Artificial intelligence lawyer
Master AI before it outpaces you.
Since 2021, INFLUXIO has been supporting companies, developers and creators in mastering the legal aspects of artificial intelligence. AI Act compliance, protection of AI-generated creations, development contracts, GDPR applied to algorithms: our team, led by Maria BERRADA, operates from Paris and Brussels on all AI-related legal issues.
served
rating
appearances
Alexandre Bigot-Joly
Partner
Music law, influence, media & communications. Lecturer at CELSA, ISCOM and ESP.
Raphaël Molina
Partner
Intellectual property, digital law & influencer law. Contributor to the 2023 influencer legislation.
Maria Berrada
Partner
Intellectual property, AI, Web3, GDPR & eSports. Legal counsel for the French Video Game Federation.
Our services
How we can help you.
Practical examples
AI Act compliance audit for a HealthTech startup
A startup developing an AI medical diagnostic tool needed to assess its risk level under the AI Act. A complete audit was performed, the system classified as 'high risk,' and the compliance roadmap defined.
Dispute over ownership of AI-generated works
A creative studio used generative AI to produce commercial visuals. A client disputed rights ownership. The contractual framework was structured and the studio's ownership successfully defended.
Client reviews
What our clients say about us.
“Great responsiveness from all team members, with solutions found quickly and efficiently.”
Christ C.
“We entrusted INFLUXIO with a complex case. Their technical expertise, strategic vision and the quality of their legal briefs were decisive.”
Mia-Line C.
Contact
Contact INFLUXIO.
Would you like to schedule a meeting or get a quote?
We respond within 24 hours.
Insights
Learn more about this area.
Why a lawyer specialized in artificial intelligence?
Artificial intelligence is fundamentally transforming how companies create, produce and interact.
But every innovation raises unprecedented legal questions: who owns AI-generated content? What are your obligations under the European AI regulation? How do you protect your algorithms, training data, and models? A lawyer specialized in artificial intelligence helps you turn these uncertainties into strategic advantages.
At INFLUXIO, we operate at the intersection of digital law, intellectual property and GDPR to secure your AI projects from conception.
- ✓Protect your models, data and intellectual property rights
- ✓Anticipate disputes and clearly allocate responsibilities
- ✓Secure your contracts with partners, subcontractors and clients
- ✓Ensure your compliance with the European AI regulation (AI Act) and GDPR
The European AI Act: what you need to know.
The European AI regulation (Regulation EU 2024/1689), known as the 'AI Act', is the world's first comprehensive legal framework dedicated to AI. Voted by the European Parliament on 13 March 2024, definitively adopted by the Council on 21 May 2024, published in the OJEU on 12 July 2024, and entered into force on 1 August 2024, it applies progressively between 2024 and 2027.
INFLUXIO guides you through understanding and complying with this landmark legislation.
Implementation timeline (2024-2027).
The AI Act applies in stages: prohibitions on unacceptable-risk practices have been effective since February 2025; transparency obligations for general-purpose AI apply from August 2025; full obligations for high-risk systems enter into force in August 2026; and AI systems already on the market benefit from an additional deadline until August 2027.
Risk-level classification.
The regulation classifies AI systems into four levels: unacceptable risk (prohibited: social scoring, subliminal manipulation, mass facial recognition), high risk (strict compliance, technical documentation and human oversight obligations), limited risk (transparency obligations, notably for chatbots and deepfakes) and minimal risk (no specific obligations, but codes of conduct encouraged).
- Prohibited systems: social scoring, exploitation of vulnerabilities, real-time biometric identification in public spaces
- High-risk systems: automated recruitment, credit scoring, judicial systems, medical devices
- Limited-risk systems: chatbots, deepfake generators, recommendation systems
- Minimal-risk systems: spam filters, video games, leisure applications
AI system provider obligations.
Providers of high-risk AI systems must: implement a risk management system, ensure the quality and representativeness of training data, maintain detailed technical documentation, ensure transparency and provide information to deployers, enable effective human oversight, and pass a conformity assessment before market placement.
Deployer obligations.
Companies using high-risk AI systems ('deployers') also have obligations: verify the system is used according to its instructions, ensure required human oversight, monitor operation and report incidents, and conduct a fundamental rights impact assessment in certain cases.
Penalties.
Penalties for AI Act non-compliance are significant: up to €35 million or 7% of global turnover for prohibited practices, up to €15 million or 3% for other violations, and up to €7.5 million or 1.5% for inaccurate information provided to authorities.
Generative AI and creators: legal challenges.
Generative AI, ChatGPT, Midjourney, Suno, ElevenLabs, is disrupting content creation. Creators, influencers, artists and musicians are on the front line of these transformations. INFLUXIO is the first French firm to address these issues from the specific angle of the Creator Economy.
Copyright on AI-generated creations.
Under current French law, only a natural person can be recognized as the author of a work. Purely autonomous AI creations are not protectable by copyright. However, when human intervention is sufficiently creative, prompt selection, composition, editing, the person who directed the creative process may claim rights.
We help you structure your creation process to maximize output protection.
Influencer and artist deepfakes: your remedies.
Generating deepfakes, hyperrealistic videos or images impersonating someone's appearance, constitutes a violation of image rights and may fall under digital identity theft (Article 226-4-1 of the French Penal Code). The AI Act now imposes a transparency obligation for all AI-generated or manipulated content.
We intervene urgently to obtain content removal and initiate proceedings.
Synthetic voices and performing artist rights.
Unauthorized synthetic reproduction of a performing artist's voice violates their neighboring rights (Articles L.212-1 et seq. of the French Intellectual Property Code). This question is at the heart of debates in music law and artist rights. INFLUXIO supports artists in defending their vocal rights against generative AI.
