The GC's AI Decision Framework: Workflows, Privilege, Ethics, and Vendor Evaluation

See also (wiki): ai-vendor-contracts · ai-acceptable-use-governance · ai-output-quality-governance

Executive Summary

• Privilege is the first question, not the last. Two federal court decisions from February 2026 settled early doctrine: using consumer AI tools without counsel direction destroys attorney-client privilege. Enterprise tools used at counsel’s direction can preserve work product protection. The platform’s privacy policy is now legally relevant evidence in privilege disputes.
• ABA Formal Opinion 512 (July 2024) is the ethics floor, but state bars are raising it. Texas (Feb 2025), New York (2025), Florida, and California have all added jurisdiction-specific requirements — notably, Texas Opinion 705 flags that prompting an AI tool with legal strategy may itself constitute disclosure of privileged mental impressions.
• The GC’s vendor evaluation question differs from the CIO’s. The CIO asks about uptime and integration. The GC must ask: what is the production-condition hallucination rate on legal citations? Stanford research found 17% error rates for Lexis+ AI and 34% for Westlaw AI-Assisted Research — numbers that translate directly to malpractice and sanctions exposure.
• Standard vendor contracts contain an AI training data trap. Most AI vendors default to training on customer inputs unless the contract explicitly restricts it. Every vendor agreement signed in the last 18 months should be audited for this clause.
• Courts hold individual counsel responsible, not the IT department. When lawyers are sanctioned for AI hallucinations, sanctions attach to the attorney who filed the document — regardless of who selected the tool. GCs who delegate AI decisions entirely to IT create personal liability risk.

1. Which Legal Workflows Are AI-Appropriate Today

The risk-appropriateness of AI varies by workflow. A useful frame: how consequential is a false positive or false negative, and who reviews the output before it has legal effect?

Lower-risk, higher AI readiness:

• Contract first-pass review — AI identifies nonstandard clauses against a playbook. Human attorney makes all accept/redline decisions. Error consequence: wasted review time, not a filed document. Thomson Reuters 2026 data shows 74% of legal professionals now use AI for document review; 49% for contract work specifically.
• Legal research starting points — AI identifies potentially relevant cases or statutes. Attorney verifies every citation before filing or advising. Error consequence: correctable before any harm if verification step exists.
• Discovery document categorization — AI triages volume for human review. Error consequence: potential missed relevant document, which is lower risk than false positives in legal research if review protocol is well-designed.
• Compliance monitoring dashboards — AI flags regulatory changes or contract renewal triggers. Human reviews and acts. Error consequence: alert fatigue or missed flag, but human decision remains gatekeeper.
• Board minutes and internal drafting — AI drafts from notes; GC reviews and revises before any minutes are finalized. Error consequence: contained within internal process if GC review is mandatory.

Higher-risk, requiring explicit verification protocols:

• Legal research for filed documents — hallucination rate of 17-34% on commercial legal AI platforms (Stanford) means every citation must be independently verified before filing. Courts have sanctioned attorneys for AI-hallucinated citations; over 200 judges have now issued specific AI guidance.
• Privilege log generation — automated privilege identification without attorney review introduces waiver risk. Requires attorney sign-off on every entry.
• Client advice memoranda — AI-drafted advice that goes directly to a client without senior attorney review is inconsistent with ABA Rule 1.1 competence obligations.

The practical dividing line: AI is a drafting and research assistant where a trained attorney reviews before any output has legal effect. The moment AI output bypasses attorney review and reaches a court, regulator, or client, the ethical and liability exposure escalates significantly.

2. Privilege Implications — What the 2026 Cases Established

Two February 2026 federal court decisions created the first concrete privilege doctrine for AI use.

United States v. Heppner (S.D.N.Y., Feb. 2026, Judge Rakoff): A criminal defendant’s written exchanges with the Claude AI platform were not privileged. The court’s reasoning was straightforward: no attorney-client relationship exists with an AI platform. The AI service’s privacy policy, which reserved the right to disclose user data to third parties, also defeated any confidentiality expectation. For work product purposes, even if materials were litigation-related, they were not prepared by or at counsel’s direction, and did not reflect counsel’s strategy.

Warner v. Gilbarco (E.D. Mich., Feb. 2026): The court reached the opposite conclusion on work product — but for materials prepared by a party using AI as a drafting tool, explicitly under litigation conditions. The reasoning: generative AI platforms are “tools, not persons.” Using AI to draft is no different than using a word processor. Work product protection attaches to the party’s thought process, not the medium.

The practical framework that emerges from both cases:

• Consumer AI without counsel direction → no privilege, no work product
• Enterprise/closed AI used at counsel’s direction → work product arguments survive; privilege still requires attorney-client relationship, not just attorney proximity
• Platform privacy policy is evidence — a vendor’s data disclosure practices are now legally relevant in privilege disputes, not just a vendor-selection concern
• Texas Opinion 705 adds a pre-use concern: the act of prompting an AI with legal strategy or privileged facts may itself constitute disclosure. GCs must evaluate what goes into the prompt, not only what comes out.

