Warning: Your Lawyer May Be Wildly Leaking Your Privacy
Lawyers who input client information into online AI platforms risk violating confidentiality duties, as major AI services claim permanent usage rights over all user-submitted data for model training and third-party sharing.
“Lawyer, I need to consult you about something. My husband cheated on me and transferred all our savings away. Here are the bank transfer records, purchase records, and chat logs with that woman that I found…”
“OK, got it. Let me analyze your situation first, please give me a moment.”
The lawyer skillfully opened a well-known AI platform and copied all the information the client had just sent into the dialog box, including bank statements, transaction records, chat logs, every detail without omission. Then he habitually pressed Enter, picked up his teacup for a sip, and calmly waited for the AI’s analysis results.
“AI is so convenient!”
This scene is playing out tens of thousands of times every day in law firms across the country. Clients entrust their most private information to lawyers, expecting professional legal help. Yet they never imagine their privacy is undergoing an unprecedented digital漂流 — this information is sent to a distant server, may be used to train new AI models, may be accessed and used by third parties, and could even appear in completely unexpected places someday.
What’s more concerning is that many lawyers themselves are not aware of the severity of the problem.
This article represents only the author’s personal views and does not constitute legal advice or legal opinion.
I. Lawyers’ New Darling: AI Assistants
In this era of information explosion, legal professionals are also seeking efficiency breakthroughs.
Ever since large language models like ChatGPT, Claude, Tongyi Qianwen, and Wenxin Yiyan burst onto the scene, AI has become an indispensable assistant on many lawyers’ desks. From organizing case points to drafting legal documents, from conducting case law searches to preparing defense strategies, AI’s capabilities are impressive. More and more lawyers are discovering that with AI’s help, they can handle more cases in less time and provide more timely legal services.
According to research from the “First Global Report on the State of Artificial Intelligence in Legal Practice” (download link at the end) as of April 2024, over 51% of law firms (based on a survey of more than 200 global law firms involving nearly 100,000 legal professionals) are already using AI tools in their daily work, and this number is rapidly climbing. Young lawyers even consider AI a “must-have skill” for career development, and some law firms have started to include AI proficiency as one of the criteria for recruiting new hires.
However, behind this “AI fever” lurks a significant privacy security risk. As lawyers rush to embrace new technologies, have they ever considered that they are trading their clients’ privacy for improved work efficiency?
II. The Shocking Truth: Your Secrets May No Longer Be Secrets
When a lawyer sends a client’s information to an online AI platform, the lawyer only sees the AI fluently outputting large chunks of text based on the materials. But what actually happens to this information is far more complex than imagined.
Initially, this information is collected and stored long-term (permanently) by the AI service provider on its servers. Although providers claim this is to improve service quality, it also means that the client’s private information may be permanently stored in some database of the provider.
Then, this information is likely used as training material for AI models, fed into GPU servers for repeated training to “improve models and services.” The client’s personal privacy, trade secrets, etc., may all be transformed into “knowledge sources” when AI answers others’ questions.
One more easily overlooked point is that, according to most AI platforms’ terms of service, this data may be shared with third parties.
If a lawyer chooses to use a well-known overseas AI service provider, the client’s information may also be transmitted to other countries or regions, thus falling under completely different legal jurisdictions.
The fate of this data is then no longer in their own hands.
Would using domestic AI services be safer?
III. The Naked User Agreements: They Already Explained Everything
In fact, major AI platforms have always been “transparent” about their use of user data — it’s all clearly written in the user agreements, but few people actually read these complex, lengthy legal texts.
Most users simply enter their phone number, fill in a verification code, casually check “Agree to User Agreement,” and start enjoying the convenience of AI services.
Let’s take a look at how several mainstream AI platforms’ user agreements and privacy policies handle user information:
Tongyi Qianwen
The “Tongyi Product User Agreement” and “Privacy Agreement” clearly state the following:
- User input (text, voice, images, videos, etc., including input, replies, and generated content) is subject to manual review, meaning privacy protection depends on the professional ethics of the reviewers.
- Tongyi (Alibaba) has permanent data usage rights — not just direct usage rights, but also the right to freely transfer, sublicense, and re-license to third parties. Usage purposes include not only model and service optimization but also marketing, promotion, academic research, and other purposes. Simply put, Alibaba can use it however it wants.
