AI in Legal Practice

Three major developments in the last week should have every HR leader, employer, and AI vendor paying attention: 1. The AI Civil Rights Act was reintroduced in the US Congress Led by Senator Ed Markey and Representative Yvette D. Clarke, this legislation places hard guardrails around AI and algorithmic systems used in decisions related to hiring, housing, healthcare and beyond. It demands transparency, bias testing, and accountability. Think of it as GDPR for bias, but with broader implications across HR, tech, and operations. “We will not allow AI to stand for Accelerating Injustice.” – Senator Ed Markey for U.S. Senate 2. California’s new workplace AI discrimination laws are now in effect. The new rule governing companies' use of automated decision-making technology will likely create a situation where companies are liable for hiring practices if a system violates anti-discrimination laws. As other U.S. states also implement laws and regulations containing similar ADMT protections, companies deploying the technology will need to be proactive in their record keeping and vetting of third-parties while auditing their own tools to understand how the software functions. It’s no longer enough to trust your tools and vendors, you must prove they’re fair. 3. Insurers are backing away from covering AI risks AIG, Great American, and WR Berkley are asking regulators to exclude AI-related liabilities from their policies. Why? Because the risks (from chatbots hallucinating to algorithmic bias in hiring) are seen as “too opaque, too unpredictable.” When insurers are pulling cover, it’s a warning sign: you own the risk. 👁 What this means for HR and recruitment business leaders: We’ve officially entered the age of AI Accountability. That means: ✅ You need visibility into how your AI systems work, especially if they’re used for hiring, performance management, or workforce planning. ✅ You must audit your HR tech stack (yes, that includes Workday, ATS platforms, and even AI resume screeners). ✅ You need to document fairness, not just assume it. ✅ You must rethink your contracts with AI vendors. If the tech goes wrong, insurers may not have your back. 🛡 If you haven’t already, it’s time to start building your AI Governance Playbook. 📌 Audit all AI tools in use 📌 Build an internal AI ethics committee 📌 Ensure legal, DEI and HR alignment on tool deployment 📌 Partner only with vendors offering bias mitigation, auditability, and indemnification

𝟐𝟎 𝐄𝐧𝐭𝐞𝐫𝐩𝐫𝐢𝐬𝐞 𝐀𝐈 𝐂𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞 𝐑𝐞𝐪��𝐢𝐫𝐞𝐦𝐞𝐧𝐭𝐬 𝐁𝐞𝐟𝐨𝐫𝐞 𝐘𝐨𝐮 𝐃𝐞𝐩𝐥𝐨𝐲 𝐀𝐈 Most AI Failures in enterprises are not Technical. They are Compliance Failures. Before deploying AI into Production,  Here are the 20 Non-Negotiables: 1. Appoint AI Accountability Leader   Assign a senior executive responsible for AI compliance, oversight, and reporting. 2. Establish Cross-Functional AI Board   Include legal, security, HR, data, and business teams for governance and approvals. 3. Define Legal AI Role   Clarify provider versus deployer obligations and compliance responsibilities. 4. Maintain Technical Documentation   Document architecture, data sources, performance metrics, and intended use limitations. 5. Disclose AI Usage Transparently   Notify users about AI interactions and synthetic content usage. 6. Publish Model Transparency Reports   Document purpose, performance across demographics, limits, and out-of-scope scenarios. 7. Implement Logging and Audits   Track inputs, outputs, versions, and decisions for investigations and traceability. 8. Ensure Decision Explainability   Provide meaningful explanations and enable human review of high-impact decisions. 9. Create Comprehensive AI Inventory   Document all AI systems, APIs, models, and embedded SaaS tools. 10. Develop AI Acceptable Use Policy   Define permitted uses, prohibited activities, and approved data types. 11. Classify AI Risk Levels   Categorize systems into prohibited, high, limited, or minimal risk tiers. 12. Conduct Formal Risk Assessments   Identify harms, discrimination risks, and safety issues before deployment. 13. Test for Bias Regularly   Evaluate outputs across protected groups and document mitigation steps. 14. Review Third-Party AI Risk   Assess vendor compliance, contracts, liabilities, and regulatory responsibilities. 15. Govern Training Data Legality   Track licenses, avoid unauthorized scraping, and respect copyrights. 16. Perform Required DPIAs   Assess high-risk personal data processing under GDPR and similar regulations. 17. Confirm Lawful Data Basis   Verify consent, contractual necessity, or legitimate interest before processing data. 18. Apply Data Minimization Rules   Limit data usage and enforce strict retention schedules. 19. Secure AI Infrastructure Assets   Protect pipelines, weights, APIs, and model endpoints with strong controls. 20. Support Data Subject Rights   Enable access, correction, deletion, restriction, and automated decision opt-outs. The real shift in enterprise AI is this. From model performance to governance readiness. From proof of concept to regulatory durability. If your AI cannot pass audit, it cannot scale. Compliance is not friction. It is infrastructure. PS: If you found this valuable, join my weekly newsletter where I document the real-world journey of AI transformation. ✉️ Free subscription: https://lnkd.in/exc4upeq #EnterpriseAI #AIGovernance #ResponsibleAI

