One pasted contract can waive privilege, breach confidentiality, and initiate a malpractice claim – all before the AI returns its first sentence. 69% of lawyers are using AI but only 34% of firms are governing it. That 35 point gap is the biggest risk in legal tech today. Here's how firms and in-house teams are closing it.
For most professions, feeding data into an AI tool is a security question. For lawyers, it is that – and an ethics question, a privilege question, and a malpractice question, all at once. The duty of confidentiality under Model Rule 1.6 is wider than attorney-client privilege: it covers all information about a representation, no matter where it came from. When an associate pastes a contract, a deposition transcript, or a settlement memo into a consumer AI tool to "summarize it," he or she may have done something that no other professional's careless paste does – that is, waived a privilege that cannot be un-waived, and breached a duty that predates the internet.
The legal profession has reached the same place as every other industry: individual use of AI has outstripped institutional governance.69% of legal professionals now use generative AI — more than double a year earlier — but only 34% of firms have formally adopted it. For a lawyer, the gap is not a business risk, it is an ethical and professional-liability exposure with a regulator (the bar) and a set of binding rules already attached. This is a guide to how firms and in-house counsel actually manage that risk: the duties at risk, the failure modes, and the controls that allow lawyers to use AI without risking the privilege.
Confidentiality under Model Rule 1.6 is everything about a representation – not just privilege. Many terms of use for consumer AI tools permit inputs to be used to train a model. Combining the two: pasting client information into a consumer AI tool can be a breach of confidentiality and a waiver of privilege the instant you hit enter – before the model generates a single word of output.
A 35-point gap — lawyers using AI faster than firms can govern it. Source: 8am 2026 Legal Industry Report.
In July 2024, the ABA issued Formal Opinion 512, its first formal guidance on generative AI. It created no new rules — it mapped six existing Model Rules onto AI use, making clear that the ethical obligations don't change just because the tool does. Here is each task, the AI-specific risk it entails and the control that it is addressed by.
The headline risk. Entering confidential client information in a "self-learning" AI tool may make it available to others and violate the duty to prevent disclosure. Opinion 512 requires lawyers to consider the data handling of the tool and obtain informed consent from the client before entering confidential information in a tool that may disclose it.
You must understand the tool. Competence is now having a reasonable idea of what an AI tool can and cannot do – especially that it is prone to hallucinate. You don't have to be an engineer, but you cannot say that you do not know how the tool deals with the data and where it fails.
Hallucinated citations are sanctionable.Filing AI-generated content with made-up cases or quotes is a breach of the duty of candor and the courts are getting impatient. The verification duty is non-delegable: the signing lawyer is the owner of every citation.
Sometimes you must tell the client. Opinion 512 describes circumstances in which disclosure of use of AI is required, such as when it affects fees or informs a major decision in the representation. Stand-alone boilerplate engagement-letter language may not be sufficient for informed consent.
Managers are on the hook. Supervisors should have a policy on the use of AI and make reasonable efforts to ensure that lawyers and non-lawyers follow it–including training–and that an associate's careless paste is not a supervisory failure of a partner.
You can't bill for the wrong things. Lawyers cannot usually bill clients for time spent learning a general AI tool and must be transparent about how AI cost and efficiency impact fees. Billing AI-accelerated work at full manual hours is a reasonableness issue.
From Mata v. Avianca (2023 lawyer filed a brief with AI-made decisions) to a wave of 2026 rulings, courts have punished lawyers for AI-hallucinated citations – with reported penalties in the six figures in the first half of 2026 and judges saying "the problem is not going away" – every one of them began with the same: an AI output that looked good and was not checked. The duty to verify is the cheapest insurance in law.
The most useful framework that we observe firms to adopt is a simple traffic-light that tells everyone at a glance what is not allowed, what needs to be watched and what is okay. It translates abstract ethics rules into an operational rule of thumb.
The most important line to draw is between purpose-built legal AI with enterprise data isolation and general purpose consumer tools. A platform that contractsually prevents your inputs from being used to train its models, that signs the right agreements, and that isolates your data is a different kind of risk than a free consumer chatbot whose terms allow you to paste whatever you want and have it used to train its models. For medical records (PI, mass tort) or other regulated data, this distinction also has HIPAA weight on top of the ethical duties – it is not academic.
In-house counsel face the firm's risks and their own. They are not just AI users, but are becoming the function that manages AI for the business. The same in-house counsel who is concerned about an associate pasting a contract into ChatGPT is also being asked to approve the company's customer facing AI, vendor AI clauses and AI governance policy. Two jobs, one team.
In-house counsel have to (1) preserve privilege and work product in their own AI use – legal advice drafted with AI assistance still has to be privilege – and (2) own enterprise AI governance: vendor contracts with proper AI and data-processing terms, the company's acceptable-use policy, regulatory mapping (EU AI Act, state laws, sector rules) and incident response. The tooling that protects the legal team's data is often the same tooling that shows enterprise-wide governance to regulators and the board.
Lawyers' duty of confidentiality is not privilege and the verification duty is not delegable. AI does not lower those fences but it increases the stakes of passing them. The firms that manage AI well see it as a client-protection discipline and not an IT project.
— Polygraf AI, on AI risk in legal practiceHow is your firm or legal department's position on AI data risk? Polygraf's AI Risk Calculator models your exposure – breach, regulatory and litigation – and shows which obligations apply, from confidentiality duties to state privacy laws and the EU AI Act, based on your practice areas, tools and existing controls.
Closing the gap in governance is a process, not a policy memo. Here's the order that works for firms and in-house teams alike.
Polygraf AI is the technical enforcement layer that turns an AI policy into protection for law firms and in-house teams. It is at the point where lawyers and staff use AI – identifying client identifiers, privileged content, financial terms and (for PI and mass-tort work) PHI in real time, and blocking or redacting them before they are sent to a consumer AI tool that is trained on inputs. It sends data to your approved, governed tools and keeps it out of ungoverned ones, and logs every interaction for the audit trail your supervisory and confidentiality duties require. It is on-premise with zero data egress and sub-100ms latency – so the protection itself never becomes a new place client data lives. In a profession where one careless paste can waive a privilege, that point-of-use control is the difference between a policy and a safeguard.
Polygraf AI identifies client data, privileged content, and PHI before it gets to a consumer AI tool, routes it to your governed tools and blocks the rest with a full audit trail. On-premise, sub-100ms, zero data egress.
At Polygraf, we envision a future where AI augments human capabilities without compromising safety, privacy, or ethical standards. Trust in our commitment to building this future with you.
© 2026 Polygraf AI. All rights reserved.
Your download will start now.
Please provide information below and we will send you a link to download the white paper.