ChatGPT & Your Startup: Legal Risks and Best Practices

ChatGPT & Your Startup: Legal Risks and Best Practices

If your startup uses ChatGPT or any large language model (LLM) in 2026 — and the odds are that you do — you are running a new category of legal risk that most founders have not fully mapped. Personal data sent to a consumer AI session can breach the Digital Personal Data Protection Act 2023 (DPDP Act). AI-generated code may carry invisible licence obligations. A hallucinated regulatory figure in a pitch deck or financial report can expose you to misrepresentation claims. This guide tells you exactly what the risks are, why they materialise and what to do about each one today.

The Risk Landscape at a Glance

Most founders think of ChatGPT as a productivity tool. Their legal teams think of it as an uncontrolled data egress point, an IP-ambiguity machine and a sub-processor that is not yet on the company's data processing agreement (DPA). Both views are correct, which is why the legal risk from AI sits at the intersection of four separate legal regimes operating simultaneously:

• Data protection — the DPDP Act 2023 and, where cross-border transfers are involved, the GDPR or equivalent
• Intellectual property — Copyright Act 1957, Patents Act 1970, Trade Marks Act 1999
• Contract law — Indian Contract Act 1872, enterprise customer contracts, vendor agreements
• Sector regulation — RBI, SEBI, IRDAI, NMC (National Medical Commission), ICAI, Bar Council of India guidelines

Getting any one of these wrong can cost you a client, a licence or — in the worst case — a penalty running into crores. The following sections break down each risk and give you a practical path to containment.

Confidentiality and Data Leakage: Your DPDP Act Exposure

What "disclosure to a third party" actually means

When your support executive copies a customer complaint — including the customer's name, contact number and order history — into a free ChatGPT session to draft a reply, OpenAI receives that personal data. Under the DPDP Act 2023, you are the Data Fiduciary (the party that determines the purpose and means of processing). OpenAI, in that transaction, is a Data Processor (Section 2(k) of the DPDP Act). You are required under Section 8(1) to give OpenAI lawful instructions and — critically — to "take reasonable steps to ensure that the personal data shared with the processor is only to the extent necessary."

Pasting the entire customer record, when you only needed the complaint text, already fails that standard. Doing it through the free consumer product — which, at the time of writing, allows OpenAI to use chat history to improve its models unless you opt out — makes it worse: you have effectively disclosed personal data to a trainer, not just a processor.

The DPDP Act Schedule sets financial penalties for failure to implement reasonable security safeguards (Item 1) at up to Rs. 250 crore. Failure to notify a personal data breach to the Data Protection Board of India (DPBI) (Item 2) draws a further up to Rs. 200 crore. Even a general non-compliance (Item 5) carries up to Rs. 50 crore. These are not per-incident caps — the Board can impose the full penalty on each separate contravention.

Consumer product vs. API vs. Enterprise: the three-tier model

Before you can fix your data-handling policy, you need to understand the product tiers, because each carries different default data rights:

Practical rule: Any workflow that touches personally identifiable information (PII), financial data, health data, source code marked confidential or board-level information must run on API or Enterprise only, with an executed DPA in your records. The consumer product is simply not appropriate, regardless of how convenient it is.

IP Ownership of AI-Generated Content Under Indian Law

The human-contribution test

The Copyright Act 1957, Section 2(d)(vi), recognises "work of a computer" as a category where the "author" is the person who caused the work to be generated. Courts in India have not yet issued a binding ruling on whether a prompt instruction to an LLM clears this bar. Until they do, the prudent position is that pure AI output with no identifiable human creative expression has a weak — and possibly non-existent — copyright claim in India.

What does strengthen your copyright position? Human contribution at three stages: (a) prompt architecture — if a member of your team spent meaningful creative effort structuring the prompt, specifying style, selecting which outputs to include and editing the result, that curation is creative; (b) selection and arrangement — collecting 12 AI-generated product descriptions and curating 3 for publication involves editorial judgement; (c) substantive editing — rewriting AI output to align with your brand voice, correct inaccuracies and add proprietary data creates a derivative work with human authorship.

