Category: Legal AI Ethics

Technology Competence for Lawyers: Meeting Your Ethical Duty with AI Tools

Forty states, the District of Columbia, and Puerto Rico now impose a formal duty of technology competence on lawyers. Yet according to the ABA’s 2024 Legal Technology Survey, 70% of attorneys still do not use any AI-based tools in their practice. That gap between the ethical mandate and actual adoption is not just a professional development problem — it is a malpractice risk.

This article traces how technology competence became an ethical obligation, explains what the duty requires in 2026 (including AI), provides a self-assessment framework, and outlines practical steps for compliance. Whether you are a solo practitioner handling 25 contracts a month or a small-firm partner supervising associates, understanding this duty is not optional.

Try Clause Labs Free — see how AI contract review fits into a competence-compliant workflow with zero learning curve.

How Technology Competence Became an Ethical Duty

The 2012 Amendment: Comment [8] to Rule 1.1

The duty of technology competence traces to a single sentence. In 2012, the American Bar Association amended Comment [8] to Model Rule 1.1 (Competence) to state that lawyers should “keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology.”

Before this amendment, Rule 1.1 required competence in legal knowledge and skill but said nothing explicit about technology. The addition was not accidental. The ABA Commission on Ethics 20/20 studied the impact of technology and globalization on the profession for three years before recommending the change.

What makes Comment [8] unusual is its brevity. Unlike the detailed guidance in other Model Rules, this single clause leaves enormous interpretive space. “Relevant technology” is not defined. “Keep abreast” suggests ongoing education, not one-time learning. And “benefits and risks” means that understanding the downsides of a technology is just as important as knowing how to use it.

State Adoption: A Jurisdiction-by-Jurisdiction Patchwork

According to Bob Ambrogi’s LawSites tracker, the adoption map as of 2026 looks like this:

40 states have adopted some form of the technology competence duty through comments to their version of Rule 1.1
The District of Columbia amended its Rule 1.1 comments in April 2025 (D.C. Court of Appeals Order No. M284-24)
Puerto Rico went further than any other jurisdiction in January 2026, creating an entirely new Rule 1.19 — “Technological Competence and Diligence” — a standalone rule rather than a comment

The remaining states have not formally adopted Comment [8], but that does not mean lawyers in those jurisdictions are exempt from technology competence expectations. Courts can still evaluate competence in light of prevailing professional norms, and the trend is overwhelmingly in one direction.

Key point: If you practice in one of the 40+ adopting jurisdictions, the duty of technology competence is already your ethical obligation — not a suggestion.

What Technology Competence Means in 2026

Beyond Email and E-Filing

In 2012, “relevant technology” primarily meant encryption, cloud storage, and e-discovery tools. By 2026, the landscape is vastly different. The ABA’s 2024 TechReport on Artificial Intelligence found that 30% of attorneys now use AI tools, up from 11% in 2023. The top use cases include document review, legal research, and contract analysis.

Technology competence in 2026 means understanding:

AI-powered legal tools — what they can and cannot do, including hallucination risks and accuracy limitations
Data privacy and security — how client data moves through cloud platforms and AI services
Cybersecurity fundamentals — multi-factor authentication, encryption, phishing awareness
Practice management systems — digital billing, calendaring, document management
Electronic discovery — search protocols, metadata preservation, proportionality

The duty is not to become a technologist. It is to understand enough about relevant technologies to make informed decisions about their use — or non-use — in your practice.

ABA Formal Opinion 512: The AI Competence Framework

On July 29, 2024, the ABA issued Formal Opinion 512 — “Generative Artificial Intelligence Tools”, its first formal ethics guidance on AI in legal practice. This opinion connects directly to the technology competence duty and touches six Model Rules:

Model Rule	AI Implication
Rule 1.1 (Competence)	Lawyers must understand AI’s “benefits and risks” before using it on client matters
Rule 1.4 (Communication)	Clients may need to be informed about AI use in their matters
Rule 1.5 (Fees)	You cannot bill clients for time spent learning a general technology tool
Rule 1.6 (Confidentiality)	Client data entered into AI tools must be protected; informed consent may be required
Rule 3.3 (Candor to Tribunal)	Verify all AI-generated citations and legal analysis — the Mata v. Avianca lesson
Rules 5.1 & 5.3 (Supervision)	Lawyers must supervise AI outputs with the same rigor as supervising a non-lawyer assistant

Formal Opinion 512 makes one thing clear: not using AI is not the risk-free choice. If AI tools could materially improve your representation — catching contract risks you would miss in a manual 3-hour review, for example — then ignorance of those tools may itself be a competence issue.

For a deeper analysis of how these ethical rules apply to contract review workflows, see our guide to AI ethics in legal practice.

The Competence Gap: Why It Matters Now

The Malpractice Dimension

Technology competence is not just an abstract ethical duty. It has real malpractice implications. If a lawyer misses a critical contract clause that an AI tool would have flagged in 30 seconds, opposing counsel can point to the technology competence duty as evidence of a below-standard review process.

Consider the numbers:

The average NDA review takes 1-3 hours manually (Clio 2025 Legal Trends Report)
AI contract review tools can flag key risks in under 60 seconds
World Commerce & Contracting research shows poor contract management costs organizations an average of 9.2% of annual revenue

When the gap between manual review and AI-assisted review is that large, the competence question is no longer whether you can use AI, but whether you can justify not using it.

The Client Expectation Shift

Clio’s 2025 Solo and Small Firm Report found that 75% of solo firms now offer flat fees alongside hourly billing. Clients choosing flat-fee arrangements expect efficiency. A lawyer who takes three days to review a contract that a competitor reviews in three hours — using AI for the first pass and human judgment for the final — is at a competitive disadvantage that becomes harder to explain.

Thomson Reuters’ 2025 survey found that 95% of legal professionals expect generative AI to become central to their workflow within five years. The question is not “if” but “when” — and the early adopters are already capturing the efficiency advantage.

Self-Assessment Framework: Where Do You Stand?

Use this five-category framework to evaluate your current technology competence. Score yourself 1-5 in each category (1 = no knowledge, 5 = proficient).

Category 1: Practice Management Technology

[ ] Do you use a cloud-based practice management system (Clio, MyCase, PracticePanther)?
[ ] Is your billing and timekeeping digitized?
[ ] Can you access case files securely from any device?
[ ] Do you have automated conflict-checking procedures?

Category 2: Cybersecurity and Data Protection

[ ] Do you use multi-factor authentication on all accounts?
[ ] Is client data encrypted at rest and in transit?
[ ] Have you completed cybersecurity awareness training in the past 12 months?
[ ] Do you have an incident response plan?

Category 3: AI and Legal Technology

[ ] Can you explain, at a general level, how AI contract review works?
[ ] Have you tested at least one AI legal tool on a non-client matter?
[ ] Do you understand the difference between general AI (ChatGPT) and legal-specific AI tools?
[ ] Can you identify AI hallucination risks and explain why verification matters?

Category 4: Electronic Communication and Discovery

[ ] Do you understand metadata in documents and how to preserve it?
[ ] Can you competently manage electronic discovery obligations?
[ ] Do you use secure communication channels for client confidences?

Category 5: Continuing Education

[ ] Have you completed technology-focused CLE in the past year?
[ ] Do you follow legal technology developments (LawSites, ABA TechReport, legal tech podcasts)?
[ ] Can you explain current AI ethics guidance to a client?

Scoring: If you scored below 3 in any category, that area deserves immediate attention. If you scored below 2 in Category 3 (AI), you are behind the current professional baseline.

CLE Requirements: What Your State Demands

Several states have moved beyond Comment [8] to impose specific technology-related CLE requirements:

State	Technology CLE Requirement
Florida	3 technology CLE credits every 3-year reporting period
North Carolina	1 technology CLE credit annually
New York	1 cybersecurity, privacy, and data protection credit per cycle
New Jersey	1 technology credit every 2 years (effective January 2027, per NJ Supreme Court order)
California	1 competence issue credit (technology qualifies) per reporting cycle

Even in states without mandatory technology CLE, completing technology-focused education demonstrates compliance with the broader competence duty and provides a record if your competence is ever questioned.

Practical tip: CLE programs covering AI in legal practice often satisfy both technology competence and ethics credit requirements simultaneously.

Practical Steps for Compliance

Step 1: Audit Your Current Technology Stack

Document every technology tool you use in your practice. For each tool, note:

What client data it accesses
Where data is stored (cloud location, encryption status)
The vendor’s security certifications (SOC 2, data processing agreements)
Whether you have reviewed the terms of service

This audit serves dual purposes: it identifies competence gaps and creates documentation that demonstrates diligence.

Step 2: Test an AI Contract Review Tool

You do not need to commit to a paid platform to start. Many AI contract review tools offer free tiers that let you evaluate the technology without risk.

Clause Labs’s free tier, for example, provides 3 reviews per month with the NDA playbook — enough to understand how AI identifies risks, generates redlines, and produces structured output. The point is not to adopt any specific tool. The point is to develop firsthand knowledge of what AI legal tools can and cannot do.

This knowledge directly addresses two Formal Opinion 512 requirements: understanding AI’s “benefits and risks” (Rule 1.1) and being able to properly supervise AI outputs (Rule 5.3).

Step 3: Develop an AI Use Policy

Even if you are a solo practitioner, a written AI use policy demonstrates competence and protects you if questions arise. Your policy should address:

Approved tools: Which AI tools are permitted for client work
Data handling: What client information may be entered into AI tools (and what may not)
Verification requirements: How AI outputs are checked before reliance
Client disclosure: When and how clients are informed about AI use
Documentation: How AI-assisted work is recorded in the file

For our comprehensive ethics guide to AI in contract review, including sample policy language, see the linked resource.

Step 4: Complete Technology-Focused CLE

Prioritize CLE programs that address:

AI ethics for lawyers (satisfies both technology and ethics credits in many states)
Cybersecurity fundamentals for small firms
Data privacy compliance (state and federal)
AI contract review workflows and supervision frameworks

The ABA’s TechReport publishes annual technology education resources that align with current competence expectations.

Step 5: Build Competence into Your Workflow

Technology competence is not a one-time certification. It is an ongoing practice. Practical integration looks like this:

Monthly: Test one new feature of an existing tool or evaluate a new tool
Quarterly: Review your AI use policy and update for new developments
Annually: Complete a technology-focused CLE course and update your technology stack audit
Ongoing: Follow at least one legal technology publication (LawSites, ABA Journal, or Artificial Lawyer)

The Cost of Non-Compliance vs. the Cost of Compliance

Let’s make this concrete with numbers.

Cost of non-compliance:

Missed contract risks that a $49/month AI tool would have caught — potential malpractice exposure starting at $50,000+ per claim
Lost clients who expect modern, efficient service delivery
Disciplinary risk in 40+ jurisdictions with formal competence duties
Competitive disadvantage against peers who review contracts 3-5x faster

Cost of compliance:

10-20 hours of CLE and self-study per year (much of which satisfies existing CLE requirements)
$0-$149/month for AI contract review tools, depending on volume
2-3 hours to draft an AI use policy
1-2 hours quarterly to review and update your technology practices

The math is not close. For a solo lawyer billing $350/hour, the time investment in technology competence pays for itself the first time an AI tool catches a contract risk in 30 seconds that would have taken 2 hours to identify manually.

For a practical comparison of AI contract review tools and their fit for different practice sizes, see our AI contract review tools guide.

Frequently Asked Questions

Does technology competence mean I have to use AI?

Not necessarily. The duty is to “keep abreast of” relevant technology, not to adopt every new tool. But as AI becomes standard in contract review and legal research, understanding what it does — even if you choose not to use it — is part of the duty. Formal Opinion 512 makes clear that informed non-use is very different from ignorance.

Can I be disciplined for not being technology competent?

In the 40+ jurisdictions that have adopted Comment [8] or similar language, technology competence is part of your ethical obligations under Rule 1.1. A pattern of technology-related failures — sending unencrypted client data, missing risks that AI tools routinely flag, or failing to understand basic cybersecurity — could factor into a disciplinary proceeding. That said, most disciplinary actions involve broader competence issues, not technology alone.

What if my state has not adopted Comment [8]?

Even without formal adoption, courts can evaluate competence based on prevailing professional standards. The overwhelming trend (40+ jurisdictions and counting) means that technology competence reflects the national standard of care. Additionally, many malpractice insurers now ask about technology practices in their applications.

How does Formal Opinion 512 affect my contract review practice?

If you review contracts as part of your practice, Formal Opinion 512 means you should: (1) understand what AI contract review tools do and how they work, (2) if you use AI tools, verify their outputs independently, (3) protect client confidentiality when using any AI platform, and (4) be prepared to explain your use — or non-use — of AI to clients who ask. Clause Labs’s free contract analyzer is one way to develop hands-on familiarity with AI contract review at zero cost.

What counts as technology-focused CLE?

Programs covering cybersecurity, data privacy, artificial intelligence in legal practice, e-discovery technology, practice management technology, and legal tech ethics all qualify in most jurisdictions. Check your state bar’s CLE rules for specific categories. Several states (Florida, North Carolina, New York) have explicit technology CLE categories; others count technology programs toward general or ethics credits.

How do I supervise AI outputs to comply with Rule 5.3?

Formal Opinion 512 requires lawyers to supervise AI outputs with the same diligence they would apply to work from a non-lawyer assistant. In practice: read every AI-generated analysis before relying on it, verify specific citations and legal references independently, compare AI risk flags against your own professional judgment, and document your review process. Never submit AI output to a client or court without independent verification — Mata v. Avianca demonstrated the consequences of skipping this step.

This article is for informational purposes only and does not constitute legal advice. Consult a qualified attorney for advice specific to your situation.

February 23, 2026

Ethical AI Use in Legal Practice: A CLE-Eligible Guide

Forty-two jurisdictions have now adopted the technology competence duty from Comment 8 to ABA Model Rule 1.1. That number rose from 40 to 42 in 2025 alone, with the District of Columbia and Puerto Rico joining the list. Puerto Rico went further than any other jurisdiction, creating an entirely new Rule 1.19 dedicated to “Technological Competence and Diligence” rather than burying the duty in a comment.

The direction is unmistakable: every state will eventually require lawyers to understand the technology they use — or choose not to use. And with 26% of legal organizations now actively deploying generative AI (Thomson Reuters 2025 survey), the ethical framework for AI use is no longer a hypothetical CLE topic. It is a daily practice requirement.

This guide provides a rule-by-rule analysis of the ethical obligations governing AI use in legal practice, compiles guidance from major state bars, examines case studies of both ethical and unethical AI use, and offers a decision framework you can apply immediately. Try Clause Labs’s free analyzer to see how a purpose-built legal AI tool differs from general chatbots in protecting your ethical obligations.

Rule-by-Rule Analysis: How Each Model Rule Applies to AI

Rule 1.1 — Competence: The Dual Obligation

ABA Model Rule 1.1 creates what is effectively a dual obligation for AI use:

Obligation 1: Competence in using AI tools you adopt. If you use an AI contract review tool, you must understand what it does, how it works at a functional level, what its limitations are, and where it is most and least reliable. You need not understand the underlying machine learning architecture. You must understand the tool’s inputs, outputs, and failure modes.

Obligation 2: Competence in knowing what AI tools exist. Comment 8’s requirement to “keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology” increasingly means that ignorance of AI tools is itself a competence issue — particularly when those tools are widely adopted by peers in your practice area.

What ABA Formal Opinion 512 says: Lawyers using AI must understand “the benefits and risks associated with” the technology, though they need not become AI experts. The standard is a “reasonable understanding of the capabilities and limitations” — enough to evaluate whether the tool’s output is reliable for a given task.

The practical test: Could you explain to a client, in plain language, what the AI tool does with their data, what it is good at, what it misses, and why you trust (or verify) its output? If not, your competence under Rule 1.1 is questionable.

Rule 1.4 — Communication: When and How to Tell Clients About AI

Model Rule 1.4 requires lawyers to keep clients “reasonably informed about the status of the matter” and to “explain a matter to the extent reasonably necessary to permit the client to make informed decisions.”

The disclosure question: Must you tell clients you are using AI?

ABA Formal Opinion 512 does not impose a blanket disclosure requirement, but it strongly recommends disclosure when AI use is material to the representation. The NYSBA Task Force Report goes further, advising lawyers to “disclose to clients when AI tools are employed in their cases.”

When disclosure is clearly required:

The AI’s analysis materially affects your advice to the client
Client data will be processed by a third-party AI tool
The client’s informed consent is needed under Rule 1.6 before uploading confidential information
The client specifically asks about your review methodology

When disclosure is good practice but not strictly required:

AI is used for initial screening that you independently verify
AI assists with non-substantive tasks (formatting, document organization)
The AI tool is functionally equivalent to other technology (spell-check, document comparison) that you do not typically disclose

Best practice: Disclose proactively. A brief technology disclosure in your engagement letter costs nothing and prevents problems later. Clients who learn after the fact that AI was used — even appropriately — may lose trust.

Rule 1.5 — Fees: The Billing Ethics of AI Efficiency

The fee implications of AI are more complex than they first appear.

What Opinion 512 prohibits:

Billing clients for time spent learning a general AI tool. If you spend 5 hours learning how to use an AI contract review platform, that is overhead, not client work.
Billing for hours not actually worked. If AI reduces a 3-hour review to 45 minutes, billing 3 hours is unethical.

What Opinion 512 permits:

Charging for time actually spent using AI on a specific client matter
Charging reasonable flat fees that reflect the value of the service
Passing through reasonable AI subscription costs with prior disclosure
Charging a client-requested premium for AI-specific expertise

The value-based billing opportunity: AI creates a compelling case for flat-fee contract review. If you can deliver a thorough NDA review in 40 minutes using AI — the same quality that took 2.5 hours manually — a flat fee of $500-$750 is a win for both you (higher effective hourly rate) and the client (lower total cost, faster turnaround).

