Back to Blog
Tips & Guides

AI, Attorney-Client Privilege, and Zero Data Retention: What Law Firms Should Verify Before They Paste

State bars and courts are tightening AI guidance. Here's how zero data retention (ZDR), no-training API terms, and matter-scoped workflows help firms use AI without treating ChatGPT like a confidences vault.

June 5, 2026
MyLawyerLink Team
ai-for-lawyers attorney-client-privilege law-firm-security zero-data-retention legal-tech compliance redwell

Partners and ethics committees are no longer debating whether lawyers will use generative AI. The live questions in 2026 are narrower and harder: Where does client material go when someone hits “summarize”? Does the vendor keep it? Does it train the next model? And does your workflow still support privilege and confidentiality if the answer to either retention question is “maybe”?

Search traffic reflects that shift. Firms look for attorney-client privilege and generative AI, zero data retention for law firm AI, and whether AI tools train on client data—not because they want a white paper on transformers, but because state bars, courts, and clients are asking for defensible answers.

This article explains what zero data retention (ZDR) and no-training commitments actually mean in vendor contracts, how that intersects with Rule 1.6–style confidentiality duties, and how MyLawyerLink routes AI features so firms can adopt assistance inside matter workflows instead of exporting confidences to consumer chat tabs.

Not legal advice. Ethics rules vary by jurisdiction. Use this as an operational checklist and talk with your bar counsel or malpractice carrier about firm policy.

Why privilege and AI became a committee meeting

Three developments converged:

  1. Sanctions and discipline for careless AI use — Courts have sanctioned lawyers who filed AI-generated citations that did not exist. That is a competence and candor problem, but it raised the stakes for every tool that touches pleadings and research.
  2. A wave of state bar guidance — Ethics opinions and practical guides from bars including Florida (Opinion 24-1), California (generative AI practical guidance), D.C. (Opinion 388), New York City (generative AI in practice), and North Carolina (2024 Formal Ethics Opinion 1) repeat the same theme: lawyers remain responsible for competence, supervision, and confidentiality when using AI.
  3. Consumer AI is the wrong default — Many free or consumer-tier products are designed to learn from usage. D.C. Opinion 388 explicitly flags tools that save inputs or improve answers for future users outside the firm as a confidentiality red flag—and points to zero data retention arrangements as one way business customers address that risk.

None of those sources say “never use AI.” They say know what you are sending, to whom, under what retention and training terms, and with what human review.

Zero data retention vs. “we probably delete stuff”

Zero data retention (ZDR) is a contractual and technical commitment: for a given API request, the provider does not retain your inputs and outputs beyond what is strictly necessary to return the response (and does not use that content to improve models for other customers). It is not the same as:

  • A consumer chat history toggle in a browser
  • A vendor marketing slide that says “enterprise-grade security” without naming retention
  • Your firm deleting a thread locally while a sub-processor still logged the prompt

For law firms, ZDR matters because confidentiality is not only about hackers. It is about whether client confidences become someone else’s training data or sit in a vendor warehouse you never mapped on your conflicts checklist.

No model training is a related but separate promise: even if a provider briefly processes a prompt, commercial API terms for major model vendors typically prohibit using API customer content to train foundation models. You still want that in writing, and you still want ZDR when the sensitivity of the matter demands minimal vendor-side copies.

Questions your vendor checklist should answer

Before any tool processes client material, ask:

Question Why it matters
Is this the consumer product or a commercial API / enterprise path? Consumer tiers often have different retention and training defaults.
Does the contract include ZDR or equivalent zero retention language? Bars increasingly treat “will my input reappear for strangers?” as a 1.6 issue.
Are prompts used to train public models? Separate from retention; get explicit “no training on customer API data.”
Who are the sub-processors? Gateway routing can involve OpenAI, Azure, Google Vertex, etc.—each needs to be on your list.
Where do outputs live after the model answers? Your matter file, not a personal ChatGPT thread.
Who on the firm supervises AI-assisted work product? Rules 5.1 and 5.3 still apply.

Bars including NYC and California recommend consulting IT or cybersecurity professionals when firm systems will ingest confidential client information—because “the associate swears it is fine” is not a data map.

What MyLawyerLink does on the AI path

MyLawyerLink is built as matter-centric practice software: clients, cases, documents, calls, billing, and AI-assisted features are meant to stay inside team permissions and audit trails, not in ad hoc browser tabs.

1. Production LLM traffic uses Vercel AI Gateway with ZDR enforced

We route production large-language-model requests through the Vercel AI Gateway with team-wide Zero Data Retention enabled. Requests are routed only to providers on Vercel’s ZDR provider list.

In code, every gateway call also passes an explicit zero-data-retention flag—redundant with team-wide ZDR, but deliberate so retention policy is not accidental.

Practical effect for firms:

  • Chat, legal-research orchestration, document extraction, embeddings, and image features that use the gateway are pinned to ZDR-capable routes.
  • We do not route legal web search through providers that are not ZDR-compliant on the gateway (for example, we use OpenAI native web search rather than non-ZDR search backends).