Practical rule: For any content you want to register or enforce commercially — campaign copy, white papers, technical documentation — keep a documented "creative trail": the prompt, the raw output, the edit log. This trail will be your evidence if ownership is ever challenged.

AI-generated code and licence contamination

Code generation is where IP risk becomes immediately commercial. GitHub Copilot, ChatGPT and similar tools are trained on publicly available code repositories, including those governed by the GNU General Public Licence v2/v3 (GPL). GPL is a copyleft licence: if GPL-licensed code is incorporated — even inadvertently — into your product, the GPL's virality clause may require you to release your entire codebase under GPL terms.

OpenAI does not warrant that API output is free of third-party IP. This means your engineering team should treat AI-generated code like any open-source dependency: run it through a licence scanner (tools like FOSSA, Black Duck or the open-source licensee library) before it enters your main branch. Also run it through a static security analyser — LLMs reproduce known vulnerable code patterns with confidence.

Trademarks and patents: a cleaner story

Good news in two areas: trademark distinctiveness and patent novelty are assessed on the output, not the means of creation. An AI-generated logo that is distinctive in your class of goods and services can be registered under the Trade Marks Act 1999. An invention with a genuine technical effect and human-directed inventive step is patentable under the Patents Act 1970, even if AI tools assisted in ideation. The inventor named on the application must be a natural person — this is settled globally — but the company can own the patent through assignment.

Hallucinations and Liability: When AI Invents the Law

LLMs are next-token predictors. They do not "know" that Section 194Q of the Income-tax Act applies to buyers whose turnover exceeds Rs. 10 crore, or that a specific MCA circular superseded an earlier one. They generate what is statistically plausible. The result is confident-sounding text that can be factually wrong in ways that damage your business.

High-stakes hallucination scenarios

Consider three patterns that show up regularly in startup practice:

Pattern 1 — Regulatory filings. A finance head uses ChatGPT to draft an AOC-2 disclosure for related-party transactions. The AI cites a threshold from a 2019 Companies Act amendment that was subsequently revised. The filed AOC-2 is incorrect. Under Section 134(8) of the Companies Act 2013, the penalty is Rs. 3 lakh to Rs. 50 lakh on the company and Rs. 50,000 to Rs. 5 lakh on each defaulting officer.

Pattern 2 — Client-facing advice. A legaltech startup uses AI to draft a commercial lease template and includes a provision citing a state Rent Control Act that was repealed. The tenant client relies on the clause. The startup may face a misrepresentation claim under Section 18 of the Indian Contract Act 1872, and depending on how the service was marketed, a "deficiency in service" claim under Section 2(11) of the Consumer Protection Act 2019.

Pattern 3 — Financial reports. An AI-drafted investor update cites a total addressable market figure that the model fabricated. If this reaches institutional investors before a funding round, it touches Section 12A and Section 17 of the SEBI Act 1992, which prohibit fraudulent or misleading statements in connection with securities.

Practical rule — the mandatory human-review step: Before AI output becomes a commitment — a filing, a client-facing document, a pitch deck, a press release — a subject-matter expert must review it against the primary source. Build this as a workflow gate, not a discretionary check.

Contractual and Sub-Processor Obligations

Enterprise customer contracts: the clause you are probably violating

Many B2B SaaS founders sign enterprise customer contracts that include a "Restricted Sub-processors" clause or a "Sub-processor Notice" schedule. The clause typically says: "Service Provider shall not engage new sub-processors to process Customer Data without prior written consent or 30 days' advance notice." When you start routing customer support tickets through ChatGPT API without notifying your customer and updating the DPA, you are in breach of this clause — even if you use the API plan and have OpenAI's own DPA in place.