Texas Opinion 705 addresses this directly: lawyers “cannot bill for unworked hours, even if AI makes tasks more efficient. However, reasonable costs for AI services — such as subscription fees — may be passed to Texas clients with appropriate prior agreement.”

Rule 1.6 — Confidentiality: The Non-Negotiable Obligation

Model Rule 1.6 is where the most serious risks lie, and where the distinction between general AI tools and purpose-built legal tools matters most.

The core issue: When you upload a client’s contract to an AI tool, you are sharing confidential client information with a third-party technology provider. Rule 1.6(c) requires you to “make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.”

Opinion 512’s guidance: Lawyers must secure “informed consent” before using client confidences in AI tools, and “boilerplate consent included in engagement letters will not be adequate.”

This is the strongest language in Opinion 512. It means:

You cannot simply add “we may use AI tools” to your standard engagement letter and call it informed consent
You must explain specifically what AI tool you are using, what data it processes, and how that data is protected
The client must understand and agree — not just fail to object

The general AI problem: When you paste a contract into ChatGPT, Claude, or similar general-purpose tools, you are sending client data to a platform that may:
– Use the input to train its models (exposing client data to other users’ outputs)
– Store the conversation indefinitely
– Share data with third-party sub-processors
– Not provide any contractual data protection commitments

The purpose-built legal AI solution: Tools designed specifically for legal contract review — like Clause Labs — typically:
– Do not train on client data
– Provide contractual commitments on data handling
– Implement data isolation between users
– Offer defined data retention and deletion policies
– Maintain security certifications (SOC 2 or equivalent)

Practical compliance checklist for Rule 1.6:

[ ] Review the AI tool’s terms of service and privacy policy
[ ] Confirm the tool does not train on your data
[ ] Verify data encryption at rest and in transit
[ ] Understand data retention periods and deletion procedures
[ ] Obtain informed (not boilerplate) client consent
[ ] Document your data protection assessment in the client file

Rule 5.3 — Supervision: AI as a “Nonlawyer Assistant”

The 2012 amendment to Rule 5.3 changed “nonlawyer assistants” to “nonlawyer assistance,” expanding the scope to include non-human assistance such as AI tools.

What this means practically:

You must supervise AI output with the same diligence you would apply to work product from a paralegal or junior associate. You would not send a first-year associate’s contract memo to a client without review. You should not send AI-generated analysis to a client without review either.

The firm-level obligation: Partners and managing attorneys must:
– Establish written policies governing AI use (what tools, what tasks, what safeguards)
– Train all attorneys and staff on proper AI use
– Implement review workflows that ensure AI output is verified before use
– Conduct periodic audits of AI-assisted work product

The individual attorney obligation: Every attorney who uses AI tools must:
– Review AI output before relying on it
– Apply professional judgment to AI-generated analysis
– Flag and correct AI errors before they reach clients
– Maintain documentation of the review process

Rules 3.1 and 3.3 — Candor: The Mata v. Avianca Warning

While primarily applicable to litigation, Rules 3.1 (meritorious claims) and 3.3 (candor toward the tribunal) carry a critical lesson for all lawyers using AI.

The case: In Mata v. Avianca, Inc., No. 22-cv-1461 (S.D.N.Y. 2023), attorneys used ChatGPT to research legal precedent for a court filing. ChatGPT fabricated six non-existent case citations. The attorneys submitted the filing without verifying the citations existed. Judge P. Kevin Castel sanctioned the attorneys $5,000 and required them to notify each judge falsely identified as the author of the fabricated opinions.

Why this matters for contract lawyers: The principle extends beyond litigation. If you rely on AI-generated analysis of contract provisions — including analysis of governing law, statutory references, or case law implications — you must verify it independently. The Stanford study on AI legal tools found hallucination rates of 17% for Lexis+ AI, 33% for Westlaw AI-Assisted Research, and 43% for GPT-4. These are not edge cases. They are systematic failure rates.

State Bar Guidance: A Four-State Comparison

State bars have issued increasingly specific guidance on AI ethics. Here is a comparison of the four most influential state approaches.

California: Practical Principles, Not Prescriptive Rules

The State Bar of California’s Practical Guidance (approved November 2023) provides guiding principles rather than specific mandates:

AI is treated as “another technology” subject to existing competence, confidentiality, and supervision rules
No specific disclosure requirement, but the guidance emphasizes informed consent for data sharing
Treats AI as a living document issue — the guidance is periodically updated as technology evolves
Accessible via the Ethics & Technology Resources page

Key takeaway for practitioners: California’s approach gives you flexibility but requires you to think through each ethical issue case by case. There is no safe harbor of “I followed the checklist.”

Florida: Four Clear Ethical Caveats

Florida Bar Opinion 24-1 (January 2024) provides the most structured state guidance, organized around four ethical obligations:

Protect confidentiality: Research the AI tool’s data policies before use
Maintain competence and supervision: Develop policies for oversight; verify AI output
Bill ethically: No double-billing or inflating hours
Comply with advertising rules: AI chatbots on law firm websites must identify themselves and include disclaimers

Key takeaway: Florida’s approach is the most actionable — four clear requirements you can audit against.

New York: The Most Comprehensive Framework

The NYSBA Task Force on Artificial Intelligence Report (April 2024) is the most comprehensive state bar document on AI, with four core recommendations:

Adopt AI guidelines (the report provides detailed guidelines)
Prioritize education over legislation
Identify risks requiring new regulation through expert study
Examine the broader governance role of law in AI development

Key provisions:
– Lawyers should disclose AI use to clients
– AI should not replace professional judgment
– A standing committee should oversee periodic updates
– Education should be the primary response, not restrictive regulation

Key takeaway: New York’s framework is the broadest — it addresses not just practitioner ethics but the structural role of the legal profession in AI governance. Read the full report if you practice in New York or want the most thorough analysis available.

Texas: Competence Before Use, Fair Billing After

Texas Opinion 705 (February 2025) adds specific guidance not found in other states:

Competence before use: Lawyers must “acquire basic technological competence before using any generative AI tool” — not after
Confidentiality as a threshold: Always verify the tool “does not imperil confidential client information” before inputting any data
Mandatory verification: “Always verify the accuracy of any responses received from a generative AI tool”
Billing fairness: Lawyers “should not charge clients for the time ‘saved’ by using a generative AI program”

Key takeaway: Texas’s billing guidance is the most specific. The explicit prohibition on charging for AI-saved time pushes lawyers toward value-based or flat-fee pricing models.

Comparison Table

Issue	ABA Opinion 512	California	Florida 24-1	New York NYSBA	Texas 705
Competence required	Yes	Yes	Yes	Yes	Yes (before use)
Client disclosure	Recommended	Implied	Yes (confidentiality)	Yes (explicit)	Implied
Informed consent for data	Required (not boilerplate)	Case-by-case	Yes	Yes	Yes
Billing for AI-saved time	Cannot bill unworked hours	Not addressed specifically	No double-billing	Not addressed specifically	Cannot charge for saved time
AI tool subscription passthrough	Permitted if reasonable	Not addressed	Not addressed	Not addressed	Permitted with agreement
Written AI use policy	Recommended	Not required but implied	Required (develop policies)	Recommended	Implied
Verification of AI output	Required	Required	Required	Required	Required (always)

For more on how these rules apply specifically to contract review, see our CLE course on AI-powered contract review.

Case Studies: Ethical vs. Unethical AI Use

Case Study 1: The Fabricated Citations (Unethical)

What happened: In Mata v. Avianca (2023), attorney Steven Schwartz used ChatGPT to research legal precedent. ChatGPT generated six fabricated case citations. When the opposing party questioned the citations, Schwartz asked ChatGPT to verify them — and ChatGPT confirmed they were real. Schwartz submitted an affidavit attaching the fabricated “decisions.”

Rules violated: Rule 3.3 (candor toward tribunal), Rule 1.1 (competence — failure to understand AI limitations), Rule 3.1 (meritorious claims)

The lesson: Never use AI output without independent verification. ChatGPT’s confirmation that its own citations were real demonstrates a fundamental characteristic of large language models: they generate text that sounds correct regardless of whether it is factually accurate. Verification means checking the source, not asking the AI to verify itself.

Case Study 2: The Proper Contract Review Workflow (Ethical)

Clause Labs is one example of a purpose-built legal AI tool designed for this kind of structured, ethical workflow. The scenario below illustrates what a proper AI-assisted review looks like in practice.

Scenario: A solo practitioner receives a 45-page MSA from a client’s vendor. She uploads it to a purpose-built AI contract review tool. The AI identifies 23 clauses, flags 5 as high risk, identifies 2 missing provisions, and generates suggested redlines.

Her process:
1. Reviews the AI’s contract classification (correct — vendor MSA)
2. Examines each flagged risk against the specific deal context
3. Overrides one AI flag (the liability cap is standard for this industry)
4. Accepts two AI-suggested redlines and modifies a third
5. Adds her own analysis on two provisions the AI did not flag (a jurisdiction-specific payment term issue and a trade secret concern relevant to the client’s industry)
6. Prepares a client memo incorporating her analysis, not the AI’s raw output
7. Documents the AI tool used, its output, and her modifications in the file

Rules satisfied: Rule 1.1 (competent use of tool, independent judgment applied), Rule 1.4 (her engagement letter discloses AI use), Rule 1.5 (she charges a flat fee based on value), Rule 1.6 (she verified the tool’s data practices), Rule 5.3 (she supervised the AI output)

Case Study 3: The Confidentiality Breach (Unethical)

Scenario: An attorney pastes a client’s draft acquisition agreement into ChatGPT with the prompt “Review this contract and identify risks.” The agreement contains sensitive financial terms, the target company’s proprietary valuation data, and personally identifiable information of key employees.

Rules violated: Rule 1.6 (confidentiality — client data shared with a tool that may use it for training, has no data protection agreement, and stores conversations indefinitely), Rule 1.1 (competence — failure to understand the tool’s data practices)

The lesson: General-purpose AI chatbots are not configured for confidential legal work. Using them for client data without understanding their data policies is a Rule 1.6 violation regardless of the quality of the output.

The Ethical Decision Framework

When evaluating whether a specific AI use is ethical, apply this four-question framework:

Question 1: Do I Understand the Tool?

Can you explain to a colleague what the tool does, how it processes data, where it stores information, and what its known limitations are? If not, stop. You need to achieve basic competence before using the tool on client work (Rule 1.1).

Question 2: Is the Client’s Data Protected?

Have you verified the tool’s data practices? Does it train on inputs? Who has access? What are the retention policies? Have you obtained informed (not boilerplate) client consent? If any answer is unclear, do not upload client data until you resolve it (Rule 1.6).

Question 3: Will I Verify the Output?

Are you prepared to independently review the AI’s analysis, apply your professional judgment, and take responsibility for the final work product? If you plan to send the AI’s output to the client without meaningful review, you are not supervising the tool (Rule 5.3) and may be providing incompetent representation (Rule 1.1).

Question 4: Is My Billing Honest?

Are you billing for time actually worked? If AI reduced the task, are you adjusting your bill accordingly? If you are charging a flat fee, is it reasonable for the service provided? Can you justify the fee if questioned? (Rule 1.5)

If all four answers are affirmative, the AI use is likely ethical. If any answer is negative or uncertain, pause and address the gap before proceeding.

Building Your Ethical AI Practice

The lawyers who will thrive in the AI era are not those who adopt AI fastest or those who resist it longest. They are the ones who adopt AI thoughtfully — with clear ethical frameworks, verified tool selection, documented processes, and unwavering commitment to independent judgment.

The rules have not changed. Competence, confidentiality, communication, and supervision remain the foundation. What has changed is the context in which those rules operate. AI gives you the ability to review contracts faster, catch more issues, and serve more clients. The ethical obligation is to harness that capability while maintaining the standards your clients and the profession demand.

Start with Clause Labs’s free tier — 3 reviews per month, no credit card required — and build your ethical AI workflow on a platform designed to protect your professional obligations from the ground up.

Frequently Asked Questions

Does ABA Formal Opinion 512 require me to use AI?

No. Opinion 512 addresses how to use AI ethically — not whether to use it. However, Comment 8 to Rule 1.1 requires keeping abreast of relevant technology, which increasingly means understanding what AI tools are available even if you choose not to adopt them. The obligation is awareness, not adoption.

Can I be disciplined for using AI tools in my practice?

Using AI tools, per se, is not a basis for discipline. Disciplinary risk arises from how you use AI: sharing confidential client data without consent (Rule 1.6), relying on unverified AI output (Rule 1.1), failing to supervise AI-generated work product (Rule 5.3), or billing dishonestly for AI-assisted work (Rule 1.5). Follow the ethical framework in this guide and document your process.

How do I choose between general AI tools and purpose-built legal AI tools?

For any task involving confidential client information — including contract review — purpose-built legal tools are strongly preferred. They are designed with Rule 1.6 compliance in mind, provide contractual data protection commitments, and produce structured legal analysis rather than general-purpose text generation. For non-confidential tasks like legal research on public matters, general tools may be appropriate with verification. For a comparison of available tools, see our AI contract review tools guide.

What should my firm’s AI use policy include?

At minimum: (1) approved AI tools, (2) prohibited AI uses, (3) data handling procedures, (4) required review workflows, (5) client disclosure requirements, (6) billing guidelines, (7) documentation requirements, and (8) training schedule. The policy should be reviewed quarterly as tools and guidance evolve. The Clio blog’s overview of AI ethics opinions provides a useful compilation of bar guidance to inform your policy.

Is using AI for contract review less risky than using it for litigation research?

In some ways, yes. Contract review AI tools provide structured analysis against defined criteria — the risk of wholesale fabrication (as in Mata v. Avianca) is lower because the tool is analyzing a document you provided, not generating citations from scratch. However, contract review AI can still miss critical provisions, misclassify risk levels, or fail to identify jurisdiction-specific issues. The verification obligation applies equally to both use cases. See our analysis of how to review contracts for red flags for the human judgment elements that remain essential.

This article is for informational purposes only and does not constitute legal advice. Consult a qualified attorney for advice specific to your situation.

February 23, 2026

AI-Powered Contract Review: Ethics, Best Practices, and Practical Applications
AI-Powered Contract Review: Ethics, Best Practices, and Practical Applications

Fifty-two percent of legal professionals said they expect generative AI to become central to their workflow within five years, according to Thomson Reuters’ 2025 AI survey. Meanwhile, 26% of legal organizations are already actively using generative AI — up from 14% in 2024. The gap between those two numbers is where most lawyers currently sit: aware that AI is coming, uncertain about how to use it competently and ethically.

This article is structured as a CLE-format educational course covering four modules: the fundamentals of AI in contract review, the ethical framework governing its use, practical application and supervision, and implementation guidance. Whether you are evaluating AI tools for the first time or refining an existing workflow, this course provides the analytical framework to use AI in contract review while meeting your professional obligations.

Try Clause Labs’s free contract analyzer to follow along with the practical exercises in Module 3 using your own contract.

Module 1: Introduction to AI in Contract Review (Fundamentals)

What AI Contract Review Actually Does

AI contract review tools perform a specific, bounded task: they analyze contract text to identify clauses, assess risk, detect missing provisions, and suggest revisions. This is fundamentally different from general-purpose AI chatbots.

The distinction matters. When a lawyer uses ChatGPT to “review” a contract, they are using a general language model that generates plausible-sounding text without any legal-specific analytical framework. When a lawyer uses a purpose-built contract review tool, the AI applies structured analysis — clause classification, risk scoring against defined criteria, comparison to market-standard language, and gap detection against contract-type templates.

Here is what a typical AI contract review pipeline does:
1. Document parsing: Extracts text from PDF or DOCX, including OCR for scanned documents
2. Contract type classification: Identifies whether the document is an NDA, MSA, employment agreement, SaaS agreement, or other contract type
3. Clause extraction: Identifies and categorizes every clause in the document (indemnification, limitation of liability, termination, confidentiality, etc.)
4. Risk analysis: Scores each clause against defined risk criteria (Critical, High, Medium, Low, Informational)
5. Gap detection: Identifies clauses that should be present but are missing, based on the contract type
6. Redline generation: Suggests specific textual revisions to address identified risks
What AI Contract Review Cannot Do

AI cannot exercise legal judgment. It cannot understand the business context behind a deal, weigh competing client objectives, assess the enforceability of a provision in a specific jurisdiction, or determine whether a risk is acceptable given the client’s risk tolerance.

A contract review tool might flag a one-sided indemnification clause as “High Risk.” Whether that risk is acceptable depends on factors AI cannot evaluate: the relative bargaining positions of the parties, whether the client needs this deal urgently, whether the counterparty is creditworthy enough to honor the indemnification, and whether local law limits the enforceability of the provision.

This is not a limitation to overcome — it is the boundary that defines the lawyer’s irreplaceable role.

The Current State of AI Adoption in Legal Practice

The data on adoption is clear and accelerating:
- 26% of legal organizations are actively using generative AI, up from 14% in 2024 (Thomson Reuters 2025 survey)
- 71% of solo law firms report using AI in some form (Clio 2025 Solo & Small Firm Report)
- Document review (77%), legal research (74%), and document summarization (74%) are the top use cases
- Legal tech spending surged 9.7% as firms race to integrate AI (LawSites 2026 analysis)
- Firms with a visible AI strategy were twice as likely to experience revenue growth compared to firms with ad-hoc adoption
The takeaway: AI adoption in legal practice is no longer experimental. It is mainstream. The ethical question has shifted from “Should I use AI?” to “How do I use AI competently and ethically?”

Module 2: The Ethical Framework for AI Use in Contract Review

ABA Formal Opinion 512: The Governing Framework

On July 29, 2024, the ABA Standing Committee on Ethics and Professional Responsibility released Formal Opinion 512, its first formal opinion covering generative AI in legal practice. This opinion is now the primary ethical reference point for lawyers using AI tools.

