CLARIVATE PLC (CLVT) Risk Factors
This page reproduces the company's own Item 1A Risk Factors text from the linked SEC filing. It is filer text, not grepcent analysis, scoring, or investment advice.
Informational only - not investment advice. See Disclaimer.
Item 1A. Risk Factors.
The following risks could materially and adversely affect our business, financial condition, results of operations, and cash
flows and, as a result, the trading price of our ordinary shares could decline. These risk factors do not identify all risks that we
face; our operations could also be affected by factors that are not presently known to us or that we currently consider to be
immaterial to our operations. Due to risks and uncertainties, known and unknown, our past financial results may not be a
reliable indicator of future performance, and historical trends should not be used to anticipate results or trends in future
periods. Investors should carefully consider all risks, including those disclosed here, before making an investment decision.
Strategy and Market Risks
We are dependent on third parties, including public sources, for data, information, and other services, and our
relationships with such third parties may not be successful or may change, which could adversely affect our results of
operations.
Substantially all our products and services are developed using data, information, or services obtained from third-party
providers and public sources or are made available to our customers or are integrated for our customers’ use through
information and technology solutions provided by third-party service providers. We have commercial relationships with
third-party providers whose capabilities complement our own and, in some cases, these providers are also our competitors.
The priorities and objectives of these providers, particularly those that are our competitors, may differ from ours, which may
make us vulnerable to unpredicted price increases and unfavorable licensing terms. Agreements with such third-party
providers periodically come up for renewal or renegotiation, and there is a risk that such negotiations may result in different
rights and restrictions which could adversely impact our customers’ use of the content, particularly in certain cases where we
are reliant on a sole source for data feeds that are not diversified. We may also receive notices from third parties claiming
infringement, misappropriation, or other violations by our products and services of third-party patent and other intellectual
property rights and, as the number of products and services in our markets increases and the functionality of these products
and services further overlaps with third-party products and services, we may become increasingly subject to claims by a third
party that our products and services infringe on, misappropriate, or otherwise violate such party’s intellectual property rights.
Moreover, providers that are not currently our competitors may become competitors or may be acquired by or merge with a
competitor in the future, any of which could reduce our access to the information and technology solutions provided by those
companies. Any of the foregoing risks may be exacerbated by the use of AI by us or by our competitors or third-party service
providers. If we do not maintain or obtain the expected benefits from our relationships with third-party providers, or if a
substantial number of our third-party providers or any key service providers were to withdraw their services, we may be less
competitive, our ability to offer products and services to our customers may be negatively affected, and our results of
operations could be adversely impacted.
Increased access to free or relatively inexpensive information sources may reduce demand for our products and services.
In recent years, more public sources of free or relatively inexpensive information have become available, and we expect this
trend to continue, especially with the deployment of free, general purpose AI models and other AI tools. Public sources of
free or relatively inexpensive information may reduce demand for our products and services. Competition from such free or
lower cost sources may also require us to reduce the price of some of our products and services or make additional capital
investments, which may impact our financial performance. Demand could also be reduced as a result of cost-cutting, reduced
spending, or reduced activity by customers. Our results of operations could be adversely affected if our customers choose to
use these public sources as a substitute for our products or services.
12
Table of Contents
We operate in a highly competitive industry, and we may be adversely affected by competition and other changes in our
markets.
The markets for our products and services are highly competitive and are subject to rapid technological changes and evolving
customer demands and needs. We compete on the basis of various factors, including the quality of content embedded in our
databases, customers’ perception of our products relative to the value that they deliver, user experience, and the quality of our
overall offerings. Many of our principal competitors are established companies that have substantial financial resources,
recognized brands, technological expertise, and market experience, and these competitors sometimes have more established
positions in certain product lines and geographies than we do. We also compete with smaller and sometimes newer
companies, some of which have a narrower focus than our company, and with other information services companies and
search providers. New and emerging technologies, including AI, may present opportunities for our existing competitors to
adopt additional or complementary services more effectively than us, and may also allow start-up companies to enter the
market more quickly than they would have been able to in the past. In addition, some of our competitors combine competing
products with complementary products as packaged solutions, which could pre-empt use of our products or solutions.
Alternatively, some of our customers may decide to independently develop certain products and services. If we fail to
compete effectively, our financial condition and results of operations could be adversely affected.
We generate a significant percentage of our revenues from recurring subscription-based arrangements and highly
predictable re-occurring arrangements. If we are unable to maintain a high annual renewal rate for our subscription-
based and re-occurring arrangements, our results of operations could be adversely affected.
For the year ended December 31, 2025, approximately 83% of our revenues were subscription-based and re-occurring
arrangements. Because most of the revenues we report each quarter are the result of subscription and re-occurring agreements
entered into or renewed in previous quarters, a decline in subscription activity in any one quarter may not affect our results
that quarter, but could result in lower revenues in future quarters. Our operating results depend on our ability to achieve and
sustain high renewal rates with acceptable pricing on our existing subscription and re-occurring arrangements. Uncertain
global economic conditions, including inflation and changing trade policies, have had and may continue to have an adverse
impact on our ability to increase our revenue results. Failure to meet one or more of our revenue objectives could have a
material adverse effect on our business, financial condition, and operating results.