The single most protective step a GC can take: route all AI use on privileged matters through a closed enterprise system with a contractual non-training, non-disclosure commitment, and document counsel’s explicit direction of that AI use.

3. Ethics Rules — ABA and State Bar Obligations

ABA Formal Opinion 512 (July 29, 2024) establishes three core obligations:

1. Competence (Rule 1.1): Attorneys must have a “reasonable understanding” of AI capabilities and limitations — not technical expertise, but enough to know when output requires verification and when a tool is unsuitable for a task. Uncritical reliance is “almost certainly malpractice.”

2. Supervision (Rules 5.1, 5.3): Firm managers must establish written AI use policies and ensure compliance. Nonlawyers and contractors using AI must be trained on ethical obligations and confidentiality requirements. Supervision duties do not evaporate because AI is involved — they extend to AI output.

3. Confidentiality (Rule 1.6): Attorneys must understand the data practices of every AI tool. Open-data tools that train on inputs require client consent before use with confidential matter information. Closed-system tools with contractual non-training commitments carry lower risk.

State additions worth flagging:

• Texas Opinion 705 (Feb. 2025): The TRAIL framework (Transparent, Responsible, Accurate, Informed, Lawful). Adds the prompt-as-disclosure concern: describing client facts to an AI may expose privileged mental impressions.
• New York 2025-6: Attorneys must obtain client consent before using AI to record and transcribe attorney-client conversations. The consent and accuracy-verification requirements are explicit and go beyond the ABA framework.
• Florida Opinion 24-1: Disclosure to clients is required when AI use affects billing or costs. If AI reduces time spent on a task, that reduction must be reflected — billing for hours AI replaced is an ethics issue.
• California: Requires consulting IT/cybersecurity experts before deploying AI on confidential matters. The technical due diligence obligation is explicit in California guidance.

The common thread across all jurisdictions: attorney responsibility does not transfer to the AI vendor or to IT. The GC who signs off on a matter retains full professional responsibility for all AI-assisted work product in that matter.

4. Vendor Evaluation — GC Criteria vs. CIO Criteria

The CIO asks about API uptime, SOC 2 compliance, and enterprise integration. Those questions matter, but they do not address the GC’s specific exposure. The GC’s additional required questions:

Accuracy and hallucination:

• What is the production-condition hallucination rate on legal citation tasks — not on vendor-selected benchmark documents?
• Is the model fine-tuned on legal domain data, or is it a general-purpose model with a legal interface?
• What is the training data cutoff, and how does the tool handle jurisdiction-specific law post-cutoff?

Privilege protection:

• Is this a closed system? Does the vendor have a contractual non-training commitment on customer data?
• What does the privacy policy say about data disclosure rights? (This is now legally relevant — Heppner.)
• Can the vendor produce documentation of data isolation for audit purposes?

Indemnification:

• Does the vendor’s contract indemnify for AI-generated legal errors, fabricated citations, or jurisdictional inaccuracies that result in sanctions or malpractice claims? Standard SaaS indemnification does not cover this.
• Gartner (April 2026) recommends GCs separately evaluate AI-specific insurance coverage, as most existing professional liability policies predate these risks.

Jurisdiction coverage:

• Which jurisdictions does the tool validate against? Many legal AI products have strong federal and large-state coverage but significant gaps in smaller jurisdictions, administrative law, and non-litigation practice areas.

Governance documentation:

• Does the vendor provide testing and monitoring documentation that could be produced to a court or bar disciplinary body if attorney output is challenged?

The Stanford error-rate findings — 17% for Lexis+ AI, 34% for Westlaw AI-Assisted Research — are the benchmark numbers GCs should use in internal discussions. Any vendor claiming lower error rates should be asked to provide methodology: task type, jurisdiction, document complexity, and whether verification against official sources was included.

5. AI Clauses in Contracts the GC Negotiates

Beyond vendor risk, AI language is appearing in contracts from the other direction — customer agreements, employment terms, and partnership agreements where the GC is the reviewer, not the drafter.

In vendor and customer contracts:

• Training data restriction clauses: The default is that vendors train on customer inputs. Explicit restriction language is now market-standard for enterprise agreements and should be treated as a minimum ask, not a negotiating stretch.
• AI use disclosure requirements: Customers are increasingly requiring disclosure when AI is used to deliver services, particularly for legal, compliance, and advice functions.
• Human review requirements: Some customer contracts now require human attorney review for any AI-generated legal work product delivered under the agreement.

In employment agreements:

• Illinois HB 3773 (effective January 2026): Prohibits AI use in hiring/employment decisions that causes discriminatory effects on protected characteristics. Requires employer notification when AI systems are used for recruitment. GCs at companies operating in Illinois must audit HR AI tools for compliance.
• Non-disclosure scope: Employee confidentiality agreements may need AI-specific language prohibiting entry of company confidential information into consumer AI tools — a gap in most agreements drafted before 2024.

In partnership and services agreements:

• IP ownership of AI-generated deliverables is increasingly a negotiating point when the work product is analytical or advisory rather than clearly creative.
• Indemnification for AI-generated errors in delivered work is a gap most services agreements do not address.