Cutting through the AI noise - here are 5 use cases for using generative AI today in a law practice: 1) Having AI draft initial responses to standard discovery requests, pulling directly from client documents and past cases—turning 3 hours of document review into 20 minutes of attorney verification. 2) Using AI to analyze deposition transcripts and build detailed witness chronologies, flagging inconsistencies and potential credibility issues that could be crucial at trial. 3) Feeding settlement agreements from similar cases to AI to generate initial settlement terms, helping attorneys start negotiations with data-backed proposals rather than gut instinct. 4) Having AI review client intake forms and past matters to spot potential conflicts of interest—moving beyond simple name matching to identify subtle relationship patterns. 5) Using AI to draft routine motions and pleadings by learning from the firm's document history, maintaining consistent arguments while adapting to case-specific facts. The real value isn't replacing attorney judgment. It's eliminating the mechanical tasks that keep great lawyers from doing their best work. What specific AI applications are you seeing succeed (or fail) in your practice? #legaltech #innovation #law #business #learning

Stop telling your legal team AI will free them up for strategic work. They'll have heard this before. When the new CLM came in, or the legal front door, etc. A GC said to me recently: "A big part of the team has taken to our new AI tools. But there's a cynical group. What should I do about them?" It's easy to blame mindset. But often those lawyers are just trying to work out what the change is actually for, and who benefits. When that's unclear, they fill in the blanks themselves. Usually with: "This just means they'll want me to do more work, faster." Here's what I've noticed. The payoff from adopting AI (call it the AI dividend) tends to fall into one of four buckets: 1. Capacity without headcount growth. The business is growing 10% a year. The team isn't. The goal is to stop burning people out. 2. Bringing work back in-house. Most in-house teams quietly resent how much they pay external firms for BAU contracts that often come back over-lawyered anyway. 3. Consistency at scale. Whether it's 100 lawyers across 20 countries taking different positions, or 300 contract managers expected to apply a 100-page playbook they don't have time to read. 4. Freeing up time for higher-value work. Real, but not universal. If this is your story, be specific: "these three projects we've wanted to do for years." It's rarely all four. Usually one or two dominate. The reason this matters: most lawyers are professionals who want to help their organisation succeed. "Spend more time on strategic work" is easy to nod along to and then ignore. It's more vibes than a tangible goal. But "we need to absorb 10% more work without growing the team" is a goal a reasonable person can engage with. You might push back on the 'how' or the specific tool. But it becomes hard to quietly opt out. Because when the goal is specific and reasonable, hanging back starts to look like not pulling your weight. Which is not somewhere lawyers like to be. Full article here: https://lnkd.in/enMa7VCN

Just co-led an AI training for 20 execs from one of the largest legal firms in the world These were the big moments we covered: 1. Every firm has three cohorts in an AI rollout: the frontrunners pulling ahead, the middle who'll follow if shown how, and the resisters who haven't touched their Copilot licence and have no plans to. Buying more licences doesn't close that gap. Targeted training and peer-to-peer enablement does. 2. You don't need to talk about Gen AI, LLMs or agents. You need to talk about the nine things lawyers already do: extract, label, compare, organise, find, summarise, draft, interrogate, translate. Every legal AI use case is a combination of these. Naming it that way strips the hype out of the conversation and gets you straight to the work. 3. A lot of firms skip straight to buying or building and end up with expensive shelfware. The sequence that works is Educate, then Discover, then Build. Educate so people can spot the right use cases. Discover with the practitioners closest to the work. Then build for the use case with the highest impact for the firm. 4. Before any use case gets investment, three questions have to be answered honestly. What problem are we solving? Can the technology solve it? And even if it can, will the lawyers use it? Skip any one of the three and the project dies on the way to production. 5. Build vs buy is the wrong question. There are three layers in any legal AI system: the core models, the software wrapper around them, and your firm-specific workflows, data and expertise. The software layer is commoditising every quarter. The value lives in layer three (your firm-specific data and workflows), and that's the one no vendor can sell you. 6. A law firm's AI budget shouldn't be a fraction of the IT budget. It should be a multiple of the HR budget. AI capability is a people investment: literacy, change management, workflow design, AI Champions inside each practice group. Underfund the people side and the tools sit unused. Best questions I've had in a training this year. Looking forward to seeing where this group takes it.