If our products and services do not achieve and maintain broad market acceptance, or if we are unable to keep pace with
or adapt to rapidly changing technology, evolving industry standards, and changing regulatory requirements, our
revenues could be adversely affected.
Our business is characterized by rapidly changing technology, evolving industry standards, and changing regulatory
requirements. Our growth and success depend upon our ability to keep pace with such changes and developments and to meet
changing customer needs and preferences. Our ability to keep pace with technology, industry, and regulatory changes is
subject to a number of risks, including those that we may find it difficult or costly to:
•leverage AI in our existing or newly developed products and services;
•make some features of our products work effectively and securely or with new or changed operating systems; and
•update our products and services to keep pace with business, evolving industry standards, regulatory requirements,
our customers’ needs, and other developments in the markets in which our customers operate.
Any failure to achieve successful customer acceptance of new products and services could adversely affect our business and
results of operations. Additionally, significant delays in new product or service releases or significant problems in creating
new products or services could have a material adverse effect on our business, financial condition, and operating results.
Reductions in customers’ research budgets or government funding may adversely affect our business.
The principal customers for certain of our products and services are academic institutions, government agencies, and life
sciences and pharmaceutical companies, which fund purchases of these products and services from limited budgets that are
sensitive to changes in private and governmental sources of funding. The level of government funding of research and
development may be increased or reduced annually, and we have seen a reduction in government funding in 2025. The
availability of government research funding has been, and may continue to be, adversely affected by policy changes,
economic conditions, and government spending reductions, including the downsizing or reduced funding of certain
government agencies. Recession, economic uncertainty, changing trade policies, or austerity have also contributed, and may
continue to contribute, to reductions in spending by such sources. Accordingly, any further decreases in budgets of academic
institutions, government agencies, or life sciences and pharmaceutical companies, or changes in the spending patterns of
private or government sources that fund academic institutions, could adversely affect our business and results of operations.
Further, an extended federal government shutdown resulting from a failure to pass budget appropriations, adopt continuing
funding resolutions, or raise the debt ceiling, together with any other budgetary decisions limiting or delaying government
13
Table of Contents
spending, could negatively impact U.S. or global economic conditions and could have a material adverse effect on our
business, financial condition, and operating results.
Business and Operational Risks
Our Value Creation Plan may not be successful and may not lead to increased shareholder value.
In 2025, we adopted a Value Creation Plan that is intended to increase subscription and re-occurring revenue mix, increase
organic growth, optimize return on investment, and improve financial performance. As part of this plan, we are focusing our
efforts on accelerating AI innovation at scale, strengthening commercial execution, driving efficiency and margin expansion,
and evaluating our products and services to identify opportunities to streamline our business model and market focus and
optimize capital allocation. Our Value Creation Plan is subject to market conditions, customer adoption, successful
operational implementation, and other uncertainties. Our efforts to continue implementing this plan may not be successful on
our anticipated timeline or at all, or they may not significantly improve or enhance our business, financial condition, or
results of operations. Further, completing the plan could be time consuming and costly, divert management’s attention, result
in the loss of potential business opportunities, and negatively impact our ability to attract, retain, and motivate key
employees.
The loss of, or the inability to attract and retain, key personnel could impair our ability to execute our business strategy
and achieve future success.
Our ability to execute our business strategy and achieve future success depends on the continued service and efforts of our
employees, including our experts in research and analysis, as well as colleagues in sales, marketing, product development,
critical operational roles, and management, including our executive officers. We rely on our key personnel to execute our
existing business operations and identify and pursue new growth opportunities. Changes in senior management or other key
personnel could be disruptive to our management and operations and impede our ability to fully implement our business plan
and growth strategy. Our failure to develop an adequate succession plan for one or more of our executive officers or other key
personnel could deplete our institutional knowledge base and erode our competitive advantage during a transition. We must
also maintain our ability to attract, motivate, and retain highly qualified employees in our respective segments in order to
support our customers and achieve business results. The loss of the services of key personnel, leadership transition, or an
inability to recruit effective replacements or to otherwise attract, motivate, or retain highly qualified personnel could have a
material adverse effect on our business, financial condition, and operating results.
Our business continuity and recovery plans may not be effective against events that may adversely impact our business.
We have established operational policies and procedures that manage the risks associated with business continuity and
recovery from potential disruptions to our business. These policies and procedures are designed to increase the likelihood that
we are prepared to continue operations during times of unexpected disruption, and we have taken steps to minimize risks that
could lead to disruptions in our operations and to avoid harm to our customers in the event of a significant disruption to our
operations. Our goal is to ensure organizational resilience across product sets; however, there is no guarantee that our plans
and procedures will be effective in minimizing disruption from unexpected events that could result from a variety of causes,
including human error, military actions, terrorist or cyberterrorist activities, weather conditions (including climate change),
natural disasters (such as hurricanes and floods), and infrastructure or network failures (including failures at third-party data
centers or by third-party cloud-computing providers). Any of these or other unforeseen disruptions that we are not able to
effectively manage could have a material adverse effect on our business, financial condition, and operating results.
