The people at your firm are already using AI. The hard part is not deciding whether to allow it. It is writing down how it can be used, by whom, and on what, so the answer holds up if a client, a court, or your malpractice carrier ever asks.
Most firms are behind on that step. In the International Legal Technology Association’s survey, only about 45 percent of firms had an official policy on generative AI use. Clio’s Legal Trends data found a similar pattern: roughly four in five legal professionals were using AI tools, while a large share of firms still had no formal governance for it. The usage is here. The governance is the part that lags.
In 2024 the American Bar Association gave firms a map. ABA Formal Opinion 512 does not ban AI, and it does not require any particular document. It holds that the duties lawyers already have all apply to generative AI: competence, confidentiality, communication, supervision, candor, and reasonable fees. A good policy turns those duties into rules people can follow.
A one-line rule tells an associate nothing about which tool to open, what they can paste into it, or what they have to check before the result reaches a client. It gives a partner nothing to supervise against either. Opinion 512 frames AI use through the duty to supervise, and you cannot supervise a rule that has no specifics. The sections below are the specifics worth writing down.
Decide which tools are allowed, and for what
The first job of the policy is a list. Which AI tools are approved, and for which kind of work. The line worth drawing is between general legal research on public law and anything that touches client files, matter data, or privileged work product. A public-law research question and a request to summarize a client’s deposition are not the same risk, and the policy should not treat them the same.
Name the approved tools. Say what each one may be used for. Say plainly that tools not on the list are not approved for client work. This is also where you address the tools people reach for on their own. When a firm offers no sanctioned option, attorneys paste real work into whatever is open in a browser tab, which is the “shadow AI” problem in one sentence. A short approved list governs behavior that is already happening.
Spell out where client data is allowed to go
This is the confidentiality section, and it is the one Opinion 512 leans on hardest. Under Model Rule 1.6, a lawyer must make reasonable efforts to prevent the disclosure of information relating to a client. The opinion is direct that this reaches AI: with self-learning tools whose output could expose what was put into them, the client’s informed consent is required before client information goes in.
So the policy has to answer one question for every approved tool. When an attorney uses it, does client data leave the firm’s network? For a cloud tool the answer is yes. The prompt and any attached documents travel to an outside server to be processed. For AI that runs inside the firm, the answer is no. Write down which tools fall on which side, and write down the consent step for any tool that sends data out.
For each approved tool: does it send client data outside the firm, and if so, what does the vendor do with it and has the client agreed? The firms with the cleanest answer tend to share one trait. The AI that touches client work runs inside the firm, so the answer to “where does the data go” is “nowhere.” That is the value of running a private platform inside your own network. The confidentiality analysis gets shorter because there is no transmission to analyze.
Require a human to verify every output
Opinion 512 ties AI to the supervision duties in Rules 5.1 and 5.3 and the candor duty in Rule 3.3. In plain terms, a lawyer is responsible for what the tool produces the same way they are responsible for a junior associate’s draft, and a filing that reaches a court has to be verified first. The policy should say, without hedging, that AI output is a draft until a person checks it, and that every citation is confirmed against the real source before anything is filed or sent.
This is not a hypothetical. In Mata v. Avianca (2023), a federal judge in New York sanctioned two attorneys and their firm after they filed a brief built on cases ChatGPT had invented. By 2025 the problem was no longer rare. A public database kept by researcher Damien Charlotin tracks hundreds of court decisions involving AI-fabricated citations, with the count climbing all year. A verification rule is the cheapest insurance a firm can write.
Verification is easier when the tool shows its work. AI grounded in your own approved documents, with a citation an attorney can open and read, is faster to check than a confident answer with no source behind it. The policy can favor tools that cite where each answer came from. The duty to verify does not go away, but the work of meeting it gets lighter.
Cover disclosure, billing, training, and ownership
A few shorter items round out the policy. On disclosure, decide when the firm tells clients it uses AI, and read your engagement terms, because a growing number of clients now set their own AI rules in outside-counsel guidelines. On billing, Opinion 512 says a lawyer generally may not bill a client for the time spent learning a tool for general competence, though the firm may treat AI cost as overhead, or charge for learning a specific tool when a client asks for that tool by name. On training and ownership, name who is responsible for the policy and make sure people are actually trained on it. In recent surveys more than half of firms offered no AI training at all, and a policy nobody is taught is a policy nobody follows.
See How a Private Platform Simplifies Your AI Policy
Cognetryx deploys entirely inside your firm’s or legal department’s network. Client matter data, privileged work product, and intake information never leave your controlled environment. Your existing access controls govern who can query what.
Book a Free AI Strategy Assessment →