- All information from AI conversations, including text, voice, images, files, URLs, etc., will be collected for Tongyi product improvement and optimization.
- All information entered during use is defined as “necessary personal information” and will be analyzed and processed.
KIMI
KIMI is favored by some lawyers for its ultra-long context and ability to receive large files for “reading.” However, KIMI’s “User Agreement” and “Privacy Agreement” also express a “thirst” for data:
- Whether using the smart assistant, web service, or browser assistant, all data communicated with AI will be collected and used to improve and迭代 the product and service.
- Various types of information provided, published, or generated during the use of Kimi must grant Moonshot AI permanent usage rights and the right to sublicense to third parties.
- Of course, they can also review the information entered by users.
Wenxin Yiyan
As a pioneer among domestic models, Wenxin Yiyan’s “User Agreement” and “Privacy Agreement” are also watertight:
- Also has the right to retrain
- Also has content review rights
- Also has content usage rights
- Additionally, the output of Wenxin Yiyan, including all rights within copyright, belongs to Baidu:
These platforms’ “User Agreements” and “Privacy Agreements” all clearly state that they have broad and permanent usage rights over the information entered by users. When lawyers input information into these platforms, the platforms can use this content for model training, service optimization, business analysis, and other purposes, or share it with third parties.
This authorization and usage is basically irrevocable.
IV. This is Not Just a Privacy Issue, It’s a Legal Risk
When communicating with peers, I find that many lawyers often overlook the privacy leakage risks that may arise when using online AI.
Article 38 of the “Lawyers Law of China” clearly stipulates that lawyers have a strict duty of confidentiality regarding clients’ personal privacy and trade secrets. This is not only a basic requirement of professional ethics but also a mandatory legal provision.
Common behaviors such as casually entering client information into public AI platforms, “storing client materials in AI databases,” or sending client trade secrets to AI for reading not only may violate lawyers’ professional ethics but may also constitute breach of contract or even violate legal provisions.
Put yourself in their shoes: as a party involved in a divorce lawsuit, you certainly would not want the details of your personal family disputes to be used for AI model training, nor would you accept that this information could be obtained by third parties. Similarly, as a business operator handling a commercial dispute, you would not allow your company’s trade secrets to be exposed to third parties, let alone competitors.
Once an information leak occurs, the consequences can be catastrophic:
Lawyers may face complaints and claims for compensation from clients, and in severe cases, may have their practicing certificates revoked or even face criminal liability;
And the clients may suffer incalculable losses.
V. How to Protect Your Privacy?
As a client, safeguarding your own privacy rights cannot solely rely on the lawyer’s professional ethics. However, in an environment where AI technology is becoming increasingly prevalent, strictly requiring lawyers not to use AI tools may be overly demanding.
Therefore, when entrusting a lawyer with a case, clients may also consider taking the following proactive measures:
First, proactively inquire about the lawyer’s use of AI tools. Clients need to clearly ask whether the lawyer will use AI-assisted tools to handle the case. If so, which platforms will be used, whether they are online or local models, whether the data is stored domestically, and what role the AI tool will play in case handling. Knowing this information not only helps assess the risk of information leakage but also provides an important basis for subsequent preventive measures.
Second, ask the lawyer to explain their client information protection mechanism. For example, ask whether the law firm has established a specialized data security protection system for lawyers’ compliant use of AI, how access rights to client information are set during AI use, whether technical measures are in place to prevent information leakage, and how they would respond if a leak occurs. Understanding these compliance mechanisms helps assess the information security management level of the lawyer and their firm, while providing a reference for agreeing on specific confidentiality measures.
Additionally, when signing the engagement agreement, be sure to request the addition of information use restriction clauses. These clauses should clearly specify the scenarios where AI tools are permitted, require the lawyer to obtain the client’s written consent before using online AI tools, stipulate compensation liability for violating information use restrictions, and establish a regular information use reporting mechanism. Considering that some leading law firms have already considered building their own AI databases or even training their own AI models, it is also necessary to specify the usage rights of case data and whether internal use by the firm is allowed.