We may be unable to derive fully the anticipated benefits from organic growth, existing or future acquisitions, joint
ventures, investments, or dispositions, including anticipated revenue and cost synergies, and costs associated with
achieving synergies or integrating such acquisitions may exceed our expectations.
We seek to achieve our growth objectives by optimizing our offerings to meet the needs of our customers through organic
development, including by delivering integrated workflow platforms, acquiring new customers, and implementing
operational efficiency initiatives, and through acquisitions, joint ventures, investments, and dispositions. We may not be able
to achieve the expected benefits of our acquisitions, including anticipated revenue, cost synergies, or growth opportunities,
and we may not be able to integrate the assets acquired or achieve our expected cost synergies without increases in costs or
other difficulties. Furthermore, we may ultimately divest unsuccessful acquisitions, investments, or businesses. If we fail to
successfully complete an intended disposition, our operations and financial results may be negatively affected. Any
acquisitions, investments, and dispositions may be affected by the risks commonly encountered in such transactions,
including assuming potential liabilities of an acquired company, managing the potential disruption to our ongoing business,
incurring expenses associated with an impairment of all or a portion of goodwill and other intangible assets, and failure to
implement or maintain proper controls, procedures, and policies associated with acquisition, investment, or disposition. If we
are unable to successfully execute on our growth strategies through organic and inorganic means, our business, financial
condition, and results of operations could be adversely affected.
14
Table of Contents
The international scope of our operations may expose us to increased risk, and our international operations and corporate
and financing structure may expose us to potentially adverse tax consequences.
We have significant international operations and, accordingly, our business is subject to risks resulting from differing legal
and regulatory requirements, political, social, and economic conditions and unforeseeable developments in a variety of
jurisdictions. Our international operations are subject to the following risks, among others:
•changes in regulatory requirements or other U.S. executive branch actions, such as executive orders;
•changes in the global trade environment, including potential deterioration in geopolitical or trade relations between
countries;
•political instability;
•international hostilities (including the ongoing war between Russia and Ukraine and related sanctions, the ongoing
conflicts in the Middle East, tensions between Serbia and Kosovo, geopolitical tensions in Latin America, and
related negative economic impacts), military actions, terrorist or cyberterrorist activities, weather conditions
(including climate change), natural disasters, pandemics, and infrastructure disruptions;
•China’s domestic policy, increasing cybersecurity requirements, and increased preference for nationalized content;
•differing economic cycles and adverse economic conditions;
•unexpected changes in regulatory environments and government interference in the economy and the possibility that
the U.S. could default on its debt obligations;
•inflationary and interest rate pressures;
•differing labor regulations in locations where we have a significant number of employees;
•foreign exchange controls and restrictions on repatriation of funds;
•fluctuations in currency exchange rates;
•insufficient protection against product piracy and differing protections for intellectual property and other proprietary
rights;
•varying regulatory and legislative frameworks regarding the use and implementation of AI;
•varying attitudes towards censorship, privacy, and the treatment of information service providers by foreign
governments, particularly in emerging markets;
•various trade restrictions (including tariffs, trade and economic sanctions, and export controls prohibiting or
restricting transactions involving certain persons and certain designated countries or territories) and anti-corruption
laws (including the U.S. Foreign Corrupt Practices Act and the UK Bribery Act 2010);
•possible difficulties in enforcing a U.S. judgment against us or our directors and officers residing outside the United
States, or asserting securities law claims outside the United States; and
•protecting shareholder interests due to differing shareholder rights under Jersey law, where we are incorporated.
Our overall success as a global business depends, in part, on our ability to anticipate and effectively manage these risks, and
there can be no assurance that we will be able to do so without incurring unexpected or significant costs. If we are unable to
manage the risks related to our international operations, our business, financial condition, and results of operations may be
materially affected.
In addition, the international scope of our business operations subjects us to multiple overlapping tax regimes that can make it
difficult to determine what our obligations are, and relevant tax authorities may interpret rules differently over time or
differently from each other. These tax regimes may relate to corporate income taxes, withholding taxes on remittances,
payments by our partnerships or subsidiaries, withholding taxes on share-based compensation, and adverse tax consequences
of a U.S. person exceeding a particular ownership threshold in our ordinary shares, among other issues. If any tax authority
were to dispute a position we have taken or may take in the future and successfully proceed against us, it could adversely
affect our cash flows and financial position, and the amounts we could be required to pay may be significant.
We face risks associated with having operations and employees located in Israel.
