Chapter 12: Privacy, Licensing & Commercial Use

A subtle but critical point: the code license and the model-weights license can differ, and the per-voice license can differ again. Piper's code is one thing; each downloaded voice has its own license. Always check all three layers.

Model-by-model license verification

The table below reflects licenses verified against each project's repository/model card in May 2026.

The Coqui XTTS trap (read this if XTTS tempts you)

XTTS-v2 is one of the best open models for Czech voice cloning — which makes it very tempting. But its model weights are under the Coqui Public Model License (CPML), which "allows only non-commercial use of a machine learning model and its outputs." Coqui historically sold a commercial license (a 2023 post referenced ~$365/year for sub-$1M-revenue companies), but Coqui AI shut down in January 2024. That leaves XTTS in a uniquely bad spot:

• The CPML still applies (the license text didn't disappear).
• There is no entity to buy a commercial license from.
• Community forks exist, but a fork cannot relicense weights it doesn't own the rights to.

Practical verdict: XTTS-v2 is excellent for personal projects, internal experiments, and research — all clearly non-commercial. For anything you sell, embed in a paid product, or use to generate audio for a commercial service, treat XTTS as off-limits and reach for an Apache/MIT model or a properly-licensed cloud API. If your "product" is genuinely just you reading your own texts with no commercial distribution, you're inside the CPML's non-commercial scope — but the moment money or third-party users enter, you're outside it.

The Piper GPL nuance

Piper is the workhorse for free, fully-local TTS, and it does have Czech voices (modest quality, but real). Watch the licensing fork:

• rhasspy/piper — the original — is MIT. Permissive, embed-anywhere.
• OHF-Voice/piper1-gpl — the actively maintained successor — moved the code to GPL.

GPL is not a blocker for a commercial product, but the safe integration pattern is to run Piper as a separate process or container and talk to it over a CLI pipe or local HTTP. That keeps GPL's copyleft from reaching into your proprietary application code (the "mere aggregation"/separate-process boundary). If you statically link or import GPL Piper directly into a closed-source binary you distribute, you've created a derivative work and triggered the copyleft obligation. Also: each voice you download has its own license — most Piper voices are permissive (CC0/CC-BY/MIT), but a few have attribution or non-commercial restrictions, so verify the specific voice's card.

Watermarking: Chatterbox's Perth

Chatterbox is MIT-licensed and it embeds a Perth ("Perceptual Threshold") neural watermark into every generated clip by default. Resemble open-sourced the Perth watermarker too. The watermark is designed to be imperceptible and to survive MP3 compression and light editing. Because the watermarking runs client-side in your deployment and the code is open, a technically capable user could disable it — but doing so removes a provenance signal and works against the "responsible AI" posture that may soon be a legal expectation (see EU AI Act, below). For most builders the right move is to leave the watermark on: it's a feature, not a tax.

Part 2 — Voice Cloning: Consent, Ethics & Legal Risk

If your feature only reads text in a built-in/default voice, you can largely skip this section. If you let users clone a voice from a sample (XTTS, Chatterbox, F5-TTS, ElevenLabs Voice Clone, etc.), you've entered regulated territory.

A voice is personal — possibly biometric — data

Under the GDPR, a natural person's voice can constitute personal data, and a voiceprint used to identify someone can be biometric data (a "special category" under Art. 9 requiring stricter handling). Cloning an identifiable person's voice without a lawful basis (usually explicit consent) is a GDPR problem on top of any IP/publicity problem.

The "right of publicity" / likeness

Many jurisdictions protect a person's voice and likeness from unauthorized commercial use:

• US: State right-of-publicity laws plus the proposed federal NO FAKES Act target unauthorized AI replicas of voice and likeness.
• EU member states: Personality rights vary by country but generally protect against commercial exploitation of identity; Czech civil law protects personal integrity and likeness.

EU AI Act transparency for synthetic audio

The EU AI Act, Article 50, imposes transparency obligations on AI-generated/manipulated content ("deepfakes"). Relevant for a TTS feature:

• Providers of generative systems must mark AI-generated audio output in a machine-readable way (watermark/metadata) so it's detectable as synthetic.
• Deployers creating deepfakes must disclose that the content is artificially generated.
• These transparency provisions are generally slated to apply from August 2026 — i.e. essentially now/imminent as of this writing.

This is why Chatterbox's default watermark and similar provenance features matter: they help you meet the machine-readable-marking expectation almost for free.