Opinion 512 addresses six areas of ethical concern, each mapped to specific Model Rules. Here is how they apply to contract review:

Rule 1.1 — Competence

Model Rule 1.1 requires lawyers to provide competent representation, which includes understanding the technology they use.

What this means for AI contract review:
- You must understand what the AI tool does and does not do before using it on client work
- You must be able to evaluate the AI’s output critically — accepting a risk score at face value without understanding why the AI flagged it violates this rule
- You need not be an AI expert, but you must have a “reasonable understanding of the capabilities and limitations” of the tool (Opinion 512)
- Comment 8, adopted by 42 jurisdictions, explicitly requires keeping abreast of “the benefits and risks associated with relevant technology”
Practical application: Before deploying any AI contract review tool on client work, review at least 5-10 contracts you have previously reviewed manually, compare the AI’s output to your own analysis, and identify where the AI’s assessment differs from yours. This calibration step is not optional — it is a competence requirement.

Rule 1.4 — Communication

What this means for AI contract review:
- You must keep clients “reasonably informed about the status of the matter”
- This includes informing clients that AI tools are being used in their matter when material to the representation
- Opinion 512 does not mandate AI disclosure in all cases, but many practitioners and state bars recommend it as best practice
Practical application: Update your engagement letter to include a technology disclosure provision. Example language: “Our firm uses AI-assisted tools for initial contract analysis and risk identification. All AI-generated analysis is reviewed, verified, and supplemented by attorney review before being communicated to you or relied upon in providing legal advice.”

Rule 1.5 — Fees

What this means for AI contract review:
- You may not charge for time spent learning to use a general AI tool (Opinion 512)
- You may charge for time using the tool on a specific client matter if the charge is reasonable
- If AI reduces your review time from 3 hours to 1 hour, you cannot bill 3 hours
- However, value-based billing is permissible — charging for the quality and completeness of the review, not just the time spent
Practical application: If you use AI to reduce a contract review from 3 hours to 45 minutes, the ethical approach is to: (a) bill actual time spent at your hourly rate, or (b) charge a flat fee that reflects the value of the service to the client. What you cannot do is bill 3 hours for 45 minutes of work.

Rule 1.6 — Confidentiality

Model Rule 1.6 requires reasonable efforts to prevent unauthorized disclosure of client information.

What this means for AI contract review:
- You must understand how the AI tool processes, stores, and potentially uses client data
- Uploading a client’s contract to a general AI chatbot without understanding its data practices likely violates this rule
- Opinion 512 recommends securing “informed consent” before using client confidences in AI tools
- Boilerplate consent in engagement letters is “not adequate” (Opinion 512)
Practical application: Before using any AI tool on client contracts, verify:
1. Does the tool train on your data? (If yes, this is likely a Rule 1.6 problem)
2. Where is data stored, and is it encrypted at rest and in transit?
3. Who has access to uploaded documents?
4. What is the data retention policy?
5. Is the tool SOC 2 compliant or subject to similar security standards?

Purpose-built legal AI tools like Clause Labs are designed with these requirements in mind — they do not train on client data and maintain strict data isolation. General-purpose chatbots generally do not offer these protections.

Rules 5.1 and 5.3 — Supervisory Responsibilities

Model Rule 5.3 requires lawyers to supervise “nonlawyer assistance,” which has been interpreted to include AI tools since the 2012 language change from “assistants” to “assistance.”

What this means for AI contract review:
- You must establish firm-wide policies governing AI use
- AI output must be reviewed by a supervising attorney before being shared with clients or relied upon
- Training staff on proper AI use is not optional — it is a supervisory obligation
- Partners and managing attorneys must ensure firm-wide measures provide reasonable assurance that AI use is compatible with professional obligations
Practical application: Create a written AI use policy that addresses: approved tools, prohibited uses, review requirements, data handling procedures, and training requirements. This policy is your primary evidence of compliance with Rule 5.3 if AI use is ever questioned.

Rules 3.1 and 3.3 — Candor Toward the Tribunal

What this means for AI contract review:
- This applies primarily to litigation, but contract lawyers should note: if AI-generated analysis informs a position you take in a proceeding, you must verify its accuracy
- The cautionary tale is Mata v. Avianca, Inc., No. 22-cv-1461 (S.D.N.Y. 2023), where attorneys submitted ChatGPT-fabricated case citations and were sanctioned $5,000, required to notify affected judges, and suffered significant reputational harm
- The Stanford study on AI legal research tools found hallucination rates of 17-33% in leading legal AI platforms — verification is not optional
Module 3: Practical Application — AI-Assisted Contract Review

The VERIFY Supervision Framework

For practical AI use in contract review, apply this framework to every AI-generated output:

V — Validate the AI’s contract type classification. Misclassification leads to incorrect risk analysis. An AI that classifies a licensing agreement as a services agreement will flag the wrong risks and miss relevant provisions.

E — Examine every flagged risk in context. A “High Risk” indemnification clause may be entirely appropriate if your client is the party benefiting from the indemnification. Risk scores are inputs to judgment, not substitutes for it.

R — Review identified gaps against jurisdiction-specific requirements. AI may flag a missing arbitration clause as a gap. But whether arbitration is preferable depends on the type of contract, the likely disputes, and the applicable law.

I — Investigate any legal citations, case references, or statutory references in the AI’s output. Do not take any legal citation at face value. Verify it exists and says what the AI claims it says.

F — Finalize with attorney judgment. After AI analysis, apply your legal expertise to the results. Add client-specific context, strategic considerations, and practice experience that no AI can replicate.

Y — Your signature goes on the work product. You are responsible for everything that leaves your office, regardless of how it was generated. If you would not sign the analysis without AI involvement, do not sign it with AI involvement.

Practical Exercise: AI-Assisted NDA Review

To demonstrate the practical application, here is how an AI-assisted NDA review works using a purpose-built contract review tool:

Step 1: Upload and Initial Analysis (60 seconds)

Upload the NDA. The AI parses the document, classifies it as a mutual or one-way NDA, and identifies all clauses. You receive:
– Overall risk score (0-10 scale)
– Clause-by-clause breakdown with individual risk ratings
– Missing clause identification
– Suggested redlines

Step 2: Apply VERIFY Framework (15-20 minutes)
- Validate: Is the classification correct? Is it actually mutual, or does it have asymmetric obligations?
- Examine: Review each flagged risk. Is the broad definition of “Confidential Information” actually problematic given the deal context?
- Review: Check jurisdiction-specific issues. Does the governing law state enforce the remedies provision as drafted?
- Investigate: Verify any suggested language changes make legal sense for this deal
- Finalize: Accept, reject, or modify each suggested redline based on client objectives
- Your signature: Prepare the client-facing memo with your analysis, not the AI’s raw output
Step 3: Client Deliverable (10-15 minutes)

Prepare a risk summary memo identifying the top 3-5 issues, your recommended positions, and your suggested redlines. The AI identified the issues; you provided the judgment.

Total time: approximately 30-40 minutes for a complete NDA review that would have taken 2-3 hours manually.

Practical Exercise: AI-Assisted MSA Review

MSAs are more complex and demonstrate where the supervision framework becomes critical.

Key differences from NDA review:
- More clause types to review (typically 15-25 provisions vs. 5-8 for NDAs)
- Interaction effects between clauses (indemnification + limitation of liability + insurance must be read together)
- Greater need for industry-specific judgment (SaaS MSAs differ from consulting MSAs)
- Statement of Work (SOW) framework requires business-context review that AI cannot perform
Where AI adds the most value in MSA review:
- Identifying all limitation of liability provisions, including buried sub-clauses
- Cross-referencing defined terms for consistency
- Detecting missing provisions against MSA templates (missing IP ownership, missing insurance requirements)
- Comparing liability cap to contract value ratio
Where attorney judgment is irreplaceable:
- Evaluating whether the liability cap is commercially reasonable for this deal
- Assessing whether the indemnification scope matches the actual risk profile
- Determining if termination provisions give the client adequate exit options
- Reviewing SOW structure for scope creep risk
For a deeper comparison of AI contract review tools and their capabilities, see our comprehensive AI contract review tools guide. You can also see how AI performs on a real NDA in our ChatGPT vs. dedicated AI contract review comparison.

Try Clause Labs’s free analyzer on your own contract to experience the VERIFY framework firsthand — 3 reviews per month, no credit card required.

Module 4: Implementation Guide

Choosing an AI Contract Review Tool

Not all AI tools are created equal. Here is what to evaluate:

Security and Compliance:
– Does the tool train on your data? (Answer should be no)
– Is it SOC 2 compliant?
– Where is data stored and processed?
– What is the data retention and deletion policy?

Functionality:
– Does it support the contract types you review most frequently?
– Does it provide clause-by-clause analysis, not just summaries?
– Can it identify missing clauses, not just risky ones?
– Does it generate suggested redlines you can accept or reject?

Integration:
– Does it accept PDF and DOCX formats?
– Can it export analysis as a Word document with tracked changes?
– Does it integrate with your existing practice management software?

Cost:
– What is the per-review cost compared to your current manual review cost?
– Clause Labs offers a free tier (3 reviews/month) for evaluation, Solo at $49/month for 25 reviews, Professional at $149/month with custom playbooks, and Team at $299/month with unlimited reviews

For a detailed comparison across tools and pricing tiers, see our best AI contract review tools comparison.

Setting Up Workflows

For solo practitioners:
1. Use AI as a first-pass screening tool for every contract
2. Apply VERIFY framework to AI output
3. Maintain your own checklist as a final quality gate
4. Document your review process for each matter
For small firms (2-10 attorneys):
1. Designate an AI administrator who understands the tool’s capabilities and limitations
2. Create firm-wide AI use policies (required by Rule 5.3)
3. Implement a two-tier review: junior attorney + AI first pass, senior attorney verification
4. Standardize output templates so clients receive consistent deliverables
5. Conduct quarterly calibration reviews comparing AI output to attorney assessments
Client Communication Templates

Engagement letter language:

“Our firm uses AI-assisted technology tools for initial contract analysis, including clause identification, risk assessment, and gap detection. All AI-generated analysis is reviewed, verified, and supplemented by attorney judgment before being communicated to you. The use of these tools enables more thorough and efficient analysis while maintaining the quality standards you expect. Your contract data is processed securely and is not used to train AI models. If you have questions or concerns about our use of technology tools, we welcome the discussion.”

Billing transparency language:

“Our use of AI-assisted review tools enables us to provide thorough contract analysis in less time than traditional manual review. Our fees reflect the quality and comprehensiveness of the review, the complexity of the contract, and the attorney expertise applied — not solely the hours spent.”

Documentation Requirements

For every AI-assisted contract review, maintain a file record that includes:
1. The tool used and version/date
2. The AI’s raw output (risk scores, flagged clauses, suggested redlines)
3. Your modifications to the AI’s analysis (accepted, rejected, modified suggestions)
4. Your independent analysis of issues the AI did not flag
5. The final client deliverable
6. Client communication regarding AI use
This documentation serves multiple purposes: it demonstrates competence under Rule 1.1, evidences supervision under Rule 5.3, and provides defense documentation if any AI-assisted work product is later questioned. For a deeper ethics-focused analysis of these rules, see our guide to ethical AI use in legal practice.

Self-Assessment Questions

The following questions are designed to test comprehension of the material covered in all four modules. In a CLE-accredited program, these would form the basis of the assessment component.
1. Under ABA Formal Opinion 512, what is the minimum level of AI understanding required for competent use under Rule 1.1?
2. A lawyer uses an AI tool that reduces contract review time from 3 hours to 45 minutes. Under Rule 1.5, can the lawyer bill 3 hours? Why or why not?
3. What specific data protection questions should a lawyer answer before uploading client contracts to an AI review tool under Rule 1.6?
4. How does the 2012 change to Rule 5.3 — from “assistants” to “assistance” — affect the supervisory obligation for AI tools?
5. A contract review AI flags a limitation of liability clause as “Critical Risk.” Describe the steps in the VERIFY framework for evaluating this flag.
6. An associate accepts all AI-suggested redlines without independent review and sends them to a client. Which Model Rules are potentially violated?
7. What is the significance of the Mata v. Avianca case for lawyers using AI in contract review?
8. Why is “boilerplate consent” in engagement letters insufficient for AI use under Opinion 512?
9. Name three factors that should determine whether a contract review AI output requires enhanced scrutiny vs. standard review.
10. Under the VERIFY framework, what is the difference between “Examine” and “Investigate” steps?
Frequently Asked Questions

Is there CLE credit available for AI contract review courses?

Multiple CLE providers now offer accredited courses on AI in legal practice. The Federal Bar Association, NACLE, and Pennsylvania Bar Institute all offer relevant programming. Some states are moving toward mandatory technology CLE credits — New Jersey recently adopted a tech CLE requirement, and more states are expected to follow.

Do I need to disclose AI use to opposing counsel?

ABA Formal Opinion 512 does not require disclosure to opposing counsel in most circumstances. However, some courts have adopted AI disclosure requirements for filings (particularly after Mata v. Avianca), and disclosure to your own client is strongly recommended. Check your jurisdiction’s specific requirements — several federal courts now require affirmative disclosure of AI use in court submissions.

Can I pass AI tool subscription costs to clients?

Generally yes, if the costs are disclosed in advance and are reasonable. This is analogous to passing through Westlaw or LexisNexis research costs. The key requirements: (1) disclose the cost in your engagement letter, (2) ensure the charge is reasonable relative to the benefit, and (3) do not double-charge by also billing full hourly time for the AI-reduced review. Texas Opinion 705 specifically addresses this, noting that “reasonable costs for AI services” may be passed to clients with prior agreement.

What happens if AI misses a critical clause?

You are responsible. ABA Formal Opinion 512 is clear that AI tools do not relieve lawyers of their professional obligations. If you use an AI tool that fails to flag a critical risk, and you did not independently verify the AI’s analysis through your own review, you bear the same responsibility as if you had missed it without AI assistance. This is why the VERIFY framework emphasizes that AI is a first-pass tool, not a final review.

How does this apply to my state’s specific ethics rules?

The Model Rules provide the framework, but your state’s rules govern. Key state-specific guidance to review:
– California: Practical Guidance for the Use of Generative AI (2023)
– Florida: Opinion 24-1 (January 2024)
– New York: NYSBA Task Force Report (April 2024)
– Texas: Opinion 705 (February 2025)

For a comprehensive state-by-state guide, see the Justia 50-State AI Ethics Survey.

Start with Clause Labs’s free tier — 3 reviews per month, no credit card — and apply the VERIFY framework to your next contract review.

This article is for informational purposes only and does not constitute legal advice. Consult a qualified attorney for advice specific to your situation.
February 23, 2026

Confidentiality and AI Tools: Can You Upload Client Contracts to AI?

Forty-four percent of legal tasks could be automated by AI, according to a Goldman Sachs analysis. But before you upload your first client contract to an AI tool, there is a question you need to answer: does doing so violate your duty of confidentiality under Model Rule 1.6?

This is not a hypothetical concern. It is the single biggest practical barrier preventing solo and small firm lawyers from adopting AI contract review. The answer depends entirely on which tool you use, how that tool handles your data, and whether you have done your homework before hitting “upload.”

This article gives you the exact framework to evaluate any AI tool’s data handling practices, a comparison of how the major platforms stack up, and actionable steps to protect client confidentiality while still benefiting from AI-assisted review. Try Clause Labs Free to see how a purpose-built legal AI handles data security.

What Model Rule 1.6 Actually Requires

ABA Model Rule 1.6(a) states that “a lawyer shall not reveal information relating to the representation of a client” unless the client gives informed consent. Rule 1.6(c) adds a second obligation: “a lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.”

When you upload a client’s contract to an AI tool, you are sharing client information with a third-party service. That is an act of disclosure. Whether that disclosure is permissible depends on whether your “efforts to prevent” unauthorized access are “reasonable.”

The critical word is “reasonable.” You are not required to guarantee absolute security. You are required to exercise the same diligence you would when choosing any technology vendor that handles client data, such as cloud storage, email, or practice management software.

What ABA Formal Opinion 512 Says

In July 2024, the ABA Standing Committee on Ethics and Professional Responsibility issued Formal Opinion 512, the first comprehensive ethics guidance on lawyers using generative AI tools. The opinion addresses confidentiality directly and is worth reading in full.

Key requirements from Opinion 512:

Know how the tool uses data. You must understand whether the AI tool retains your inputs, uses them for model training, or shares them with third parties. Ignorance is not a defense.
Implement adequate safeguards. You must ensure data processed by the AI tool is secure and not susceptible to unwitting or unauthorized disclosure.
Get informed consent for self-learning tools. If the AI tool trains on your inputs (meaning your client’s data improves the vendor’s AI), you need the client’s informed consent before using it. Boilerplate consent in engagement letters is not sufficient.
Evaluate the vendor. Your obligation to vet third-party contractors extends to AI tool vendors. Investigate reliability, security measures, and policies.

The practical takeaway: you can use AI tools for client contracts, but you must do your due diligence first. The standard is similar to what you would apply when evaluating a cloud-based practice management system or document storage provider.

The Data Handling Spectrum: Not All AI Tools Are Equal

AI tools handle client data on a spectrum from dangerous to acceptable. Before you upload anything, place the tool on this scale.

Dangerous: Do Not Use for Client Data

Tools at this end of the spectrum share some or all of these characteristics:

The tool trains on user-uploaded data, meaning your client’s contract improves their AI model
No clear data retention policy, or data is retained indefinitely
No encryption at rest
Terms of service allow sharing data with third parties
No data processing agreement available

The most common example: free-tier consumer AI chatbots with default training-on-inputs enabled. According to OpenAI’s own policies, free-tier ChatGPT conversations may be used to improve their models unless the user explicitly opts out. That means your client’s confidential contract language could end up influencing outputs for other users.