We have an office with approximately 500 employees located in Israel, including members of our executive team. As a result,
political and military conditions in Israel and the surrounding region could directly affect our operations. The future of peace
efforts between Israel and its neighbors in the Middle East remains uncertain. The effects of recent regional hostilities and
political unrest on the Israeli economy and our operations in Israel continue to be unclear, and we cannot predict the effect on
our business of increases in these or other hostilities or future armed conflict, political instability, or violence in the region. In
addition, many of our employees in Israel are obligated to perform annual reserve duty in the Israeli military and are subject
to being called for active duty under emergency circumstances. Several countries have suspended relations with Israel and
15
Table of Contents
additional countries may impose restrictions on doing business with Israel and companies with operations or employees in
Israel, whether as a result of ongoing instability or hostilities in the region or otherwise. In addition, there have been
increased efforts by activists to cause companies, research institutions, and consumers to boycott Israeli goods and services
and cooperation with Israeli-related entities based on Israel’s military operations (including in Gaza) and Israeli government
policies. Such actions, particularly if they become more widespread, may adversely impact our ability to engage our
customers, cooperate with research institutions, or collaborate with third parties. We cannot predict the full impact of these
conditions on our operations in the future, particularly if emergency circumstances or an escalation in the political situation
occurs. Current or future tensions and conflicts in the Middle East could adversely affect our business, financial condition,
and results of operations.
Our brand and reputation are key assets and competitive advantages for us, and our business may be affected by how we
are perceived in the marketplace.
Our ability to attract and retain customers is affected by external perceptions of our brand and reputation. Failure to protect
the reputation of our brands may adversely impact our credibility as a trusted source of information, insights, and expertise
and may have a negative impact on our business. In addition, in some jurisdictions, we engage sales agents in connection
with the sale of certain of our products and services. Poor representation of our products and services by agents, or entities
acting without our permission, could have an adverse effect on our brands, reputation, and business.
Our indebtedness could adversely affect our business, financial condition, and results of operations.
Our indebtedness could have significant consequences on our future operations, including:
•making it more difficult for us to satisfy our debt obligations and our other ongoing business obligations, which may
result in defaults;
•events of default if we fail to comply with the financial and other covenants contained in the agreements governing
our debt instruments, which could result in all of our debt becoming immediately due and payable or require us to
negotiate an amendment to financial or other covenants that could cause us to incur additional fees and expenses;
•sensitivity to interest rate increases on our variable rate outstanding indebtedness, which could result in increased
interest under our credit facilities and could cause our debt service obligations to increase significantly;
•reducing the availability of our cash flow to fund working capital, capital expenditures, acquisitions, and other
general corporate purposes, and limiting our ability to obtain additional financing for these purposes;
•limiting our flexibility in planning for or adequately reacting to changes in our business, the industries in which we
operate, and the overall economy;
•placing us at a competitive disadvantage compared to any of our competitors that have less debt or are less
leveraged;
•increasing our vulnerability to adverse economic and industry conditions; and
•if we receive a downgrade of our credit ratings, our cost of borrowing could increase, negatively affecting our ability
to access the capital markets on advantageous terms, or at all.
Our ability to meet our payment and other obligations under our debt instruments depends on our ability to generate
significant cash flow in the future, which in turn is partially subject to general economic, financial, competitive, legislative,
and regulatory factors, as well as other factors that are beyond our control. We may not be able to continue generating cash
flow from operations, and future borrowings may not be available to us under our existing or any future credit facilities or
otherwise, in an amount sufficient to enable us to meet our debt obligations and to fund other liquidity needs. We may incur
substantial additional indebtedness, including secured indebtedness, for many reasons, including to fund acquisitions. Such
additional indebtedness may be subject to higher borrowing costs. If we incur additional debt or other liabilities, the related
risks that we face could intensify.
We have incurred goodwill impairment charges and may incur future impairment charges for our goodwill and other
intangible assets, which would negatively impact our operating results.
We have previously recorded goodwill impairment charges that arose primarily due to worsening macroeconomic and market
conditions, as well as sustained declines in our share price. We have also previously recorded intangible asset impairment
charges. Adverse or worsening macroeconomic or market conditions, further sustained declines in our share price and market
capitalization, or other indicators of potential impairment may trigger the need for updated impairment assessments, which
could result in future impairment charges. In the event we impair our goodwill, other intangible assets, or long-lived assets,
such a charge could have a material adverse effect on our operating results.
16
Table of Contents
Intellectual Property, Data Privacy, and Cybersecurity Risks
Failure to obtain, maintain, protect, defend, or enforce our intellectual property and other proprietary rights could
adversely affect our business, financial condition, and results of operations.
We rely and expect to continue to rely on a combination of physical, operational, and managerial protections of our
confidential information and intellectual property and other proprietary rights, including trademark, copyright, patent, and
trade secret protection laws, as well as confidentiality, assignment, and license agreements with our employees, contractors,
consultants, vendors, service providers, customers, and other third parties with whom we have relationships.
The steps we take to protect our intellectual property and other proprietary rights require significant resources and may be
inadequate. Effective trade secret, copyright, trademark, patent, and domain name protection is expensive to develop and
maintain, both in terms of initial and ongoing registration requirements and expenses and the costs of defending and
enforcing our rights. We may choose not to obtain, maintain, protect, defend, or enforce certain rights that later turn out to be
important to our business. We cannot guarantee that our efforts to obtain, maintain, protect, defend, or enforce our intellectual
property rights are adequate or that we have secured, or will be able to secure, appropriate permissions or protections for the
intellectual property rights we use or rely on.
