Model extraction attacks are typically framed as threats to model confidentiality, competitive advantage, and safety-layer integrity. Separately, memorization in large models is treated as a privacy or safety concern, while copyright litigation focuses on training-data provenance and output-level infringement. This paper argues that these domains cannot be treated independently. When an adversary extracts or approximates a deployed model, the resulting surrogate can reproduce memorized training data—including copyrighted text, code, and other creative works—without the guardrails present in the original deployment context. This creates a unified attack surface in which a technical breach (extraction) induces downstream legal harm (copyright infringement) to third-party authors who were never part of the original threat model. We present a structural analysis of this cross-domain propagation pathway and outline the implications for governance, liability, and standards development.
Narnaiezzsshaa Truong (Wed,) studied this question.