Protecting Privilege in the Age of Generative AI: How SavvyLex Keeps Your Secrets Safe

Published on SavvyLex Blog — February 27, 2026

Introduction: when convenience risks confidentiality

Generative AI tools are transforming how lawyers and clients research, draft and strategise. But the same tools that deliver speed and insight can expose confidential information and strip away the protections of attorney–client privilege. A groundbreaking federal case, United States v. Heppner, has shown that entering legal facts or strategy into a consumer AI chatbot can be as damaging as talking to a stranger about your case. In that case, Bradley Heppner—a CEO under investigation—used a free AI chatbot to draft 31 reports about his legal exposure. He thought he was preparing to speak with his lawyers. When federal agents later seized his computer, he tried to shield those reports as privileged. The court disagreed: the AI service was not an attorney, its privacy policy allowed it to train on his data and share it with regulators, and he had not used the tool at his lawyers’ direction. As Judge Rakoff noted, “non‑privileged communications are not alchemically transformed into privileged ones simply because they are later shared with counsel”.

The Heppner decision has sent shock waves through the legal industry. It is a stark reminder that consumer AI platforms are third parties, not trusted advisers. By disclosing information to them, you may waive privilege and hand adversaries a roadmap to your case. However, the ruling does not mean that AI has no place in legal practice. Used correctly, AI can be a powerful ally. SavvyLex is built precisely for this new reality—providing lawyers and clients with a secure, confidential AI workspace that preserves privilege and protects sensitive data.

In this post we unpack the problem exposed by Heppner, outline the data‑security risks that come with generative AI, and explain how SavvyLex offers the solution.

1 The problem: AI and privilege

1.1 Heppner: a cautionary tale

Heppner shows that traditional privilege rules apply just as strictly in the AI age:

• No privileged communication:  Claude, the AI chatbot, is not a lawyer. Communications between Heppner and the chatbot were not lawyer–client communications.

• No confidentiality:  By using a public AI platform whose policy allows data to be retained, used for model training and disclosed to third parties, Heppner destroyed any reasonable expectation of confidentiality. Courts treat this as a waiver.

• Not at counsel’s direction:  The AI reports were created on Heppner’s own initiative and reflected his personal thinking, not his lawyers’ strategy. For work‑product protection to attach, materials must be prepared by or at the direction of counsel, and reflect counsel’s mental impressions.

• No retroactive privilege:  Sharing an unprivileged document with a lawyer does not magically cloak it. Privilege must exist at the moment of communication.

The takeaway is clear: consumer AI tools are akin to discussing your case with a third party. Even if you intend to use the output with your lawyer, the initial disclosure may waive privilege and work‑product protection.

1.2 Nuance in the caselaw

While Heppner underscores the risks, other courts show that the presence of counsel and secure platforms can make a difference. In Warner v. Gilbarco, a Michigan court held that a plaintiff’s prompts and outputs from ChatGPT were protected as work product because he had not disclosed them to his adversary and ChatGPT was treated merely as a tool. Courts in Concord Music Group v. Anthropic and Tremblay v. OpenAI have ruled that prompts crafted by counsel during a pre‑suit investigation reflect attorneys’ mental impressions and are protected opinion work product. However, selective disclosure of favourable AI outputs may trigger partial waiver, requiring disclosure of related prompts.

These decisions illustrate that AI itself is not the problem—the problem lies in how and where AI is used. If counsel directs the use of AI within a secure platform that maintains confidentiality, privilege arguments may be viable. SavvyLex is designed with exactly those factors in mind.

2 Risks of using consumer AI platforms for legal work

2.1 Privilege waiver and loss of confidentiality

1. Third‑party disclosure:  Most consumer AI platforms openly state that they collect user inputs and outputs, use them to train models and may disclose data to regulators or affiliates. Uploading confidential information to such services is equivalent to sharing it with a stranger. Attorney–client privilege requires confidentiality; once lost, it cannot be revived.

2. Work‑product erosion:  Work‑product protection is generally waived only when information is disclosed to an adversary. However, some courts may deem disclosure to an AI platform with permissive data‑sharing policies as increasing the risk of adversarial access, particularly if the platform’s policy allows sharing with government authorities.

2.2 Security and operational risks

• Data retention and training:  Public AI tools often retain prompts and outputs to improve models. Sensitive details about legal matters may inadvertently surface in future outputs or be reviewed by internal staff.

• Metadata exposure:  AI activity logs can reveal when and how counsel investigated specific issues. K&L Gates notes that such metadata can independently raise work‑product concerns and should be tightly controlled.

• Hallucinations and accuracy:  Generative AI systems sometimes fabricate legal precedents or misapply rules. The ABA warns that uncritical reliance on AI outputs can lead to inaccurate advice, violating the duty of competence.

• Lack of vendor controls:  Many consumer AI services lack encryption, access controls or audit logs. The Maryland State Bar Association stresses that enterprise‑grade tools should include prohibitions on data training, limited access to data and robust security measures.

