AIPrivacy

The attorney-client privilege problem with AI writing tools

·3 min read
Illustration of legal documents and a sealed envelope suggesting confidential attorney-client correspondence

Lawyers know better than most how much a single sentence can matter. They choose words carefully, review them twice and understand that what you put in writing can follow you for years.

Which is why it's striking that so many are pasting client information into ChatGPT.

The risk is specific

Attorney-client privilege protects communications between a lawyer and their client. It's one of the oldest and most important rules in legal practice. And it generally doesn't survive disclosure to third parties.

When you copy a client's name, facts from their case or the substance of your legal strategy into a cloud AI tool, you're sending that information to a third party's server. Whether or not the AI company promises not to sell your data, a transmission happened. The privilege analysis doesn't care about their privacy policy.

The bar hasn't moved quickly on this. But "I didn't know" isn't a defense that ages well.

The other thing lawyers often miss

Privacy policies can change. Servers can be breached. What a company promises today about data handling isn't guaranteed forever.

When a tool says "we don't store your inputs" or "we're SOC 2 compliant," they're making a policy statement. They have infrastructure. They receive your data. They've made commitments about what they do with it.

That's categorically different from a tool that was never designed to transmit your data in the first place.

What local-first means in practice

A local AI tool runs the language model on your device. When you type, the model processes your text using your Mac's processor. No API call goes out. No packet leaves the machine.

This isn't a privacy policy. It's an architecture. There's nothing to breach because there's no server holding your data.

For legal work, this changes the risk calculation entirely. Your client's name, the facts of their case, the draft brief you're refining. None of it moves.

How it fits into the way lawyers actually work

The objection you'll hear is that AI tools require a new workflow. You copy text, open a new window, prompt the model and paste the result back. That friction is real. And for lawyers billing by the hour with strict confidentiality obligations, it creates two problems: the efficiency gain is smaller than it looks, and the compliance risk is harder to justify.

Typeahead works differently. It installs as a Mac app and then disappears. As you type in Word, Outlook, your document management system or any other app on your Mac, it suggests the next few words inline. You press Tab to accept or keep typing to ignore it. There's no new window. No copy-pasting. No prompting.

The AI is ambient. And because it runs locally, so is the privacy protection.

A practical note

Not all legal work carries the same sensitivity. A form letter is different from case strategy. Research memos are different from client communications.

The question worth asking before using any AI tool: what's the most sensitive thing I'll type while this is running? For most lawyers, that answer leads quickly to the conclusion that local-first is the only category worth considering.

Typeahead

Typeahead is an AI autocomplete tool for Mac that works system-wide. We write about AI, productivity, and the craft of putting words together.