If you use GenAI… I want to hold you… accountable. As AI becomes a key tool in legal practice, ensuring ethical use is critical. This condensed framework is based on ABA guidelines and other regulatory standards, balancing efficiency with accountability. 1. Competence Lawyers must understand AI’s capabilities and risks, such as inaccuracies or biases. Regular training is crucial for staying updated. 2. Confidentiality Client data must be protected when using AI tools. Anonymize sensitive data and ensure AI systems are secure. 3. Transparency Lawyers must inform clients about AI use, particularly when it impacts legal services or fees, fostering transparency and trust. 4. Verification of Outputs AI-generated outputs must be reviewed for accuracy to avoid errors like false citations, ensuring the integrity of legal work. 5. Reasonable Fees Fees must be reasonable and reflect the actual work performed. When using AI, this means that lawyers can charge for tasks like inputting data into AI tools and verifying the AI-generated results. However, lawyers should not bill clients for time saved due to AI’s efficiency, unless the client has specifically agreed to this arrangement in advance. This ensures transparency and fairness in billing practices. 6. Addressing Bias Firms should actively mitigate AI biases that could lead to unfair outcomes, particularly in sensitive legal areas . 7. Supervision Supervisory lawyers must ensure that AI use complies with ethical standards, implementing policies and training to manage AI responsibly.

Struggling to build a data foundation that helps you deploy AI models at scale? Regulation can help. Too often in my professional life I have heard the old adage that regulation is a blocker to innovation. In my experience, what actually impedes on innovation is uncertainty; specifically when relevant rules are missing, unclear, or poorly aligned. No doubt this was true for both the GDPR and AI Act, at least in the beginning. What is often overlooked, however, is that these laws also provide notable benefits: among others, guiding organizations how to approach data-driven innovation in a structured and sensible way. ➡️ How GDPR supports data readiness Art. 5 GDPR requires, e.g., purpose limitation, data minimization, accuracy, integrity, confidentiality, and accountability. Organizations must decide which personal data they need, why, and who is responsible. This amounts not only to a responsible but also strategic approach to handling data - and not just personal data. ➡️ How the AI Act builds on this Art. 6 AI Act links an AI system’s obligations to its intended use and impact on people’s health, safety, and fundamental rights. Art. 10 then mandates data governance requirements for high-risk AI systems, e.g., that training, validation, and test datasets are relevant, representative, complete, and documented. Providers must implement measures covering provenance, cleaning, annotation, assumptions, gap analysis, bias detection, and ongoing monitoring. These rules offer a practical blueprint for AI-ready data. ➡️ Why this matters for AI strategy A strong data foundation improves model performance, but also reveals when AI is not the right tool. A rules-based system might achieve the same outcome with less risk and less complexity. The decision when not to use AI should be part of any good AI strategy too. ➡️ What organizations should do ✅ Define the purpose of processing: What are you trying to achieve? How does this improve the status quo? What tradeoffs do you need to consider? ✅ Use Art. 5 GDPR to decide what personal data you need to achieve your processing purpose in the least intrusive way. ✅ Evaluate whether you need AI - or if a rules-based system suffices. ✅ If you do need AI, leverage the AI Act’s Art. 6 intended use test and Art. 10 data governance rules as a readiness checklist. In particular, if it looks like you would be developing or deploying a high-risk AI system, make sure you have the necessary resources to do so. ✅ Create clear roles and responsibilities along the lifecycle of data processing to continuously ensure the quality, consistency, and reliability of data. ✅ Delete data when you no longer need it. This not only saves resources, but minimizes your compliance exposure. Too often, regulation is framed as a constraint. In reality, it can help organizations plan and implement data projects in a strategic and purposeful way. #DataReadiness #AIGovernance #GDPR #AIAct #ResponsibleAI

