The integration of artificial intelligence into Architecture, Engineering, and Construction (AEC) workflows is accelerating at an unprecedented pace. However, this rapid adoption is outpacing the evolution of contract law and professional liability frameworks. For AEC professionals, the question is no longer just how to use AI, but whether using it constitutes a breach of contract.
The legal exposure stems primarily from the terms of appointment, confidentiality agreements, and copyright laws. When an AEC firm inputs project data, designs, or client information into an AI tool, they may inadvertently violate the strict confidentiality clauses embedded in their contracts. This is particularly problematic with public-facing AI models, which often claim extensive rights over user-provided content.
The challenge is multifaceted. Most AEC contracts include explicit warranties that the professional will deliver original work or properly licensed material. These warranties are designed to protect clients from copyright infringement claims. However, when AI is involved, the provenance of the work becomes murky. Did the AI tool generate something original, or did it synthesise existing copyrighted material? The answer is often unknowable, creating a fundamental tension between the use of AI and the contractual obligations of AEC professionals.
"Read the fine print," warns May Winfield, Global Director of Commercial, Legal and Digital Risks at Buro Happold. "If you put in anything, they can do whatever they want with it forever and ever... If you input your designs, models or data into a public-facing tool, you are effectively throwing it into a public forum. You can't delete it, you can't remove it."
The Copyright Conundrum
Beyond confidentiality, copyright infringement represents a significant legal hurdle. AI models are trained on vast datasets, and the outputs they generate may inadvertently replicate copyrighted material. For AEC professionals relying on AI-generated designs or reports, this creates a substantial risk.
"You don't really know when you get output whether an element is in breach of copyright," Winfield explains. "It doesn't matter if you take a design from an AI tool and change it or develop it, it's still a reference point. It could be very embarrassing later if someone says, 'that whole section of what you did belongs to me': that could lead to legal liability."
Most standard contracts require professionals to guarantee that the materials they provide are either original creations or properly licensed. When AI is involved, making such a guarantee becomes legally precarious. The inability to trace the exact origins of an AI-generated output means that firms could be unknowingly passing off copyrighted work as their own.
The challenge is compounded by the fact that many AI tools do not disclose the training data used to develop their models. This opacity makes it nearly impossible for AEC professionals to assess the risk of copyright infringement. A design generated by an AI tool could potentially incorporate elements from copyrighted architectural works, building codes, or technical standards, creating liability for the firm using that output.
Insurance and Liability
The implications for professional indemnity (PI) insurance are equally concerning. PI insurance is designed to cover the exercise of reasonable skill and care. However, the use of AI tools introduces a new layer of complexity. If an AEC professional relies on an AI output without adequate verification, insurers may view this as a failure to exercise reasonable skill and care.
"Professional indemnity insurance provides cover for the exercise of reasonable skill and care, but an insurer could consider failure to check AI outputs as reckless or negligent, invalidating the cover," Winfield points out.
This highlights the critical need for a "human-in-the-loop" approach, where AI outputs are rigorously reviewed and validated by qualified professionals before being incorporated into a project.
The Air Canada chatbot case serves as a cautionary tale. In that instance, an AI chatbot provided incorrect information to a customer, contradicting the company's official policy. The airline was ultimately held liable for the chatbot's error. For AEC firms, the stakes are significantly higher, with potential errors leading to structural failures, safety hazards, or substantial financial losses.
Additional Compliance Concerns
Beyond copyright and confidentiality, there are additional compliance issues to consider. GDPR compliance is a particular concern for firms operating in Europe or handling European client data. Most AI tools are not GDPR-compliant, and feeding personal data into these systems creates a breach of GDPR requirements. Once data is fed into an AI tool, it cannot be deleted or removed, violating the fundamental principle of data minimisation.
Furthermore, when using enterprise-level AI tools, firms must recognise that even closed systems can result in confidentiality breaches. If a colleague can extract data from the AI tool that was intended to be restricted to a specific project team, this constitutes a breach of the confidentiality clause. The key is ensuring that access controls and data governance practices are robust enough to prevent unauthorised access.
For agentic AI systems, which can autonomously perform tasks and make decisions, the liability exposure increases further. Firms must thoroughly test the code and logic behind agentic systems to ensure they behave as intended and do not inadvertently violate contractual obligations or professional standards.
Takeaways
• Confidentiality Risks: Inputting sensitive project data into public-facing AI tools can violate confidentiality agreements, as these platforms often retain extensive rights over user content. Enterprise tools offer some protection but do not eliminate the risk entirely.
• Copyright Uncertainty: The opaque nature of AI-generated outputs makes it difficult to guarantee that materials do not infringe on existing copyrights, posing a significant legal risk for AEC firms incorporating AI-generated designs.
• Insurance Implications: Failing to adequately verify AI outputs could be deemed reckless or negligent by insurers, potentially invalidating professional indemnity coverage and leaving firms exposed to liability.
• GDPR and Data Compliance: Most AI tools are not GDPR-compliant, and feeding personal data into these systems creates regulatory violations that cannot be remedied through deletion or removal.
• Human Oversight is Essential: A "human-in-the-loop" approach is critical to mitigate legal and professional risks, ensuring that AI-generated content is rigorously reviewed and validated before incorporation into projects.
Practical Steps for AEC Firms
Given these legal complexities, what should AEC firms actually do?
The first step is to conduct a comprehensive audit of existing contracts. Review appointment terms, confidentiality clauses, and warranties to identify where AI use might create conflicts. Engage with your insurance broker to understand the current scope of your professional indemnity coverage and any exclusions related to AI.
Second, develop a clear AI governance policy. This policy should specify which AI tools are approved for use, which types of data can be processed through them, and what verification steps are required before AI-generated content is delivered to clients. The policy should also establish a human review process for all AI outputs, ensuring that qualified professionals validate the work before it leaves the firm.
Third, consider negotiating specific AI clauses into your contracts. Rather than leaving AI use ambiguous, explicitly address it in your appointment terms. Clarify which AI tools you will use, what data will be processed, and how you will manage the associated risks. This transparency can actually reduce liability by making client expectations clear from the outset.
Finally, stay informed about regulatory developments. The legal landscape around AI is evolving rapidly. Organisations like the UK's Information Commissioner's Office and the EU's regulatory bodies are developing guidance on AI use and data protection. Keeping abreast of these developments will help your firm stay ahead of compliance requirements.
To explore the intersection of AI and construction law further, subscribe to the Project Flux newsletter and join our community of forward-thinking AEC professionals.
Links and Stuff
All content reflects our personal views and is not intended as professional advice or to represent any organisation.
/
1