Can AI prompts be protected by copyright law in the EU?

Copyright protection for AI prompts depends on whether the prompt qualifies as a work reflecting the author’s own intellectual creation. Most short or purely functional instructions do not meet this high threshold. Originality remains the primary standard, meaning effort alone is insufficient; the prompt must exhibit unique and creative human expression.

How can enterprises protect prompt libraries as trade secrets?

Under Directive 2016/943, prompt libraries qualify as trade secrets if they remain confidential, possess commercial value, and are subject to reasonable protective measures. Enterprises must implement technical access controls, secure contractual no-training commitments, and enforce confidentiality policies to demonstrate the active steps taken to maintain the secrecy of these assets.

Does owning a prompt grant legal ownership of AI-generated outputs?

Ownership of a prompt does not automatically confer rights over resulting AI-generated outputs. Under EU law, output protection is distinct and requires sufficient human creative contribution. Current regulations, including the EU AI Act, do not establish an automatic ownership link between human-authored prompts and the content generated by AI models.

What obligations does the EU AI Act impose regarding copyright?

The EU AI Act does not allocate intellectual property rights for prompts. However, Article 53 requires providers of general-purpose AI models to implement policies ensuring compliance with EU copyright law. This includes honoring rights reservations established by creators under Article 4(3) of the DSM Directive to restrict data mining for training.

Legal Characterization of AI Prompts and Corporate Protection

Key Takeaways

Prompts may have different legal characterisations under EU law, depending on their function, expressive content, confidentiality and commercial value.
Under EU copyright law, a prompt may be protected only if it qualifies as a work reflecting the author’s own intellectual creation. Short or purely functional instructions will usually face a high threshold.
For enterprise prompt libraries, trade secret protection under Directive 2016/943 is often the most practical route, provided the enterprise can show secrecy, commercial value and reasonable steps to preserve confidentiality.
Ownership of a prompt does not automatically grant the ownership or protection of the resulting AI-generated output under current EU law. Output protection depends on separate human creative contribution, applicable law and contractual arrangements.
The EU AI Act does not allocate IP rights in prompts or outputs, but Article 53 requires GPAI model providers to maintain copyright compliance policies, including rights reservations under Article 4(3) of DSM Directive.

1. Typical Disputes in Practice and the Core Issue

As enterprises integrate generative AI into core workflows, the prompt has evolved from a simple query into a high-value corporate asset. However, this evolution has created legal uncertainty regarding how these inputs are protected against copying and leakage. Enterprise prompt protection is now a priority for legal teams navigating the intersection of intellectual property and emerging AI regulations.

1.1 Copying, leakage and misuse of prompts in business practice

In practice, disputes often arise when proprietary 'prompt libraries', which are complex, multi-step instructions developed over months, are leaked or used by former employees. Beyond internal leakage, there is an operational risk of 'input leakage' to AI model providers. Unless specific enterprise agreements are in place, inputs may be used to train future model iterations, potentially exposing a company's unique 'prompt engineering' methodology to competitors.

1.2 Ownership disputes over prompts and prompt-generated outputs

A common misconception in the enterprise space is that AI prompt ownership automatically confers ownership of the resulting output. Under EU law, these are distinct legal events. While a human-authored prompt may be protected, the AI-generated output may fail to qualify as a protected work where it does not reflect sufficient human free and creative choices. German case law suggests that even detailed or iterative prompting does not necessarily make the resulting output a protected work unless the human contribution clearly and objectively shapes the final expressive form. Furthermore, the EU AI Act regulates AI systems and certain actor obligations, but it does not determine copyright ownership in prompts or AI-generated outputs.

1.3 The core issue: what is the legal nature of a prompt?

The central challenge is that a prompt does not have a single, static legal nature. It is a hybrid. Depending on its structure and purpose, it can be viewed as an operational instruction or configuration-like input used to guide model behaviour, a literary work or a confidential business method. This ambiguity means that a one-size-fits-all approach to protection is impossible.

