
In *Flora v. Prisma Labs*, the plaintiffs allege Prisma failed to meet all of the Illinois Biometric Privacy Act (BIPA)’s procedural requirements before collecting Lensa users’ selfies, pulling their facial geometry information from those images, and training the model on those geometries to output personalized avatars. First, they allege Prisma violated section 15(a), requiring Prisma to develop a written policy establishing a schedule to destroy biometric data after a certain time; they allege Prisma violated section 15(b) for collecting user’s biometric data without first notifying the user in writing of the purpose and length of collect and receiving a written release form; they also allege violations of sections 15(c) by profiting off of biometric data collected to improve Lensa, 15(d) by transferring users’ biometric data to third-party cloud servers without disclosing this and receiving user consent, and 15(e) for failing to store user’s biometric data in a way that meets the industry standard of care. Importantly, the *Flora* plaintiffs rely heavily on the version of Prisma’s Privacy Policy that was in place when they downloaded the app in early December 2022. According to them, the wording of that policy was vague with the terms it used to describe the facial information Lensa collects, never using the terms “facial geometry” or “biometric” despite using the term “face data” in a separate part of the Policy (after claiming the company does not collect such data). 

The *Flora* plaintiffs also suggest that Prisma’s Privacy Policy states the company deletes users’ biometric data (gleaned from their uploaded selfies) within 24 hours of creating the avatars. But this claim by Prisma is spurious, as the ML community is still trying to understand the extent to which models [memorize training data](https://proceedings.mlr.press/v80/chatterjee18a.html) in ways that make it impossible to delete or remove that data from the ultimate models. 

Flora v. Prisma Labs

In *A.T. v. OpenAI*, users are suing OpenAI for allegedly violating federal ([ECPA](https://epic.org/ecpa/)) and state ([CIPA](https://www.keglawyers.com/wiretapping-laws-penal-code-631#:~:text=California%20Penal%20Code%20631%20PC,listen%20to%20their%20private%20communications.)) wiretapping laws by collecting user data when they input content into ChatGPT or into third-party websites’ search features that have integrated [ChatGPT APIs](https://roedigital.com/chat-gpt-plugins/#:~:text=Some%203rd%20party%20plugins%20are,OpenTable%2C%20Wolfram%2C%20and%20Zapier.). Users are also alleging that OpenAI violates the Computer Fraud and Abuse Act of 1986 ([CFAA](https://www.govinfo.gov/content/pkg/USCODE-2020-title18/html/USCODE-2020-title18-partI-chap47-sec1030.htm)), a federal anti hacking law, for the same action of collecting their user data (especially their metadata) when using ChatGPT and ChatGPT plugins on third party websites. They argue that OpenAI effectively hacks users’ platform access, exceeding user’s authorized access for OpenAI when using ChatGPT, and intercepts their private information (i.e., user data) without their knowledge or consent.




A.T. v. OpenAI

In *Andersen v. Stability AI*, three named visual artists filed a proposed class action suit against Midjourney, Stability AI and DeviantArt, whose generative AI models were allegedly trained on billions of images scraped from the Internet without the permission of the copyright holder. The complaint alleged that there was direct and vicarious copyright infringement through non-consensual use of their works through works generated “in the style” of the artists. The complaint further claimed violations of the DMCA, violations of the right of publicity law, Cal. Civ. Code § 3344, violations of the common law right of publicity, unfair competition, and breach of contract of DeviantArt’s privacy policies.

In an order issued in October 2023, U.S. District Judge William Orrick of Northern District of California largely granted Stability AI’s motion to dismiss and gave Andersen a leave to amend to clarify their theories of each defendant’s differentiated roles in copyright infringement, DMCA violations, and violations of rights of publicity. The plaintiffs will be required to state and provide plausible facts on how compressed copies of training images contained in Stable Diffusion constituted direct copyright infringement. Another direct infringement claim is the allegation that output images from DreamUp are infringing derivative works, a claim that Judge Orrick required a showing of substantial similarity in order to survive. Additionally, the plaintiffs will have to provide facts that support Midjourney’s liability in direct infringement through the training process as well as facts that clarify DeviantArt’s liability.


