The Ethical Playbook: Navigating Generative AI Risks in Legal Practice

The legal profession is defined by trust, confidentiality, and the duty of competence. For centuries, these principles have remained fixed, but the tools we use to uphold them are changing at warp speed. Generative AI represents the most significant technological disruption the practice of law has faced since the advent of the internet. It promises unprecedented efficiency in document drafting, legal research, and contract review, yet it simultaneously introduces profound new risks that touch the very core of professional responsibility.

For every legal firm and in-house department, the question is no longer if they should adopt AI, but how they can do so ethically and compliantly. Failure to integrate these tools responsibly risks not only a breach of professional conduct rules but also the permanent erosion of client trust. This comprehensive guide, informed by the principles outlined by bar associations nationwide, provides a practical playbook for establishing an ethical AI framework and discusses how secure platforms like Wansom are purpose-built to meet these new standards.

Key Takeaways:

The lawyer's duty of Competence (Model Rule 1.1) requires mandatory, independent verification of all AI-generated legal research to mitigate the profound risk of hallucination (falsified case citations).
Preserving Client Confidentiality (Model Rule 1.6) mandates the exclusive use of secure, walled-off AI environments that guarantee client data is never retained or used for model training.
Firms must establish clear policies requiring Transparency and Disclosure to the client when AI substantially contributes to advice or documents to preserve attorney-client trust.
The risk of Algorithmic Bias requires attorneys to actively monitor and audit AI recommendations to ensure the tools do not perpetuate systemic unfairness, violating the duty to the administration of justice (Model Rule 8.4).
To uphold ethical billing, firms must implement automated audit trails to log AI usage, supporting a transition from the billable hour to Value-Based Pricing (VBP).

Does AI Demand a New Playbook in the New Ethical Frontier?

Traditional rules of professional conduct—such as Model Rules 1.1 (Competence), 1.6 (Confidentiality), and 5.3 (Supervision)—remain binding. However, their application must be interpreted through the lens of machine intelligence. Generative AI in law introduces three unique variables that challenge conventional oversight:

Velocity: AI can generate thousands of words of legal analysis or draft clauses in seconds, compressing the time available for human review and supervision.
Opacity (The Black Box): The underlying mechanisms of large language models (LLMs) are often opaque, making it difficult to trace why an output was generated or to definitively spot hidden biases.
Data Ingestion: Most publicly available AI models (the ones used by consumers) are trained by feeding user prompts back into the system, creating a massive, inherent risk to client confidentiality.

Navigating this frontier requires proactive technological and governance solutions. The ethical use of legal AI is fundamentally about establishing a secure, auditable, and human-governed workflow.

Pillar 1: Maintaining Absolute Confidentiality and Privilege (Model Rule 1.6)

The bedrock of the legal profession is the promise of attorney-client privilege and the absolute duty to protect confidential information. In the age of generative AI, this duty faces its most immediate and critical threat.

The Risk of Prompt Injection and Data Leakage

The most common ethical pitfall involves lawyers using publicly available AI models (like general consumer chatbots) and pasting sensitive client data—including facts of a case, contract details, or proprietary information—into the prompt box.

The Problem: Most public models explicitly state that user inputs are logged, retained, and potentially used to further train the AI. A legal professional submitting a client's secret business strategy or draft complaint is effectively releasing that confidential data to a third-party company and its future users.
The Ethical Breach: This constitutes a direct violation of the duty to protect confidential information (Model Rule 1.6). Furthermore, it could breach the duty of technological competence (Model Rule 1.1) by failing to understand how the chosen tool handles sensitive data.

The Solution: Secure, Walled-Off Environments

Ethical adoption of AI hinges on using systems where data input is guaranteed to be secure and non-trainable.

Private LLMs: Utilizing AI models that are hosted in a secure cloud environment where your data is never used for training the foundational model. This is the difference between contributing to a public knowledge pool and using a dedicated, private workspace.
Encryption and Access Controls: All data transmitted for AI processing must be encrypted both in transit and at rest. Access should be restricted only to authorized personnel within the firm or legal department.
Prompt Sanitization: Establishing protocols to ensure attorneys only submit anonymized or necessary data to the AI.

How Wansom Eliminates Confidentiality Risk

Wansom is architected around this non-negotiable principle. When you use Wansom for AI document review or document drafting:

Zero-Retention Policy: We utilize private API endpoints that enforce a strict zero-retention policy on all client inputs. Your data is processed for the immediate task and then discarded—it is never stored, logged, or used to improve the underlying model.
Secure Workspace: Wansom provides a collaborative workspace that acts as a digital vault, separating client data from the public internet. This ensures that all legal document review and drafting remains fully privileged and confidential.

