The TDM opt-out — what every operator must do now
Executive Briefing 01 · 3 pages · Updated April 2026
The situation
UK and EU law now provides creators with a statutory mechanism to prohibit AI training on their content. The UK Data (Use and Access) Act 2025 and EU AI Act Article 53 both recognise machine-readable opt-out signals. AI operators that ingest content carrying these signals without separate written consent are in breach.
What you need to do
Publish a cip.md file at the root of every domain where your content is hosted. The minimum viable declaration requires four fields:
- CIP-Operator-Name: Your legal entity name
- CIP-Training-Ingestion: Prohibited
- CIP-Spec-Version: v3.24
- CIP-Declaration-Date: [today's date in ISO 8601]
This four-field declaration meets the machine-readable requirement under both the UK DUA Act 2025 and EU AI Act Article 53. It can be generated in under five minutes using the CIP Preview Generator at creativeip.org/generator/preview.
Legal weight
A correctly formatted machine-readable TDM opt-out creates a legally recognised signal that removes any implied-licence defence available to AI operators. Under UK law, it engages the opt-out provision of the DUA Act 2025 statutory exception. Under EU law, it satisfies the rights-reservation requirement of the Copyright Directive as read with AI Act Article 53.
US operators should treat the opt-out as contractually binding. While no US statute specifically recognises TDM opt-outs, the declaration establishes clear notice that may affect fair use analysis under the fourth factor (effect on the market for the original).