Atlassian to Use Customer Data by Default for AI Training

Atlassian Shifts AI Data Policy, Mandates Training Contributions

Atlassian is enacting a significant policy reversal that will impact hundreds of thousands of its cloud customers. Starting August 17, 2026, the company will begin collecting customer metadata and in-app content by default to train its artificial intelligence models, including Rovo and Rovo Dev. This move marks a departure from its previous stance that customer data would not be used for AI training.

The new data contribution policy applies to core products like Jira, Confluence, and other Atlassian Cloud offerings. It affects an estimated 300,000 organizations globally. The change underscores a broader industry trend where SaaS vendors are leveraging internal user data to bootstrap and refine their AI capabilities, often balancing innovation with customer privacy concerns.

What Data Is Being Collected?

Atlassian has delineated two primary categories of data for collection. The first is metadata, which comprises de-identified signals and analytics. This includes metrics such as readability scores, task complexity classifications, semantic similarity between items, assigned story points, sprint end dates, and Jira Service Management SLA values. This data provides behavioral and structural insights without directly exposing user content.

The second category is in-app data, which consists of user-generated content. This encompasses Confluence page titles and bodies, Jira issue titles, descriptions, comments, as well as custom elements like emoji names, status names, and workflow names. Atlassian states it will remove direct identifiers, aggregate information, and apply other protective measures before using this data for model training.

Tiered Defaults and Opt-Out Controls

A critical aspect of the new policy is its tiered implementation, directly tied to an organization's highest active subscription plan. For Free and Standard tier customers, metadata contribution is mandatory and cannot be opted out of. In-app data collection is enabled by default for these tiers, though administrators can turn it off.

Premium plan customers also face mandatory metadata contribution with no opt-out, but in-app data collection is disabled by default. Only Enterprise customers retain full control: both metadata and in-app data contributions are off by default, and administrators can opt out of metadata collection entirely.

Several customer groups are explicitly excluded from this data collection initiative. These include organizations using customer-managed encryption keys, those on Atlassian Government Cloud or Isolated Cloud, and entities with HIPAA compliance obligations. For others, achieving full data control may require a migration to these higher-cost, specialized deployments.

Data Retention and Remediation Timelines

Atlassian has outlined specific timelines for data handling. Contributed data can be retained for up to seven years, a lengthy period that expands the exposure surface for historical data. However, the company pledges specific remediation actions when contributions stop.

If a customer opts out or deletes their in-app data, Atlassian commits to removing that specific content from its training datasets within 30 days. Furthermore, any AI models trained on that now-removed data will be retrained within 90 days to purge its influence—a process the company will need to operationalize at scale.

Industry Context and Significance

This policy shift reflects a wider movement in enterprise software, as seen in coverage from sources like Forbes, which highlights AI's growing appetite for workplace data such as emails and chat logs. SaaS providers are increasingly mining user interactions and content to create more competitive, context-aware AI features. For Atlassian, the practical benefits include improved search relevance, more accurate content summarization, smarter template suggestions, and optimized agentic workflows within its tools.

For IT administrators and compliance officers, this change materially alters the data provenance for AI models used in daily work. It introduces new considerations for procurement, data governance, and vendor risk assessments. The ability to fully opt out is now a feature tied to premium enterprise pricing, creating a tangible trade-off between cost and data control.

Risks and Governance Considerations

The mandatory collection of metadata, even when de-identified, raises privacy and internal governance questions. Signals like story point allocations, sprint timelines, and SLA metrics can reveal patterns about project velocity, team performance, and operational bottlenecks. Organizations in regulated industries or those with strict internal data policies may find the lack of opt-out for lower tiers problematic.

The seven-year retention period also imposes a long-term burden on customers who must track data usage for audit purposes. While Atlassian offers exclusion paths, they often necessitate a move to more expensive or complex deployment models, potentially increasing operational overhead.

Actionable Steps for Organizations

Companies using Atlassian Cloud products should take proactive steps before the August 2026 rollout. First, inventory all Atlassian tenants and identify the highest active plan for each to understand the default contribution settings. Administrators should then review and configure the data contribution settings within the admin console during the provided window.

Organizations with heightened data sensitivity should evaluate whether migrating to an Enterprise plan or an excluded deployment like Isolated Cloud is necessary and financially viable. This decision should be factored into upcoming contract renewals and budget cycles.

The Bigger Picture: AI's Data Hunger

Atlassian's move is not happening in a vacuum. As reported by Fortune, public sentiment around AI data usage is becoming more contentious, with incidents of backlash rising. Simultaneously, the AI arms race intensifies, with models like Anthropic's Claude Opus 4.7 achieving new performance benchmarks, as noted by The Next Web. This creates pressure on vendors to secure high-quality, domain-specific training data to keep pace.

The fundamental trade-off is clear: users gain potentially more powerful, context-aware AI tools within their workflow software, but they cede a degree of control over how their aggregated data is used to build those tools. This policy shift by a major player like Atlassian is likely to set a precedent, prompting other enterprise SaaS vendors to evaluate similar changes to their data contribution terms.