Pillar 2: The Duty of Competence and the Hallucination Risk (Model Rule 1.1)

Model Rule 1.1 mandates that lawyers provide competent representation, which includes the duty to keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology. When using AI, the primary threat to competence is the phenomenon of AI hallucinations.

The Peril of Falsified Outputs

AI hallucinations are outputs that are generated with confidence but are entirely fabricated, incorrect, or based on non-existent sources. The now-infamous examples of lawyers submitting briefs citing fake case law have highlighted this risk.

The Problem: An attorney may ask an AI to summarize relevant case law or draft a specific contractual clause. The AI, designed to predict the most probable next word, may invent a case, cite an irrelevant statute, or misstate existing legal precedent. If the attorney fails to verify the legal research through independent sources, they violate their duty of competence.
The Ethical Breach: The supervising attorney remains liable for the work product, regardless of whether it was generated by a junior associate or an algorithm. Delegating work to AI does not delegate accountability.

The Solution: Grounded AI and Mandatory Verification

Competent use of AI requires a structured, multi-step process that places the human lawyer as the final, necessary check.

Grounded AI: AI must be "grounded" in reliable, authoritative sources. For legal research, this means the AI should only pull information from verified legal databases, firm precedents, or jurisdiction-specific rules, providing a direct, auditable citation trail for every claim.
Human-in-the-Loop: Every single output from a generative AI model—whether it’s a proposed clause for a merger agreement or a summary of a regulatory change—must be manually reviewed, verified against its source citations, and approved by a competent attorney.
Prompt Engineering Competence: Lawyers must develop the skill to write highly precise, contextualized prompts that minimize the possibility of hallucination and maximize the relevance of the output.

How Wansom Enforces Competence

Wansom is built to transform high-risk, ungrounded AI tasks into low-risk, verifiable workflows:

Grounded Legal Research: Wansom’s research features are explicitly engineered to reference your firm’s private knowledge base or verified external legal libraries. The output doesn't just provide a summary; it provides traceable, direct links to the source documents, making human verification swift and mandatory.
Mandatory Review Gates: Our AI document review tools integrate with firm-wide workflows, allowing compliance teams to require a documented sign-off on any document drafted or substantially revised by AI before it can be finalized or exported.

Pillar 3: Billing, Transparency, and Attorney-Client Trust (Model Rules 1.4 & 1.5)

The integration of AI automation into legal services impacts how attorneys charge for their time (Rule 1.5) and how they communicate with clients about the work being done (Rule 1.4).

The Risks of Block Billing and Ghostwriting

If a task that previously took an attorney two hours—like reviewing a stack of leases—now takes five minutes using AI, billing the client for the full two hours is ethically questionable, potentially violating the prohibition against unreasonable fees.

The Problem: Clients are paying for the lawyer's judgment, experience, and time. If the time component is drastically reduced by technology, billing practices must reflect that efficiency. Transparency around the use of AI is paramount to preserving the attorney-client relationship.
The Ethical Breach: Failing to disclose the use of AI when the work product is essential to the representation can be viewed as misleading (ghostwriting). Over-billing for tasks largely performed by a machine can violate the duty of reasonable fees.

The Solution: Disclosing, Logging, and Value-Based Pricing

The ethical path forward involves embracing transparency and shifting the focus from time-based billing to value creation.

Informed Consent: Firms should develop a clear, standardized policy on when and how to disclose the use of AI to clients. This ensures the client provides informed consent to the technical methods being used.
Automated Audit Trails: Every interaction with the AI—the input, the output, and the human modifications—must be logged. This provides an indisputable audit trail for billing inquiries and compliance checks.
Value-Based Model: Instead of charging by the minute for tasks performed by AI, firms can adopt fixed fees or value-based pricing, translating AI efficiency into predictable, competitive rates for the client.

How Wansom Ensures Transparency and Trust

Wansom is designed to track AI usage with the same rigor traditionally applied to human billable hours:

Usage Logging: The platform automatically logs which user executed which AI command (e.g., “Summarize document,” “Draft arbitration clause”) on which document and the precise time it took. This provides the data necessary for granular, ethical billing.
Auditability: Every document created or reviewed in Wansom includes metadata showing when and how AI was utilized, allowing compliance teams to easily generate a full accountability report for internal and external auditing. This level of detail builds attorney-client trust.