2. The Multiple Attributes of Prompts

To determine the appropriate protection path, legal teams must categorize the prompt based on its functional and creative attributes.

2.1 Prompts as technical instructions

Many prompts function primarily as technical instructions designed to achieve a specific mechanical result. When a prompt 'merely executes a technical task' without creative expression, it likely falls outside of copyright protection. This aligns with the CJEU's reasoning in Cofemel (C-683/17), which clarifies that subject matter must be identifiable and original to be protected. If the prompt's form is dictated primarily by technical function, copyright protection may be unavailable or very narrow, although trade secret or contractual protection may still be relevant.

2.2 Prompts as expressive texts

Long-form, sophisticated prompts, such as those used for creative writing or complex reasoning, may qualify as expressive texts. If the prompt reflects the author's free and creative choices, it may be viewed as a literary work. However, there is currently no clear CJEU case law directly addressing whether a prompt itself qualifies as a copyright-protected work. The CJEU's Infopaq (C-5/08) decision emphasizes that EU law rejects the 'sweat of the brow' doctrine; the effort or length of the prompt is irrelevant if it lacks the author’s own intellectual creation. Therefore, the assessment should be based on the general EU copyright standard, with particular attention to whether the prompt goes beyond functional or result-oriented instructions.

2.3 Prompts as commercially valuable business assets

For most enterprises, the value of a prompt lies in its ability to produce a specific business outcome, such as high-accuracy financial sentiment analysis. In this context, prompts are commercially valuable business assets. Their protection is less about 'creativity' and more about the competitive advantage they provide, making them candidates for trade secret protection.

3. Different Legal Protection Paths for Prompts

Enterprises should utilize a tiered strategy for protecting their AI inputs, leveraging three primary legal frameworks.

3.1 Copyright

Copyright may provide protection for prompts, but only where the prompt qualifies as a copyright-protected work under the general EU standard of the author’s own intellectual creation. This is a high threshold for short, functional or result-oriented prompts. If a protected prompt is copied, extracted or used for model training, the text and data mining exceptions under Articles 3 and 4 of the DSM Directive may become relevant. In particular, it permits TDM for lawfully accessible works unless the rightholder has reserved its rights under Article 4(3). Article 53 of the EU AI Act adds a further compliance layer by requiring providers of general-purpose AI models to maintain a policy for complying with EU copyright law, including the identification of and compliance with such rights reservations. Therefore, where a prompt qualifies as protected work, companies may combine copyright law, contractual no-training commitments and, where applicable, rights reservations under Article 4(3) DSM Directive to restrict its use for AI training.

3.2 Trade Secret

The Trade Secret Directive Article 2(1) offers perhaps the most practical path for enterprise protection. A prompt qualifies as a trade secret if it meets three criteria: it is secret, it has commercial value because it is secret and it has been subject to 'reasonable steps' to keep it secret. For founders, this means implementing technical access controls, 'no-training' commitments, enterprise API settings, logging, confidentiality clauses, retention limitations and other measures to demonstrate that the prompt is an actively protected asset.

3.3 Contract

Contractual terms often serve as the primary 'safety net' where statutory IP law is uncertain. Enterprise AI SaaS agreements typically specify that the customer retains ownership of all inputs, including prompts, uploaded files and business instructions. However, contractual terms operate primarily inter partes. They cannot create an exclusive right against third parties unless supported by statutory IP rights or trade secret law.

4. Conclusion

The legal nature of a prompt under EU law depends on its contents, forms, confidentiality, function etc. For technical founders and enterprise legal teams, the path to protection lies in a combination of copyright-oriented drafting where originality can be demonstrated, internal controls for trade secret status and carefully drafted contract terms with AI providers. The EU AI Act adds a further compliance layer for providers of GPAI models, but it does not resolve ownership questions relating to prompts or AI-generated outputs. Legal teams should therefore treat prompts as part of a broader governance framework covering IP, confidentiality, data protection and AI procurement.