This article was originally published in Reuters on June 16, 2026 and is republished here with permission.

Artificial intelligence (AI) continues to reshape how companies build, compete, and create value. But as AI capabilities become more widely accessible and foundational models increasingly commoditized, a critical question has emerged for investors, acquirors, founders, and professional advisors alike: What makes an AI company defensible?

Defining AI Defensibility

AI defensibility refers to the extent to which a company’s AI capabilities, data assets, and models are insulated by legal protections and strategic moats such that rapid advances in AI do not easily commoditize its offering or erode its long-term competitive value. It is analogous to the traditional concept of “competitive advantage” applied within a more specialized, AI-driven context.

This is not merely an investor or acquiror concern. AI defensibility matters to founders communicating their competitive story, legal advisors structuring protections, and boards evaluating strategic direction. If a competitor can ‌recreate your company or your AI product quickly using publicly available tools, you lack strong defensibility.

Why AI Defensibility Matters Now

Investors and acquirors are asking hard questions about longevity and return on investment: Can the company’s business model be easily replicated using off-the-shelf models and publicly available data? What is preventing another startup or big tech from producing this? Are there real barriers to entry, or is a market correction inevitable?

If we can glean anything from the dotcom era when the market was also being shaped by a transformative technology, elevated valuations, rapid company formation and expectations of broad economic disruption, it should be that participation in this major technology shift is not, by itself, a moat. The value will undoubtedly accrue to companies that convert AI capability into durable competitive advantage.

The Pillars of AI Defensibility

Companies and their advisors should evaluate AI defensibility across several key dimensions:

Proprietary Data and Algorithms

The strongest AI companies possess data that is both exclusive and properly obtained. This includes proprietary datasets maintained as trade secrets, proprietary algorithms (patented or otherwise protected), and processes for ensuring data quality.

Critical questions include whether the company has access and permission to use its data, whether its data sources are fragmented or subject to non-compete restrictions, and the extent of restrictions imposed by open-source software dependencies.

Operational Dependence and Business Stickiness

Companies that embed their AI into customer workflows create significant switching costs. Feedback cycles, where the algorithm trains on usage data to increase efficiency and accuracy, compound this advantage over time. Each iteration makes the AI more tailored to that customer’s operations, increasing both the value of ⁠the relationship and the cost of switching to a competitor.

Scaling Capabilities, Distribution Control, and Network Effects

Speed-to-market advantages become durable when paired with established relationships and exclusive distribution channels. These create compounding barriers rather than a single point of differentiation.

Network effects amplify this dynamic: As value rises with each participant, displacement requires not merely a better product but the reconstruction of an entire network.

Industry Knowledge and Regulatory Expertise

Deep knowledge of regulated industries, such as healthcare, finance, and data privacy, creates meaningful barriers to entry. Specialized focus signals sustainable competitive positioning.

The IP Perspective: What the Law Actually Protects

From an intellectual property (IP) standpoint, AI defensibility is narrower than the broader business concept. The law protects certain pieces of an AI system but not others.

Patents can provide strong protection but are difficult to obtain. Companies may patent novel, non-obvious improvements to AI methods, system architectures, or unique training techniques, and specific applications of AI that solve a technical problem. However, under current jurisprudence, abstract ideas implemented on a generic computer using off-the-shelf AI models are not patent-eligible. A technically specific, non-obvious practical application is required, not “use AI to do X.”

Trade secrets are where the real moat resides. Companies can protect proprietary datasets, data labeling methods, model architectures (if kept private), training pipelines and optimization techniques. Governed in the US by the Defend Trade Secrets Act of 2016, trade secrets require no registration and last indefinitely, but can be lost instantly if exposed or reverse-engineered.

Copyright provides limited protections. It covers source code, documentation, and certain original training data, but likely does not protect ideas, methods, functionality, or model behavior or outputs. Growing uncertainty around AI-generated content further limits its value as a standalone moat.

Contracts and licensing are often overlooked but powerful. API terms of service, data usage agreements, and enterprise contracts can effectively create defensibility when IP law is weak.