Pillar 4: Bias, Fairness, and Access to Justice (Model Rule 8.4)

Model Rule 8.4 prohibits conduct prejudicial to the administration of justice. In the context of AI, this relates to the risk of algorithmic bias perpetuating historical inequalities in the legal system.

The Risk of Embedded Bias

Generative AI models are trained on massive datasets of historical legal documents, court opinions, and legislation. If those historical documents reflect systemic biases—for example, language used in criminal sentencing or immigration rulings that disproportionately affects certain demographic groups—the AI will learn and amplify those biases.

The Problem: When an AI is used to predict case outcomes, assess flight risk, or assist in jury selection, a biased model can lead to discriminatory legal advice and perpetuate unfair outcomes, thereby prejudicing the administration of justice.
The Ethical Duty: Legal professionals have a duty to ensure that the tools they use do not exacerbate existing inequities. This means understanding the training data, seeking out AI solutions committed to fairness in AI, and validating outputs for biased language or recommendations.

Mitigation Strategies

The fight against bias in AI for legal teams is ongoing, but clear strategies exist:

Audited Training Data: Opt for AI vendors (like Wansom) that prioritize clean, diverse, and verified legal datasets, actively working to filter out discriminatory or irrelevant historical data that could skew results.
Human Oversight and Override: Ensure that any AI-driven decision or prediction is treated as a recommendation, not a mandate. The human lawyer must always retain the authority and mechanism to override an algorithmically biased recommendation.
Continuous Monitoring: Establish internal committees or procedures to regularly review the outcomes of AI use cases, looking specifically for disproportionate impacts across different client segments or case types.

Building the Ethical AI Workspace: Wansom's Blueprint

The ethical risks of generative AI are not abstract problems; they are architectural challenges that demand architectural solutions. Wansom was designed from the ground up to solve these four ethical pillars, offering a secure environment where legal professionals can leverage AI’s power without compromising their professional duties.

1. The Confidentiality Solution: Isolated Cloud Infrastructure

Wansom operates entirely within a secure, single-tenant or segregated cloud environment. This means:

Data Separation: Your client files and prompts are isolated. They never mix with data from other firms or the public internet.
Secure Prompting: The moment an attorney asks the AI to review a document or conduct research, that interaction stays within the Wansom "walled garden," ensuring compliance with Model Rule 1.6.

2. The Competence Solution: Grounded and Verifiable Outputs

By focusing on Grounded AI, Wansom transforms the risk of hallucination into a verifiable workflow:

Private Knowledge Base: The AI is grounded in your firm’s approved precedents, style guides, and validated legal libraries, dramatically reducing the potential for external, fabricated information.
Citation Confidence Scores: For every piece of generated legal analysis or contract review insight, Wansom provides a clear confidence score and the source link, requiring the attorney to actively click and verify the foundational material before finalizing the work.

3. The Transparency Solution: Mandatory Audit Trails

To support ethical billing and supervisory duties (Model Rule 5.3):

Usage Logs and Reporting: Wansom provides supervisors with a comprehensive dashboard that tracks which AI tools were used, on which matters, and by whom. This supports meticulous and honest billing.
Version Control: Every AI-assisted edit, from a minor clause revision to a major document draft, is logged in the document’s version history, providing full traceability and accountability for the final work product.

4. The Fairness Solution: Focused and Audited Models

Wansom focuses its AI models on specific, high-value legal tasks (drafting, review, research). This focused approach allows for smaller, more thoroughly audited training datasets, reducing the systemic bias that plagues general-purpose models.

Mitigating Bias: By restricting the AI’s operating domain to specific document types, we can actively test for and mitigate biased outcomes, ensuring the platform supports the impartial administration of justice.

Conclusion

The adoption of generative AI in legal practice is not merely an efficiency measure; it is a fundamental shift in professional conduct. Lawyers must now be tech-literate fiduciaries, responsible not only for the law but for the algorithms they use to practice it. The ethical mandate is clear: Embrace innovation, but do so with architectural rigor.

Firms that recognize that AI compliance requires secure infrastructure, grounded research, and transparency tools will be the ones that thrive. They will reduce risk, build deeper client trust, and ultimately provide faster, better service.

If you’re ready to move beyond the fear of hallucinations and confidentiality breaches and implement a secure, ethical AI-powered collaborative workspace, it's time to explore Wansom.

Blog image

To see how Wansom provides the auditability and security needed to meet the highest standards of professional conduct in AI document drafting and legal research, book a private demo today.