The rise of public AI tools has created a legal minefield that no lawyer – regardless of practice area or seniority – can afford to overlook. When a client uploads a privileged memo or email containing legal advice to ChatGPT, Claude, or Gemini to get a quick summary, have they just handed their litigation opponent a weapon?
It’s a question the law hasn’t fully answered yet. But the answers are starting to take shape – and the implications are significant.
The problem is already here
Clients are using public large language models (LLMs) right now. Not maliciously. Not carelessly, in their own minds. They’re doing it to save time – to digest a long piece of advice, to understand what their lawyers are telling them, to feel more in control of complex litigation. It feels harmless. It may not be.
Recent decisions show just how unsettled the law remains. Courts have taken differing views on whether using public AI tools undermines a client’s expectation of confidentiality, and whether uploading advice to an LLM amounts to disclosure to a third party. Some judicial commentary suggests that placing confidential material into open‑access AI systems may effectively put it into the public domain, with the result that privilege is lost. The lack of a consistent approach leaves lawyers and clients operating in uncertain territory.
Why it matters to every lawyer
This isn’t limited to litigators. Any client, in any practice area, could be exposing privileged material:
- A corporate client uploads a due diligence memo before a board meeting.
- An employment client summarises settlement strategy through an LLM “for clarity”.
- A family law client turns to free AI tools because they can’t afford follow‑up advice.
The risk is highest for clients with limited resources – those most likely to rely on free public tools to interpret advice.
Key questions courts will need to answer
Courts will have to grapple with genuinely novel issues, including:
- Does uploading advice to a public LLM put it “in the public domain”?
- Can litigation opponents extract privileged content from an LLM?
- Could “fishing” applications be launched based on suspected LLM use?
- What must a lawyer do if a client admits mid‑litigation that they used ChatGPT?
Practical steps lawyers can take now
While the law develops, clients can still take steps to reduce risk.
- Adjusting LLM privacy settings – disabling chat history, opting out of training – may help show reasonable steps to maintain confidentiality. But it’s not foolproof: US courts have already required AI companies to preserve user chat logs clients believed had been deleted.
- Clear executive summaries may be the simplest safeguard. When advice is easy to understand upfront, clients are less likely to rely on external AI tools to interpret it.
- Only use closed system GenAI tools, like CoCounsel, when working on client-specific matters. Ask vendors how long they retain any information input into their tool.
You may also want to consider the wider data‑security implications of relying on free AI tools – particularly how they handle and store client information — which you can explore in more detail here.
Access the full analysis
The team from Practical Law UK recently compiled a detailed examination of this issue, “Why clients should not put privileged advice into public LLMs”.
This resource breaks down:
- What happens to documents uploaded to public LLMs
- How that content may become accessible to regulators or litigation opponents
- How existing privilege law applies – and where the gaps are
- Risks of targeted prompt‑extraction attacks
- The secondary‑evidence rules that may apply to reconstructed AI outputs
- Key professional‑conduct duties where clients have already used a public tool
It’s practical, current, and jurisdiction‑spanning – exactly what lawyers need while the law catches up.
Download the full analysis via the form on this page to help your clients avoid turning a convenience into a privilege breach.