• Ethical obligations:  Lawyers using AI must maintain client confidentiality (ABA Rule 1.6), understand the technology’s risks and benefits (Rule 1.1) and communicate about AI use when it affects fees or significant decisions (Rule 1.4). They must supervise staff and ensure that nonlawyers using AI comply with ethical rules.

2.3 Client misconceptions

Many clients assume that AI chatbots are private or that using a paid version confers confidentiality. The Husch Blackwell alert warns that even paid accounts may permit data review and third‑party disclosure. Clients may input privileged information hoping to summarise a legal memo or brainstorm defences. Doing so can waive privilege. Lawyers must therefore ask clients about AI use during intake and instruct them not to discuss legal matters with public AI tools.

3 How SavvyLex solves the problem

SavvyLex was created to harness the benefits of AI for legal practice without compromising privilege or security. Built by lawyers and technologists, it addresses the very issues highlighted by Heppner and subsequent cases.

3.1 A secure, private AI workspace

• Enterprise‑grade data isolation:  SavvyLex runs on dedicated servers with full data segregation. Your prompts and outputs are never used to train models and are never shared outside your firm. The platform’s privacy terms prohibit training on user data and forbid disclosure to third parties, eliminating the confidentiality concerns that doomed Heppner.

• Encryption and access control:  All data is encrypted at rest and in transit. Fine‑grained access controls ensure that only authorised users (lawyers and invited clients) can view prompts and outputs. Audit logs record who accessed what and when, satisfying ethical supervisory duties.

• Privileged workspace mode:  Sessions can be flagged as privileged, automatically applying stricter logging and retention rules. Only counsel‑initiated prompts are created in this mode. This supports an argument that the AI is acting as counsel’s agent under the Kovel doctrine, strengthening privilege claims.

3.2 Counsel‑directed workflows

• Attorney direction required:  SavvyLex’s design ensures that clients cannot independently run legal analyses without lawyer oversight. Lawyers can set up tasks, draft prompts, invite clients to review and provide information, and then approve final outputs. This satisfies the requirement that AI‑generated materials be prepared at counsel’s direction.

• Clear provenance:  Each document contains metadata linking it to the responsible attorney, matter and client. If discovery arises, the privilege log can show that AI outputs reflect counsel’s strategy and were created within a privileged relationship, similar to the prompts in Concord Music and Tremblay.

3.3 Compliance and governance built in

• User education:  SavvyLex includes onboarding modules that explain the ethical use of AI, the risks of public platforms and how to maintain privilege. These align with ABA guidance on competence and client communication.

• Policy integration:  Firms can embed their AI policies into the platform, requiring users to acknowledge guidelines before accessing the tool. Customisable prompts remind users not to input confidential details into non‑privileged modes.

• Automated privilege logs and Rule 502(d) support:  SavvyLex captures AI interactions in logs that can be exported for privilege logs, making it easier to assert privilege and prepare e‑discovery responses. The platform integrates with e‑discovery tools and supports rule‑based access restrictions.

• Continuous monitoring:  The platform offers real‑time monitoring for unusual data flows or unapproved usage, alerting administrators to potential risks.

3.4 Enhancing legal practice

Beyond solving the privilege problem, SavvyLex accelerates legal work:

• Advanced research and drafting:  The AI model is fine‑tuned on legal content and cross‑checked against validated sources to minimise hallucinations. Lawyers receive suggested citations and can verify them quickly.

• Collaboration:  Lawyers and clients can collaborate securely on drafts, discovery outlines and case analyses without leaving the protected environment.

• Time savings:  By automating routine tasks while preserving confidentiality, SavvyLex frees up lawyers to focus on strategy and client counseling.

4 Practical tips for using AI safely (even outside SavvyLex)

While SavvyLex offers robust protections, the general principles below apply whenever you consider using AI in legal matters:

1. Use secure, closed platforms:  Choose enterprise versions that prohibit data training and third‑party disclosure.

2. Ensure attorney direction and supervision:  Treat AI like a supervised assistant. Document who created the prompts and why, and review outputs before relying on them.

3. Limit sensitive content:  Avoid including privileged or highly confidential information in prompts. Label outputs as “privileged” or “work product” and store them securely.

4. Remember metadata:  AI activity logs can reveal strategy. Control access and consider redacting log files in discovery.

5. Address AI in engagement letters and discovery:  Ask clients about AI use, instruct them not to discuss legal matters with public AI, and be prepared to collect and log their AI interactions.

6. Train your team:  Educate lawyers, staff and clients about AI risks and ethical obligations.

Conclusion

Generative AI is a powerful tool, but as Heppner demonstrates, using it improperly can compromise confidentiality and waive privilege. The legal industry must adapt quickly, understanding that consumer AI platforms are not attorneys and do not keep secrets. By investing in secure, counsel‑directed AI solutions like SavvyLex, firms can enjoy the efficiencies of AI while honouring their ethical duties and protecting clients’ rights. SavvyLex gives you a private, encrypted workspace to explore legal questions with AI under your lawyer’s supervision, ensuring that your strategy remains yours alone.

Ready to safeguard your practice?  Contact SavvyLex to learn how our secure AI platform can empower your team, protect your clients and keep your secrets safe.