Caution: Review Carefully Before Use

These tools have better security but require careful configuration:

Data retained for a limited period (30-90 days)
Encryption in transit but unclear at-rest encryption
Training opt-out available but default is opt-in
Privacy policy exists but is vague or difficult to interpret
No SOC 2 certification

Many general-purpose AI platforms with “business” tiers fall here. They may be acceptable with proper configuration, but you need to verify the settings and understand the defaults.

Acceptable: Meets Legal Industry Standards

Tools built for regulated industries typically offer:

Zero data retention or user-configurable retention periods
Explicit commitment to never train on user-uploaded documents
Encryption in transit (TLS 1.2+) and at rest (AES-256)
SOC 2 Type II certification or equivalent
Clear, detailed privacy policy written for professional users
Data processing agreement available on request
Breach notification commitments

Purpose-built legal AI tools like Clause Labs and enterprise-tier offerings from major AI providers typically meet these standards.

How Specific AI Tools Handle Client Data

Here is how the most commonly used AI tools compare on the factors that matter for confidentiality compliance.

Factor	Free-Tier ChatGPT	ChatGPT Enterprise/API	Claude (Anthropic) API	Purpose-Built Legal AI (e.g., Clause Labs)
Trains on inputs?	Default: Yes (opt-out available)	No	No (API)	No
Data retention	Conversations stored	Configurable (min 90 days)	Configurable	Minimal / configurable
Encryption at rest	AES-256	AES-256	Yes	AES-256
Encryption in transit	TLS 1.2+	TLS 1.2+	TLS 1.2+	TLS 1.3
SOC 2 certified	No (consumer tier)	Yes	Yes (API)	On roadmap
DPA available	No (consumer tier)	Yes	Yes	Yes
Zero data retention option	No	Yes (ZDR API)	Yes	Yes
Suitable for client data?	No	Yes, with configuration	Yes, with configuration	Yes

The ChatGPT Problem

Many lawyers use free-tier ChatGPT for contract-related tasks without understanding the implications. By default, OpenAI may use conversations to improve their models. You can opt out through settings, but the consumer product was not designed for handling confidential client data.

ChatGPT Enterprise and the API are different. OpenAI explicitly states that they do not train on Enterprise or API inputs. But the Enterprise tier costs significantly more, and you still need to configure data retention settings appropriately.

What to Look for in Any Tool

The tool’s marketing page is not sufficient. Read the actual terms of service, privacy policy, and data processing agreement. If the vendor cannot clearly answer how they handle your data, that is your answer.

The 8-Point Data Security Checklist

Before uploading any client document to an AI tool, verify these eight factors. If the tool cannot answer all eight clearly, do not use it for client data.

1. Data Retention: Does the tool store your documents? For how long? Can you delete them on demand?

2. Training Data Policy: Does the tool use your uploads to train or improve its AI models? Is the default opt-in or opt-out?

3. Encryption: Is data encrypted in transit (minimum TLS 1.2) and at rest (minimum AES-256)?

4. Access Controls: Who at the AI company can access your uploaded data? Under what circumstances?

5. Security Certification: Has the tool been independently audited? SOC 2 Type II is the standard for SaaS products handling sensitive data.

6. Data Processing Agreement: Will the vendor sign a DPA? This is standard for any tool handling regulated data.

7. Sub-Processors: Does the vendor route your data through third-party processors? If so, which ones, and what are their security standards?

8. Breach Notification: Will the vendor notify you of a data breach? Within what timeframe? (72 hours is the standard under most regulatory frameworks.)

Print this checklist. Run every AI tool through it before use. Document your findings. That documentation is your evidence of “reasonable efforts” under Rule 1.6(c) if questions ever arise.

Practical Steps to Protect Confidentiality

Choosing a secure tool is necessary but not sufficient. These additional practices reduce risk further.

Anonymize When Possible

Before uploading, consider whether you can remove or replace identifying information. Replace party names with “Party A” and “Party B.” Remove specific addresses, dollar amounts, or other details that are not relevant to the clause-level analysis you need. Most AI contract review tools analyze clause structure and risk patterns. They do not need to know who the parties are to identify a one-sided indemnification clause.

This is not always practical, especially for full-contract risk analysis. But for targeted clause review, anonymization adds a layer of protection at minimal cost.

Check Your Engagement Letter

Does your standard engagement letter address AI tool usage? If not, it should. ABA Formal Opinion 512 recommends that lawyers obtain informed consent before using client data in AI tools, and notes that boilerplate provisions are inadequate for self-learning tools.

For tools that do not train on inputs, a clear disclosure in your engagement letter is sufficient in most jurisdictions. For tools that do train on inputs, you need explicit, informed consent that explains the risk. For a deeper look at how disclosure requirements vary by state, see our state-by-state guide to AI disclosure requirements.

Review Your Malpractice Insurance

Does your professional liability policy cover AI-related data incidents? Most standard policies cover technology-related errors, but the intersection of AI tools and confidentiality is new enough that coverage may be uncertain. Contact your carrier and get clarity in writing.

Document Your Due Diligence

Keep a record of your AI tool evaluation process. Save the vendor’s privacy policy, terms of service, and DPA. Note the date you reviewed them. This documentation demonstrates your compliance with Rule 1.6(c)’s “reasonable efforts” standard.

What to Tell Clients About Data Security

Proactive communication about your AI data handling builds trust and reduces the risk of complaints.

Sample Engagement Letter Language

Standard disclosure (for tools that do not train on inputs):

“Our firm uses AI-powered contract review tools as part of our quality assurance process. These tools assist with clause identification, risk analysis, and missing provision detection. All AI-generated analysis is reviewed, verified, and supplemented by attorney judgment before inclusion in any client deliverable. Our AI tools use encryption at rest and in transit, do not train on client data, and comply with industry security standards.”

Detailed disclosure (for firms wanting maximum protection):

“Our firm uses [Tool Name], an AI-assisted contract review platform, to enhance the quality and efficiency of our contract review services. This tool analyzes contract language to identify clauses, assess risk levels, and detect missing provisions. Your documents are encrypted during transmission and storage. The tool does not retain your documents after analysis is complete and does not use your data to train its AI models. A licensed attorney reviews all AI-generated analysis before it is included in any work product delivered to you. You may request that we not use AI tools in your matter at any time.”

For guidance on how to ethically integrate AI into your practice more broadly, see our guide on how to use AI without risking your license.

Some practitioners go beyond disclosure and seek explicit client consent for AI use. This approach offers maximum protection but adds friction.

When explicit consent is appropriate:

Matters involving trade secrets or highly sensitive IP
Clients in regulated industries (healthcare, financial services)
Jurisdictions that mandate AI disclosure (check your state’s requirements)
Engagement letters that specifically restrict technology use

When standard disclosure is sufficient:

Routine contract review using tools that do not train on inputs
Tools with zero data retention policies
Jurisdictions with no specific AI disclosure requirements
Standard commercial agreements without heightened sensitivity

The trend is toward more disclosure, not less. As of 2026, more state bars are issuing guidance that favors transparency about AI use. According to a Justia survey of all 50 states, the number of states with specific AI ethics guidance has increased significantly since 2023.

Attorney-Client Privilege and AI

A separate but related question: does uploading a client document to an AI tool waive attorney-client privilege?

The short answer: probably not, if the tool is properly secured. Courts have generally held that sharing privileged information with a service provider does not waive the privilege, provided the disclosure is necessary for the service and the provider maintains confidentiality. This is sometimes called the “Kovel doctrine” (after United States v. Kovel, 296 F.2d 918 (2d Cir. 1961)), which protects communications shared with agents necessary to facilitate legal representation.

AI tools are analogous to other technology vendors, such as e-discovery platforms, cloud storage, and document management systems, that routinely handle privileged materials without waiving privilege. The key is ensuring the vendor has appropriate confidentiality protections in place.

However, this area of law is evolving. If you are working with exceptionally sensitive privileged materials, consult with a legal ethics specialist in your jurisdiction before proceeding. Reviewing your approach against established contract red flag frameworks can also help you develop a consistent, defensible process.

Frequently Asked Questions

Can I use ChatGPT for client contracts?

Not the free consumer version, at least not without significant caveats. Free-tier ChatGPT may train on your inputs by default, lacks SOC 2 certification for the consumer product, and does not offer a data processing agreement. ChatGPT Enterprise and API tiers are different: they do not train on inputs and offer configurable data retention. If you use the Enterprise or API tier with appropriate settings, it can be acceptable. But a purpose-built legal AI tool like Clause Labs is designed from the ground up for handling confidential legal documents.

Is uploading to AI the same as uploading to cloud storage?

The analysis under Rule 1.6 is similar. Both involve sharing client data with a third-party service provider. The key differences: cloud storage typically stores data without processing it, while AI tools process the content and may use it for training. The “reasonable efforts” standard applies to both, but AI tools require additional diligence around training data policies and model improvement practices.

What if my client’s contract contains trade secrets?

Apply heightened scrutiny. Consider whether the AI tool’s data handling is sufficient for the sensitivity level. Anonymize where possible. Use tools with zero data retention. Get explicit informed consent from the client. Document everything. For trade secrets specifically, any inadvertent disclosure could destroy the trade secret status entirely, so the stakes are higher than for ordinary confidential information.

Does attorney-client privilege protect AI-processed documents?

Most likely, yes, provided the AI tool vendor maintains appropriate confidentiality protections. The principle is the same as with other technology service providers. But this area of law is still developing, and no court has issued a definitive ruling on AI tools specifically. Maintain strong vendor confidentiality agreements as a safeguard.

What if the AI tool has a data breach?

Your obligation under Rule 1.6(c) is to take “reasonable efforts” to prevent unauthorized disclosure, not to guarantee it never happens. If you chose a reputable tool with appropriate security measures and documented your evaluation process, you have met the standard even if a breach occurs. However, you should have a response plan: notify affected clients promptly, assess the scope of exposure, and consult your malpractice carrier. A vendor’s breach notification timeline (ideally 72 hours or less) gives you the information you need to respond.

This article is for informational purposes only and does not constitute legal advice. Consult a qualified attorney for advice specific to your situation.

February 23, 2026

How to Supervise AI Outputs: A Practical Framework for Contract Lawyers
How to Supervise AI Outputs: A Practical Framework for Contract Lawyers

Every ethics article, bar opinion, and CLE presentation on legal AI says the same thing: “Lawyers must review and supervise AI output.” But almost none of them explain how.

How do you review a 12-page risk analysis that an AI generated in 30 seconds? Which parts do you spot-check? How do you catch the errors AI is most likely to make? How much time should supervision add to each review? When is a quick scan sufficient, and when do you need a deep dive?

This article answers those questions with a concrete, repeatable framework — the VERIFY protocol — that turns the abstract obligation into a 10-15 minute daily habit. Whether you use Clause Labs, Spellbook, LegalOn, or any other AI contract review tool, this framework keeps you compliant with ABA Formal Opinion 512 and Model Rule 5.3 — and more importantly, it keeps your clients protected.

Why “Review AI Output” Isn’t Enough Guidance

The obligation is clear. Rule 5.3 of the ABA Model Rules requires lawyers to supervise non-lawyer assistants. Formal Opinion 512 explicitly extends this to AI tools: lawyers must independently verify AI-generated content before using it in client work. “Uncritical reliance on content created by a GAI tool is risky and almost certainly malpractice.”

But the guidance stops there. It tells you that you must supervise, not how you should supervise. The result is predictable: some lawyers spend 2 hours re-reviewing what the AI analyzed in 60 seconds (defeating the efficiency purpose), while others glance at the summary and call it supervised (defeating the quality purpose).

Neither approach works. What you need is a structured protocol calibrated to the complexity of the contract and the risk level of the output — one that takes 10-15 minutes for a standard agreement and protects you in a malpractice or bar inquiry.

According to the Thomson Reuters 2025 Future of Professionals Report, only 40% of law firms provide any form of AI training to staff, and just 20% measure return on investment for AI tools. The ABA’s 2024 TechReport reinforces this concern: accuracy (74.7%) and reliability (56.3%) are the top two concerns among lawyers who have considered AI — both of which a structured supervision process directly addresses. A defined supervision protocol addresses both gaps: it’s training encoded into workflow, and it’s the quality control that justifies the investment.

The VERIFY Framework for AI Output Supervision

VERIFY is a six-step protocol designed for daily use. Each letter corresponds to a specific supervision task. The full framework takes 10-15 minutes per standard contract — a fraction of the time saved by using AI in the first place.

V — Validate the Source Document

Before evaluating what the AI found, confirm it analyzed the right thing.

Check these items:
- Correct document analyzed. This sounds obvious, but when you’re uploading multiple contracts in a day, version mix-ups happen. Verify the parties, date, and title match the matter you’re working on.
- Complete document analyzed. Check page count. Did the AI process all pages, including exhibits, schedules, and attachments? Many AI tools process the main body but skip exhibits — which often contain the most consequential terms (pricing schedules, SLAs, data processing addenda).
- Correct contract type identified. If you uploaded an MSA and the AI classified it as a consulting agreement, every downstream analysis will be skewed. Check the classification in the first 30 seconds.
- Quick coherence check. Does the AI’s summary match what you see when you skim the first two pages? If the summary mentions parties or terms that don’t appear in the document, something went wrong in processing.
Time required: 1-2 minutes.

E — Evaluate Clause Identification

AI contract review tools identify and categorize every clause in the document. This is usually their strongest capability — but it’s not infallible.

Spot-check 3-5 clause identifications:
- Pick the 3 most important clauses for this contract type (for an NDA: confidential information definition, exclusions, term; for an MSA: liability cap, indemnification, termination; for an employment agreement: non-compete, IP assignment, severance)
- Read the actual contract text the AI identified for each clause
- Confirm the classification is correct. Is what the AI labeled “indemnification” actually an indemnification clause, or is it a warranty provision with indemnification-like language?
- Check clause boundaries. Did the AI capture the complete clause, or did it cut it off? Did it incorrectly combine two separate provisions?
Scan for completeness:
- Quickly scroll through the AI’s clause list. Do you see all the major sections you’d expect for this contract type?
- If the AI identified 15 clauses in a 30-page MSA, something is likely missing — a typical MSA has 25-40 distinct provisions.
Time required: 3-4 minutes.

R — Review Risk Assessments

This is where your professional judgment matters most. AI can identify that a clause exists and rate its risk level. Only you can determine whether that risk rating is right for this client, in this deal.

For each flagged risk (Critical and High priority):
- Read the actual contract language — not just the AI’s summary. Verify the AI characterized the provision accurately.
- Evaluate the risk level. Do you agree with Critical/High/Medium/Low? AI tools tend toward conservative ratings (flagging standard market provisions as “Medium” risk). A risk that’s “High” in the abstract may be “Low” for a well-capitalized client with strong bargaining position.
- Check the explanation. Is the AI’s plain-English description of the risk accurate? Does it correctly identify what makes the clause problematic?
- Look for deal context the AI doesn’t have: What’s the client’s risk tolerance? What’s the relationship between the parties? Is this a renewal or a first-time deal? What’s the deal value relative to the risk?
For lower-priority findings:
- Scan Medium and Low findings for any that should be elevated based on deal context
- Verify the AI hasn’t missed any risks you’d flag based on your experience
Time required: 3-5 minutes (scales with contract complexity).

I — Inspect Missing Clause Findings

Missing clause detection is one of AI’s most valuable capabilities — and one of its most error-prone. A good AI tool will flag provisions that should be in the contract but aren’t. Your job is to verify the findings.

For each “missing clause” flag:
- Confirm it’s actually missing. The clause might exist in a different section, under a different heading, or in an exhibit the AI didn’t process. Check before flagging it in your report.
- Confirm it’s relevant. Not every standard clause is needed in every contract. A missing data processing addendum is critical for a SaaS agreement but irrelevant for a simple NDA. Apply contract-type context.
- Check the reverse. Are there provisions that you know should be present (based on the contract type and your practice experience) that the AI didn’t flag as missing? No tool catches everything.
Time required: 2-3 minutes.

F — Filter Through Deal Context

This step is what separates AI-assisted review from AI-dependent review. It’s the application of professional judgment that no tool can replicate.

Apply business context the AI doesn’t have:
- Client’s risk tolerance: A risk-aggressive startup will accept terms that a risk-conservative manufacturer won’t. The AI doesn’t know your client’s profile.
- Party relationship dynamics: A contract with a long-term vendor you trust is different from a first-time engagement with an unknown counterparty — even if the language is identical.
- Deal economics: A $10,000 vendor agreement warrants different risk tolerance than a $2 million SaaS commitment. The AI doesn’t weigh materiality.
- Jurisdiction-specific factors: Is this non-compete enforceable in the employee’s state? Does the governing law choice create practical problems? The AI may flag the clause but not evaluate it against your jurisdiction’s standards.
- Strategic priorities: What does your client care about most? The AI gives you a comprehensive risk map. You need to tell the client which risks matter and which can be accepted.
Time required: 2-3 minutes (but this is the most valuable 2-3 minutes of the entire review).

Y — Your Professional Judgment Is Final

The AI’s output is input to your analysis. It’s not the analysis itself.

Finalize your review:
- Add your recommendations: accept, negotiate, reject — for each significant finding
- Draft (or customize) the client memo, using AI output as a starting point but adding your strategic analysis
- Sign off on the final work product as your work product
- Note any areas where you disagree with the AI’s assessment (this is valuable for your own quality tracking)
Time required: Integrated into your deliverable preparation.

The Quick-Reference Supervision Checklist

Print this. Use it for every contract.
- Correct document analyzed (parties, date, title match)
- Complete document processed (page count, exhibits included)
- Contract type correctly identified
- 3-5 clause identifications spot-checked against source text
- All Critical/High risk findings reviewed against actual contract language
- Missing clause findings verified (actually missing, actually relevant)
- Deal-specific context applied (client profile, relationship, economics, jurisdiction)
- Professional judgment added (accept/negotiate/reject recommendations)
- Client-ready deliverable prepared
- Supervision documented (date, tool used, what was reviewed, what was changed)
Total time per standard contract: 10-15 minutes (on top of reading the AI report itself).

