"If I build with a US AI, the provider owns my code." The idea is common, and wrong. A provider's country does not, on its own, decide who owns what you create. To assess the real risk, separate three questions: the service contract, copyright protection, and confidentiality.
The first step is to read the terms of the service and plan you actually use. For example, OpenAI's European terms provide that the user keeps rights to the data supplied and owns the generated output, to the extent permitted by law, while noting that output may not be unique. The business terms add that content is not used to train models unless explicitly agreed. These are commitments specific to a provider and product, and they can change. Conclusion: paying for or using a US service does not, in itself, transfer your intellectual property.
The contract answers "what rights does the provider grant me?" Copyright answers a different question: "does the creation meet the legal conditions to be protected?" In the EU, there is no regime that automatically grants copyright to purely AI-generated output. The approach remains centred on human creativity. For software, copyright can cover source and object code, architecture, preparatory material and certain organisational elements, but not ideas or abstract methods.
A fragment from a generic instruction, accepted without change, may reflect no sufficient human contribution: no one then holds a clear monopoly on it. Conversely, when the team defines the needs, designs the architecture, compares options, rewrites and tests, the AI is only a tool in a controlled creative process, far more protectable.
A prompt is an instruction, not a title of ownership over every answer. A short prompt like "create a React login page" mainly describes a functional goal that is hard to monopolise. A long, personal prompt may be protected as text, but that protection covers its wording, not the idea or each output. The prompt still has three useful functions: proof of your human contribution, project specification, and an element of confidential know-how.
In Belgium, information can be protected as a trade secret if it is genuinely secret, has commercial value because of that secrecy, and is subject to reasonable confidentiality measures. An AI-assisted development method, specialised prompts or business rules can therefore qualify, provided concrete steps are taken.
Even if the provider grants you the output, it may incorporate elements subject to third-party rights. Before production, plan a human review, a software bill of materials (SBOM), an open-source licence check and tests. In Belgium, the contract with the developer can be riskier than the AI itself: for an employee, economic rights generally go to the employer, but for a freelancer or agency, rights are not transferred automatically. Full assignment must be agreed expressly and in writing.
A company can fully pay for development without owning all the rights if the contract is vague. Check the assignment of rights, the right to modify and sublicense, pre-existing components, open-source licences and the return of access and code.
Identify the service, plan and terms; forbid personal accounts for confidential code; disable training where the option exists.
Specs, Git history, kept prompts, rejected variants, tests: enough to show the result is not a mere automatic output.
Code review, dependency analysis, licence checks and a search for unusual similarities before production.
Employees, freelancers and agencies: written assignment of rights, confidentiality, and return of repositories, keys and documentation.
Molderez Consult SRL reviews your tools, data flows and contracts to secure intellectual property, confidentiality and compliance.
Frame my AI usageTransparence : cet article a été rédigé avec l'aide de l'intelligence artificielle, puis relu par Molderez Consult SRL. Information générale, vérifiée le 16 juin 2026 ; elle ne constitue pas un avis juridique individualisé.