2. We do not train foundation models on your prompts

Our Privacy Policy states that we do not use your prompts or outputs to train foundation models, and we configure integrations so sub-processors do not use that content for training consistent with their standard API terms.

That is the combination firms should demand: your matter content is not our product-development dataset, and vendor API terms are aligned with professional use—not consumer “help us improve the model” defaults.

3. AI outputs live in the matter workflow—not a disposable chat export

Features like Redwell (practice assistant), call transcription summaries, and document intelligence are designed to attach to cases and clients your team already permissioned—not to encourage copying privileged paragraphs into external tools.

That supports privilege operationally:

  • Role-based access limits who sees AI-assisted notes.
  • Audit logging supports supervision and incident response (audit trail workflow).
  • Human review remains mandatory before anything is filed, sent to opposing counsel, or treated as client advice (AI document summaries guardrails).

ZDR at the model vendor does not replace your retention choices: MyLawyerLink stores conversations and matter artifacts so your firm can continue work and supervise quality. That is firm-controlled retention in your system—not vendor-side model training.

4. Transcription is a separate sub-processor—we minimize vendor copies

Call and audio transcription uses AssemblyAI, which is outside the AI Gateway ZDR path. Summaries of those transcripts do go through the ZDR-configured gateway.

To reduce how long client audio sits with vendors:

  • Twilio — After we copy a call or voicemail recording to firm storage, we delete the recording media from Twilio (best-effort).
  • Vercel Blob — Recordings are stored as private objects. Playback and download go through authenticated app routes, not public CDN links.
  • AssemblyAI — Audio is sent for speech-to-text processing; after we persist the transcript in MyLawyerLink, we delete the AssemblyAI transcript copy (best-effort). Audio may still be processed in flight under AssemblyAI’s account-level terms.

That does not make transcription “gateway ZDR,” but it is a deliberate minimize-and-purge posture—not indefinite vendor warehousing of every recording.

If your ethics memo requires ZDR end to end including audio, review AssemblyAI’s retention and data-processing terms and decide whether transcription belongs in your green, yellow, or red policy tier. Our call recording workflow guide covers operational guardrails; your bar may require client notice before AI processes recordings. Details are in our Privacy Policy (Section 6.6).

Mapping bar guidance to a realistic firm policy

A workable 2026 policy is rarely “ban AI.” It is closer to traffic lights:

Tier Examples Typical rule
Red Pasting client names, SSNs, or strategy into consumer chatbots; unverified AI citations in filings Prohibited without exception process
Yellow AI on de-identified drafts; internal summaries with human verification Allowed with checklist
Green AI inside firm-controlled matter software with ZDR + no-training API terms, access controls, and audit Default for efficiency features

Illinois’s Attorney Registration and Disciplinary Commission and other regulators have published sample client-disclosure language for firms that use AI to improve efficiency while maintaining human oversight—another signal that transparency and architecture matter as much as the model name.

California’s updated guidance on agentic systems is worth reading even if you do not deploy agents today: the concern is automated access to email, DMS, and client files without boundaries. MyLawyerLink’s approach is narrower—bounded matter context sent to models for specific tasks—not an always-on bot with keys to the kingdom.

A short privilege-aware workflow (that still uses AI)

  1. Pick the lane — Use AI inside matter-scoped tools, not personal accounts.
  2. Minimize the payload — Send what the task needs (a recording to transcribe, a document to summarize), not the entire data room “just because.”
  3. Verify outputs — Treat AI text as draft work product; spot-check names, dates, quotes, and citations.
  4. Label and log — Mark AI-assisted memos; use tasks and case notes for decisions that matter.
  5. Disclose when your rules require it — Update engagement letters if your jurisdiction or client base expects AI transparency.

What to ask MyLawyerLink—or any legal tech vendor

  • Show me your sub-processor list and model routing for AI features.
  • Where is ZDR enforced—in dashboard settings, per request, or both?
  • What is not covered by ZDR (transcription, email, third-party integrations)?
  • How do you support deletion, audit, and supervision after an incident?
  • How do you prevent accidental waiver—for example, staff exporting summaries to unsecured channels?

We publish AI processing details in our Privacy Policy (including which model families we call today) and maintain internal incident-response procedures for our team. Your firm should keep its own vendor memo aligned with your state’s ethics opinions.

The bottom line

Attorney-client privilege and confidentiality were never “the cloud is scary.” They have always been who can see what, under what duty, with what consent. Generative AI did not invent those questions—it compressed them into every associate’s lunch break when someone opens a free chatbot and pastes a client email.

Zero data retention and no-training API terms are how serious vendors answer the sub-processor half of that equation. Matter-centric software, access control, audit trails, and human review are how firms answer the practice half.

If your firm is ready to move past “we banned ChatGPT” toward defensible AI inside the case file, explore MyLawyerLink—where AI-assisted transcription, summaries, and practice chat are designed to respect confidentiality architecture, not fight it.