DARR
MR-081 Regulatory compliance Both scope

Provider's inadequate copyright compliance exposes the deployer to IP liability

The provider of a procured model did not adequately ensure lawful training-data sourcing, rights-reservation compliance, or output-infringement mitigation, exposing the deployer to intellectual-property liability for the model's outputs.

Risk family
Regulatory compliance
MIT domain
n/a (EU-derived)
MIT subdomain
n/a
AI type
GPAI, Agentic
Scope
Both
Source standard
GPAI Code of Practice 2025 (gap analysis)

Provenance

Source standard
GPAI Code of Practice 2025 (gap analysis)
Source frameworks
GPAI Code of Practice 2025
GPAI Code of Practice
GPAI Code of Practice, Copyright Chapter, Commitment 1 (Measures 1.1-1.5)
Nearest MIT-derived risk
MR-039 IP and copyright infringement (the deployer-facing outcome; this adds the upstream provider-compliance dependency).

Framework crosswalk

Every framework item mapped to this risk. Items marked partial overlap only in part; definitions appear on hover where the source licence permits.

Sourcesframeworks that contributed to the register
EU AI Act1
  • CoP GPAI Code of Practice, Copyright Chapter, Commitment 1 (Measures 1.1-1.5)

Part of the Deployer AI Risk Register, an open-source resource developed by MindXO. Version 1.0, 3 July 2026. Derived from the MIT AI Risk Repository (V4, December 2025) under CC BY 4.0; an independent derivative work, not endorsed by or affiliated with MIT. Sub-risk decomposition references MITRE ATLAS™ v5.6.0 (© 2021-2026 The MITRE Corporation, reproduced and distributed with permission). ISO/IEC and EU AI Act references are by number only. License: CC BY 4.0. Full attribution and licensing.