A practical consent checklist for cloning features

If you build voice cloning into your product:

1. Only clone with documented consent. Capture explicit, logged consent from the voice owner ("I authorize creation and use of a synthetic clone of my voice for X").
2. Verify the speaker is the consenter. A consent checkbox plus a spoken consent phrase recorded in the same session is a strong pattern.
3. Disclose synthetic output to listeners and keep the watermark on generated audio.
4. No public-figure / celebrity cloning without licensing — this is where lawsuits land.
5. Honor deletion. Let users delete the voiceprint and derived audio (GDPR Art. 17 erasure).
6. Minimize and localize storage of voice samples (they're sensitive).

For the reader's stated use case — reading their own texts in standard voices — you avoid almost all of this. The lowest-risk design is to use built-in/default voices and skip arbitrary cloning entirely. If you want a distinctive voice, clone your own voice (you are the consenter) or license a voice you're allowed to use.

Part 3 — Cloud API Data Handling & GDPR Posture

A recurring myth: "if I send my text to a cloud API, they'll train on it / keep it forever." For the business/API products of the major vendors, that's largely false by default — the aggressive data-use terms you've read about usually apply to consumer products (free chatbots), not the paid API/cloud tiers. Still, the specifics differ, and for an EU user data residency is the deciding factor as much as retention.

What "good" looks like for an EU builder

• No training on your input by default (or an easy, contractual opt-out).
• Short or zero retention of the text/audio.
• EU data residency available (process and store in an EU region).
• A signed DPA (Data Processing Addendum) so you can name them as a processor in your own GDPR records.

Provider-by-provider

Reading the table for your situation (EU, near-free, must be private)

• Free local model = zero cloud privacy problem. If you run Kokoro, Piper, or Chatterbox locally/Dockerized, no text ever leaves your machine. There is no provider, no retention, no DPA needed. This is the strongest privacy posture by definition and also the cheapest. For a privacy-sensitive EU builder who can run Docker, this is the default answer.
• If you need a cloud API, Google Cloud TTS has the most privacy-friendly defaults (no retention unless you opt in, no training, EU regions, DPA). Azure is essentially tied and adds strong enterprise controls. Both are safe choices for an EU product with a DPA in place.
• Amazon Polly is fine only after you apply the AWS AI services opt-out policy — don't skip that step, because the default allows content reuse for service improvement.
• OpenAI is privacy-reasonable for the API (30-day cap, no training) but historically weaker on EU residency than Google/Azure/Microsoft; check whether their current EU residency offering covers the audio endpoints.
• ElevenLabs has the best voices but its strongest privacy guarantees (zero retention, EU residency) are enterprise-gated — not "free or near-free."

Free-tier and consumer-vs-API caveats

Two recurring gotchas:

1. Free tiers often have weaker data terms. Vendors frequently reserve broader rights over free-tier content (sometimes including training) than paid/API content. If privacy matters, a paid API tier with a DPA can ironically be more private than a free consumer tier.
2. Consumer app ≠ API. The headline "they train on everything" stories are usually about the consumer chatbot UIs. The commercial API terms are what govern your integration — read those, not the press coverage.

Part 4 — A Privacy-Safe Default Recommendation

Putting licensing and data-handling together for the reader's profile (EN+CZ, free/near-free, technical, EU, reading their own texts):

Tier 1 — Default: run it locally, no cloud at all. Use an Apache-2.0 / MIT model you self-host. For English, Kokoro-82M (Apache-2.0) is the cleanest commercial + privacy story in existence — permissive license, no attribution, no data leaves your box. For Czech, Kokoro has no native support, so fall back to Piper Czech voices (run the GPL fork as a separate Docker service to keep copyleft contained) for an automated default voice. This combination is free, commercially clean (mind the Piper per-voice licenses and the GPL process boundary), and has zero third-party data exposure.

Tier 2 — If you want better Czech and accept a cloud dependency. Use Google Cloud TTS (privacy-friendly defaults, strong Czech neural voices, EU regions, DPA) or Azure AI Speech (equally strong, more enterprise controls). Sign the DPA, pick an EU region, and you have a GDPR-defensible setup at near-free volumes.

Avoid for commercial use: XTTS-v2 (CPML non-commercial, orphaned license), and any voice with a non-commercial per-voice license. For cloning, only clone your own voice or a properly-consented/licensed one, disclose synthetic output, and keep watermarks on.