Fix the sequence: (1) Identify which customer agreements contain sub-processor obligations. (2) Add OpenAI (or your specific LLM provider) to your sub-processor register. (3) Issue sub-processor notices to affected customers. (4) Update your own privacy policy and customer-facing DPA to reflect AI processors. (5) Renew this review process each time you onboard a new AI tool.

Employee data and internal workflows

Employees are also Data Principals under the DPDP Act. An HR team that pastes performance review notes, salary details or disciplinary records into ChatGPT to draft communications is processing sensitive employee data outside of any consented purpose. Your employee consent notice (required under Section 6 of the DPDP Act) almost certainly does not mention AI sub-processors. Update it.

Sector-Specific Guardrails

BFSI (Banking, Financial Services and Insurance)

The RBI's Master Direction on IT Framework for the NBFC Sector and Circular on Outsourcing of IT Services require that any outsourcing of data processing be covered by a board-approved outsourcing policy and that data remain subject to RBI supervisory access. Using an external LLM for credit underwriting, customer onboarding or collections without board approval and regulatory disclosure is an outsourcing-policy breach. IRDAI has issued similar guidelines under its IRDAI (Outsourcing of Activities by Indian Insurers) Regulations 2017.

Healthcare and MedTech

Under the National Medical Commission Act 2020 and NMC regulations, medical advice can only be rendered by a registered medical practitioner. An AI-generated symptom checker that tells a user they "likely have X condition" without a qualified doctor in the loop crosses the line from information to advice. The liability for a misdiagnosis or delayed treatment is real and personal.

Legal Services

Only advocates enrolled under the Advocates Act 1961 can practise law. Selling an AI-drafted legal notice, contract or legal opinion as professional legal advice — without an enrolled advocate reviewing and signing off — is an unauthorised practice of law. Many legaltech startups have structured around this by positioning their product as a "document drafting tool," but the line blurs when AI-generated content is presented as definitive legal analysis.

CA and CS Firms

The ICAI Code of Ethics requires a member to exercise "professional judgement" and "professional scepticism." Signing off on a financial statement, tax computation or audit opinion that was AI-generated and not independently verified is an ethics violation. Treat AI output as a working-paper draft — useful, but requiring your review before it carries your signature.

Worked Example: A B2B SaaS Startup's AI Compliance Gap

Scenario. Priya runs a 40-person HR-tech SaaS startup. Her team uses the consumer ChatGPT product to: (a) draft email responses to enterprise customer support tickets containing employee data; (b) generate boilerplate employment contract clauses; (c) summarise board minutes for investor updates.

Gap 1 — DPDP Act breach. Customer support tickets contain names, employee IDs and HR case notes — personal data. The consumer product is not covered by a DPA. Penalty exposure under Item 1 of the DPDP Act Schedule: up to Rs. 250 crore. Mitigation cost to switch to Enterprise plan with DPA: approximately Rs. 15,000 to Rs. 20,000 per month for a 20-seat team. The economics are obvious.

Gap 2 — Sub-processor notice. Three of Priya's enterprise customers have sub-processor consent clauses. She has not notified them. Each enterprise contract has a "material breach" termination clause. The combined annual recurring revenue (ARR) of those three accounts is Rs. 1.8 crore. The breach notice, if triggered, puts the entire revenue line at risk.

Gap 3 — AI-generated contract clause. Her team used ChatGPT to draft a non-compete clause in an employment agreement, citing a "24-month restriction" as standard. Under Indian law, Section 27 of the Contract Act 1872 renders most post-employment non-compete clauses void. The clause provides zero protection, and if enforced aggressively, the startup faces a counter-claim for wrongful restraint.

Fix sequence: Switch HR-facing workflows to ChatGPT API with an executed OpenAI DPA. Issue sub-processor notices to enterprise customers. Retain a counsel to review AI-generated legal templates before use. Cost to fix: roughly Rs. 80,000 in legal review fees + platform upgrade costs. Cost of not fixing: potentially Rs. 1.8 crore in lost ARR plus an uncapped regulatory penalty.