Our registered or unregistered trademarks, tradenames, or other intellectual property rights may be challenged, infringed,
circumvented, misappropriated, or otherwise violated; declared invalid or unenforceable; determined to be infringing on other
third-party rights, or narrowed in scope. We may be unable to prevent the challenge, infringement, circumvention,
misappropriation, or other violation of our intellectual property and other proprietary rights or deter independent development
of similar products and services by others, which may diminish the value of our brand and other intangible assets and allow
competitors to more effectively mimic our products and services.
While it is our policy to require our employees, contractors, and other parties with whom we conduct business who may be
involved in the development of our intellectual property to execute agreements assigning such intellectual property to us, we
may be unsuccessful in executing such an agreement with each party that conceives or develops intellectual property that we
regard as ours. Additionally, any such assignment of intellectual property rights may not be self-executing or the assignment
agreements may be breached, and we may be forced to bring claims against third parties, or defend claims that they may
bring against us, to determine the ownership of what we regard as our intellectual property. Further, we cannot guarantee that
we have entered into such agreements with each party that has or may have had access to our trade secrets, confidential
information, software (including our AI tools), or other proprietary technology and, even if entered into, these agreements
may fail to effectively prevent disclosure of our proprietary or confidential rights, information, or technologies, may be
limited as to their term, or may not provide an adequate remedy in the event of unauthorized disclosure, misappropriation,
use, or other violation of our trade secrets, confidential information, and other proprietary rights or technologies.
We strive to protect our intellectual property rights by relying on foreign, federal, state, and common law rights, as well as
contractual restrictions. We typically pursue the registration of our domain names, patents, copyrights, and trademarks in the
United States and in certain jurisdictions abroad. However, effective intellectual property protection may not be available or
may not be sought in every country in which our products or services are made available, in every class of goods and services
in which we operate, and contractual disputes may affect the use of intellectual property rights governed by private contract.
We may not be able to obtain, maintain, protect, defend, or enforce our intellectual property rights in every jurisdiction in
which we operate. The legal systems of certain countries do not favor the enforcement of patents, trademarks, copyrights,
trade secrets, and other intellectual property protection, which could make it difficult for us to stop the infringement,
misappropriation, or other violation of our intellectual property or marketing of competing products in violation of our
intellectual property rights generally.
In addition, third parties that provide AI products and services, including some which are publicly available, may have
trained their LLMs or other AI tools or technology on our content without our consent and it may be difficult to enforce our
copyrights, other intellectual property rights, and technical controls in connection with such unauthorized use, which could
reduce demand for our products and services. Any of the foregoing could adversely affect our business, financial condition,
and results of operations.
Uncertainty in the development, deployment, and use of AI in our products and services may result in operational or
reputational damage, competitive harm, liability, and additional costs, any of which could adversely affect our business,
financial condition, and results of operations.
We use and expect to expand our use of AI in our products, services, business, and operations. Developing, testing,
deploying, and maintaining AI systems will require additional investment and may increase our costs. If we fail to keep pace
with rapidly evolving AI technological developments, our competitive position and business results may be negatively
impacted, and there can be no assurance that our use of AI will result in our business or operations being more efficient or
profitable or otherwise result in our intended outcomes. The development, adoption, and use of AI technologies are still in
17
Table of Contents
their formative stages and, as with many innovations, present risks, challenges, and unintended consequences that could
affect their adoption. Ineffective or inadequate AI development or deployment practices by us or third-party developers or
vendors, or actual or perceived deficiencies, inaccuracies, biases, or other flaws in our products or services, could damage our
reputation, competitive position, and business, expose us to legal liability or regulatory risk, and cause us to incur additional
costs to address any reputational, governance, ethical, data privacy, confidentiality, security, compliance, technical,
operational, legal, or competitive issues. For example:
•AI tools that we use may be flawed or may be based on algorithms, datasets, or prompts that are biased or
insufficient;
•We or our customers may rely on the output of AI tools, whether the tools are ours or those of a third-party service
provider, which may contain errors or material that is unclear, unattributed, misattributed, insufficient, biased, or
false;
•Emerging AI applications may require additional investment in the development of proprietary datasets, algorithms,
and machine learning models and new approaches and processes;
•We may not have sufficient rights to use data or other material or content produced by AI, or the models, algorithms,
data, or other material or content on which our AI tools rely, in our business;
•We may inadvertently expose third-party data or other material or content to AI without appropriate permission or
attribution;
•Our employees, contractors, vendors, or service providers may use third-party software incorporating AI in
connection with our business or the services they provide to us and inadvertently disclose or incorporate our
information into publicly available or other third-party training sets, which may impact our ability to realize the
benefit of, or adequately protect, our intellectual property and other proprietary rights;
•Any output we create using AI may not be subject to copyright protection, which may adversely affect our
intellectual property rights in or our ability to commercialize such content;
•Third parties may be able to use AI to create technology that could reduce demand for our products;
•The use of AI may result in cybersecurity incidents that implicate the personal or other confidential data of users of
our AI tools or technologies;
•Third-party vendors may fail to comply with shifting regulations or contractual obligations;
•The failure to properly remediate AI usage or ethics issues may cause public confidence in AI to be undermined,
which could slow adoption of AI in our products and services; and
•Our customers may not accept or be able to pay a premium for advanced AI capabilities in certain markets where we
operate.