Common AI Errors to Watch For

Knowing where AI contract review tools tend to fail makes your supervision faster and more targeted.

Misclassification. The AI labels a clause as one type when it’s actually another. Example: labeling a warranty disclaimer as a limitation of liability. This happens most often with clauses that overlap conceptually (warranties vs. representations, indemnification vs. hold harmless, assignment vs. delegation). A Stanford CodeX analysis of AI contract review tools found that misclassification rates vary significantly by clause type, with complex risk-allocation provisions (indemnification, insurance, liability) being the most frequently misclassified.

How to catch it: The spot-check in Step E. If the clause label doesn’t match the language, the downstream analysis is unreliable.

Scope confusion. The AI analyzes only part of a clause, missing qualifiers, exceptions, or carve-outs. Example: flagging an indemnification clause as “one-sided” when there’s a mutual indemnification in the following paragraph.

How to catch it: Read the full clause text, not just the excerpt the AI highlights. Check the surrounding paragraphs for related provisions.

Context blindness. The AI flags a risk that’s actually addressed elsewhere in the contract. Example: flagging “no limitation of liability” when there’s a separate Limitation of Liability article two sections later.

How to catch it: Cross-reference flagged risks against related clauses. If the AI flags missing indemnification, scan the contract for indemnification language that may appear under a different heading.

False positives. The AI flags standard, market-reasonable provisions as risks. Example: rating a mutual 30-day termination for convenience clause as “Medium Risk” when it’s entirely market-standard.

How to catch it: Apply your experience and deal context (Step F). If you’ve seen the same provision in 100 contracts and it’s never been an issue, the AI’s risk rating needs adjustment.

False negatives. The AI misses unusual risks because the language doesn’t match its training patterns. Example: failing to flag a cleverly drafted non-compete buried in a “Restrictive Covenants” section with unusual formatting. According to the National Law Review’s 2026 AI predictions, false negatives remain the most dangerous AI error category because they create a false sense of security.

How to catch it: The completeness check in Step E. If you expect a provision to be flagged and it’s not, investigate.

Exhibit blindness. The AI doesn’t analyze attachments, schedules, or incorporated documents. Example: the main agreement looks clean, but the pricing exhibit contains auto-renewal traps and uncapped escalation clauses.

How to catch it: Validate in Step V that exhibits were processed. If not, review exhibits manually or upload them separately.

For a broader view of what AI catches versus what it misses, see our guide on how to review contracts for red flags — the manual checklist complements AI-assisted review. And for a comparison of which AI tools produce the most structured (and therefore most supervisable) output, see our AI contract review tools comparison.

Supervision by Contract Complexity

Not every contract needs the same level of scrutiny. Calibrate your supervision to the risk.

Simple Contracts (NDAs, Short Service Agreements)
- VERIFY time: 5-7 minutes
- Spot-check: 2-3 clauses
- Focus areas: Definitions, scope, duration, exclusions
- Risk level: Low. Standard forms with limited variation.
- Supervision depth: Quick pass unless AI flags something unusual
Standard Contracts (Employment Agreements, Vendor Contracts, Consulting Agreements)
- VERIFY time: 10-15 minutes
- Spot-check: 5-7 clauses
- Focus areas: Restrictive covenants, liability allocation, termination provisions, IP ownership
- Risk level: Medium. More variation, more negotiable terms, more deal-specific context needed.
- Supervision depth: Standard — review all flagged risks against source text
Complex Contracts (MSAs, SaaS Agreements, M&A Documents, Commercial Leases)
- VERIFY time: 20-30 minutes
- Spot-check: All flagged risks in detail
- Focus areas: Clause interactions (indemnification + liability cap + insurance), missing provisions, unusual terms, exhibit contents
- Risk level: High. Significant financial exposure, multiple interdependent provisions.
- Supervision depth: Deep — cross-reference related clauses, verify exhibit processing, apply extensive deal context
Documenting Your Supervision

Documentation serves three purposes: malpractice protection, bar compliance demonstration, and personal quality tracking. As the ABA’s practical checklist for responsible AI use emphasizes, documentation of human oversight is the cornerstone of a defensible AI workflow.

Why it matters:
- If a client claims you missed something, your documentation shows what you checked and when
- If a bar inquiry asks about your AI supervision process, you have a contemporaneous record
- Over time, your notes reveal patterns — where AI is reliable and where it consistently needs correction
What to document for each review:
- Date and time of review
- AI tool used and version
- Contract type, parties, and matter identifier
- Summary of AI findings (major risks, missing clauses, risk score)
- Your supervision notes: what you spot-checked, what you verified, what you changed
- Any disagreements with AI output (and your reasoning)
- Your final recommendations
- Time spent on supervision
Template format: A simple spreadsheet or log works. Columns: Date | Matter | Tool | Contract Type | Key Findings | My Changes | Time Spent | Notes. If you’re using Clause Labs at the Professional tier ($149/month), the activity feed and comments features create a built-in audit trail.

Training Your Team to Supervise AI

If you have associates or paralegals, the VERIFY framework scales.

Training sequence:
1. Teach the framework. Walk through VERIFY step by step with a real contract. Time: 30 minutes.
2. Start with simple contracts. Have team members apply VERIFY to NDAs and short agreements. Review their supervision notes initially.
3. Progress to standard contracts. Expand to employment agreements and vendor contracts once they’re consistent with simple documents.
4. Review their supervision. For the first month, review your team’s VERIFY notes the same way you’d review their legal work. Are they catching what they should catch? Are they spending appropriate time?
5. Monthly calibration. Once a month, have the team review the same contract independently — compare AI output, supervision notes, and final recommendations. Identify discrepancies and discuss.
Key principle: Under Rule 5.1 (supervisory responsibilities), you’re supervising both the AI and the people who supervise the AI. Document the training, and document your oversight of their supervision process. For more on the ethical framework, see our guide on ABA guidelines for AI in legal practice. And for the cautionary tale of what happens when supervision fails entirely, see our analysis of the Mata v. Avianca case and AI hallucination risks.

Disclosure note: Some jurisdictions require disclosure of AI use to clients — which means your team members need to know when and how to flag AI-assisted work product. See our state-by-state AI disclosure guide for current requirements.

From Supervision to Competitive Advantage

Here’s what most ethics-focused articles miss: a well-designed supervision process doesn’t just keep you compliant — it makes you better.

When you systematically compare your judgment against AI analysis across dozens of contracts, patterns emerge. You learn where AI is consistently right (clause identification, missing provision detection) and where it consistently overreacts or underreacts (risk calibration for specific industries, jurisdiction-specific issues). That pattern recognition compounds over time.

Firms with the best AI supervision processes will produce faster, more consistent, and higher-quality contract reviews than firms that either avoid AI or use it without supervision. According to Clio’s 2025 report, firms with wide AI adoption are nearly 3x more likely to report revenue growth — and supervision quality is a key differentiator.

Clause Labs’s structured output — clause-by-clause breakdowns, risk levels, confidence scores, and source text references — is designed specifically to make the VERIFY framework efficient. Start free with 3 reviews per month and apply the framework to your first contract today.

Want to see what well-structured AI output looks like? Upload any contract to Clause Labs free and walk through the VERIFY framework on a real analysis — 3 free reviews per month, no credit card.

Frequently Asked Questions

How much time should supervision add to each review?

For a standard contract (employment agreement, vendor contract): 10-15 minutes on top of reading the AI report. For simple contracts (NDAs): 5-7 minutes. For complex agreements (MSAs, M&A documents): 20-30 minutes. Even at the high end, total AI-assisted review time (AI processing + human supervision) is a fraction of fully manual review.

Can a paralegal supervise AI output?

A paralegal can perform the mechanical steps of the VERIFY framework (document validation, clause spot-checking, missing provision verification). But the professional judgment steps — risk assessment calibration, deal context application, final recommendations — must be performed or directly supervised by a licensed attorney. Under Rule 5.3, you remain responsible for the final work product regardless of who performs the initial supervision.

What if I disagree with the AI’s assessment?

Trust your judgment. The AI is an input, not an authority. Document your disagreement and your reasoning — this is actually valuable evidence that you’re exercising supervision rather than rubber-stamping AI output. If you find yourself disagreeing frequently on the same type of issue, it may indicate the AI tool needs calibration for your practice area, or that you’ve identified a genuine limitation of the tool.

How do I know if I’m supervising enough?

Two indicators. First, the process test: are you following the VERIFY steps for every contract? If you’re skipping steps, you’re likely under-supervising. Second, the outcome test: when you compare your final deliverable to what the AI produced, are there meaningful differences? If your deliverable is identical to the raw AI output with no additions, changes, or contextual analysis, you’re not adding sufficient professional judgment.

Does supervision protect me from malpractice?

A documented supervision process significantly strengthens your defense in a malpractice claim. It demonstrates that you exercised the standard of care expected of a competent attorney — you used technology appropriately, verified its output, applied professional judgment, and documented your process. No process eliminates malpractice risk entirely, but documented supervision under a structured framework like VERIFY puts you in the strongest possible position.

This article is for informational purposes only and does not constitute legal advice. Consult a qualified attorney for advice specific to your situation.
February 23, 2026
ABA Guidelines on AI in Legal Practice: What Solo Lawyers Need to Know
ABA Guidelines on AI in Legal Practice: What Solo Lawyers Need to Know

The ABA isn’t telling you not to use AI. It’s telling you how to use it without risking your license.

On July 29, 2024, the ABA Standing Committee on Ethics and Professional Responsibility released Formal Opinion 512 — the first comprehensive ethics guidance on lawyers’ use of generative AI. The opinion runs 17 pages and touches six Model Rules, but the practical takeaway for solo and small firm lawyers fits on an index card: understand your tools, protect client data, verify everything, bill honestly, and document your process.

That sounds straightforward. The details matter, though, and many solo practitioners are either overcautious (avoiding AI entirely because of Mata v. Avianca fears) or undercautious (using ChatGPT on client matters without evaluating data handling). According to the ABA’s 2024 TechReport, solo practitioners have the lowest AI adoption rate at 17.7% — well below the 30.2% average across all firm sizes. Meanwhile, Clio’s 2025 data shows firms with AI adoption are nearly 3x more likely to report revenue growth.

This article distills what the ABA has actually said into practical, daily-use guidance for solo lawyers. Try Clause Labs free — it’s designed from the ground up for ABA-compliant contract review.

Timeline: What the ABA Has Said About AI

The ABA’s engagement with legal technology didn’t start with ChatGPT. Understanding the timeline helps you see where the guidance is heading.

2012 — Comment [8] to Model Rule 1.1. The ABA added technology competence to the duty of competence: lawyers must “keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology.” This amendment — adopted by 40+ states — is the foundation for every AI ethics obligation that followed.

2019 — ABA Resolution 112. Addressed AI and access to justice. Urged courts and practitioners to consider AI’s potential to improve legal service delivery while maintaining ethical standards.

2023 — ABA Resolution 604. Adopted at the Midyear Meeting, Resolution 604 called on organizations designing AI systems to ensure human authority, oversight, and control; accountability for consequences; and transparency in design and risk documentation.

July 2024 — Formal Opinion 512. The main event. First comprehensive ethics guidance on lawyers’ use of generative AI. Addresses competence, confidentiality, communication, fees, candor, and supervision. This is the document you need to know.

December 2025 — ABA AI Task Force Year 2 Report. The Task Force on Law and Artificial Intelligence released its final report, concluding that AI has “moved from experiment to infrastructure” for the legal profession. The report catalogs dozens of state bar opinions, court rules, and emerging best practices issued since Formal Opinion 512.

The 5 Model Rules That Apply to Your AI Use

Formal Opinion 512 organizes its guidance around six areas of ethical concern. For solo transactional lawyers — who rarely file court documents but regularly handle client confidential information — five rules are directly relevant to daily practice.

Rule 1.1 — Competence: You Must Understand Your Tools

What it requires: Comment [8] to Rule 1.1 mandates that lawyers understand the “benefits and risks associated with relevant technology.” Formal Opinion 512 extends this to AI: you must have a “reasonable understanding of the capabilities and limitations” of any generative AI tool you use.

What “reasonable understanding” means for solo lawyers:

You don’t need to understand transformer architecture or how large language models generate text. You do need to know:
- What the tool does and what it doesn’t do (contract review vs. legal research vs. drafting)
- How accurate it is for your use case (and where it tends to fail)
- How it handles data you upload (retention, training, encryption)
- The type of output it generates (structured analysis vs. free-text responses)
- What its limitations are (jurisdiction awareness, clause identification accuracy, exhibit handling)
Practical compliance steps:
1. Before using any AI tool on client matters, use it on a non-client document first. Run a contract you’ve already reviewed manually through the AI and compare results.
2. Read the tool’s documentation, privacy policy, and terms of service.
3. Take at least one CLE on AI in legal practice annually. New York now requires two AI-specific CLE credits — expect other states to follow.
4. Subscribe to at least one source covering AI in legal practice. LawNext by Bob Ambrogi and the ABA Law Technology Today are free and excellent.
Rule 1.4 — Communication: Tell Your Clients

What it requires: Keep clients reasonably informed about “the means by which the client’s objectives are to be accomplished.” When AI is one of those means, communication obligations are triggered.

Formal Opinion 512’s critical clarification: Boilerplate consent in engagement letters is not adequate when it comes to sharing client confidential information with third-party AI tools. You need informed, specific consent that tells clients what data you’re sharing, with what tool, and why.

Practical compliance steps:
1. Add an AI disclosure section to your standard engagement letter. (See our state-by-state disclosure guide for templates scaled to your jurisdiction’s requirements.)
2. Be specific about which tools you use and what data they access.
3. If you change your AI toolset mid-engagement, notify affected clients.
4. Provide clients the option to opt out of AI-assisted work (and explain the cost/time implications of opting out).
Rule 1.5 — Fees: Bill Honestly for AI-Assisted Work

What it requires: Charge reasonable fees. Formal Opinion 512 addresses two specific AI billing issues.

You may not bill for general AI learning time. If you spend 10 hours learning to use an AI contract review tool, that cost is your overhead — not billable to any specific client. The exception: if a client specifically requests you use a particular AI tool for their matter, learning time for that specific tool may be billable.

Adjust your fee structure to reflect efficiency gains. If AI reduces your contract review time from 3 hours to 45 minutes, billing 3 hours of work is ethically problematic. This doesn’t mean you must reduce your fees proportionally — value-based pricing, flat fees, and portfolio pricing are all legitimate approaches. But billing by the hour for AI-assisted work that took a fraction of the pre-AI time raises Rule 1.5 concerns.

The opportunity: AI enables flat-fee contract review that’s profitable for you and predictable for clients. A flat fee of $350-750 per contract review (depending on complexity), where AI does the first pass and you provide the judgment and client communication, can be more profitable than hourly billing at $350/hour — and clients prefer the predictability.

Rule 1.6 — Confidentiality: Protect Client Data in AI Tools

What it requires: Rule 1.6(c) mandates “reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to” client information. Uploading a client contract to a third-party AI tool is sharing client information with a third party.

The data handling evaluation: Before using any AI tool on client documents, verify:
- Data retention: Does the tool store your documents? For how long? Can you delete them?
- Training policy: Does the tool train its AI models on your uploads?
- Encryption: Data encrypted in transit (TLS) AND at rest (AES-256)?
- Access controls: Who at the AI company can see your data?
- SOC 2 certification: Has the tool been independently audited?
- Sub-processors: Does the vendor share your data with third parties?
For a detailed evaluation framework and tool-by-tool comparison, see our guide on client confidentiality and AI tools.

The practical difference between tools: Free ChatGPT may train on your inputs by default. Enterprise ChatGPT and API access do not. Purpose-built legal AI tools like Clause Labs are designed with no-retention policies and legal-specific security standards. The tool you choose determines whether you’re compliant.

Rule 5.3 — Supervision: AI Is Your Non-Lawyer Assistant

What it requires: Supervise AI like you’d supervise a paralegal whose work you’re responsible for. The work product is yours. If the AI makes an error that harms a client, you bear the responsibility — not the AI vendor.

What supervision looks like in practice:
- Review every output before using it in a client deliverable
- Spot-check clause identifications against the actual contract language
- Verify risk assessments by reading the flagged provisions yourself
- Apply deal context that AI doesn’t have (client’s risk tolerance, relationship dynamics, business objectives)
- Document your review process (date, what you checked, what you changed)
For a complete, repeatable supervision protocol, see our VERIFY framework for supervising AI outputs.

ABA Formal Opinion 512: The Key Provisions

Beyond the Model Rules framework, Formal Opinion 512 makes several specific pronouncements worth flagging.

On competence and AI evolving rapidly: Because AI tools change frequently, the competence obligation is ongoing. Lawyers must “periodically update” their understanding of tools they use. A competence evaluation from six months ago may be outdated.

On candor toward the tribunal (Rules 3.1 and 3.3): While less relevant for transactional lawyers, this section addresses the Mata v. Avianca scenario directly. Lawyers must verify all AI-generated legal citations and arguments. Submitting AI-generated content without verification violates candor obligations.

On the distinction between AI types: The opinion acknowledges that not all AI tools pose the same risks. General-purpose chatbots (ChatGPT, Claude) present different risk profiles than purpose-built legal tools. The competence and supervision obligations scale with the risk level of the specific tool.

What the ABA AI Task Force Recommends

The ABA’s Task Force on Law and Artificial Intelligence released its Year 2 report in December 2025, assessing how AI is reshaping the profession. Key recommendations relevant to solo practitioners:

Shift from “whether” to “how.” The Task Force concludes that the question is no longer whether lawyers will use AI but how they’ll govern and integrate it. Firms that don’t develop AI policies will fall behind competitively and ethically.

