 billion Bartz settlement in 2025 is the bellwether, and similar matters are pending against several other major developers. The developer's insurance program typically includes Directors and Officers, professional liability, IP-specific coverage, and increasingly bespoke wordings for AI-specific exposures that traditional carriers were not built to write.

The deployer's exposure depends on what the deployer did with the model. A SaaS company that exposed a foundation model directly to end users with minimal scaffolding inherits substantial exposure for the model's outputs. An enterprise that fine-tuned a model and embedded it in a regulated workflow takes on additional exposure proportional to the regulatory environment. Vendor indemnifications (Microsoft Copilot Copyright Commitment, Google Cloud Generative AI Indemnification, OpenAI's enterprise indemnity, Anthropic's commercial Claude indemnity for API and Claude for Work or Enterprise customers) cover narrow slices of the deployer's exposure, primarily IP infringement on the specific vendor's service.

Generative AI Liability insurance for deployers fills the gap that contracts and older insurance forms leave open. The policy responds to the deployer's third-party liability across hallucination, IP infringement and personal injury, unauthorized data disclosure, regulatory defense, and narrow bodily injury and property damage agreements. It coordinates with the foundation model vendor's indemnification (and with the deployer's own Cyber and Tech E&O) through an Other Insurance clause rather than replacing those layers.