Andersen v. Stability AI

Fiction writers and the Authors Guild that own registered copyrights brought a suit against OpenAI for copyright infringement for copying their works to train ChatGPT. The Guild’s complaint extensively discussed the threat and harm that generative AI like GPT-N and ChatGPT pose to authors and their livelihoods. The plaintiffs called attention to ChatGPT readily offering to produce summaries of copyrighted works, which they allege are derivative works. The plaintiffs laid out how ChatGPT was able to produce accurate summaries or hypothetical volumes of each of the plaintiffs’ existing work to allege that ChatGPT could not have generated the material if it had not ingested and trained on the specific works.


Authors Guild v. OpenAI

_Battle v. Microsoft_ involves an Air Force veteran, Jeffery Battle, who happens to share the same name as Jeffrey Battle (first name spelled slightly differently), a member of the “Portland Seven,” a group of U.S. citizens who tried to join the Taliban in Afghanistan after 9/11. Battle sued Microsoft for defamation after he discovered that searching his name on Bing, the GenAI-assisted search engine, generated a short blurb that conflated the bios of the two Jeffery/Jeffrey Battles.

Battle is seeking monetary compensation from the company for the alleged reputational damage that its tool caused. He is also explicitly asking for a “remedy that will ensure that the damaging activities . . . cease and desist and that the false information will be . . . removed” from Bing search results “in perpetuity.” Microsoft has not yet responded to Battle’s complaint.


Battle v. Microsoft

Plaintiffs Michael Chabon, David Henry Hwang, and Matthew Klam are authors with registered copyrighted works. In their proposed class action complaint to Meta, the authors alleged copyright infringement on the basis that Meta used copyrighted materials to train the LLaMa model and the models themselves are unauthorized derivative works of the copyrighted training material. The complaint also outlined DMCA violation for removal of copyright management information, violation of the California unfair competition law, negligence, and unjust enrichment.

In November 2023, Northern District of California Judge Chhabria did not find plausible theories in Chabon’s claims and granted Meta’s joint motion to dismiss against Chabon for lack of plausible theory of infringement as in [Kadrey v. Meta](https://knowingmachines.org/knowing-legal-machines/legal-explainer/cases/kadrey-v-meta).

Chabon v. Meta Platforms, Inc.

Authors with registered copyrighted works brought a proposed class action complaint to OpenAI, alleging copyright infringement on the basis that OpenAI used copyrighted materials to train the GPT model rendering the models themselves unauthorized derivative works of the training material. The complaint also outlined DMCA violation for removal of copyright management information, violation of the California unfair competition law, negligence, and unjust enrichment.

In August 2023, plaintiffs in [Tremblay v. OpenAI](https://knowingmachines.org/knowing-legal-machines/legal-explainer/cases/tremblay-v-openai), who made indistinguishable claims against OpenAI as those made in Chabon v. OpenAI, moved to relate the two cases.



Chabon v. OpenAI

Major music publishers ABKCO, Concord, and Universal allege that Anthropic infringed publisher-owned copyrights in song lyrics.  This infringement allegedly happened when lyrics were copied as part of the model training process, and when those lyrics were reproduced and distributed in response to prompts using Anthropic’s AI product, Claude. 

The publishers argue that direct infringement took place at three stages of the model’s processing of the copyrighted material: copying taking place in initial data ingestion, additional reproduction in the fine-tuning of the data, and producing near-identical copies as outputs. Claude chatbot replicates significant portions of copyrighted lyrics when prompted to do so. The publishers highlighted that such service is provided by an already existing market of lyrics aggregators who have licensed those works. The publisher demonstrated that even when Claude is prompted to generate song lyrics without a request for a specified song’s lyrics, the chatbot replicated significant portions of existing copyrighted lyrics.