We face risks related to the regulation of AI and other evolving technologies.
The technologies underlying AI and its uses are already subject to a variety of laws and regulations, including intellectual
property, data privacy, cybersecurity, consumer protection, competition, and equal opportunity laws and regulations, and are
expected to be subject to increased regulation and new laws and regulations or new interpretations of existing laws and
regulations. The regulatory framework related to AI use and ethics is changing rapidly, and new laws and regulations, or the
interpretation of existing laws and regulations, in jurisdictions where we operate may affect our ability to leverage AI,
increase the burden and cost of research and development and operations, and expose us to legal and regulatory risks,
government enforcement, or civil suits that impact our ability to develop, earn revenue from, or utilize any products or
services incorporating AI. These technologies are themselves highly complex and rapidly developing, and it is not possible to
predict all of the legal or regulatory risks that may arise relating to our use of such technologies. Laws and regulations vary
between jurisdictions and are subject to change and evolving interpretations. As we expand our products and services through
the deployment of AI technologies, we have faced, and may continue to face, shifting regulations. For example, the EU
Artificial Intelligence Act (“EU AI Act”) entered into force in August 2024 and governs AI systems that impact individuals
in the EU. New provisions of the EU AI Act took effect in August 2025 that may impact disclosure and risk management
practices by us and third-party providers with whom we have commercial relationships. Complying with, or adopting best
practices relating to, the EU AI Act and similar emerging laws may impose significant costs on our business and may
necessitate changes to certain business practices to ensure compliance. We may not be able to adequately anticipate or
respond to these evolving technologies, laws, and regulations, and we may need to expend additional resources to adjust our
products, services, and operations, which could adversely affect our business, financial condition, and results of operations.
18
Table of Contents
Any disruption in or unauthorized access to or breaches of our computer systems or those of third parties that we utilize in
our operations, including those relating to cybersecurity or arising from cyberattacks, could adversely impact our
business.
Our reputation and ability to attract, retain, and serve our customers is dependent upon the reliable performance and security
of our computer systems and those of third parties that we utilize in our operations to collect, store, use, transmit, and
otherwise process public records, intellectual property, and other information, including confidential, sensitive, and personal
information. Most of our products and services are delivered electronically, and our customers rely on our ability to process
and deliver substantial quantities of information and other services on computer-based networks. Some elements of these
systems are provided by third-party providers, including critical data inputs or software received from third-party suppliers
and data systems stored on cloud-based computing infrastructure. We expend significant resources designed to develop and
secure our computer systems, intellectual property, and information, including confidential, sensitive, and personal
information, but they may be subject to damage or interruption from weather conditions (including climate change), natural
disasters, infrastructure or network failures (including failures at third-party data centers, by third-party cloud-computing
providers, or of aging technology assets), terrorist attacks, armed conflicts, power loss, internet and telecommunications
failures, the loss or failure of systems over which we have no control, and cybersecurity risks such as cyberattacks,
ransomware attacks, social engineering (including phishing attacks), computer viruses, denial of service attacks, physical or
electronic break-ins, and similar disruptions from foreign governments, state-sponsored entities, hackers, organized
cybercriminals, cyber terrorists, and individual threat actors (including malicious insiders), any of which may see their
effectiveness further enhanced by the use of AI. We may also face additional strain on our systems and networks due to aging
or end-of-life technology that we have not yet updated or replaced. Although we monitor, modify, update, and replace our
information technology systems and infrastructure, and invest in new capabilities to support the business, we cannot
guarantee that our own systems, or those operated by third parties, will always meet our current or future needs or fully
protect our operations. Additionally, upgrades or replacements can be costly and may involve factors outside our control. Any
inability to modify, upgrade, or replace these systems, or any disruption, failure, or data corruption during such efforts, could
result in service interruptions and negatively affect our business, financial condition, and results of operations.
In addition to the risks noted above, many of our employees work remotely, which magnifies the importance of the integrity
of our remote access security measures and may expose us to additional cybersecurity risks. We have implemented systems
and processes designed to thwart such threat actors and otherwise protect our computer systems and information, including
confidential, sensitive, and personal information; however, the systems and processes we have adopted may not be effective,
and, similar to many other global multinational companies, we have experienced and may continue to experience cyber-
threats, cyberattacks and other attempts to breach the security of our systems or gain unauthorized access to our information,
including confidential, sensitive, and personal information. Any fraudulent, malicious, or accidental breach of our computer
systems or cybersecurity protections (including due to malicious insiders or inadvertent employee errors) could result in
unintentional disclosure of, or unauthorized access to, customer, vendor, employee, or our own information, including
confidential, sensitive, and personal information, which could result in additional costs to enhance security or to respond to
such incidents, lost sales, violations of data privacy, cybersecurity, or other laws or regulations, notifications to individuals,
penalties, or litigation. Any failure of our computer systems, disruption to our operations, or unauthorized access to any of
our computer systems or information, including confidential, sensitive, and personal information, or those of third parties
upon whom we rely or with whom we partner could result in, among other things, significant expense to repair, replace, or
remediate such systems, equipment, or facilities, a loss of customers, legal or regulatory claims, and proceedings or fines, all
of which could adversely affect our business, financial condition, and results of operations.