Develop firm-level AI policies. Even solo practitioners should have a written AI policy covering: which tools are approved, what data can be uploaded, what supervision steps are required, and how AI use is documented. The ABA published a practical checklist for responsible AI use as a starting point.

Engage in AI-specific CLE. The Task Force supports mandatory AI competence requirements for lawyers using AI tools. Several states have already implemented CLE requirements.

Monitor evolving state guidance. Since Formal Opinion 512, dozens of state bars have issued their own opinions. Many align with the ABA framework, but some add state-specific requirements. Keep current with your state.

The Solo Lawyer’s ABA Compliance Checklist

Here’s your practical, print-it-and-tape-it-to-your-monitor checklist.

Before You Start Using Any AI Tool:
– Understand how the tool works, what it does, and its limitations (Rule 1.1)
– Evaluate the tool’s data handling: retention, training, encryption, certifications (Rule 1.6)
– Test the tool on non-client work to assess accuracy and output quality (Rule 1.1)
– Add AI disclosure language to your standard engagement letter (Rule 1.4)

For Every Client Matter:
– Confirm your engagement letter covers AI use for this client (Rule 1.4)
– Use only approved tools with verified data security (Rule 1.6)
– Review and verify all AI output before including in client deliverables (Rule 5.3)
– Apply your professional judgment — client context, deal dynamics, jurisdiction (Rule 5.3)
– Document your AI use and supervision steps (all rules)

Ongoing:
– Take at least one AI-focused CLE per year (Rule 1.1)
– Review and update your AI tool evaluations quarterly (Rule 1.1)
– Update engagement letter AI language when your toolset changes (Rule 1.4)
– Monitor your state bar for new AI guidance (all rules)
– Review your fee structures to reflect AI efficiency gains (Rule 1.5)

How Clause Labs Aligns with ABA Requirements

Clause Labs is purpose-built for ABA-compliant contract review.

Rule 1.6 compliance: No data retention after analysis. Encryption in transit and at rest. No training on user-uploaded documents.

Rule 5.3 compliance: Structured, clause-by-clause output that’s designed for efficient human review. Every finding includes the source text, risk level, and plain-English explanation — making supervision straightforward rather than a burden. For more on how structured AI output supports supervision, see our article on the VERIFY framework.

Rule 1.1 compliance: Transparent methodology. The system identifies clauses, scores risks, and explains its reasoning — you can see what it’s doing and why, which is the “reasonable understanding” that Formal Opinion 512 requires.

Rule 1.5 alignment: At $49/month for 25 reviews (Solo tier), Clause Labs enables flat-fee contract review that’s more profitable and more transparent than hourly billing. Start free with 3 reviews per month — no credit card required.

Ready to put these guidelines into practice? Upload your first contract to Clause Labs free — see exactly how structured AI output makes ABA compliance straightforward, not burdensome.

Frequently Asked Questions

Does the ABA prohibit AI use in legal practice?

No. Formal Opinion 512 explicitly permits AI use. The opinion is about responsible use — with competence, confidentiality, transparency, and supervision guardrails. The ABA’s Task Force report goes further, stating AI has become “infrastructure” for the legal profession.

Are ABA guidelines binding?

The ABA Model Rules themselves are not binding — they’re a model. But nearly every state has adopted rules based on the Model Rules, and 40+ states have adopted the technology competence amendment to Comment [8] of Rule 1.1. Formal opinions like 512 carry significant persuasive authority and influence state bar decisions. Check your state’s specific rules — the Justia 50-State Survey tracks which states have adopted which provisions.

How do ABA guidelines interact with state bar rules?

ABA guidelines provide the framework. State bars adopt, modify, or supplement. When your state has specific AI guidance (like Florida’s Opinion 24-1 or Texas’s Opinion 705), follow your state’s rules — they’re binding. Where your state hasn’t issued guidance, the ABA Model Rules and Formal Opinion 512 are your best reference. For a state-by-state breakdown, see our AI disclosure requirements guide.

Does the ABA require AI disclosure to clients?

Formal Opinion 512 doesn’t mandate universal disclosure in all circumstances. But it strongly implies disclosure is necessary when AI use involves sharing client data with a third party (Rule 1.6 trigger) or when AI materially affects the representation. The safest practice: disclose AI use in your engagement letter for all matters.

Where can I find the latest ABA guidance on AI?

Start with the ABA’s ethics and professional responsibility publications, the Law Practice Division’s TechReport, and the Task Force on Law and AI reports. For ongoing coverage, LawNext provides the best real-time reporting on ABA AI developments.

This article is for informational purposes only and does not constitute legal advice. Consult a qualified attorney for advice specific to your situation. ABA guidelines are a model framework — verify your state’s specific rules and requirements.
February 23, 2026
State-by-State Guide to AI Disclosure Requirements for Lawyers (2026)
State-by-State Guide to AI Disclosure Requirements for Lawyers (2026)

Fifty-three percent of law firms have no AI policy — yet 79% of legal professionals are already using AI tools daily. That gap between adoption and governance is where malpractice claims, bar discipline, and client trust problems live.

If you’re a solo or small firm lawyer using AI for contract review, legal research, or document drafting, you face a practical question that no single source answers well: What exactly do I have to disclose, to whom, and when? The answer depends on your state, your court, and the type of work you’re doing. This guide consolidates every major disclosure requirement into one reference.

Whether you use Clause Labs, ChatGPT, or any other AI tool, this article gives you the compliance roadmap. Start free with 3 contract reviews per month — no credit card required.

The AI Disclosure Landscape in 2026

There is no federal standard for AI disclosure in legal practice. What exists is a patchwork: state bar ethics opinions, individual court standing orders, and the ABA’s Formal Opinion 512, issued July 29, 2024, which provides a national framework but isn’t binding on any state.

The trend line is clear. According to the ABA’s 2024 TechReport, AI adoption among lawyers nearly tripled from 11% in 2023 to 30.2% in 2024. The Clio 2025 Legal Trends Report puts that number at 79% when you count all AI-adjacent tools. State bars are responding with guidance at an accelerating pace — more than 30 states have now issued ethics opinions, practical guides, or formal rules addressing AI in legal practice.

The disclosure obligations fall into three categories: what you must tell your clients, what you must tell courts, and what your state bar recommends or requires as a matter of professional responsibility.

The Master Reference: Key States and Their Requirements

No article can cover all 50 states plus DC in granular detail and remain current for more than a few weeks. What follows is the most consequential guidance from the states where most transactional lawyers practice, organized by the type of obligation imposed.

States with Mandatory or Strongly Recommended Client Disclosure

Florida — Opinion 24-1 (2024)

Florida’s Opinion 24-1 is one of the most detailed state bar pronouncements on AI. Key requirements:
- Lawyers may use AI but must prioritize client confidentiality
- Disclosure is mandatory when AI use impacts billing or costs
- Lawyers must practice accurately and competently when using AI outputs
- AI-generated work must be reviewed and verified before delivery
Practical impact: If you’re a Florida lawyer using AI for contract review and billing fewer hours as a result, you need to address that in your fee arrangement. If you’re uploading client documents to a third-party AI tool, your confidentiality obligations under Rule 4-1.6 are triggered.

California — Practical Guide on AI (2024–2025)

The State Bar of California published a practical guide emphasizing that attorney competence under Rule 1.1 requires an understanding of large language models before using them — including hallucination risks and data privacy implications. While California hasn’t issued a formal opinion mandating disclosure in all cases, the competence standard effectively requires:
- Understanding how any AI tool you use works
- Evaluating data privacy implications before uploading client data
- Maintaining supervisory control over all AI outputs
Texas — Opinion 705 (February 2025)

Texas Opinion 705 clarifies that human oversight of AI-generated work product is mandatory. The opinion specifically addresses the risk of fabricated citations (the Mata v. Avianca problem) and requires:
- Independent verification of all AI-generated content
- Human supervision of AI as a non-lawyer assistant under Rule 5.03
- Competence in understanding the AI tool’s limitations
New York

New York has been aggressive on AI governance. The state requires at least two annual CLE credits in practical AI competency, with enforcement beginning in 2025. Multiple court systems within New York have adopted AI disclosure rules for court filings, and the NYC Bar Association has published detailed guidance on ethical AI use.

States with Formal Guidance (Advisory but Influential)

Oregon — Formal Opinion 2025-205

Oregon’s Formal Opinion 2025-205 is a thorough treatment of AI ethics obligations. It addresses competence, confidentiality, supervision, and disclosure, closely tracking ABA Formal Opinion 512.

North Carolina

The North Carolina Bar Association published a 2026 guide arguing that law firms need realistic AI policies rather than outright bans. The guidance emphasizes documentation and policy-based governance.

Pennsylvania

Pennsylvania mandates explicit disclosure of AI use in all court submissions. Transparency is a filing requirement in state courts.

Illinois, Massachusetts, Colorado, Georgia, Washington

Each of these states has addressed AI use through bar opinions, CLE requirements, or court rules. The details vary but converge on three themes: competence, confidentiality, and verification.

States with No Guidance (As of February 2026)

Roughly 15-20 states have not yet issued formal AI guidance. If you practice in one of these states, the ABA Model Rules and Formal Opinion 512 are your best framework. The Justia 50-State Survey maintains a current tracker — bookmark it.

For a comprehensive and regularly updated listing of every state’s position, the Clio AI Ethics Opinions guide provides state-by-state detail with links to primary sources.

Federal Court AI Disclosure Requirements

Federal courts have moved faster than state bars. Since Judge Brantley Starr of the Northern District of Texas issued the first standing order requiring AI disclosure in court filings in 2023, over 300 federal judges have adopted similar orders.

These standing orders typically require one or more of:
- Disclosure of AI tool use in drafting or researching any filing
- Certification that all citations have been independently verified
- Identification of which specific AI tools were used
The requirements are not uniform. Some judges require a standalone certification. Others require a footnote. Some apply only to generative AI (ChatGPT, Claude) while others cover all AI-assisted research tools.

Practical advice: Before filing in any federal court, check the assigned judge’s standing orders. Bloomberg Law’s tracker and Law360’s AI tracker maintain current databases.

Note: contract review work rarely involves court filings directly. But if your contract review feeds into litigation — a breach of contract claim, for example — the disclosure requirement kicks in when the AI-assisted analysis becomes part of a filing.

The ABA Framework: Formal Opinion 512

ABA Formal Opinion 512, released July 29, 2024, provides the most comprehensive national framework. It addresses six Model Rules and their application to generative AI.

Rule 1.1 (Competence): Lawyers must understand the capabilities and limitations of any AI tool they use. You don’t need to be a technologist, but you need a “reasonable understanding” — enough to evaluate whether the tool is appropriate for the task. For a deeper analysis, see our guide on ABA guidelines for AI in legal practice.

Rule 1.4 (Communication): Inform clients about AI use when it’s relevant to their representation. Notably, Formal Opinion 512 states that boilerplate consent in engagement letters is not adequate for confidentiality purposes — you need informed, specific consent when uploading client data to third-party AI tools.

Rule 1.5 (Fees): You may not bill clients for time spent learning to use AI tools generally. If a client specifically requests a particular AI tool, learning costs may be billable. The bigger implication: if AI reduces your review time from 3 hours to 30 minutes, your fee arrangement should reflect that.

Rule 1.6 (Confidentiality): Before uploading client data to any AI tool, evaluate the tool’s data handling practices. This includes data retention, training policies, encryption, and sub-processor arrangements. For detailed guidance on this issue, see our article on confidentiality and AI contract tools.

Rule 5.1/5.3 (Supervision): Supervise AI output the same way you’d supervise a junior associate. Review everything. Verify everything. For a practical framework on exactly how to do this, see our guide on supervising AI legal outputs.

Types of Disclosure: Client, Court, and Bar

Client Disclosure

Client disclosure addresses what you tell your clients about using AI in their matters.

When it’s required:
– When uploading client data to a third-party AI tool (confidentiality trigger)
– When AI use materially affects your fees or billing (fee disclosure trigger)
– When your state bar has issued specific guidance requiring disclosure

When it’s recommended but not strictly required:
– For all AI-assisted contract review (best practice regardless of state)
– When clients are likely to have concerns about AI use
– When the matter involves sensitive or confidential business information

Where to disclose:
– Engagement letter (standard practice — add an AI use section)
– Separate AI disclosure addendum (for sensitive matters)
– Ongoing client communication (for new tools or changed practices)

Court Disclosure

Court disclosure is more straightforward: check the standing orders of the court and judge where you’re filing. If a standing order requires AI disclosure, comply. If no order exists, Rule 11 certification already requires you to verify the accuracy of everything in your filing — AI-assisted or not.

Bar Compliance

Your state bar’s guidance governs your ongoing professional responsibility. Even where no formal disclosure rule exists, the underlying Model Rules (competence, confidentiality, communication, supervision) apply to AI use. Document your compliance.

Engagement Letter AI Disclosure Templates

Three templates, scaled to your jurisdiction’s requirements.

Minimal Disclosure (States with No Specific Requirements)

Our firm may use AI-assisted tools to enhance the efficiency of legal services, including contract analysis, legal research, and document review. All AI-generated analysis is reviewed and verified by a licensed attorney before inclusion in any client deliverable. Our firm remains fully responsible for all work product.

Standard Disclosure (States with Recommended Disclosure)

Our firm uses AI-powered contract review and analysis tools as part of our quality assurance process. These tools assist with clause identification, risk analysis, and missing provision detection. All AI-generated analysis is independently reviewed, verified, and supplemented by attorney judgment before delivery. Our AI tools employ encryption for data in transit and at rest, do not retain client documents after analysis, and do not use client data to train AI models. Attorney [Name] maintains supervisory responsibility for all work product.

Comprehensive Disclosure (States with Mandatory Disclosure)

Our firm uses the following AI tools in providing legal services: [Tool Names]. These tools are used for: [specific tasks — e.g., contract clause identification, risk scoring, missing provision detection]. Data handling: client documents are processed via encrypted connections, are not retained after analysis, and are not used to train AI models. [Tool Name] maintains [SOC 2 / relevant certification] compliance. Human review: all AI-generated analysis is independently reviewed and verified by [Attorney Name], who exercises professional judgment on all findings before inclusion in client deliverables. You have the right to request that we not use AI tools on your matter. If you choose to opt out of AI-assisted review, please notify us in writing, and we will adjust our review process accordingly. This may affect the timeline and cost of services.

The Penalty Landscape: What Happens If You Don’t Disclose

The most prominent sanction case remains Mata v. Avianca, Inc., No. 22-cv-1461 (S.D.N.Y. 2023), where attorneys Steven Schwartz and Peter LoDuca were fined $5,000 for submitting AI-fabricated citations. But Mata involved affirmative misrepresentation to the court — not mere failure to disclose AI use. For more on the Mata case and its implications, see our analysis of AI hallucination risks in legal practice.

As of early 2026, no lawyer has been disciplined solely for failing to disclose AI use in transactional contract review. But the trajectory is clear: 300+ federal judges have standing orders, state bars are issuing guidance at an accelerating rate, and over 700 documented incidents of AI-fabricated content in court filings have made courts and bars aggressive about enforcement.

The risks of non-disclosure include:
- Court sanctions for non-compliance with standing orders
- Bar discipline for violating competence, confidentiality, or communication rules
- Malpractice exposure if AI errors cause client harm and your use wasn’t disclosed
- Client trust damage that’s harder to repair than any formal sanction
The calculus is simple: disclosure costs you nothing. Non-disclosure can cost you your practice.

The Universal Compliance Framework: 6 Steps That Work Everywhere

Regardless of your state, these six practices keep you compliant with current and likely future requirements.
1. Add AI disclosure to your standard engagement letter. Use the templates above. Update annually or when your toolset changes.
2. Maintain an AI tool inventory. List every AI tool your firm uses, what it’s used for, what data it accesses, and its security certifications. Review quarterly.
3. Verify all AI output before use. This isn’t optional anywhere. Review every clause identification, risk assessment, and suggested edit against the source document. Our VERIFY framework for supervising AI outputs gives you a repeatable protocol.
4. Document your AI use and human review process. Date, tool, matter, what was reviewed, what was changed. This is your audit trail for any bar inquiry or malpractice claim.
5. Stay current on your state’s requirements. The Justia 50-State Survey and Clio’s ethics opinions guide are the best free trackers. Check quarterly.
6. When in doubt, disclose. Overcompliance beats undercompliance every time. No lawyer has ever been disciplined for disclosing too much about their technology use.
Clause Labs is built for compliant AI use: structured output that’s easy to verify, no data retention after analysis, and encryption for all document processing. Start free with 3 reviews per month — no credit card required.

Over 500 lawyers already use Clause Labs for AI-assisted contract review with ABA-compliant data handling. Join them — start free today.

Frequently Asked Questions

Do I need to disclose if I just use ChatGPT to brainstorm contract language?

It depends on your jurisdiction and what you do with the output. If you use ChatGPT to brainstorm and then independently draft the language yourself, most jurisdictions wouldn’t require disclosure. But if AI-generated language appears substantially in a client deliverable, disclosure is prudent. Under ABA Formal Opinion 512, you must also consider whether you’ve uploaded any client confidential information in the process — even pasting a client’s contract clause into ChatGPT may trigger Rule 1.6 obligations.

Do I need to disclose AI use to opposing counsel?

Generally, no. No state currently requires disclosure to opposing counsel in transactional practice. The exceptions are narrow: collaborative law settings, some mediation contexts, and situations where a specific court order applies. In litigation, some federal standing orders require disclosure in filings — which opposing counsel will see.

Can my client refuse to let me use AI?

Yes. If a client requests that you not use AI tools, you must honor that request. Include an opt-out provision in your engagement letter (see the comprehensive template above). Be transparent about how opting out may affect timelines and costs.

Is disclosure required for contract review, or only litigation?

The ABA Model Rules and most state guidance apply to all areas of practice, not just litigation. Rule 1.6 (confidentiality) applies whenever you share client information with a third-party tool — whether you’re reviewing a contract or drafting a brief. The court-specific standing orders only apply to litigation filings, but your ethical obligations to clients are practice-area agnostic.