Furthermore, The publishers argued that Anthropic contributorily infringed and is vicariously liable for users’ direct infringement. Although the publishers point out Anthropic’s use of “constitutional” AI training model and its omission of protection of intellectual property rights as one of its principles, it does not appear that the infringement analysis would be affected by the values that govern Anthropic's AI model design.




Concord Music Group v. Anthropic

Software developers who own source code repositories made available on GitHub filed a proposed class action complaint against GitHub, Inc., Microsoft Corporation, and OpenAI. The plaintiffs alleged that the defendants trained Codex and Copilot on the code deriving from the plaintiffs’ published codes on GitHub, in violation of the Digital Millennium Copyright Act (DMCA), 17 U.S.C. §§ 1201–1205 and several other claims, most of which were dismissed in a mixed ruling in May 2023 by U.S. District Judge Jon Tigar in the Northern District of California.

Claims that were dismissed were for violation of Sections 1202(a) and 1202(b)(2) of the DMCA, tortious interference in a contractual relationship, fraud, false designation of origin, unjust enrichment, unfair competition, breach of the GitHub Privacy Policy and Terms of Service, violation of the California Consumer Privacy Act and negligence.

What survived the dismissal were plaintiffs’ claims that GitHub and OpenAI violated Sections 1202(b)(1) and 1202(b)(3) of the DMCA and breached the open source licenses under which the plaintiffs’ codes were made available through GitHub. 




Doe 1 v. GitHub

Getty Images brought claims against Stability AI for copyright infringement, DMCA violation, and trademark infringement and dilution. Getty Images alleged that Stability AI used more than 12 million Getty Images photos to train the model for Stability’s image generator, Stable Diffusion. In the complaint, Getty Images juxtaposed a copyrighted Getty Images photograph next to an image generated by Stable Diffusion to underscore the link between the two. The generated images included in the complaint have what Getty Images calls a modified version of the Getty Images watermark, which Getty Images claims to have harmed it by “creating confusion as to the source of the images and falsely implying an association with Getty Images."


Getty Images v. Stability AI

Mike Huckabee, former Arkansas governor, and a group of religious authors filed a class action suit against Meta, Bloomberg, Microsoft, and the EleutherAI Institute, arguing they trained artificial intelligence tools on the authors’ books without permission when they used Books3, a text dataset compiled by independent developers.

In their complaint, the plaintiffs emphasized how essential Books3, which contained their works, was in training the LLM products.They claim that the LLM products of Meta, Microsoft, and Bloomberg cannot function without the use of Books3, making the models infringing derivative works of the allegedly incorporated copyrighted materials within the dataset. Plaintiffs further argued that the defendants were vicariously liable for infringement because every output of the LLMs is also an infringing derivative work, but the plaintiffs did not identify who the direct infringer is in those instances.





Huckabee v. Meta

The plaintiffs, led by a New York Times best-selling author and journalist, J.L, who requested to keep their identity private, filed a putative class action complaint against Alphabet, Google Deepmind and Google LLC. The case alleges that Google misused content that the plaintiffs posted on social media and Google platforms, to train Bard. They alleged copyright infringement, DMCA violation, and other torts. In September, plaintiffs voluntarily dismissed Alphabet and Google Deepmind, leaving Google LLC as the sole defendant.




J.L. v. Alphabet

The comedian and author Sarah Silverman and other published authors filed a class action lawsuits against Meta claiming it infringed upon their copyright by making copies of their books as part of training data for Meta’s LLaMA AI model, that the LLaMA model itself was a “derivative work” of their books, and that various LLaMA outputs were unlawful copies of their books. Plaintiffs also claimed Meta removed their Copyright Management Information (CMI) as well as engaging in unfair competition, unjust enrichment, and negligence.The complaint was filed along with the one filed against OpenAI by the same lead plaintiffs. 