Additionally, while we generally perform cybersecurity due diligence on our key vendors, service providers, contractors, and
consultants, if any of these third parties fail to adopt or adhere to adequate cybersecurity practices, or in the event of a breach,
incident, disruption, or other compromise of their technology infrastructure, our or our customers’ information, including
confidential, sensitive, and personal information, may be improperly lost, destroyed, modified, accessed, used, disclosed, or
otherwise processed, which could subject us to claims, demands, proceedings, and liabilities. We do not have control over the
operations of the facilities of third-party cloud computing service or other key vendors, service providers, contactors, and
consultants that we use. This fact, coupled with the fact that we cannot easily switch our computing operations and other
computer systems to other service providers, means that any disruption of or interference with our use of our current third-
party cloud computing service, or the services provided by our other vendors, service providers, contractors, and consultants,
could disrupt our operations, and our business could be adversely impacted. Although we may have contractual protections
with our third-party providers, any actual or perceived security breach, incident, or disruption could harm our reputation and
brand, expose us to potential liability, or require us to expend significant resources on cybersecurity in responding to any
such actual or perceived compromise, breach, incident, or disruption and negatively impact our business. Any contractual
protections we may have from our third-party providers may not be sufficient to adequately protect us from any such
liabilities and losses, and we may be unable to enforce any such contractual protections. Further, any insurance coverage
19
Table of Contents
relating to cybersecurity risks may not be sufficient to provide adequate loss coverage (including if the insurer denies future
claims) and may not continue to be available to us on economically reasonable terms, or at all.
Our collection, storage, and use of confidential, sensitive, or personal information or data are subject to applicable data
privacy and cybersecurity laws, and any failure to comply with such laws may harm our reputation and business or expose
us to fines and other enforcement action.
In the ordinary course of business, we collect, aggregate, store, use, analyze, transmit, license, and otherwise process certain
types of information, including confidential, sensitive, and personal information, including data sourced from third parties,
that are subject to different laws and regulations. In particular, data privacy and cybersecurity laws and regulations often vary
significantly by jurisdiction.
For example, in the U.S., there are numerous federal, state, and local data privacy, and cybersecurity laws, rules, and
regulations governing the collection, storage, use, transmission, and other processing of personal information and Congress
has considered, and continues to consider, various proposals for additional comprehensive national data privacy and
cybersecurity legislation. At the state level, we are subject to laws, rules, and regulations, such as the California Consumer
Privacy Act (as amended by the California Privacy Rights Act (collectively, “CCPA”)), which imposes disclosure
requirements, access rights, opt out rights, and the right to request deletion of personal information, among other rights. A
number of other states have enacted, or are in the process of enacting or considering, similar comprehensive state-level data
privacy and cybersecurity laws, rules, and regulations, creating a patchwork of overlapping but different state laws. In
addition, all 50 states have laws that require the provision of notification for security breaches of personal information to
affected individuals, state officers, or others.
The use of data, including data sourced from third parties, in some of our products could subject us to classification or
treatment as a data broker under existing or emerging laws and regulations in the U.S. at the federal, state, and local level and
internationally. We may be required to comply with any applicable data-broker specific requirements that may evolve over
time, which could require us to modify data sourcing, processing, licensing, or retention practices, limit certain products or
data sets, or incur significant compliance and operational costs. Failure to meet applicable data broker obligations or
customer expectations could expose us to regulatory enforcement actions, fines, litigation, contractual disputes, and
reputational harm, any of which may adversely affect our business, financial condition, and results of operations.
Outside of the U.S., an increasing number of laws, rules, regulations, and industry standards apply to data privacy and
cybersecurity, such as the European Union’s General Data Protection Regulation (“GDPR”) and the UK’s Data Protection
Act 2018 as supplemented by the GDPR as implemented into UK law (collectively, “UK GDPR”), both of which impose
stringent data privacy and cybersecurity requirements, particularly related to the processing of personal data. The GDPR and
UK GDPR also provide individual rights with respect to personal data, including rights of access, erasure, portability,
rectification, restriction, and objection. Failure to comply with the GDPR and the UK GDPR can result in significant fines
and other liability. Although we have implemented policies and procedures that are designed to ensure compliance with
applicable data privacy and cybersecurity laws, rules, and regulations, the efficacy and longevity of these policies and
procedures remains uncertain. Additionally, we may be bound by contractual requirements applicable to our collection,
storage, use, transmission, and other processing of information, including confidential, sensitive, and personal information,
and may be bound or asserted to be bound by, or voluntarily comply with, self-regulatory or other industry standards relating
to these matters. Further, we could face scrutiny and adverse legal and regulatory action for any failure or perceived failure to
comply with our public privacy policies and other public statements about our data privacy and cybersecurity program. If our
data privacy and cybersecurity measures fail to comply with any of the foregoing requirements, we will likely be required to
modify our data collection or processing practices and policies in an effort to comply with such requirements, and we could
be subject to increased costs, fines, litigation, regulatory investigations, and enforcement notices, which may have an adverse
impact on our business, financial condition, and results of operations.