AI training on protected works.
Using copyright-protected works to train AI models raises the question of the text and data mining exception. European Directive 2019/790 provides an exception for research, but its application to commercial uses is contested. Rights holder opt-out is possible but complex to implement. We advise creators and companies on their respective rights.
Protecting your AI assets.
Your algorithms, models and data represent considerable value. Their legal protection requires a strategy combining several complementary mechanisms.
Algorithms and software.
Algorithms as such are not patentable in Europe, but the software implementing them can be protected by copyright (Article L.112-2 13° of the French Intellectual Property Code). Computer-implemented inventions may also be patented under certain conditions. We define the protection strategy best suited to your situation.
Databases and datasets.
Databases benefit from dual protection under European law: copyright on their structure (if original) and the sui generis right of database producers (Directive 96/9/EC). Your training datasets are a strategic asset whose protection must be anticipated from the collection phase.
Trade secrets and know-how.
The Law of July 30, 2018, transposing Directive 2016/943, provides specific protection for trade secrets. For your AI models, hyperparameters and technical know-how, implementing reasonable protection measures (NDA, access restrictions, traceability) is essential to benefit from this regime.
GDPR compliance and AI data processing.
Any AI system processing personal data must comply with the GDPR. Requirements are strengthened when AI makes automated decisions affecting individuals (Article 22 GDPR). INFLUXIO guides you through the interplay between GDPR and AI Act obligations, which complement rather than replace each other.
Our interventions cover: identifying legal bases for processing (legitimate interest, consent), conducting mandatory DPIAs for high-risk processing, governing data transfers to AI providers (often US-based), managing the right to object to automated decisions, and ensuring compliance with CNIL AI guidelines.
AI contracts: securing your relationships.
A poorly drafted contract can turn a promising AI partnership into costly litigation. INFLUXIO drafts and negotiates all your AI-related contracts.
AI license agreements.
Pre-trained model usage licenses, API access conditions, usage limitations, reverse-engineering prohibition clauses: each AI license agreement must be tailored to your specific use case and anticipate regulatory developments.
Development contracts.
Ownership of rights over developments, deliverables, training data and intermediate models must be clearly defined. We secure your AI development contracts with providers, freelancers and internal teams.
Liability and insurance clauses.
Liability for AI-caused damage is a rapidly evolving topic. The EU AI Liability Directive (Proposal 2022/0303, withdrawn by the European Commission in 2025 due to failure to reach agreement between co-legislators) aimed to facilitate victim compensation. We already integrate limitation and liability-sharing clauses adapted to this emerging framework.
Our AI expertise.
INFLUXIO is one of the first French firms to specialize in AI legal issues, since 2021. Our team, led by Maria BERRADA, combines deep technical expertise with a nuanced understanding of the creative ecosystem. We advise AI startups, content creation platforms, communication agencies using generative AI, and artists facing deepfakes and unauthorized reproductions.
Our Paris-Brussels dual presence enables us to work on European regulation with unique proximity to EU institutions. We regularly publish on AI law developments in our INFLUXIO Talk podcast and specialized articles.
The first step in AI Act compliance is to map all AI systems deployed or under development within your organization, then classify each according to the four risk levels defined by the regulation. For high-risk systems, a complete technical dossier must be prepared. Limited-risk systems (chatbots, content generators) must satisfy transparency obligations.
INFLUXIO conducts classification audits and assists companies in preparing their technical documentation and implementing the governance processes required by the regulation.
FAQ
Frequently asked questions.
Under current French law, only a natural person can be the author of a copyright-protected work. A purely autonomous AI creation is not protectable. However, if human intervention is sufficiently creative, parameter selection, composition, editing, the person who directed the process may claim copyright over the result.
The AI Act (Regulation EU 2024/1689) is the world's first legal framework dedicated to artificial intelligence.
Voted by the European Parliament on 13 March 2024 and entered into force on 1 August 2024, it applies in stages: unacceptable-risk practice prohibitions since February 2025, transparency obligations from August 2025, full high-risk system compliance in August 2026, and a grace period for existing systems until August 2027.
Compliance starts with classifying your AI systems according to risk levels defined by the AI Act. Depending on your category: technical documentation, conformity assessment, human oversight, user transparency, and registration in the European database for high-risk systems. INFLUXIO conducts a complete audit and guides you through each step.
Yes. Creating and distributing a deepfake without consent constitutes a violation of image rights (Article 9 of the French Civil Code) and may constitute digital identity theft (Article 226-4-1 of the Penal Code, punishable by 1 year imprisonment and €15,000 fine). The AI Act additionally imposes a labeling obligation for all AI-generated or manipulated content.
The liability question is complex and is the subject of the EU AI Liability Directive (Proposal 2022/0303). Currently, liability may fall on the AI system provider, deployer, or user, depending on circumstances. Contracts must include clear liability allocation clauses.
Several mechanisms combine: copyright protects the software source code; the sui generis right protects training databases; trade secrets protect hyperparameters and technical know-how; and patents may cover computer-implemented inventions under certain conditions. A tailored protection strategy is essential.
Legality depends on the applicable framework. European Directive 2019/790 provides a text and data mining exception for research (Article 3) and a broader exception (Article 4), but the latter can be neutralized by rights holder opt-out. In practice, legality depends on the nature of the works, commercial use and reservations expressed by rights holders.
Appointing a DPO (Data Protection Officer) is mandatory when core activities involve regular and systematic monitoring of individuals on a large scale, or large-scale processing of sensitive data (Article 37 GDPR). Many AI projects fall into these categories. Even when not mandatory, appointing a DPO is strongly recommended for AI projects.
Related publications
