I’m going to tell you something most managing partners don’t want to hear: your associates and paralegals are already using AI with privileged client information. Not as firm policy. Not with anyone’s sign-off. Right now, today, someone is pasting case facts into ChatGPT to speed up a first draft.

It is not malicious. It is the opposite. They are busy, the billable targets are real, and a free AI tool genuinely helps them move faster. But every time it happens, privileged client information leaves your firm and lands in a system you do not own, cannot audit, and cannot control.

This is called shadow AI: staff using AI tools that nobody at the firm approved, secured, or is watching. For a law firm, this is not an efficiency story. It is a confidentiality and privilege story.

We manage IT for firms across Southwest Florida, and we can tell you exactly how this plays out. Here is what is actually happening, why it is a bigger problem than it looks, and what to do about it.

This Isn’t a Training Problem. It’s a Privilege Problem.

The instinct, when you hear staff are using ChatGPT, is to treat it like a training issue. Send a memo. Remind everyone to be careful. Move on. That instinct is wrong, and here is why.

When someone pastes client facts into a free, consumer AI tool, that information travels to a third party’s servers. Many consumer AI tools reserve the right to use what you type to train future versions of the model. In plain terms: your client’s confidential matter can become part of someone else’s product.

Now think about what that does to privilege. Attorney-client privilege protects confidential communications, but privilege can be waived by disclosure to a third party. Handing client information to an outside AI vendor that has no confidentiality obligation to your client is exactly the kind of third-party disclosure that puts privilege at risk. And the duty of confidentiality is broader still. Under the Florida Bar rules and ABA Model Rule 1.6, it covers all information relating to the representation, regardless of source.

This is not a gray area the profession is still arguing about. In July 2024, the ABA issued Formal Opinion 512, its first formal ethics guidance on generative AI. The opinion is direct: a lawyer’s existing duties, especially competence and confidentiality, fully apply when using AI tools, and lawyers are responsible for understanding how a given tool stores and uses the information entered into it. “We did not know the tool kept the data” is not a defense. Opinion 512 is the rulebook now.

And here is the part that should really get a managing partner’s attention: you have no audit trail. If a client, a malpractice carrier, or a court asks how your firm governs AI use with client data, “we told everyone to be careful” is not an answer. You cannot produce a record of what was entered, by whom, into which tool, because the entire point of shadow AI is that it happens outside firm systems. You cannot secure what you cannot see.

The Numbers Nobody Wants in the Partner Meeting

This is not a fringe problem. The data is blunt.

Start with adoption. According to the 2026 Legal Industry Report, nearly 7 in 10 legal professionals now use generative AI for work, a figure that more than doubled in a single year. Your people are already using these tools. That ship has sailed.

Now the governance gap. That same report found only 9% of firms have a written, actively enforced AI policy, and 43% have no policy at all and no plans to create one. Put those two facts together: most of your staff are using AI, and almost no firm has rules for how. That is the exposure in one sentence.

Why it matters in dollars: IBM’s 2025 research found that shadow AI added about $670,000 to the average data breach, and 97% of organizations that suffered an AI-related security incident had no AI access controls in place. Ungoverned AI is not just a risk, it is a measurably more expensive one.

And the real currency of a law firm is client trust. Surveys of corporate legal departments have found that 60% of general counsel would consider moving their business after a single client confidentiality lapse. This is not hypothetical, either. In 2025, a mid-sized firm’s confidential settlement terms were reportedly exposed through a consumer AI tool’s saved chat history.

Why “Just Tell Everyone to Stop” Doesn’t Work

Plenty of firms, once they realize this is happening, land on the same first move: ban it. No AI tools. Period. We understand the instinct. It is also the move most likely to fail.

Your associates and paralegals did not start using AI because they are careless. They started because they are under pressure. Billable targets, filing deadlines, document volume. A tool that turns a two-hour task into twenty minutes is a real, immediate relief. Take that away without giving them anything in its place and you have not solved the problem. You have pushed it onto personal laptops and personal accounts, where the firm has even less visibility than before.

A ban with no alternative is not a policy. It is a hope. The firms that actually get shadow AI under control do the opposite: they give the firm one sanctioned tool that is safe to use, and then they write down the rules. Lead from the top, tell people clearly what they can and cannot do, and make sure the safe option is sitting right there when they need it. People will use it when it works.

What Shadow AI Actually Looks Like in a Law Firm

If you are not sure whether this applies to your firm, here is where it tends to show up. It is rarely one rogue associate. It is small, reasonable shortcuts spread across roles.

Associates summarizing deposition transcripts and discovery documents. Paralegals drafting motions and client correspondence. Intake staff cleaning up notes full of sensitive personal and case details. Legal assistants generating routine letters and memos.

Every one of those tasks is legitimate legal work. And every one of them, done in a free public tool, sends privileged or confidential client information outside the firm’s control. The tasks are fine. The tool is the problem.

