Email service provider Mailchimp, now part of the Intuit group, is once again in the process of updating its “Standard Terms of Use”. The new stipulations are set to grant the company wide-ranging rights regarding the use of generative AI, while shifting all liability and duties to its customers. For European users, the new conditions would mean that using Mailchimp is de facto no longer possible.
The new conditions for using generative AI can be found in chapter VI point 30. Starting out relatively harmlessly, the clause indicates that Mailchimp could offer generative AI to help its users create campaigns or other content, analyze their performance, organize their contacts and the like.
It’s up to the user, Mailchimp states, to ensure that the prompts used in their AI models are appropriate and in line with the terms and conditions. The outcomes of the AI, on the contrary, are always allowed to be imprecise or inappropriate for use for whatever reason. Mailchimp gives no manner of guarantee that the content generated through AI is error-free or undistorted.
Mailchimp shifts the responsibility to its customers
Mailchimp makes it clear that its customers bear sole responsibility for all content generated by way of AI. The content would have to be checked prior to being used, and users moreover need to ensure that they hold the required rights. Amongst other things, the terms of use state that customers have to ensure that their utilization of AI output may not infringe on the intellectual property or copyright of Mailchimp or third parties.
What’s more, the user is required to accept that outputs might not be protected by copyright or other rights with regard to intellectual property, property rights or other laws. In certain circumstances, a campaign may have to carry a liability disclaimer, informing end-users that the content in question may contain errors and should be verified independently.
In addition, the results of generative AI are not unique as a matter of principle, meaning that the AI model is able to generate identical or similar outcomes and provide them to other users.
Mailchimp also reserves the right to use the services of certain third-parties to provide AI models, including the generation of output and the processing and saving of input and output in private hosting environments. And, in accordance with their terms of service, these third parties are then also granted the right to access, use and store data fed into the system and the output generated from it.
Definitely not compatible with the GDPR
And that’s the crux of the matter: Using generative AI in Mailchimp means basically relinquishing all your rights. By using the AI model, you grant the service provider world-wide, non-exclusive, irrevocable, transferable, free-of-charge, fully paid, multiply sub-licensable rights of access to your input and output, including all the intellectual property incorporated or contained, allowing them to use, alter, depict, copy or disseminate it for any purpose, present it in public, use it as a source for derivation (including the creation of derivative works) and to process it, including for the purposes of developing and improving the AI model and for all other purposes outlined in Mailchimp’s global data privacy notice.
That’s not even all. According to its forthcoming terms of use, Mailchimp can use all inputs and outputs, including customer data, for machine learning – in order to develop and improve the AI model, the services and similar products and functions, and explicitly makes clear that the user is instructing them to process customer data for these purposes. So even if a user can set preferences in their account regarding its data, when it comes to this last point it’s crystal clear that the service is out of bounds for any user falling under the GDPR or similar regulations like the CCPR.
This is followed by indications that AI models can’t be offered in all languages or for all target groups and that Mailchimp also reserves the right to amend, suspend, discontinue or restrict the use of the AI model further. And, of course, all of this is subject to changes in regulations and the legal situation.
Retarus: Surely, securely correct
Retarus’ services are geared to enterprise users, yet they do overlap with those of Mailchimp to a certain extent when it comes to our Transactional Email and WebExpress services. We employ AI where we consider it appropriate – at the moment, that’s primarily machine learning for our Email Security filters and for capturing documents with our Intelligent Capture Services. So we are pleased to assure you that with Retarus your customer data and content remain yours and only yours, and that we perform all our services in absolute compliance with the GDPR.