One-line rule of thumb: Local Apache/MIT model = no license fee + no privacy exposure. That's the sweet spot. Reach for a cloud API only when Czech quality demands it, and then prefer Google/Azure with an EU region + DPA.

Key Takeaways

• Cleanly free for commercial use (permissive): Kokoro (Apache-2.0), MeloTTS (MIT), Chatterbox (MIT), Tortoise (Apache-2.0), Bark (MIT), original Piper (MIT). These are the green zone.
• XTTS-v2 is the big trap: its weights are under the non-commercial CPML, and because Coqui shut down in Jan 2024 there's no one to buy a commercial license from. Great for personal/research use; avoid in anything commercial.
• Piper has a GPL fork. The maintained piper1-gpl code is GPL — run it as a separate process/container to keep copyleft out of your proprietary code, and check each voice's individual license.
• Czech + truly-free + commercial is a narrow door: Kokoro (best license) lacks Czech; XTTS (best Czech cloning) lacks a usable commercial license. The pragmatic free-Czech path is Piper Czech voices locally; the higher-quality path is a cloud API.
• Voice cloning is regulated: a voice can be personal/biometric data under GDPR, and the EU AI Act (Art. 50, transparency from ~Aug 2026) requires marking AI-generated audio. Only clone with logged consent, disclose synthetic output, and keep watermarks on.
• Cloud API defaults are better than the myths: Google Cloud TTS doesn't retain or train on input by default; Azure doesn't retain sync TTS or train without consent; OpenAI caps API retention at 30 days and doesn't train on API data. Amazon Polly is the exception — you must apply the AWS AI services opt-out to stop content reuse.
• Strongest privacy posture = run a local model. No provider, no retention, no DPA, no data egress, and it's free. For an EU builder this is the recommended default.

Key References

• hexgrad. Hugging Face — hexgrad/Kokoro-82M model card. 2024–2026. https://huggingface.co/hexgrad/Kokoro-82M — Confirms Kokoro's Apache-2.0 license and supported language list (no Czech).
• Coqui AI. Hugging Face — coqui/XTTS-v2 LICENSE.txt (Coqui Public Model License). 2023. https://huggingface.co/coqui/XTTS-v2/blob/main/LICENSE.txt — The actual CPML non-commercial license text for XTTS weights.
• coqui-ai/TTS contributors. GitHub Discussion #4304 — XTTS-v2 Commercial License Clarification. 2024. https://github.com/coqui-ai/TTS/discussions/4304 — Community confirmation that no commercial license is purchasable after Coqui's shutdown.
• OHF-Voice. GitHub — OHF-Voice/piper1-gpl. 2025. https://github.com/OHF-Voice/piper1-gpl — The GPL-licensed maintained Piper fork (vs. the MIT original rhasspy/piper).
• Resemble AI. GitHub — resemble-ai/chatterbox and resemble-ai/perth. 2025. https://github.com/resemble-ai/chatterbox — MIT license plus the default Perth perceptual watermarker.
• Google Cloud. Cloud Text-to-Speech — Data logging documentation. 2025. https://cloud.google.com/text-to-speech/docs/data-logging — Confirms data logging is opt-in and text is not retained by default.
• Microsoft Learn. Data, privacy, and security for Azure AI Speech. 2025. https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/speech-service/data-privacy-security — Azure TTS retention, training, and data-residency posture.
• Amazon Web Services. AI services opt-out policies (AWS Organizations). 2025. https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html — How to opt Polly out of content use for service improvement.
• OpenAI. API data usage policies and Enterprise privacy. 2025. https://openai.com/policies/api-data-usage-policies/ — 30-day API retention, no training on API data, ZDR availability.
• ElevenLabs. Privacy & GDPR / Zero Retention Mode documentation. 2025. https://elevenlabs.io/docs/product-guides/administration/privacy-gdpr — Enterprise zero-retention and EU data-residency features.
• European Union. EU AI Act, Article 50 — Transparency obligations. 2024. https://artificialintelligenceact.eu/article/50/ — Machine-readable marking and disclosure rules for AI-generated audio (deepfakes).
• U.S. Congress. NO FAKES Act (S.4875, 118th Congress). 2024. https://www.congress.gov/bill/118th-congress/senate-bill/no-fakes-act — Proposed US protection for voice/likeness against unauthorized AI replicas.