Atlassian’s AI to Use Base Tier User Metadata by Default, Limits Opt-Out
Atlassian will default to collecting lower-tier users’ metadata for AI training from August 2026.
Why it matters: This shift raises legal, privacy, and regulatory concerns for enterprise buyers and legal teams, especially as opt-out controls are limited for non-Enterprise accounts. The move underscores industry debate over user consent and data usage in AI advancements.
- Starting August 17, 2026, Atlassian will use metadata from Free and Standard plan users for AI model training.
- Enterprise customers can opt out of metadata collection; lower-tier users cannot fully opt out.
- Metadata covers details like usage patterns and activity logs, not the text of documents.
- All data used for AI is described by Atlassian as “de-identified and aggregated,” but technical details are unclear.
- Settings roll out April 16, 2026, with configuration running until May 19, 2026.
On August 17, 2026, Atlassian will begin using metadata—such as user activity logs, feature usage, and configuration settings—from its Free and Standard tier customers to train and improve its artificial intelligence systems. This policy targets customers globally, though some region-specific privacy laws may create exceptions.
- Enterprise plan customers are the only group with a full opt-out, allowing them to exclude both in-app and metadata from AI training. Free and Standard users can only opt out of in-app data—not metadata.
- Atlassian claims all metadata for AI use will be “de-identified and aggregated” to reduce privacy risk. No independent audits or technical safeguards have been externally verified or released as of this writing.
- The rollout of configuration tools begins April 16, 2026, with all customers able to access the new data settings by May 19, 2026.
Metadata refers to information about how users interact with Atlassian products, not the documents or messages themselves. This can include, for example, the frequency of project updates or login times.
Experts are warning that default data capture for AI training—even if de-identified—may still present re-identification risks and elevate legal exposure, particularly under expanding regulations like the GDPR and CCPA.
For legal, procurement, and compliance leaders, the distinction between Enterprise and other tiers creates potential new negotiating points, and may impact how data privacy commitments are evaluated during vendor due diligence or contract renewal.
Several SaaS vendors are reconsidering their AI data usage and privacy policies in response to growing scrutiny and regulatory focus, highlighting a broader industry trend toward more explicit legal terms and opt-out rights.
For further clarification, review Atlassian’s privacy policy and official updates on planned AI data contribution practices.
By the numbers:
- August 17, 2026 — Default metadata collection for Free/Standard users begins
- May 19, 2026 — All customers gain access to new data controls
- 1 — Only Enterprise tier allows a full opt-out of metadata collection
Yes, but: The specifics of Atlassian's de-identification methods and external audits are not disclosed, leaving legal teams with uncertainty over compliance risks across jurisdictions.
What's next: Expect increased legal scrutiny and vendor negotiations among enterprise customers ahead of the August 2026 implementation.