I see so many LinkedIn posts about AI lately. Do’s and don’ts. Tools to use and those to avoid. Well, here’s my update on how AI is being incorporated into my practice and what works for me, which is subject to change as the technology itself advances. I have been working on implementing artificial intelligence into the daily operations of HEITNER LEGAL to essentially turn it into a highly capable junior associate who never sleeps, never bills more than the time actually required, and produces work that requires my final review and signature. That last part is important. Too many lawyers are failing to do that and finding themselves in trouble with judges and clients. For transactional matters, I find that precision in the prompt yields first drafts that already reflect the tone and structure I would use myself. I have trained the AI on my voice and style to accomplish that goal. My preference is to request a redline version showing every addition in bold and every deletion in strikethrough. I also like to use AI to double check my billing and keep me honest on how reasonable my entries are as a 16-year practicing attorney. For these transactional matters, I also ask AI to flag every provision that creates ambiguity or shifts risk disproportionately to the client, then propose specific curative language grounded in the jurisdictional law or prevailing industry custom, primarily in sports, entertainment, and intellectual property, which are focuses of my practice. With litigation, I like to supply the controlling statute or rule, the case citations already verified on Westlaw, and the strategic objective, whether securing a default judgment on unpaid fees or compelling production of withheld discovery. This cures common issues surrounding hallucinations. On a firm-wide level, the objective is never blind reliance. Every output undergoes independent cross-check for accuracy and confidentiality compliance, consistent with relevant ethics options and disclosure requirements. Lawyers who adopt this context-rich, iterative prompting style will find that AI ceases to be a novelty and becomes a reliable extension of the practice. But don’t feel pressured to do anything outside of your comfort zone. Importantly, technology multiplies productivity, but licensed attorney judgment remains non-negotiable. If you are a lawyer experimenting with AI in your practice, I welcome your thoughts in the comments on what has worked well for you. #LegalTech #AI #LawFirmManagement #Law #ArtificialIntelligence

As AI tools advance rapidly, it's important for employers to understand where the ethical and legal boundaries lie. The EU AI Act has taken a firm stance: AI systems that infer personality or emotions from biometric data — including face-based personality prediction — are prohibited or classified as high-risk. The legislation recognises the profound risks these tools pose to fairness, discrimination, privacy, and human dignity. In Australia, no equivalent protections currently exist. This means technologies that would be unlawful in Europe could still enter the Australian recruitment market — without the guardrails needed to prevent discrimination or algorithmic bias. As employers explore AI for hiring, screening, or talent management, now is the time to stay alert: —Be cautious of AI tools claiming to “predict personality” or “assess fit” from images or videos. —Demand transparency, validation evidence and bias testing from vendors. —Ensure any AI used in HR aligns with ethical standards — even if legislation lags behind. Until stronger regulation arrives in Australia, the responsibility rests with employers to safeguard their people and their processes from high-risk AI. Join the growing community of multidisciplinary leaders for inclusive and ethical AI at ada.ai.

A law firm spent six figures on a leading legal AI platform. Six months later, adoption was patchy. They still needed external help. This is more common than people admit. At BetterWiser, we help law firms and legal departments select and optimise legal AI tools. Many of these are market-leading products with strong customer success teams. Yet clients still need change management support. Here is why. 1. These are not just LLMs. They are complex software products powered by LLMs. They require users to: • Upload and maintain templates • Organise hot and cold storage • Configure review tables • Build repeatable workflows Left alone, only power users explore these features. Most lawyers use 20 percent of the functionality. It is the same as giving a sales team Salesforce and assuming value will materialise. Investment without structured adoption limits return. 2. Vendor training has limits. Vendors train users on features. They cannot redesign your workflows. They cannot: • Analyse where time is actually lost in your team • Set governance guardrails aligned to your risk profile • Decide which use cases drive the highest impact • Rework processes across legal and business stakeholders That requires someone who understands your lawyers, your culture, and your constraints. 3. Change management is not product training. It starts with a North Star. What business outcome is this project meant to unlock? It also requires segmentation: • Champions • Skeptics • The “too busy” middle • Leaders who need proof before committing Each group requires different engagement. Some need 1:1 support. Some need structured updates. Some need evidence of quick wins. Vendors cannot do this for you. In-house teams rarely have the bandwidth. ⸻ So how do we approach it? We start with listening. We interview lawyers. We ask what they actually want to spend less time on. We ask what frustrates them. The 100-market regulatory survey. The 2,000-file evidence review in mixed formats. The manual tracking that drains energy and delays business decisions. Only then do we design. Training anchored in real use cases. Governance that reflects real risk tolerance. Workflows that reduce friction, not add to it. We also work with the vendor. Not as a critic. As a translator. When legal teams say “this doesn’t work for us”, there is usually a configuration, workflow, or expectation gap. Bridging that gap is where value emerges. Buying legal AI is a procurement decision. Realising its value is a leadership decision. If you are investing in legal AI this year, ask yourself: Are you buying software? Or redesigning how your team works?