Closing the Gap Is an IT Fix, Not a Memo to Staff

Here is the good news, and it is genuinely good news: this is a solvable problem, and the solution is not “ban AI and let your competitors pull ahead.”

The fix is to replace scattered, unmanaged consumer tools with one secure AI platform the whole firm can actually use. This is an infrastructure decision, the same way modernizing your document management system or tightening your email security is an infrastructure decision. It belongs with your IT, not in a staff memo.

A secure, organizationally managed AI platform looks nothing like a free chatbot:

• Your data stays yours. It is isolated to your firm’s instance and is never used to train public models.
• You get a full audit trail. Every AI interaction is logged, so you can actually document due diligence and ethics compliance if you are ever asked.
• Access is role-based. A summer clerk should not have the same access as a partner, and you can set that.
• It is built for confidentiality. The platform we deploy is SOC 2 audited and penetration tested on a regular schedule.
• It is centrally managed. When an associate leaves, their access goes with them. With a personal ChatGPT account, every client detail they entered walks out the door too.

This is the part firms miss when they are stuck in “AI is a risk” mode: done right, this is not just damage control. It is a productivity gain. The same platform that closes your privilege gap also gives the firm pre-built workflows for the work that eats junior time, things like document summarization, first-draft generation, and research assistance, all inside guardrails. AI here is not about cutting headcount. It is about getting your attorneys’ time back for the work clients actually pay for.

One more thing worth saying plainly: this is not a six-figure enterprise project. The platform we deploy uses credit-based billing, so you pay for what the firm actually uses, not a flat per-seat fee for every login. Most firms start with one use case, see it work, and expand from there.

Where to Start

You do not have to solve all of this at once. If shadow AI is a blind spot at your firm right now, here is a sane order of operations.

1. Find out what is actually being used. You cannot manage a problem you have not measured. Start by understanding which tools your staff have already adopted.
2. Give the firm a secure, sanctioned alternative. Stand up one managed AI platform so there is a clear right answer to “what should I use?”
3. Write the policy and lead from the top. A one-page AI acceptable use policy, communicated by firm leadership, beats a vague “be careful” every time. ABA Opinion 512 expects this kind of governance.
4. Show the team the wins. Adoption sticks when people see the tool save them real time. Start with one painful workflow and let the results sell it.

Find Out Where Your Firm Stands

Most firms we talk to are somewhere in the 43% with no AI policy and no real idea how much AI is already in use across their staff. The first step is simply finding out.

We built a short Shadow AI Risk Self-Assessment for exactly this. It takes a few minutes, it is free, and there is nothing to download or sign up for. You answer a handful of straight questions about how your firm handles AI, and you get a clear read on where your exposure is.

If you would rather just talk it through, that works too. Call us at (941) 315-2380 and we will give you an honest picture of where you stand. No pressure, no pitch.

FAQ: AI and Client Confidentiality

Can using ChatGPT with client information waive attorney-client privilege?

It can put privilege at risk. Privilege protects confidential communications, but disclosing client information to a third party outside the representation can waive it. A free consumer AI tool is a third party with no confidentiality obligation to your client and no agreement governing how the data is stored or used. The safer path is an AI platform that keeps your firm’s data isolated and never exposes it to outside parties.

What does ABA Formal Opinion 512 say about AI?

Issued in July 2024, Formal Opinion 512 is the ABA’s first formal ethics guidance on generative AI. It confirms that a lawyer’s existing duties, especially competence under Model Rule 1.1 and confidentiality under Model Rule 1.6, fully apply when using AI tools. Lawyers are expected to understand how a given tool stores and uses the information entered into it. State bars, including the Florida Bar, apply the same underlying confidentiality rule.

Can I just ban AI tools at my firm?

You can, but a ban with no alternative usually backfires. Staff use AI because it helps them hit deadlines and billable targets, and removing it without a replacement tends to push usage onto personal devices where the firm has no visibility at all. A more effective approach is to give the firm one secure, approved AI platform and a clear written policy, so the safe option is also the easy one.

What makes an AI platform safe for a law firm?

A secure AI platform keeps the firm’s data isolated to its own instance and never uses it to train public models. It provides a full audit trail for ethics documentation, role-based access controls so staff only get the access they need, and independent security validation such as SOC 2 audits and penetration testing. Free consumer tools offer none of these by default.

How do I find out if my staff is already using AI?

Start by asking, without making it punitive, since most staff use these tools to keep up with the workload rather than to cut corners. From there, an organizationally managed AI platform gives the firm real visibility into who is using AI and for what. Our Shadow AI Risk Self-Assessment is a quick, free way to gauge your firm’s current exposure and decide where to focus first.

Dylan Borden runs operations at Four Winds IT, a managed IT company headquartered in Sarasota, Florida. Four Winds serves law firms and businesses across Southwest Florida with a focus on transparent pricing, security that fits the size of your firm, and actually answering the phone. Connect with Dylan →