How often should I update my disclosure language?

Review and update annually at minimum. Update immediately when you adopt new AI tools, when your state bar issues new guidance, or when there’s a material change in how your existing tools handle data.

This article is for informational purposes only and does not constitute legal advice. Consult a qualified attorney for advice specific to your situation. AI disclosure requirements are evolving rapidly — verify current requirements in your jurisdiction before relying on this guide.
February 23, 2026
The Mata v. Avianca Problem: How to Use AI in Law Without Fabricated Citations
The Mata v. Avianca Problem: How to Use AI in Law Without Fabricated Citations

A $5,000 fine, a public apology to six federal judges, and a name that every lawyer in America now associates with AI gone wrong. That’s the legacy of Mata v. Avianca, Inc., No. 22-cv-1461 (S.D.N.Y. 2023) — the case where attorney Steven Schwartz submitted a brief citing six cases that didn’t exist, all fabricated by ChatGPT.

But here’s what most coverage of this case gets wrong: the problem wasn’t that a lawyer used AI. The problem was that a lawyer used the wrong kind of AI for the task, then skipped verification entirely. Understanding that distinction is the difference between using AI responsibly and becoming the next cautionary tale. And as of late 2025, Damien Charlotin’s AI Hallucination Cases Database documents over 300 incidents of AI-fabricated citations in court filings — up from a handful in 2023 to two or three new cases per day.

This article breaks down what actually happened, why it keeps happening, and — most critically — why contract review AI operates on a fundamentally different risk model than research AI. If you’ve been hesitant to adopt AI tools because of Mata v. Avianca, you may be avoiding the wrong thing.

What Actually Happened in Mata v. Avianca

The facts are straightforward and worth getting right.

In 2022, Roberto Mata filed a personal injury lawsuit against Avianca Airlines, alleging a knee injury from a metal serving cart on an international flight. When Avianca moved to dismiss, Mata’s attorney Peter LoDuca filed an opposition brief. The brief was largely drafted by his colleague Steven Schwartz, who used ChatGPT to research supporting case law.

ChatGPT generated citations to six cases that sounded real — complete with docket numbers, court names, and plausible holdings. Cases like Varghese v. China Southern Airlines, Shaboon v. Egyptair, and Petersen v. Iran Air. They had the structure, cadence, and citation format of genuine case law. They were entirely fabricated.

When Avianca’s attorneys couldn’t locate the cited cases, Judge P. Kevin Castel ordered Schwartz to produce copies. Schwartz went back to ChatGPT and asked whether the cases were real. ChatGPT confirmed they were. He submitted that confirmation to the court.

On June 22, 2023, Judge Castel issued sanctions — a $5,000 fine against Schwartz, LoDuca, and their firm Levidow, Levidow & Oberman. The court also required them to send individual letters to each of the six judges falsely identified as authors of the fabricated opinions, along with copies of the sanctions order.

The case made international headlines. It became the most referenced AI-in-law case in history. And it terrified lawyers who were considering AI adoption.

Why AI Hallucination Happens — in Terms Lawyers Understand

Hallucination isn’t a bug in the software. It’s a feature of how large language models work — and understanding the mechanism matters for assessing risk.

Large language models like ChatGPT and Claude predict the most statistically likely next sequence of words given a prompt. They don’t retrieve facts from a database. They don’t look up cases in Westlaw. They generate text that sounds right based on patterns in their training data.

Legal citations are especially vulnerable because:
- Case names follow predictable patterns. A name like Petersen v. Iran Air sounds like a real aviation injury case because it matches thousands of real citation patterns the model has seen.
- Legal writing is formulaic. Holdings, procedural histories, and citation formats follow rigid conventions. AI can mimic the form perfectly while fabricating the substance.
- Lawyers are trained to trust citations. When you see a properly formatted citation — 678 F.Supp.3d 443 (S.D.N.Y. 2023) — your instinct is to trust it, not verify it. That trust is earned in normal legal practice. It’s exploited by AI hallucination.
This isn’t unique to ChatGPT. Any general-purpose language model can hallucinate. Stanford research has documented that hallucination rates for legal citations range from 6% to over 30% depending on the model, the complexity of the question, and the jurisdiction.

It Keeps Happening: Post-Mata Sanctions Cases

Mata v. Avianca wasn’t an isolated incident. It was a preview.

Noland v. Land of the Free, L.P. (2025) — A California appellate court found that “nearly all of the legal quotations in plaintiff’s opening brief, and many of the quotations in plaintiff’s reply brief, were fabricated.” The court imposed $10,000 in sanctions — double the Mata penalty.

Johnson v. Dunn (N.D. Ala., July 2025) — The court went further than fines: it disqualified the attorneys from representing their client for the remainder of the case and directed the clerk to notify bar regulators in every state where the attorneys were licensed.

Arizona Social Security Case (August 2025) — A judge found that 12 of 19 cited cases were fabricated, misleading, or unsupported, sanctioning the attorney whose brief was “replete with citation-related deficiencies consistent with artificial intelligence generated hallucinations.”

And in a notable 2025 development, courts began sanctioning lawyers for failing to detect their opponent’s AI-fabricated citations — establishing that the verification duty runs both ways.

The pattern across every sanctions case is identical: a lawyer used a general-purpose AI tool for legal research, submitted the output without verification, and fabricated citations ended up before a judge.

The Critical Distinction: Research AI vs. Review AI

This is the argument that most Mata coverage misses entirely, and it’s the one that should change how you think about AI risk.

Research AI (High Hallucination Risk)

General-purpose AI tools like ChatGPT, Claude, and Gemini are generative — they create text from scratch. When you ask them to find supporting case law, they don’t search a legal database. They generate text that looks like case law. Sometimes they get it right (because the case appeared in training data). Often they don’t.

The hallucination risk profile:
- Generates citations, case summaries, and legal analysis from scratch
- No built-in source verification
- Designed to produce plausible-sounding content
- Outputs fabricated cases, misquoted holdings, and invented statutes
- Confidence level of the output has no correlation with accuracy
Contract Review AI (Fundamentally Different Risk)

Purpose-built contract review tools operate on a completely different model. They don’t generate legal citations or case law. They analyze a specific document you provide as input.

When a contract review AI examines your NDA, it:
- Identifies clauses that exist in the document you uploaded
- Categorizes those clauses by type (indemnification, termination, IP assignment)
- Scores risk based on what’s present — and flags what’s missing
- Generates structured output (risk scores, clause categories) not freeform legal analysis
- Never cites case law, statutes, or legal authority it might fabricate
There’s nothing to hallucinate when the task is “read this paragraph and tell me whether it contains a unilateral termination right.” Either the language is there or it isn’t. The AI is classifying existing text, not inventing new text.

This doesn’t mean contract review AI is infallible — it can miscategorize a clause, miss a bespoke provision, or score risk differently than you would. But those are accuracy issues, not hallucination issues. And they’re the same types of errors a junior associate or paralegal might make, which is why human review remains non-negotiable.

Building a Hallucination-Proof AI Workflow

Whether you’re using AI for research, review, or drafting, these practices protect you.

Before You Use Any AI Tool

1. Match the tool to the task. If a purpose-built tool exists for what you need — contract review, document comparison, legal research with verified citations — use it instead of general-purpose AI. This is the single most effective risk reduction strategy.

2. Understand the tool’s architecture. Does it generate text from scratch (high hallucination risk) or analyze documents you provide (lower risk)? Does it cite sources it retrieves from a database (CoCounsel, Lexis+ AI) or generate citations from training data (ChatGPT)? ABA Formal Opinion 512, issued July 2024, requires lawyers to understand how their AI tools work before relying on them.

3. Test on known documents first. Before using any AI tool on client work, run it against a contract you’ve already reviewed manually. Compare the AI’s output to your own analysis. Where does it agree? Where does it diverge? Where is it wrong?

During AI-Assisted Work

4. Never submit AI output without line-by-line review. For legal research: verify every citation in Westlaw, Lexis, or Google Scholar. Read the actual opinion — don’t trust the AI’s summary of the holding. For contract review: check every flagged clause against the actual contract language. Verify that “missing clause” findings are actually absent from the document.

5. Be skeptical of confidence. AI doesn’t express uncertainty the way humans do. A fabricated citation reads with the same confidence as a real one. Treat all AI output as a first draft requiring verification, regardless of how polished it appears.

6. Document your review process. Keep a record of what tool you used, what it produced, and how you verified the output. This protects you against malpractice claims and bar complaints. It also satisfies the supervisory requirements under ABA Model Rule 5.3.

After AI Review

7. Apply professional judgment to every recommendation. AI doesn’t know your client’s business objectives, risk tolerance, negotiation leverage, or the relationship dynamics with the counterparty. These factors determine whether a flagged “risk” actually matters. Your judgment is what clients pay for — AI just gives you a faster starting point.

8. Sign off on the final work product as your own. If it has your name on it, you own it. Period. AI-assisted work carries the same professional responsibility as any other work product, as Judge Castel emphasized in the Mata sanctions order.

What Courts and Bar Associations Now Require

The regulatory response to AI hallucination is accelerating. As of early 2026, over 300 federal judges have issued standing orders, local rules, or pretrial orders addressing AI use in court filings.

Common requirements include:
- Disclosure of AI use. Many courts require attorneys to identify which AI tools were used and which portions of a filing were AI-assisted.
- Certification of accuracy. Several judges, including Judge Baylson in the Eastern District of Pennsylvania, require attorneys to certify that every citation has been verified for accuracy.
- Identification of the specific tool. Some orders require naming the AI tool used, not just disclosing AI assistance generally.
At the state level, bar associations across the country are issuing guidance. California emphasizes understanding LLM risks before use. Florida’s Opinion 24-1 mandates disclosure when AI impacts billing. Texas Opinion 705 requires human oversight of all AI-generated work product.

The trend is clear: use AI, but verify and disclose. And the ABA’s checklist for responsible AI use published in early 2026 consolidates these requirements into a practical framework.

The Lesson — and the Opportunity

Mata v. Avianca wasn’t a failure of artificial intelligence. It was a failure of verification. Steven Schwartz didn’t get sanctioned for using ChatGPT. He got sanctioned for submitting fabricated citations without checking whether they were real. Every subsequent sanctions case follows the same pattern.

The lawyers who will thrive aren’t the ones avoiding AI — they’re the ones using it with the right tools and the right workflow. For contract review specifically, purpose-built AI tools that analyze documents rather than generate citations eliminate the hallucination risk that caused Mata. The risk isn’t zero — miscategorization and accuracy issues exist — but it’s a fundamentally different category of risk, one that standard attorney review practices are designed to catch.

If you’ve been avoiding AI because of Mata v. Avianca, you may be solving the wrong problem. The question isn’t whether to use AI — it’s whether you’re using the right AI for the right task, with the right verification process in place.

For lawyers ready to start with contract review AI that’s designed for verification rather than hallucination, Clause Labs’s free analyzer lets you upload any contract and see a structured risk analysis in under 60 seconds — no citations to fabricate, no case law to verify, just clause-by-clause analysis of the document you provide. Try it on your next contract and see how purpose-built AI differs from the general-purpose tools that created the Mata problem.

For a deeper look at the ethical framework governing AI use in legal practice, read our guides on whether AI contract review is ethical and how ABA Rule 1.1 applies to technology competence.

Frequently Asked Questions

Can contract review AI hallucinate?

Contract review AI can make errors — miscategorizing a clause, missing a bespoke provision, or misjudging risk severity. But it doesn’t hallucinate in the Mata sense because it doesn’t generate citations, case law, or legal authority. It analyzes the specific document you provide and produces structured output (risk scores, clause identification, missing provisions) rather than freeform legal text. The risk profile is accuracy, not fabrication.

How is Clause Labs different from ChatGPT for legal work?

ChatGPT is a general-purpose language model that generates text from scratch — including citations that may not exist. Clause Labs is a purpose-built contract review tool that analyzes the specific document you upload. It identifies clauses, scores risk, flags missing provisions, and suggests edits based on what’s actually in your contract. It never generates case citations or legal authority. The architecture eliminates the hallucination vector that caused Mata v. Avianca.

What should I do if I suspect AI output contains hallucinated content?

Stop, verify, and document. Check every citation against a verified legal database (Westlaw, Lexis, Google Scholar). If you find fabricated content, do not submit it. Remove it from your work product. If you’ve already submitted a filing containing unverified AI content, consider notifying the court proactively — courts have shown more leniency toward attorneys who self-report than those who are caught.

Do I need to disclose that I used AI to review a contract?

This varies by jurisdiction and context. For court filings, over 300 federal judges now require AI disclosure. For transactional work (contract review and negotiation), disclosure requirements are less defined, but ABA Formal Opinion 512 recommends transparency with clients about AI use, particularly regarding confidentiality and billing. Check your state bar’s guidance — several states now have specific AI disclosure requirements.

Has any lawyer been sanctioned specifically for using AI contract review tools?

As of early 2026, no. Every documented sanctions case involves general-purpose AI (primarily ChatGPT) used for legal research — specifically, the submission of fabricated citations. No sanctions case has involved a purpose-built contract review tool used within its designed parameters. The risk pattern is clear: sanctions arise from unverified AI-generated citations, not from AI-assisted document analysis.

This article is for informational purposes only and does not constitute legal advice. Consult a qualified attorney for advice specific to your situation.
February 23, 2026
AI and Attorney Competence: What Rule 1.1 Means for Contract Review
AI and Attorney Competence: What Rule 1.1 Means for Contract Review

Forty-two U.S. jurisdictions now require lawyers to understand technology as part of their competence obligation. That number was zero before 2012. The shift started with a single sentence added to ABA Model Rule 1.1, Comment 8: lawyers must “keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology.” Fourteen years later, that sentence has become the legal foundation for AI adoption in the profession, and increasingly, the basis for arguing that ignoring AI may itself be a competence failure.

This article explains what Rule 1.1 technology competence actually requires, how it applies specifically to AI contract review, and what practical steps you can take to demonstrate compliance. If you are a solo or small firm lawyer evaluating AI tools, this is the ethical framework you need.

Try Clause Labs Free — start building your AI competence with a purpose-built contract review tool. 3 reviews per month, no credit card.

The Rule That Changed Everything

ABA Model Rule 1.1 states: “A lawyer shall provide competent representation to a client. Competent representation requires the legal knowledge, skill, thoroughness and preparation reasonably necessary for the representation.”

The rule itself has not changed since adoption. What changed in 2012 was Comment 8, which now explicitly includes technology within the scope of competence. The ABA’s amendment clarified that keeping “abreast of changes in the law and its practice” includes understanding “the benefits and risks associated with relevant technology.”

Then in July 2024, ABA Formal Opinion 512 applied this principle directly to generative AI, stating that lawyers must “understand the capacity and limitations of GAI and periodically update that understanding.” This was the ABA’s first comprehensive ethical guidance on AI, and it specifically addressed competence, confidentiality, communication, candor, supervision, and fees.

The trajectory is clear. Technology competence is no longer aspirational. It is a professional obligation with enforcement teeth.

What “Technology Competence” Actually Means

Technology competence does not mean you must use every new tool. It does not mean you need to become a technologist. And it does not mean that failure to adopt AI is automatically an ethics violation.

What it does mean, based on the ABA’s framework and Formal Opinion 512, is a three-part obligation:

1. Awareness

You must know that AI contract review tools exist and understand, at a general level, what they can do. This does not require expertise. It requires the same level of awareness you would apply to any development in legal practice that affects how you serve clients.

The analogy: you did not need to use email the day it was invented. But at some point, not understanding what email is and why it matters to your practice became a competence issue.

2. Evaluation

You must assess whether AI tools are appropriate for your practice. This means looking at the tools available, understanding their capabilities and limitations, evaluating their security posture, and making a reasoned judgment about whether they would benefit your clients.

Critically, “we evaluated AI tools and decided they are not appropriate for our practice at this time” is a defensible position, as long as the evaluation actually occurred and was documented.

3. Implementation (If You Adopt)

If you do adopt AI tools, you must use them competently. This means understanding what the tool does, supervising its output, verifying its analysis, and maintaining your professional judgment as the final decision-maker.

Formal Opinion 512 is explicit on this point: competence “requires the lawyer to have a reasonable understanding” of the technology, not just access to it.

States That Have Adopted Technology Competence

As tracked by LawNext’s Tech Competence Scoreboard, the adoption landscape as of early 2026:

42 jurisdictions have adopted Comment 8 or equivalent language:

This includes 40 states plus the District of Columbia and Puerto Rico. D.C. adopted its amendment in April 2025. Puerto Rico went further with Rule 1.19, effective January 2026, which creates a standalone technology competence requirement that exceeds the ABA Model Rules.

States with Comment 8 PLUS AI-specific guidance:

Several states have gone beyond Comment 8 to address AI specifically:
- California: Published practical guidance on AI, requiring competence assessment before use and disclosure when materially affecting representation
- Florida: Opinion 24-1 addresses AI use with specific requirements for confidentiality and billing
- Texas: Opinion 705 (February 2025) requires human oversight of AI-generated work
- North Carolina: 2024 Formal Ethics Opinion 1 provides detailed AI guidance
- Oregon: Formal Opinion 2025-205 addresses AI tools specifically
Remaining states without Comment 8:

A small number of states have not formally adopted the amended comment. However, their existing competence rules are broad enough that technology competence may be implied. As a practical matter, the direction is uniform: technology competence is expected everywhere.

For a comprehensive 50-state reference, see Justia’s AI and Attorney Ethics Rules survey.

How Rule 1.1 Applies to AI Contract Review

The technology competence framework maps directly onto the decision to use (or not use) AI contract review tools. Here is how each element of Rule 1.1 applies.