Common Mistakes and How to Fix Them

• Using one ChatGPT account for personal and business tasks. Chat history mingles confidential business data with personal queries. Fix: create a dedicated business workspace on the Enterprise or Teams plan with SSO and audit logs.

• Assuming "I deleted the chat" deletes the data. Deleting a conversation from the UI does not guarantee immediate deletion from training pipelines on consumer plans. Fix: use API or Enterprise, where data retention obligations are contractually defined.

• Treating AI-generated code as production-ready. AI writes code that compiles and runs — but may contain SQL injection vulnerabilities or GPL-contaminated snippets. Fix: mandatory SAST (static application security testing) and licence scan before merge.

• Publishing AI-generated content without a human byline review. A blog post that cites a GST rate at 12% when the rate was revised to 18% for that service category creates consumer misinformation. Fix: content calendar sign-off requires a subject-matter check against the primary source (GST portal, CBIC notifications).

• No AI-use clause in the employment handbook. Employees do not know what is permitted. Fix: publish an AI-use policy (see next section) within FY 2026-27, making it part of the offer letter acknowledgement for new hires.

Building Your Internal AI-Use Policy: A Step-by-Step Guide

An AI-use policy need not be a 30-page document. A one-to-two page policy approved by the Managing Director or equivalent authority is enough to create accountability. Here is what it must cover:

1. Approved tools list. Name the specific tools permitted (e.g., "ChatGPT Enterprise via company SSO, GitHub Copilot Business"). Everything else is prohibited unless approved in writing by the CTO or designated IT approver.

1. Data classification rules. Define what may and may not be entered. A simple three-tier system works: (a) Public — may be entered freely; (b) Internal — may be entered into approved enterprise tools only; (c) Confidential/Restricted — never entered into any AI tool (examples: customer PII, source code marked confidential, financial projections pre-announcement, legal advice under privilege).

1. Output review requirements. State explicitly which output categories require a human review before external use: legal documents (always), regulatory filings (always), financial statements (always), customer-facing product claims (always), marketing content (editorial review).

1. Accountability and logging. Specify that AI usage for material business decisions should be logged — tool used, prompt category, reviewer name, date. Enterprise plans provide audit logs; API-based tools require you to build a lightweight logging layer.

1. Breach reporting. If an employee accidentally enters restricted data into a non-approved tool, they must report it to the designated Data Protection Officer (or compliance point of contact) within 24 hours so that the DPDP Act's breach-notification obligations can be assessed.

1. Training requirement. All employees must complete a 30-minute AI-use training module annually. This does not need to be expensive — a recorded internal presentation followed by a short quiz meets the standard.

Get the policy approved at board or management committee level, version-control it and review it at least once per financial year as AI tools and regulations evolve.

Key Takeaways

• Consumer ChatGPT is not suitable for any personal data, customer data or confidential business information. Upgrade to API or Enterprise, execute a DPA and enable the data-retention controls available in those tiers.
• The DPDP Act 2023 treats your LLM vendor as a Data Processor. You are responsible for its conduct. Penalties for security failures go up to Rs. 250 crore per contravention — this is not a theoretical risk for funded startups handling real customer data.
• AI-generated content in India has uncertain copyright status. Document human creative contribution at the prompt, selection and editing stages if you want to claim or enforce copyright.
• AI-generated code must go through a licence scan and SAST review before production deployment. GPL contamination can compromise your entire codebase.
• Hallucinated statutory references in filings, client documents or investor materials create misrepresentation liability. Every AI output that becomes a commitment must pass through a human subject-matter review — this is a workflow gate, not a best-effort check.
• Your enterprise customer contracts almost certainly contain sub-processor consent clauses. Audit them now, issue notices and update your DPA before a customer audit or incident forces the issue.
• A board-approved internal AI-use policy is the single highest-leverage compliance action you can take today. It creates accountability, reduces accidental breaches and signals governance maturity to enterprise buyers and investors.