The uncomfortable reality is that most AI products are weakly defensible from a pure IP standpoint unless they rely on trade secrets or truly novel inventions, because models are increasingly commoditized, techniques are widely published, and reverse engineering is often possible. The strongest IP-based defensibility typically combines trade secrets, selective patents, and contracts. AI defensibility is not about the model, it’s about what surrounds the model: data, users, workflows, and positioning.

How Deal Documents Are Evolving: AI-Specific Representations and Warranties

Increasingly, transaction documents are moving beyond general IP and technology representations to include dedicated, standalone AI-specific provisions containing detailed representations spanning ownership, inputs, compliance, governance, third-party services, and performance claims.

New Representations. Purpose-built definitions, such as “AI Technology” (machine learning, deep learning, LLMs, neural networks, and ‌related implementations), “AI Inputs” (data or materials ⁠used to train, validate, test, or deploy AI), and “Company AI” (AI currently or previously used by the company, including AI used to develop source code) anchor new representations addressing key risk areas:

  • Ownership and Outputs: The company may be asked to represent exclusive ownership of (or valid licenses to) all Company AI and outputs therefrom and to confirm that AI usage has not adversely affected the ownership, validity, or enforceability of any proprietary IP.
  • AI Inputs and Data Governance: The company may be asked to represent that all AI Inputs are obtained and used in accordance with applicable terms and laws, and that no data, copyrighted or proprietary works, or confidential information has been used as AI Inputs for third-party AI providers.
  • Regulatory Compliance and Industry Standards: Require compliance with all applicable AI laws and adherence to risk management frameworks, bias mitigation protocols, transparency and audit requirements, and algorithmic accountability standards. AI compliance requirements can be found in truth-in-advertising laws, consumer protection laws (e.g., the Fair Credit Reporting Act), and FDA rules relating to AI-enabled software as a medical device (SaMD), among others.
  • Third-Party AI Services: Investors expect disclosure of all third-party foundation models, LLMs, model APIs, and fine-tuning services used in company products, and expect compliance with applicable terms of use. Equally important is the representation that no such usage grants the provider any ownership of the company’s prompts, outputs, embeddings, or ⁠confidential information.
  • Performance Claims and Limitations: All material written claims regarding AI capabilities must be true, accurate, and supported by reasonable substantiation, with required disclosure of known limitations, failure modes, and bias.

Practical Takeaways

For Companies: AI defensibility is not inherited but constructed deliberately by combining proprietary data advantages, operational stickiness, legal protections, and regulatory readiness into a durable moat. Companies should expect granular diligence on their AI stack, including how they obtained training data, how they use third-party models, and whether AI usage jeopardizes their own IP rights. Detailed AI governance records, regular risk assessments, and compliance with emerging AI laws are now table stakes for transactional readiness.

For Investors and Acquirors: The key question is not whether a company uses AI, but whether its AI usage creates a durable competitive advantage that is legally protected, operationally embedded, and difficult to replicate. Due diligence should include a dedicated AI defensibility workstream addressing ⁠ownership, exclusivity of training data, third-party AI dependencies, regulatory compliance, and governance practices.

While many investors and acquirors are hesitating, a forward-thinking investor or acquiror can see advantages among the challenges. For them, a company with strong AI defensibility is a force multiplier and can put more distance between it and its competitors in the short- and long-term, leading to additional value creation and a potential opportunistic investment or acquisition.

For Deal Teams: AI-specific diligence and representations/warranties are rapidly becoming standard. Practitioners should consider whether general IP and technology representations adequately cover AI-specific risks, but in most cases, they may not. A standalone AI section allows for targeted disclosure, appropriately scoped knowledge qualifiers, and clearer allocation of risk.

Conclusion

AI defensibility is not a single attribute, but a composite of legal, technical, commercial, and operational characteristics that together determine ⁠whether a company’s competitive advantage will endure. As the market matures and the regulatory landscape crystallizes, the companies and investors that approach AI defensibility with rigor and specificity will be best positioned for long-term success. Deal documents are already evolving to reflect this reality, and practitioners would be well served to evolve with them.