Intellectual property litigation, including litigation related to content provided using our products and services, could
result in reputational damage and significant costs, and could adversely affect our business, financial condition, and
results of operations.
Companies in the technology industry are frequently subject to litigation based on allegations of infringement,
misappropriation, or other violations of intellectual property rights. In addition, despite our efforts to ensure that our
employees, contractors, consultants, vendors, and service providers do not use the intellectual property and other proprietary
information or know-how of third-parties in their work for us, we may be subject to claims that we or our employees,
contractors, consultants, vendors, or service providers have inadvertently or otherwise used or disclosed intellectual property,
including copyrighted materials, trade secrets, know-how, software, or other proprietary information of former employers or
other third parties. Litigation may be necessary to defend against these claims and if we fail in defending any such claims, in
addition to paying monetary damages, we may lose valuable intellectual property rights or personnel. In addition, we may not
20
Table of Contents
qualify for the safe harbors established by laws in the United States and other countries protecting online service providers
from claims related to content posted by users, or those laws could change in a manner making it difficult or impossible to
qualify for such protection, increasing our exposure. While our terms and policies require users to respect the intellectual
property rights of others, we have limited ability to influence the behavior of third parties, and there can be no assurance that
these terms and policies will be sufficient to dissuade or prevent infringing, misappropriating, or other violating activity by
third parties using our products or services. Additionally, litigation may become necessary to enforce our intellectual property
rights, protect our trade secrets, or determine the validity and scope of proprietary rights claimed by others. Litigation
regarding intellectual property rights is inherently uncertain due to the complex issues involved, and we may not be
successful in defending ourselves in such matters.
Any claims successfully brought against us could subject us to significant liability for damages and we may be required to
stop using technology or other intellectual property alleged to be in violation of a third party’s rights. We also might be
required to seek a license for third-party intellectual property. Even if a license is available, we could be required to pay
significant royalties or submit to unreasonable terms, which would increase our operating expenses. We may also be required
to develop alternative non-infringing technology, which could require significant time and expense. If we cannot license or
develop technology for any allegedly infringing, misappropriating, or other violating aspect of our business, we may be
forced to limit our service and may be unable to compete effectively. In addition, some of our agreements with third-party
partners require us to indemnify them for certain intellectual property claims against them, which could require us to incur
considerable costs in defending such claims and may require us to pay significant damages in the event of an adverse ruling.
Such third-party partners may also discontinue their relationships with us as a result of injunctions or otherwise, which could
result in loss of revenue and adversely impact our business operations. Our use of AI may heighten the foregoing risks, any of
which could adversely affect our business, financial condition, and results of operations.
Our use of “open source” software could negatively affect our ability to offer our solutions and subject us to possible
litigation.
Our products and services include “open source” software, and we may incorporate additional open source software in the
future. Open source software is generally freely accessible, usable, and modifiable. Certain open source licenses may, in
certain circumstances, require us to: (i) offer our products or services that incorporate the open source software for no cost;
(ii) make available source code for modifications or derivative works we create based upon, incorporating, or using the open
source software and (iii) license such modifications or derivative works under the terms of the particular open source license
or otherwise unfavorable terms. The terms of many open source licenses to which we are subject have not been interpreted by
U.S. or foreign courts, and there is a risk that open source licenses could be construed in a manner that imposes unanticipated
conditions or restrictions on our ability to provide or distribute our products or services. While we try to insulate our
proprietary software, including our AI tools, from the effects of such open source license provisions, we cannot guarantee
that we will be successful, that all open source software is reviewed prior to use in our products, that our developers have not
incorporated open source software into our products in potentially disruptive ways, or that they will not do so in the future. If
an author or other third party that distributes open source software we use were to allege that we had not complied with the
conditions of one or more of these licenses, we could be required to incur significant legal expenses defending against such
allegations. If such third parties are successful, we could be subject to liability, be required to make our proprietary software
source code available under an open source license, purchase a license (which, if available, could be costly), or cease offering
the implicated products or services unless and until we can re-engineer them to avoid infringement, misappropriation, or
other violation. This re-engineering process could require significant additional research and development resources and we
may not be able to complete it successfully on a timely basis, or at all. We could also be subject to suits by parties claiming
ownership of what we believe to be open source software. Any litigation could be costly for us to defend and could adversely
affect our business, financial condition, and results of operations.
In addition to risks related to open source license requirements, use of certain open source software may pose greater risks
than use of third-party commercial software, since open source licensors generally do not provide warranties or controls on
the origin of software or other contractual protections regarding infringement claims or the quality of the code, including with
respect to security vulnerabilities. Moreover, some open source projects have known security and other vulnerabilities and
architectural instabilities, or are otherwise subject to security attacks due to their wide availability, and are provided on an
“as-is” basis. There is typically no support available for open source software, and we cannot ensure that the authors of such
open source software will implement or push updates to address security risks or will not abandon further development and
maintenance. Further, our use of any AI tools that use or incorporate any open source software may heighten any of the
foregoing risks. Any of these risks could be difficult to eliminate or manage, and, if not addressed, could adversely affect our
business, financial condition, and results of operations.
21