Cross-corpus research synthesis
Training-Data Rights
Copyright, consent, text-and-data-mining exceptions.
Synthesised deterministically from 28 articles that engage this theme. Empirical consensus: contested · contested: Does the EU CDSM Directive's TDM-exemption cover commercial foundation-model training? Major active litigation (NYT v OpenAI, Getty v Stability) and parallel claim regimes in UK/JP/US.. Full theme article: /wiki/training-data. Machine-readable: /wiki/synthesis.json.
Cross-jurisdiction stances (9 govern, 20 engage)
| Instrument | Verdict | Provision excerpt / citation |
|---|---|---|
| EU AI Act | implicit | [providers of general-purpose AI models shall] draw up and make publicly available a sufficiently detailed summary about the content used for training of the general-purpose AI model… (paraphrase) Recital 105; CDSM Directive provides primary copyright framework |
| Interim Measures for Generative AI Service Management | governs | Art. 7 (legal source + IP requirements) |
| Council of Europe Framework Convention on AI | implicit | Art. 11 (privacy + data protection) |
| NIST AI Risk Management Framework | implicit | Scientific integrity and TEVV considerations are identified and documented, including those related to experimental design, data collection and selection (e.g., availability, representativeness, suitability)… (paraphrase) Manage 4: data integrity |
| NIST AI RMF Generative AI Profile | governs | NIST AI 600-1 §3.4 Data Privacy + §3.7 Intellectual Property |
| India Digital Personal Data Protection Act + AI Advisory (MEITY) | governs | DPDPA §§4-7 (consent + purpose limitation for AI training data) |
| Brazil AI Bill (PL 2338/2023) | implicit | PL 2338/2023 cross-references LGPD (2018) for data-rights baseline |
| African Union Continental AI Strategy | implicit | AU Strategy §5 + Malabo Convention (2014) data-protection baseline |
| Meta Frontier AI Framework | implicit | Open-weight framing engages training-data + IP issues; not the framework's primary lane |
| Japan METI AI Guidelines for Business | implicit | Principle 4 (Safety) + Principle 2 (Education-Literacy) brush against training-data norms; ACA copyright regime separately addresses |
| General Data Protection Regulation (GDPR) | governs | Art. 5(1)(b) purpose limitation; Art. 6 lawful basis; Art. 9 special-category overlay for sensitive training data; Art. 5(1)(c) data minimisation |
| EU General-Purpose AI Code of Practice | governs | Chapter 2 (Copyright) — Art. 53(1)(c) training-data summary obligations + Art. 53(1)(d) text-and-data-mining opt-out compliance |
| GSA Generative AI and Specialized Computing Infrastructure Acquisition Resource Guide | implicit | Supply-chain risk-management considerations include training-data provenance + dependency disclosure |
| FedRAMP AI Cloud Procurement Guidance | implicit | Supply-chain risk-management considerations include training-data + model-weight provenance disclosure within the SSP |
| DFARS Subpart 252.204 (Safeguarding Covered Defense Information and Cyber Incident Reporting) | governs | When the Contractor discovers a cyber incident that affects a covered contractor information system … the Contractor shall … rapidly report cyber incidents to DoD … within 72 hours of discovery. (paraphrase) 252.204-7012 — training-data sets stored on covered contractor information systems require NIST SP 800-171 implementation when designated CDI; data-spill / exfiltration events trigger 72-hour cyber-incident reporting under 252.204-7012(c) |
| UNESCO Recommendation on the Ethics of Artificial Intelligence | governs | “Member States should work to develop data governance strategies that ensure the continual evaluation of the quality of training data for AI systems” Policy Area 'Data Policy', para 71 — data-governance strategies ensuring continual evaluation of training-data quality |
| Provisions on the Administration of Deep Synthesis of Internet Information Services | governs | “深度合成服务提供者……应当加强训练数据管理,采取必要措施保障训练数据安全;训练数据包含个人信息的,应当遵守个人信息保护的有关规定” Art. 14 |
| Italy Law No. 132/2025 on Artificial Intelligence (Legge 23 settembre 2025, n. 132) | governs | “«Art. 70-septies … le riproduzioni e le estrazioni … ai fini dell'estrazione di testo e di dati attraverso modelli e sistemi di intelligenza artificiale, anche generativa, sono consentite in conformità alle disposizioni di cui agli articoli 70-ter e 70-quater».” Art. 25 (new Art. 70-septies l. 633/1941) permits text-and-data-mining reproductions/extractions for AI training from lawfully accessible material (per Arts. 70-ter/70-quater); Art. 16 delegates the Government to enact an organic regime on data, algorithms and mathematical methods for training AI. |
| Japan AI Promotion Act (Act on the Promotion of Research, Development and Utilization of AI-Related Technologies) | implicit | ... intellectual infrastructure ... including datasets (meaning collections of information gathered for a specific purpose) ... (paraphrase) Act No. 53 of 2025, Arts. 12 & 3(4) |
| UN Global Digital Compact | implicit | “incorporation of safeguards into artificial intelligence model training processes ... open training data.” GDC Objective 3 para 36(c) and Objective 5 capacity-building (A/RES/79/1, Annex I) |
Evidence convergence
Sources the corpus cites for this theme across multiple articles — a scientometric consensus signal computed from inline prose citations (the more articles independently cite a source, the more load-bearing it is for this theme). 48 sources are cited by ≥2 articles.
- 14×An interdisciplinary account of the terminological choices by EU policymakers ahead of the final agreement on the AI Act: AI system, general purpose AI system, foundation model, and generative AI — cited by 14 articles
- 12×Generative AI and data protection — cited by 12 articles
- 12×Generative AI in EU law: Liability, privacy, intellectual property, and cybersecurity — cited by 12 articles
- 11×Open Foundation Models and TDM Exceptions to Copyright – Building Blocks for an AI Ecosystem — cited by 11 articles
- 11×The EU model of AI governance: regulating artificial intelligence through law and policy — cited by 11 articles
- 10×Identifying Algorithmic Decision Subjects' Needs for Meaningful Contestability — cited by 10 articles
- 7×Missing the Mark: Adoption of Watermarking for Generative AI Systems in Practice and Implications Under the New EU AI Act — cited by 7 articles
- 6×arxiv:2504.18236 — cited by 6 articles
- 6×Copyright and AI in the UK: Opting-In or Opting-Out? — cited by 6 articles
- 5×A Framework for Evaluating Global AI Governance Initiatives — cited by 5 articles
- 5×A large-scale audit of dataset licensing and attribution in AI — cited by 5 articles
- 5×Large language models reflect the ideology of their creators — cited by 5 articles
- 5×A Teleological Interpretation of the Definition of DeepFakes in the EU Artificial Intelligence Act—A Purpose-Based Approach to Potential Problems With the Word 'Existing' — cited by 5 articles
- 5×Defending Compute Thresholds Against Legal Loopholes — cited by 5 articles
- 5×Consent in Crisis: The Rapid Decline of the AI Data Commons — cited by 5 articles
- 4×Audio deepfakes and the regulation of the landlords of creativity — cited by 4 articles
- 4×GPTs are GPTs: Labor market impact potential of LLMs — cited by 4 articles
- 4×Generative AI at Work — cited by 4 articles
- 4×Training Compute Thresholds: Features and Functions in AI Regulation — cited by 4 articles
- 4×Artificial intelligence and synthetic biology: biosecurity risks, dual-use concerns, and governance pathways — cited by 4 articles