GitHub Copilot, Cursor, and JetBrains: how lawyers assess AI in development environments

An analysis has appeared on Habr of how AI assistants are changing familiar development environments from a tool into an almost full-fledged co-author. An IT lawyer at ecom.tech explains: the convenience of GitHub Copilot, Cursor, and JetBrains AI brings not only speed, but also new legal risks.

How AI arrived

The author divides the market into three groups. The first is classic IDEs and editors such as Visual Studio, VS Code, JetBrains IDE, 1С:EDT, and GigaIDE, where AI acts as an additional feature. The second is plugins and assistants such as GitHub Copilot, Amazon Q Developer, GigaCode, and SourceCraft, which integrate into an already familiar environment and take over generation. The third is AI-first editors such as Cursor and Windsurf, where dialogue with the model and automatic edits are the foundation of the entire product.

The difference between these categories is not cosmetic. The architecture determines how much source code is sent to an external service, where it is processed, and who is then responsible for the result. Where AI only suggests autocomplete, the developer’s role remains clear. Where an agent writes a module, refactors a project, and creates tests from a text command without manual revision, it becomes harder to draw the line between human labor and machine generation.

Where the risks arise

The main question is authorship. Under Russian law, an author is recognized as a human if the result reflects their creative contribution. But scenarios vary: a developer may accept one suggested line, may rework a large fragment from the model, or may insert generated code almost unchanged. The less editing and independent decision-making there is, the weaker the argument that the resulting fragment is protected by copyright at all as a human work.

Another risk is related to training data. Most of these systems were trained on public repositories, so matches with someone else’s code are not a purely theoretical problem. If a fragment with strict licensing requirements ends up in a commercial product, the dispute will arise not because the model generated the code, but because someone used another party’s protected fragment. The most visible example is the U.S. lawsuit Doe v. GitHub, which is specifically testing whether Copilot can reproduce someone else’s open source code without complying with license terms.

“Today — a tool. Tomorrow — a question.”

What vendors promise

A separate section of the article is devoted to license agreements. Formally, almost all vendors say that rights to user code and generated output remain with the client, but the details differ sharply. For corporate development, this matters more than polished demos, because the contract is where it becomes clear whether input data may be used to train models, how long it is stored, and who will bear the costs if a copyright claim appears.

• GitHub Copilot for Business and Enterprise promises not to train models on the client’s code and provides corporate protection against claims
• Amazon Q Developer adds a reference tracker and shows if the output resembles open source code
• JetBrains AI Assistant and Cursor leave the rights with the user, but do not remove the obligation to verify the result
• GigaCode and SourceCraft allow broader use of user content to operate the service and improve models

This leads to the author’s practical conclusion: for a lawyer and a CTO, it is no longer enough to simply choose the most convenient assistant. You need to read the data retention terms, separately verify whether the service can continue training on prompts and code, and decide in advance which tools are acceptable in closed commercial projects. This is especially relevant for companies with personal data, trade secrets, and their own libraries that cannot be thoughtlessly sent to an external model.

What it means

AI in development environments has already become part of everyday work, but legally it remains a grey area for now. The practical approach is simple: treat generated code as a draft, check it for licenses and security, and tie the choice of Copilot, Cursor, JetBrains, or local alternatives not only to convenience, but also to how the service handles your code.