AI and Attorney-Client Privilege: The Risk Isn’t The Tool. It’s What You Can’t Prove

Most law firms aren’t worried about losing privilege.

They’re worried about using AI incorrectly.

Those are not the same thing.

Because privilege doesn’t get challenged when everything goes right.

It gets challenged when opposing counsel asks a very specific question:

“Who had access to this information—and where did it go?”

And increasingly, the answer is not as clean as it used to be.

Privilege Depends on Control-Not Intent

Attorney-client privilege has never been about intent.

It doesn’t matter if:

• the lawyer meant to keep something confidential
• the firm had a policy in place
• the tool was widely accepted

What matters is:

Whether confidentiality was actually preserved.

Historically, that was straightforward.

• Work stayed inside firm systems
• Access was controlled
• Data didn’t move unless someone explicitly sent it

AI changes that.

The Moment Privilege Gets Complicated

Privilege risk isn’t created by using AI.

It’s created the moment confidential information leaves a controlled environment without clear boundaries.

That can happen when:

• Sensitive client data is entered into a third-party system
• The system processes or stores that data in ways the firm doesn’t fully understand
• Access, retention, or downstream use of that data isn’t clearly defined

At that point, a new question is introduced:

Has confidentiality been maintained—or has it been waived?

And critically:

Can the firm prove the answer?

The Problem Isn’t What Happened. It’s What You Can’t Demonstrate

In a dispute, perception matters as much as reality.

Even if:

• the vendor never misused the data
• the tool was configured “correctly”
• no breach actually occurred

If the firm cannot clearly demonstrate:

• where the data went
• how it was handled
• who had access

Then privilege can be challenged.

Not because something definitively went wrong

But because the firm cannot prove that nothing did.

Where Firms Are Exposed Today

The risk is rarely obvious.

It shows up in small, everyday actions:

1. Ad Hoc Usage

Attorneys using AI tools independently, without consistent oversight or approved workflows.

2. Ambiguous Vendor Boundaries

Unclear understanding of how third-party platforms process, retain, or isolate data.

3. Policy Without Enforcement

Guidelines exist—but there is no technical control ensuring they are followed.

4. Lack of Auditability

No clear record of:

• what data was submitted
• how it was processed
• whether it was retained or deleted

The Legal Standard Hasn’t Changed. The Environment Has

Courts haven’t rewritten privilege doctrine for AI.

They don’t need to.

The existing standard still applies:

Was confidentiality maintained?

What’s changed is how difficult it is to answer that question with certainty.

This Is Where Risk Moves From Legal to Operational

Privilege is no longer just a legal issue handled in a courtroom.

It’s an operational issue handled in:

• system architecture
• access controls
• vendor configurations
• data flow design

If those aren’t aligned, the firm may:

• believe it has preserved privilege
• but struggle to prove it under scrutiny

What Firms Need to Be Able to Say

In a challenge scenario, the standard is no longer:

“We have a policy.”

It’s:

“We can demonstrate exactly how this data was handled, where it went, and why confidentiality was preserved.”

That requires:

• visibility into usage
• control over data flow
• clarity in vendor behavior
• consistency across the firm

The Bottom Line

AI is not inherently incompatible with attorney-client privilege.

But it introduces a new requirement:

Firms must be able to prove control—not just assume it.

Because in practice, privilege isn’t lost when something obviously goes wrong.

It’s lost when:

There’s just enough uncertainty that it can be challenged.

And right now, that uncertainty is growing faster than most firms realize.