Meta moved to dismiss every claim except the copyright claim related to training LLaMa, reserving it to challenge later in the case. Judge Vince Chhabria of the Northern District of California granted Meta’s motion to dismiss across the board finding that there were no plausible theories for plaintiffs to win on. Specifically, Judge Chhabria rejected the claim that LLaMA models themselves are infringing derivative works, calling this a nonsensical argument, since the models are software code that create abstract mathematical relationships and could not be conceived of as a recasting or adaptation of any of the expressive text of plaintiffs’ books. The allegation that every output is an infringing derivative work and that Meta is vicariously liable for the users prompting such outputs was also rejected because of the plaintiffs’ failure to allege that any specific output was infringing or incorporated the copyrighted material. Without specific allegations that specific outputs incorporated their copyrighted works, there was no legal basis for the claim to move forward in the case. The court also dismissed the CMI claim because it also depended on specific allegations that LLaMA could produce plaintiffs’ books. The unfair competition claims, unjust enrichment claims, and negligence claims all failed as well because they duplicated the copyright infringement claims and thus were preempted by the Copyright Act. The court gave plaintiffs 21 days to amend their complaint to cure these problems.

Assuming plaintiffs cannot allege any new facts, the only remaining claim left out of the motion to dismiss is the claim on use of copyrighted works for training, a use that Meta maintains is quintessential fair use.




Kadrey v. Meta

In *P.M. v. OpenAI*, users are suing OpenAI for allegedly violating federal ([ECPA](https://epic.org/ecpa/)) and state ([CIPA](https://www.keglawyers.com/wiretapping-laws-penal-code-631#:~:text=California%20Penal%20Code%20631%20PC,listen%20to%20their%20private%20communications.)) wiretapping laws by collecting user data when they input content into ChatGPT or into third-party websites’ search features that have integrated [ChatGPT APIs](https://roedigital.com/chat-gpt-plugins/#:~:text=Some%203rd%20party%20plugins%20are,OpenTable%2C%20Wolfram%2C%20and%20Zapier.). Users are also alleging that OpenAI violates the Computer Fraud and Abuse Act of 1986 ([CFAA](https://www.govinfo.gov/content/pkg/USCODE-2020-title18/html/USCODE-2020-title18-partI-chap47-sec1030.htm)), a federal anti hacking law, for the same action of collecting their user data (especially their metadata) when using ChatGPT and ChatGPT plugins on third party websites. They argue that OpenAI effectively hacks users’ platform access, exceeding user’s authorized access for OpenAI when using ChatGPT, and intercepts their private information (i.e., user data) without their knowledge or consent.

A subset of Illinois-based plaintiffs further allege OpenAI violated the Illinois Biometric Privacy Act (BIPA) when it collected their biometric identifiers without having a written policy, informing users in writing, receiving a written release, and meeting BIPA’s other procedural requirements (described above). Specifically, they claim that OpenAI collected and relied on their facial images from scraped photos from the internet to train image diffusion products like DALL-E. They allege OpenAI collected facial geometry data of Illinois residents, without which DALL-E could not exist. If the case moves forward into discovery, OpenAI may have to finally divulge the sources of its training data beyond what has been [uncovered by others](https://www.washingtonpost.com/technology/interactive/2023/ai-chatbot-learning/).




P.M. v. OpenAI

The Review Board of the Copyright Office affirmed the Copyright Office’s rejection of the registration of an image generated using RAGHAV, a 2-D image application. The image was generated by the claimant Ankit Sahni who inputted his own photograph as a base image and transferred style from Vincent van Gogh’s artwork through the program. The Office refused to register the work because it lacked the human authorship necessary to support a copyright claim, extending its uniform rejection of AI-generated outputs. *See* [Thaler v. Perlmutter](https://knowingmachines.org/knowing-legal-machines/legal-explainer/cases/thaler-v-perlmutter). The Review Board of the USCO maintained that it would register a work that contains sufficient human authorship, but that this work lacked “the expressive elements of pictorial authorship” provided by the claimant. The Review Board refused to recognize that RAGHAV was used as “an assistive tool” akin to a camera or photo-editing software subject to creative decisions by the author and further noted that the inputted choices made by Sahni merely constituted unprotectable ideas for the work. 

