← Back to Blog

Security · Guides

Is AI Safe for Law Firms? Confidentiality, Privilege, and Client Data

Team SwiftLaw·Jul 2, 2026

Every legal AI evaluation reaches the same moment: the tool is impressive, and then a partner asks what happens to the client's documents. It is the right question, and the answer is knowable — the safety of AI for a law firm is not a property of AI in general, but of the specific vendor's architecture and policies, all of which can be verified before a single client document is uploaded.

Here is the framework: four questions that determine whether a legal AI tool is safe for confidential client work, and what good answers look like.

1. Is client data used to train models?

This is the first disqualifier. If client documents are used to train models that serve other customers, confidential information can surface in another user's output — a confidentiality problem no engagement letter contemplates. The acceptable answer is an unambiguous no, in writing, in the contract: client data is not used for model training.

Ask specifically about the underlying model providers too. A vendor may not train on your data while its upstream API provider retains it. Production-grade vendors have zero-retention or enterprise agreements with their model providers and will say so.

2. Where do documents live, and who can access them?

Map the document's journey: where it is stored, whether it is encrypted at rest and in transit, which vendor employees can access it and under what controls, and how long it is retained after the engagement ends. Vague answers to any of these are answers.

The strongest posture keeps documents inside infrastructure you control, with the vendor architecturally unable to read them. Short of that, demand access controls, audit logs, and deletion guarantees you can verify — and check that the vendor can pass your clients' vendor-risk questionnaires, because institutional clients increasingly send them.

3. Does using AI waive privilege?

Using a software tool to process client documents does not, by itself, waive privilege — firms have used document management systems, e-discovery platforms, and cloud email for decades under the same analysis. The operative question is whether the disclosure to the vendor is consistent with maintaining confidentiality: contractual confidentiality obligations, restricted access, and no secondary use of the data.

That is why the training-data and access questions come first: the same facts that protect confidentiality are the facts that support the privilege analysis. Document the vendor's commitments and your firm's review — the file you build during procurement is the file you will want later.

4. Can you supervise the output?

Bar guidance on AI converges on supervision: the lawyer remains responsible for the work product, so the tool must make review possible. Output that arrives as tracked changes in a document you can inspect satisfies that duty naturally. Output that arrives as finished text with no visibility into what changed makes supervision — and therefore responsible use — much harder.

This turns a compliance requirement into a product requirement: reviewability is not a nice-to-have, it is what makes the tool professionally usable at all.

How SwiftLaw answers these questions

SwiftLaw is SOC 2 audited with continuous monitoring, does not use client documents to train models, and is built around attorney supervision: every AI action lands as a reviewable tracked change with an audit trail. Security documentation is available through our trust center, and we support customer security reviews and DDQs as a standard part of onboarding.

Frequently asked questions

Can lawyers use AI without violating confidentiality?

Yes, with vendor diligence. The requirements are contractual confidentiality obligations, no use of client data for model training (including by upstream model providers), restricted and audited access, and retention limits. Verify each in writing before uploading client documents.

Does using AI waive attorney-client privilege?

Using a software vendor to process documents does not by itself waive privilege, under the same analysis that covers document management and e-discovery platforms. The disclosure must be consistent with maintaining confidentiality — which is why training-data policies, access controls, and contractual protections are the substance of the privilege question.

What security certifications should a legal AI vendor have?

SOC 2 is the baseline institutional clients expect, and continuous monitoring is better than a point-in-time report alone. Beyond certifications, ask the specific questions: training-data policy, model-provider retention, encryption, access controls, and deletion guarantees.

Ready to run every matter on one system?

The AI-native control plane for legal work. Your team and AI agents in one system — your attorneys run the validation gates, with a full audit trail on every decision, start to finish.

SOC 2 Type I complete · Type II in progress · Zero-access by design — your documents stay inside your infrastructure, never stored on SwiftLaw's servers.