rtificial Intelligence tools continue to permeate every aspect of professional business operations, from drafting emails to organizing calendars, and now, attending attorney-client meetings in lieu of their real-life counterparts. The use of AI tools in sensitive legal environments raises concerns about the accuracy and reliability of the information captured and transcribed by these tools, and about the confidentiality obligations of the attorney-client relationship. While clients are not required to understand the ethical requirements imposed by the Model Rules of Professional Conduct, attorneys must always be aware of how new technologies impact their practices. Rule 1.6 of the Model Rules of Professional Conduct establishes the foundation for the client-lawyer relationship and states that “A lawyer shall not reveal information relating to the representation of a client unless the client gives informed consent, the disclosure is impliedly authorized in order to carry out the representation or the disclosure is permitted by paragraph (b).” The use of AI notetaking tools raises several questions in relation to this rule.
First, what constitutes informed consent? Clients who join virtual meetings with AI notetaking tools surely understand that the AI tool is listening to, and maybe even recording, the conversation to provide notetaking services, however, do they really know the full scope of the AI tool’s use of the recorded information? Every AI company has its own terms and conditions for the use of its products, each of which allow for different uses of captured information. Most people do not fully read the terms and conditions of use for online services, including AI notetakers, and likely click agree as quickly as they can scroll through them. In New York, the New York Department of State’s Rules of Professional Conduct define “Informed Consent” as that which, “denotes the agreement by a person to a proposed course of conduct after the lawyer has communicated information adequate for the person to make an informed decision, and after the lawyer has adequately explained to the person the material risks of the proposed course of conduct and reasonably available alternatives.” So, do New York attorneys need to fully outline the risks of allowing AI notetakers to attend virtual meetings with clients? Probably. Rule 1.6 further states, “(c) A lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.” To fully comply with the Model Rules, attorneys should discuss the use of AI notetakers with their clients and specifically review the terms and conditions of each specific AI notetaking tool being used, prior to allowing it to participate in virtual meeting spaces.
Second, do AI notetaking tools comply with the firm’s privacy and cybersecurity policies? Cybersecurity laws and standards require law firms to implement reasonable measures to safeguard certain confidential and private client information. Furthermore, firms must ensure that the use of AI tools complies with relevant data protection regulations, such as the General Data Protection Regulation (GDPR) in the European Union, the California Consumer Privacy Act (CCPA), the Health Insurance Portability and Accountability Act (HIPAA), and the Gramm-Leach-Bliley Act (GLBA), all of which impose strict requirements on the processing and storage of personal data. When AI notetaking tools are used in virtual client meetings, the meeting recordings and transcripts are often stored in the AI company’s own cloud environment, where they may later be utilized by the company for AI model training purposes; this is more likely the case if a client is using an unlicensed AI notetaking tool. Before allowing an AI notetaker to join a virtual client meeting, firms should vet the AI notetaking tool, confirm that it is licensed, and ensure that any data or information gathered by the tool remains within the firm’s AI cloud instance. Unlicensed, free-to-use- AI notetaking tools are prone to data privacy issues and lack any meaningful support.
Third, is the information being discussed in client business meetings subject to restrictive non-disclosure agreements, trade secret laws, or other confidentiality obligations? Firms must carefully consider the scope of any active non-disclosure agreements related to client communications within the operations of their business. If the AI notetaking tool is deemed a third-party under the terms of a non-disclosure agreement (NDA), its attendance and use at a virtual meeting may be a breach of the confidentiality obligations imposed by the NDA. Attorneys should specifically include or exclude AI from the definition of “third-parties” or “persons” when drafting NDAs. Additionally, attorneys should inquire which AI tools are being used by their clients and review the terms and conditions of the AI tool’s license agreement. Further, to preserve confidentiality obligations imposed by an NDA, attorneys should require that the input and output of the AI notetaking tool are retained solely within the client’s own devices or cloud instances. If clients insist on using AI notetaking tools, attorneys should review the public privacy policies of their clients’ businesses to ensure they disclose the use of AI applications. Finally, clients should obtain consent to use AI in contracts and communications with their customers and business partners.
While this article specifically focuses on the effects of AI notetakers on attorney-client privilege, law firm cybersecurity and privacy policies, and other confidentiality obligations, there are additional ethical and legal implications worth considering. These considerations include informed consent in relation to one-party and two-party State recording laws, privacy notices prior to the collection of personal information in accordance with laws similar to the California Consumer Privacy Act (CCPA), and whether the collected information will be used for AI training purposes that infringe on intellectual property rights. Moreover, the ethical implications of using AI notetakers in legal practice cannot be overlooked. Attorneys must consider whether the use of AI tools aligns with their professional ethical obligations, including the duty to maintain client confidentiality and the duty to provide competent representation. The potential for AI notetakers to inadvertently disclose sensitive information or to be used in ways that compromise client confidentiality must be carefully evaluated. In conclusion, while AI notetakers offer numerous benefits in terms of efficiency and convenience, their use in legal practice raises several important issues that must be addressed. By carefully evaluating the potential risks and benefits, law firms can make informed decisions about the integration of AI tools into their operations, ensuring that they uphold their ethical and legal obligations while leveraging the advantages of advanced technology.
Filed in: AI, Data Privacy, Technology and Venture
March 6, 2025