Registration of “SURYAST”

Mr. Jason Allen applied for copyright registration of a two-dimensional artwork claim in the work titled “Théâtre D’opéra Spatial,” which was generated using Midjourney after employing as many as 600 text prompts. The USCO requested more information about Allen’s use of Midjourney and subsequently denied the registration. When Allen submitted requests for reconsideration, USCO review board found that the work contained more than a de minimis amount of AI-generated content which must be disclaimed in an application for registration. The USCO refused to register the work, because Allen was unwilling to disclaim the AI-generated material.

Registration of “Théâtre D’opéra Spatial”

Kristina Kashtanova applied for copyright registration of a graphic novel work, “Zarya of the Dawn,” which was created with output from Midjourney that Kashtanova described as “the core creative input” for each image. Registration certificate was granted but the USCO canceled the registration due to a failure to exclude non-human authorship contained in the work. The USCO then replaced it with a new registration that covers the original authorship of Kashtanova, narrowing its coverage to the “text” and the “selection, coordination, and arrangement of text created by the author and artwork generated by artificial intelligence.”

Registration of “Zarya of the Dawn”

Writer Julian Sancton brought claims of copyright infringement and contributory copyright infringement against OpenAI and Microsoft on behalf of a putative class of owners of nonfiction works. The plaintiffs alleged that reproducing copyrighted works in datasets used to train their AI models constituted direct copyright infringement. Plaintiffs moved to relate the case to [Authors Guild v. OpenAI](https://knowingmachines.org/knowing-legal-machines/legal-explainer/cases/authors-guild-v-openai), another class action brought by authors.

Sancton v. OpenAI Inc. et al.

Comedian and author Sarah Silverman as well as other published authors allege that OpenAI infringed upon copyright by making copies of their books as well as works of those who are similarly situated. The complaint argued that the OpenAI’s large language models are themselves infringing derivative works because the models cannot function without the expressive information extracted from the infringed works. 

OpenAI moved to dismiss the claims for vicarious copyright infringement, violation of DMCA § 1202, unjust enrichment, and negligence. Although OpenAI did not move to dismiss the direct copyright infringement claim, it laid grounds to discredit infringement claims by invoking the fair use doctrine, requirement for substantial similarity, and that copyright does not protect ideas, facts, or language. In a memo filed in September 2023, the plaintiffs strongly rebutted by arguing that copyright infringement does not require a showing of substantial similarity in direct copying cases in the Ninth Circuit and reiterated the strength of their direct copyright infringement claim.



Silverman v. OpenAI

Dr. Stephen Thaler, who developed and owns an AI system called Creativity Machine, filed to register outputs generated from the AI system for copyright registration in November 2018. The U.S. Copyright Office (USCO) denied the registration application for the AI-generated work in a final agency action for the lack of “human authorship necessary to support a copyright claim.” Thaler filed against Perlmutter, the register at the USCO, for a judicial review of the denial under the Administrative Procedures Act, claiming that this rejection was contrary to the plain language of the Copyright Act and the statutory purpose of its mandate to promote the progress of science. In granting summary judgment in favor of the USCO, the District Court for the District of Columbia held in August 2023 that human authorship is an essential part of a valid copyright claim, emphasizing that authorship centers on human creativity. Thaler has since filed an appeal to the Court of Appeals for the D.C. Circuit.




Thaler v. Perlmutter

Thomson Reuters, which owns Westlaw, a legal research platform, sought to recover from an AI startup, Ross, by alleging that Ross trained its AI on copies of Westlaw headnotes. Ross contracted with LegalEase, a legal-research company to conduct a Bulk Memo project that produced 25,000 question-and-answer sets with assistance of a text-scraping bot that accessed Westlaw. The LegalEase memos were then converted into training data by Ross. Thomson Reuters argued that the questions portions of Bulk Memo were essentially copies of headnotes.

