Skip to main content
Back to Insights
AI AdvisoryJun 20, 20266 min readBy Justin Kane

AI for Law Firms: What's Safe, What's Not, and How to Tell

Law firms handle privileged material, which changes the AI calculus entirely. Here is what is safe to adopt, what is not, and the line that separates them.

AI Advisory illustration

For a law firm, AI is not a productivity question first. It is a confidentiality and privilege question. The same tool that drafts a memo in seconds can, used carelessly, put privileged material somewhere it should never go. The firms that adopt AI well are the ones that draw a clear line before they roll anything out.

What is generally safe

A great deal of legal work is not privileged or confidential. Drafting internal documents, summarizing public filings, general legal research against public sources, first drafts of non-client-facing content. For this kind of work, an approved AI tool is a real accelerator and the risk is low. Banning AI outright pushes lawyers toward personal accounts you cannot see, which is worse.

What is not safe

Two things create most of the exposure. The first is privileged or confidential client material going into a public AI tool, where the text leaves the firm's control and may be retained or used to train a model. The second is AI-generated output used without a lawyer verifying it. AI tools fabricate citations and facts with complete confidence, and courts have sanctioned lawyers for filing them. Both are avoidable.

How to tell the difference

The line is not the document type. It is the obligation attached to the material. Whether a protective order, a confidentiality agreement, or privilege governs it changes what can happen to it. A serious AI policy for a law firm classifies material by that obligation, not just by what kind of document it is, and tells everyone exactly which tools can touch which class of material.

The safe path forward

Three things make AI safe in a firm like this. A clear acceptable-use policy keyed to authorization. A verification step so a lawyer is always accountable for AI output, never the tool. And, for the most sensitive material, private AI that runs inside the firm's environment so privileged data never reaches a public tool at all. With those in place, a firm gets the speed without the exposure.

Key takeaways

  • For a law firm, AI is a privilege and confidentiality question before it is a productivity one.
  • Non-privileged, low-risk work is generally safe for approved AI tools.
  • Privileged material in a public tool, and unverified AI output, cause most of the exposure.
  • The line is the obligation on the material, not the document type.
  • A policy, a verification step, and private AI for the most sensitive material make it safe.

Talk it through

Questions about AI in your firm? Start with a 30-minute call.

Frequently asked questions

Related reading

More from the DoubleChecked library.

Free Executive Resources

Choose your free guide

Two guides built for business owners who want straight answers about their technology.

5 signs your company has outgrown its current tech setup

A practical checklist for CEOs and founders managing technology without a dedicated executive.

  • Technology decisions are made by gut feel, not by someone who owns the outcome
  • Your IT spend is growing but nobody can explain where it goes
  • A vendor, investor, or client has asked a technology question nobody could answer

We respect your inbox. Unsubscribe at any time.