The practical action: the GC’s standard contract review checklist needs an AI section. The questions are: does this agreement permit the counterparty to use our data to train their AI? Does this agreement create obligations or liabilities around AI use that our current practices do not satisfy? Is there a jurisdiction-specific AI regulation that this agreement implicates?

Key Data Points

What This Means for Your Organization

The GC’s AI decision is not primarily a technology decision. It is a professional responsibility decision, a privilege management decision, and a contract risk decision — all of which happen to involve technology. The CIO’s vendor evaluation framework, applied without modification, will produce a tool that creates ethics violations, privilege waivers, and unindemnified legal errors. The court decisions and bar opinions of the past 18 months have made this concrete: attorney responsibility does not transfer to the AI platform or to IT, full stop.

The highest-priority action is a privilege protocol — a written policy that specifies which AI systems may be used on privileged matters, what prompt content is prohibited, and how counsel direction is documented. This protocol protects against Heppner-type outcomes where the platform’s own privacy policy destroys privilege claims. It also creates a defensible record if bar disciplinary questions arise.

The second-priority action is a contract audit. Every vendor agreement signed in the past 18 months likely contains AI training data defaults that were not specifically negotiated. Those defaults may mean company confidential information and privileged communications are being used to improve a vendor’s general-purpose AI models today. Restricting that use prospectively requires contract amendment.

If this raised questions specific to your organization — particularly around privilege protocol design, vendor contract review, or state-specific ethics obligations — I’d welcome the conversation: brandon@brandonsneider.com.

Sources

1. ABA Formal Opinion 512 — “Generative Artificial Intelligence Tools,” July 29, 2024. ABA Standing Committee on Ethics and Professional Responsibility. Full text: https://www.americanbar.org/content/dam/aba/administrative/professional_responsibility/ethics-opinions/aba-formal-opinion-512.pdf — Credibility: HIGH (authoritative; formal ethics opinion)

2. Texas State Bar Opinion 705 — February 2025. Texas Center for Legal Ethics. https://www.legalethicstexas.com/resources/opinions/opinion-705/ — Credibility: HIGH (formal bar opinion; TIER 1)

3. NYC Bar Formal Opinion 2024-5 — “Generative AI in the Practice of Law.” https://www.nycbar.org/reports/formal-opinion-2024-5-generative-ai-in-the-practice-of-law/ — Credibility: HIGH (formal bar opinion; TIER 2)

4. NYC Bar Formal Opinion 2025-6 — “Ethical Issues Affecting Use of AI to Record, Transcribe, and Summarize Conversations with Clients.” https://www.nycbar.org/reports/formal-opinion-2025-6-ethical-issues-affecting-use-of-ai-to-record-transcribe-and-summarize-conversations-with-clients/ — Credibility: HIGH (formal bar opinion; TIER 1)

5. United States v. Heppner — S.D.N.Y. (Judge Rakoff), February 2026. Analysis: https://harvardlawreview.org/blog/2026/03/united-states-v-heppner/ and https://perkinscoie.com/insights/update/heppner-and-gilbarco-courts-apply-privilege-and-work-product-protection-generative — Credibility: HIGH (federal court decision; TIER 1)

6. Warner v. Gilbarco — E.D. Mich., February 2026. Analysis: https://perkinscoie.com/insights/update/heppner-and-gilbarco-courts-apply-privilege-and-work-product-protection-generative — Credibility: HIGH (federal court decision; TIER 1)

7. Thomson Reuters Institute — 2026 AI in Professional Services Report — February 2026. Summary: https://nydailyrecord.com/2026/02/13/ai-in-the-legal-profession-highlights-from-the-2026-thomson-reuters-report/ — Credibility: HIGH (n=2,300+ GC interviews; primary data; TIER 1)

8. Gartner — General Counsel Should Assess AI Insurance — April 2, 2026. https://www.gartner.com/en/newsroom/press-releases/2026-04-02-gartner-says-general-counsel-should-assess-ai-insurace0to-mitigate-ai-risks — Credibility: MEDIUM (advisory firm; recommendation, not empirical finding; TIER 1)

9. Corporate Compliance Insights — AI Risk 2026: Critical Changes for General Counsel — https://www.corporatecomplianceinsights.com/ai-risk-2026-critical-changes-general-counsel/ — Credibility: MEDIUM (trade publication; cites Stanford hallucination data; TIER 1)

10. ACC Artificial Intelligence Toolkit for In-House Lawyers — April 2025. https://www.acc.com/resource-library/artificial-intelligence-toolkit-house-lawyers — Credibility: HIGH (practitioner organization; practitioner-developed framework; TIER 2)

11. Taft Law — Expanding Prevalence of AI Clauses in Contracts — https://www.taftlaw.com/news-events/law-bulletins/the-expanding-prevalence-of-ai-clauses-in-contracts/ — Credibility: MEDIUM (law firm publication; practitioner perspective; TIER 1)

12. Oregon State Bar Formal Opinion 2025-205 — https://www.osbar.org/_docs/ethics/2025-205.pdf — Credibility: HIGH (formal bar opinion; TIER 1)

Brandon Sneider | brandon@brandonsneider.com April 2026