Finally, throughout the case handling process, clients should remain highly vigilant. If they discover that a lawyer has entered information into a public AI platform without authorization, clients should take immediate action. In addition to raising a formal objection in writing and requesting deletion of the relevant content with proof of deletion, they should also ask the lawyer to assess the potential risks. If necessary, clients can also seek help from regulatory authorities such as the local Bar Association or the Bureau of Justice.
VI. Advice for Lawyers
In the wave of digital transformation, especially after experiencing the convenience brought by AI, it is clearly unrealistic to require lawyers to completely abandon the use of AI tools. But this does not mean that we, as lawyers, can give up defending our clients’ privacy or “trade privacy for convenience.”
For lawyers, the priority is to find the right balance between improving efficiency and protecting privacy. And the foremost step is to establish a clear understanding of AI tool usage: online AI may pose data risks.
Before deciding to use an AI tool, lawyers should carefully assess the actual need and consider whether there are safer alternatives. When AI tools are truly necessary, priority should be given to locally deployable solutions; if online AI tools must be used, develop good habits for handling data.
For example, before inputting materials, text, or language data into AI, remove any information that may involve personal identity, such as names, addresses, and ID numbers, as well as various types of privacy information and trade secrets — de-sensitize the data; or only use AI for basic legal questions, text polishing, and other content unrelated to client information.
Of course, the most important point is that all of this must be based on the client’s informed consent. Lawyers can add a dedicated clause to the engagement agreement, detailing the types of AI tools that may be used, the specific purpose and scope of their use, and the corresponding confidentiality measures.
At the same time, lawyers need to closely monitor the privacy policy dynamics of the AI tools they use. It is well known that major platforms often update their user agreements and privacy policies from time to time, and seemingly minor policy adjustments may conceal significant privacy risks. Therefore, lawyers should establish a systematic regular review mechanism to ensure that the AI tools they use always meet professional ethics standards and legal requirements.
Only in this way can lawyers enjoy the convenience brought by technological progress while fulfilling their confidentiality obligations in accordance with professional ethics.
VII. Local Deployment: A Safer Choice
Of course, compared to using various online AI services, locally deploying AI models and services is a viable option.
Although local models may not yet match online large models in performance (except for speech-to-text models, where Tongyi’s online and locally open-source models are essentially the same), and hardware may also be a concern, their advantage in privacy protection is indisputable.
Local deployment means that all data is processed and stored on the lawyer’s own computer or server, fundamentally eliminating the risk of information leakage. More importantly, locally deployed models can be customized with security configurations and performance optimizations to meet specific compliance requirements.
I have been dedicated to creating and building various local AI services and office plugins and am happy to share them with colleagues for free. The goal is to promote the compliant use of AI in the legal industry, allowing more colleagues, as well as those who cannot use online AI services due to position considerations, to enjoy the convenience brought by AI development within a compliant framework.
Of course, local model deployment presents more challenges compared to the “open a webpage and use it” convenience of online AI services. In addition to needing certain technical knowledge to properly configure and manage local models and plugins, hardware investment (such as high-performance CPUs or graphics cards) is also a factor to consider.
However, as technology advances, various makers continue to release user-friendly software, and hardware costs decrease, these issues will gradually be resolved.
VIII. Conclusion
As people’s understanding of AI privacy issues deepens, countries around the world are exploring the balance between AI development and compliance.
Domestically, various AI-related laws and regulations are being continuously improved, and regions are rapidly introducing various “first cases.” Although there may be some controversy over the cases and judgments from the perspective of those who understand the core principles of AI, the efforts in AI compliance domestically are still evident. Overseas, the EU’s “Artificial Intelligence Act” has officially taken effect, and new regulations such as the “General-Purpose Artificial Intelligence Code of Practice” are on the way. The introduction and improvement of these laws and regulations provide clearer guidance for the standardized use of AI tools.
Technological development has always been a double-edged sword. The convenience AI brings to the legal industry is obvious, but the risk of privacy leakage cannot be ignored. Both lawyers and clients need to maintain a clear understanding of this. For lawyers, this is not just about technology use but a direct reflection of professional ethics; for clients, it is directly related to their vital interests. When a client walks through the door of a law firm, they expect professional legal services, not to expose their secrets to unknown risks.
In this era of rapid AI iteration, safety awareness must keep pace with technological development. When a lawyer says “let me check with AI,” the client might want to ask one more question: “Where will my information go?”
Everyone’s privacy deserves better protection.