On September 25, 2023, Judge Stephanos Bibas denied summary judgment and ruled the case to proceed to trial. Judge Bibas rejected Ross’s theory that its use of a portion of the large compilation was not enough to be infringing. Whether the headnotes themselves met the originality threshold to merit copyright protection is a factual issue left to the jury to determine. This issue on protected expressions will shape the theories of infringement liability.

In finding that the fair use determination should go to a jury, Judge Bibas declined to overread a recent fair use rulings in *[Andy Warhol Foundation v. Goldsmith](https://www.supremecourt.gov/opinions/22pdf/21-869_87ad.pdf)*, in which the Supreme Court heavily weighed commercial use to rule against fair use. Instead, he emphasized transformativeness and suggested that Ross may prevail in its fair use defense if factual determination supported that its use was transformative intermediate copying. Furthermore, he noted that the nature of Westlaw’s Key Number System and headnotes gravitate away from the core of copyright protection and may favor fair use, but the decisions on each factor will have to wait until trial.


Thomson Reuters v. ROSS Intelligence

In *Tremblay v. OpenAI*, the named plaintiffs were authors who have registered copyrights in several books. The plaintiffs brought a proposed class action suit against OpenAI for direct and vicarious copyright infringement, DMCA violation, unfair competition and negligence. The plaintiffs alleged that OpenAI made copies of the books, made derivative works, publicly displayed, and/or distributed those copies or derivative works. The complaint identified that ChatGPT was able to generate fairly accurate summaries of books written by the plaintiffs, suggesting that the model had ingested and retained them. The complaint seeks relief on behalf of all authors whose books were copied as part of the training data set for ChatGPT.

In August 2023, OpenAI filed a motion to dismiss and the plaintiffs moved to relate this case to another case against OpenAI, Chabon v. OpenAI.




Tremblay v. OpenAI

In _Walters v. OpenAI_, the radio talk show host Mark Walters has sued OpenAI for defamation. According to the complaint, when a journalist prompted ChatGPT for information about an unrelated lawsuit, the tool wrongly described Walters as a defendant in that case who had been accused of fraud. Walters is seeking monetary compensation from the company for the reputational damage allegedly caused by these false statements.

In defending the lawsuit so far, OpenAI has gone out of its way to try to avoid the conclusion that its outputs should be considered statements of “fact,” [pointing to](https://storage.courtlistener.com/recap/gov.uscourts.gand.318259/gov.uscourts.gand.318259.12.1.pdf) its disclaimers about ChatGPT’s lack of reliability and suggesting that since its outputs are “probabilistic,” they can never really be considered factual assertions. Among other things, OpenAI has also maintained that ChatGPT fails to meet defamation’s “publication” requirement—that is, the requirement that for a false statement to be actionable in court, it needs to have been shared with a third party. The company refers to its [Terms of Use](https://openai.com/policies/terms-of-use)—which assign users rights to their ChatGPT outputs and states that users are “responsible” for them—to describe ChatGPT as nothing more than “a private drafting tool” that “helps \[a user\] write or create content owned by the user.”

In January 2024, the Georgia Superior Court preliminarily rejected OpenAI’s arguments, [denying](https://medialaw.org/wp-content/uploads/2024/01/01.16.24walters.pdf) the company’s motion to dismiss and allowing the case to proceed.






Walters v. OpenAI

Kyland Young, a former contestant of a reality television show, brought right of publicity claims in a proposed class action against NeoCortext Inc., a Ukrainian company that made the AI-based face swapping app, Reface. The complaint alleged that the app exploited Young’s image and likeness without consent or compensation, violating the right of publicity under California Civil Code § 3344.

In September 2023, U.S. District Judge Wesley L. Hsu of Central District of California denied NeoCortext’s motion to dismiss and motion to strike, writing that the right of publicity claims were not preempted by the federal Copyright Act. Under California law, significant transformative use would warrant an affirmative defense to a right of publicity claim under the First Amendment, but Judge Hsu found that NeoCortext had failed to show that Reface app’s use of Young’s face was a transformative use as a matter of law.