The Knowledge Requirement

You must understand what the AI tool does:
- Clause identification: The tool reads the contract text and categorizes each provision (indemnification, limitation of liability, termination, etc.)
- Risk scoring: The tool assigns risk levels based on standard practice for the contract type
- Missing clause detection: The tool identifies provisions that are typically present in this contract type but absent from the document
- Redline suggestions: The tool generates proposed edits to problematic provisions
You must also understand what the tool does not do:
- It does not understand your client’s business objectives or risk tolerance
- It does not evaluate enforceability in a specific court before a specific judge
- It does not account for the parties’ prior course of dealing
- It does not replace your professional judgment on how to advise your client
The Skill Requirement

You must be able to evaluate AI output critically:
- Can you tell when the AI’s clause categorization is wrong?
- Can you assess whether a flagged risk is actually significant in the context of this deal?
- Can you determine whether a “missing clause” finding is a genuine gap or just a different structural approach?
- Can you apply the AI’s suggestions strategically, knowing which battles to fight in negotiation?
This is where your legal expertise intersects with the AI tool. The AI provides the data. You provide the judgment. For a detailed framework on how to review AI-flagged issues, see our guide to reviewing contracts for red flags.

The Thoroughness Requirement

You must use AI as a supplement, not a substitute:
- AI output must be reviewed before relying on it
- AI analysis must be cross-referenced against the actual contract text
- Client-specific context must be layered on top of AI findings
- The final work product must reflect your professional judgment, not just the AI’s output
The ABA’s 2024 Legal Technology Survey found that 75% of lawyers cite accuracy as their top concern about AI. That concern directly supports the thoroughness requirement: you must verify, not just trust.

The Preparation Requirement

You must learn the tool before using it on client matters:
- Test the tool on contracts you have already reviewed manually (so you can compare results)
- Understand the tool’s strengths and weaknesses by contract type
- Know how the tool handles edge cases and unusual provisions
- Document your testing process
The Flip Side: Is NOT Using AI a Competence Issue?

This is the question that makes the legal profession uncomfortable. The argument is straightforward:

If AI can identify risks in a 50-page MSA that a manual review might miss… If AI can complete a risk analysis in 60 seconds that would take 3 hours manually… If the cost of AI review ($49/month) is trivial compared to the cost of missing an issue (malpractice claim, client loss, reputational damage)…

Then ignoring AI tools entirely may itself raise competence questions.

This is not hypothetical. The Redgrave LLP analysis of technology competence notes that the duty extends to “understanding what tools exist and evaluating them.” A lawyer who has never looked at AI contract review tools in 2026 has arguably failed the “awareness” prong of technology competence.

Important qualifiers: Not using AI is not malpractice. No lawyer has been disciplined for declining to adopt AI tools. But the trajectory is clear. As AI tools become standard practice, the bar for reasonable competence will shift. The lawyers who evaluated AI, tested it, and made informed decisions — whether to adopt or not — will be in a stronger position than those who simply ignored it.

Thomson Reuters’ 2025 report found that 78% of law firm respondents believe generative AI will become central to legal workflow within five years. If that prediction is even partially correct, the competence implications are significant.

Case Studies: Where Competence and AI Intersect

Scenario 1: The Missed Liability Cap

A solo lawyer reviews a 50-page MSA manually for a client. Under time pressure, she misses a provision burying the limitation of liability inside a definitions section. The cap is set at $10,000 for a $500,000 engagement. The client suffers $200,000 in damages from the vendor’s breach and can only recover $10,000.

Competence analysis: If a readily available, affordable AI tool would have flagged the buried liability cap — and the lawyer never evaluated such tools — there is a credible argument under Comment 8 that the lawyer failed the awareness and evaluation prongs of technology competence. The lawyer’s strongest defense would be documented evidence that she evaluated AI tools and reasonably concluded they were not appropriate for her practice.

Scenario 2: The Unsupervised AI Output

A lawyer uses an AI contract review tool to analyze an employment agreement. The tool flags a non-compete clause as potentially unenforceable. Without checking state-specific law, the lawyer advises the client that the non-compete is void. The client relies on this advice, takes a job with a competitor, and is sued. The non-compete was actually enforceable in their jurisdiction.

Competence analysis: The lawyer failed the thoroughness and skill requirements. The AI provided a general finding. The lawyer’s obligation was to apply jurisdiction-specific analysis — exactly the kind of contextual judgment that AI cannot provide. Using AI is not a defense when the lawyer failed to supervise the output. For more on the ethical framework for AI supervision, see our guide on using AI for contract review ethically.

Scenario 3: The Refusal to Learn

A client specifically asks their lawyer whether they should use AI tools to review the 15 vendor contracts their startup signs each quarter. The lawyer dismisses the question: “I don’t believe in AI for legal work.” The lawyer has never evaluated any AI legal tools, taken any CLE on AI, or read any bar guidance on AI.

Competence analysis: Under Comment 8, the lawyer has a duty to understand the “benefits and risks associated with relevant technology.” Dismissing AI without evaluation is different from evaluating it and concluding it is not appropriate. The former may violate the awareness prong. The latter does not. For specific examples of how AI handles different contract types, see our analysis of common NDA mistakes.

How to Demonstrate AI Competence: 7 Practical Steps

Whether or not you choose to adopt AI tools, these steps demonstrate technology competence under Rule 1.1:

1. Take a CLE course on AI in legal practice. Most state bars now offer AI-specific CLE programs. Complete at least one per year. Keep the certificates.

2. Read your state bar’s AI guidance. Justia’s 50-state survey is a starting point. Check your specific state bar’s website for adopted opinions.

3. Test AI tools on non-client work. Use sample contracts or your own engagement letters. Compare AI output to your manual review. This builds understanding without risking client interests. Clause Labs’s free tier provides 3 reviews per month for this purpose.

4. Document your AI evaluation process. Write down which tools you evaluated, what you learned, and your conclusions. Even a one-page memo to your file demonstrates the awareness and evaluation prongs.

5. Create an AI use policy for your practice. This does not need to be complex. Cover: which tools are approved, how output is verified, how client data is protected, and when AI is not appropriate.

6. Review AI output systematically. If you adopt a tool, develop a consistent verification process. Check every flagged risk against the contract text. Apply your judgment to every recommendation.

7. Stay current on AI developments. Follow LawSites/LawNext and the ABA’s technology resources. Review your AI use policy quarterly. AI is evolving faster than the ethics rules that govern it.

How Purpose-Built Tools Support Rule 1.1 Compliance

The right AI tool makes competence easier, not harder:

Transparency: Purpose-built contract review tools provide structured output (clause-by-clause analysis, risk scores with explanations, confidence indicators). You can see exactly what the AI analyzed and why it flagged specific provisions. This supports the knowledge requirement.

Verifiability: Structured output is easier to verify than freeform text. When a tool tells you “this is an indemnification clause rated High Risk because it is one-sided and uncapped,” you can check that assessment in seconds. This supports the thoroughness requirement.

Human-in-the-loop design: Tools built for lawyers assume the lawyer makes the final decision. They present findings and suggestions, not conclusions. This supports the skill requirement.

Testability: Free tiers and trial periods let you test the tool before using it on client matters. This supports the preparation requirement.

The ABA’s 2024 Legal Technology Survey found that AI adoption among lawyers nearly tripled from 11% in 2023 to 30% in 2024. Among firms with 500+ lawyers, adoption hit 47.8%. The gap between firms using AI and those that are not is widening, and it maps directly onto the competence divide. For a comparison of the tools available, see our best AI contract review tools guide.

If you are evaluating AI contract review tools for the first time, start with Clause Labs’s free analyzer — upload any contract and get a structured risk report in under 60 seconds. No signup required. It is the fastest way to see what AI contract review actually looks like.

Frequently Asked Questions

Can I be disciplined for using AI in my practice?

You can be disciplined for using AI improperly — specifically, for submitting unverified AI output, violating client confidentiality, or failing to supervise AI work product. Using AI itself is not an ethics violation when done within the framework of Rules 1.1 (Competence), 1.6 (Confidentiality), and 5.3 (Supervision). Formal Opinion 512 addresses this comprehensively.

Can I be disciplined for NOT using AI?

Not yet. No lawyer has been disciplined solely for declining to adopt AI tools. However, the competence trajectory is toward expecting lawyers to at least evaluate available technology. The safest position is documented awareness and evaluation, regardless of whether you ultimately adopt.

Do I need CLE credits specifically on AI?

Most states do not yet require AI-specific CLE. However, several states are considering it, and many CLEs on professional responsibility now include AI components. Taking AI-specific CLE voluntarily demonstrates competence and provides documentation.

How do I evaluate whether an AI tool is “competent”?

Apply the same due diligence you would to hiring an associate: What is the tool’s accuracy on the contract types you review? How does it handle edge cases? What are its known limitations? What security certifications does it hold? How responsive is support? Test it on contracts where you already know the answer, and compare the AI’s findings to your own.

What if my client objects to AI use?

Respect the client’s wishes. Rule 1.4 requires communication about the means by which the client’s objectives are to be accomplished. If a client specifically directs you not to use AI, document that instruction and comply. The competence obligation does not override the client’s right to direct the representation.

This article is for informational purposes only and does not constitute legal advice. Consult a qualified attorney for advice specific to your situation.
February 23, 2026

Is AI Contract Review Ethical? What Every Bar Association Says in 2026

Yes — and the more interesting question is whether not using AI is becoming the bigger ethical risk.

ABA Model Rule 1.1, Comment 8 requires lawyers to “keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology.” As of 2026, more than 40 states have adopted this technology competence language or its equivalent. When AI tools can catch contract risks faster and more consistently than manual review — and when they cost less than one billable hour per month — the duty of competence starts to cut both ways.

This article breaks down exactly what the ABA, state bars, and Model Rules say about using AI for contract review, gives you a practical ethics framework you can implement today, and addresses the specific concerns that keep lawyers from adopting tools that could meaningfully improve their practice. Try Clause Labs Free to see an ethically designed AI contract review workflow in action — purpose-built for lawyers who take their ethical obligations seriously.

What the ABA Says: Formal Opinion 512

On July 29, 2024, the ABA Standing Committee on Ethics and Professional Responsibility issued Formal Opinion 512 — the first comprehensive ABA guidance on lawyers’ use of generative AI tools. The opinion confirms that AI tools can be used in legal practice, provided lawyers fulfill their existing ethical obligations.

The key takeaways:

AI is a tool, not a shortcut. The opinion states that generative AI “can be a useful tool to increase efficiency in the practice of law” but that “attorneys utilizing GAI need to fully consider their applicable ethical obligations.” Translation: you can use AI, but you cannot outsource your professional judgment.

Six ethical areas are implicated. Formal Opinion 512 analyzes AI use under competence (Rule 1.1), confidentiality (Rule 1.6), communication (Rule 1.4), candor toward the tribunal (Rule 3.3), supervisory responsibilities (Rules 5.1 and 5.3), and fees (Rule 1.5).

Verification is mandatory. The opinion is unambiguous: “Attorneys should not rely on GAI outputs without independent verification or review.” This applies to all AI-assisted legal work, including contract review. You must check the AI’s work product before relying on it.

Informed consent may be required. For confidentiality purposes, the opinion recommends that lawyers “secure clients’ informed consent before using client confidences in GAI tools” and warns that “boilerplate consent included in engagement letters will not be adequate.” The specificity of the consent must match the tool being used.

Formal Opinion 512 is not a prohibition. It’s a permission structure with guardrails. Lawyers who follow its framework can use AI confidently and ethically.

The 5 Model Rules That Matter for AI Contract Review

Not every Model Rule applies equally to contract review. Here are the five that matter most, with specific guidance on compliance.

Rule 1.1 — Competence

What it says: “A lawyer shall provide competent representation to a client. Competent representation requires the legal knowledge, skill, thoroughness and preparation reasonably necessary for the representation.”

How it applies to AI contract review: You must understand how the AI tool works before using it on client matters. You must be able to evaluate its output critically. And you must stay current on developments in legal AI technology.

How to comply:

Learn what the AI tool actually does. Contract review AI identifies clauses, scores risks, and flags missing provisions. It does not provide legal advice, generate case citations, or make strategic judgments.
Test the tool on contracts you’ve already reviewed manually. Compare the AI’s findings to your own. Understand where it’s strong (clause identification, missing provisions, pattern-based risks) and where it’s limited (business context, enforceability in specific courts, novel provisions).
Review every AI output before relying on it. The AI’s risk score and clause flagging are a starting point — not a conclusion.

The flip side of Rule 1.1 is increasingly relevant: if AI tools can catch risks more consistently and faster than manual review, and if a lawyer’s failure to use available technology results in a missed issue, technology competence may require awareness of AI tools — even if it doesn’t yet require their adoption.

Rule 1.4 — Communication

What it says: A lawyer shall reasonably consult with the client about the means by which the client’s objectives are to be pursued.

How it applies to AI contract review: In jurisdictions that require AI disclosure, you must inform your client that you’re using AI tools to assist with their contract review. Even in jurisdictions without explicit disclosure requirements, transparency about your workflow builds trust.

How to comply:

Add AI disclosure language to your engagement letter. Here’s sample language that satisfies most state requirements:

“Our firm uses AI-assisted contract review tools to enhance the accuracy and efficiency of our analysis. These tools identify contract clauses, flag potential risks, and detect missing provisions. All AI-generated insights are reviewed and verified by a licensed attorney before being included in any client deliverable. Your confidential information is processed using enterprise-grade AI tools with encryption in transit and at rest, no data retention after analysis, and no use of your data for model training.”

This disclosure is specific to the tool’s function and data handling — not the generic boilerplate that Formal Opinion 512 warns against.

Rule 1.5 — Fees

What it says: A lawyer shall not make an agreement for, charge, or collect an unreasonable fee.

How it applies to AI contract review: If AI reduces the time required to review a contract from 90 minutes to 30 minutes, can you still charge for 90 minutes of work?

How to comply: This is where many lawyers get anxious, but the ethical analysis is straightforward.

Value billing: If you charge flat fees for contract review, AI doesn’t change the fee calculation. The client is paying for the outcome — a thoroughly reviewed contract with flagged risks and recommended changes — not for the hours it took. A faster, more thorough review at the same price is a better deal for the client, not a worse one.

Hourly billing: If you bill hourly, bill for the time you actually spend. That includes time reviewing the AI output, applying professional judgment, and preparing the client deliverable. It does not include billing 90 minutes for a 30-minute AI-assisted review. According to Florida Bar Ethics Opinion 24-1, attorneys must ensure that fees and costs remain reasonable when using AI, and passing along the cost of AI tool subscriptions requires disclosure and client agreement.

The honest answer: AI makes individual reviews faster, which means you can either reduce per-review pricing (competitive advantage) or handle more reviews in the same time (capacity advantage). Either approach is ethical. What’s not ethical is billing as if AI doesn’t exist.

Rule 1.6 — Confidentiality

What it says: A lawyer shall not reveal information relating to the representation of a client unless the client gives informed consent.

How it applies to AI contract review: When you upload a client’s contract to an AI tool, you’re sharing confidential information with a third-party technology provider. This triggers the same analysis you’d apply to any third-party vendor — cloud storage, e-discovery platforms, or outside counsel.

How to comply:

Before uploading any client contract to any AI tool, verify:

Data encryption: Is client data encrypted in transit and at rest?
Data retention: Does the tool retain client data after analysis? For how long? Can you request deletion?
Training data: Is client data used to train AI models? Any tool that trains on your client’s contracts is a confidentiality risk.
Subprocessors: Who has access to the data? Are there subprocessors with their own data handling policies?
Compliance certifications: Does the tool have SOC 2, ISO 27001, or equivalent security certifications?

Tools that typically pass this analysis: Purpose-built legal AI tools (Clause Labs, Spellbook, LegalOn) that are designed for lawyer workflows and understand confidentiality requirements. These tools typically offer no-retention policies, encryption, and explicit commitments about training data.

Tools that require caution: General-purpose AI chatbots (ChatGPT, Claude, Gemini) when used in their default consumer configurations. OpenAI’s default terms allow data usage for model improvement unless you opt out or use the API. Enterprise tiers with data processing agreements may address this, but you must verify.

Rule 5.3 — Supervision of Nonlawyer Assistance

What it says: A lawyer who employs or retains nonlawyer assistants shall make reasonable efforts to ensure that the person’s conduct is compatible with the professional obligations of the lawyer.

How it applies to AI contract review: The ABA has analogized AI output to work product from a junior associate or paralegal — it must be supervised. You are responsible for what the AI produces, just as you’re responsible for what a first-year associate drafts.

How to comply:

Treat AI contract review output the way you’d treat a junior associate’s first draft:

Read the AI’s clause identification against the actual contract. Did it categorize correctly?
Review each flagged risk. Is the risk assessment reasonable given the contract type and business context?
Check “missing clause” findings. Is the clause actually missing, or did the AI fail to identify it in a different section?
Apply your professional judgment. The AI doesn’t know whether the client has strong negotiating leverage, whether this is a must-sign deal, or whether the counterparty will walk if you push too hard.
Sign off on the final work product as your own. It’s your analysis. You’re responsible.

Want to see what an ethically designed AI contract review workflow looks like? Upload any contract to Clause Labs — structured output, no hallucinated citations, full confidentiality protections. The tool is built around the exact framework Formal Opinion 512 requires.

State-by-State Bar Positions on AI in 2026

Beyond the ABA’s national guidance, individual state bars have issued their own opinions and rules. Here’s where the major jurisdictions stand.

States with Specific AI Ethics Guidance

State	Guidance	Key Requirement	Citation
California	Practical Guidance (Nov 2023)	Competence requires understanding LLMs before use; assess hallucination risks and data privacy	State Bar Board of Trustees
Florida	Opinion 24-1 (Jan 2024)	Mandatory disclosure when AI impacts billing or costs; reasonable oversight; confidentiality protections	Florida Bar
Texas	Opinion 705 (Feb 2025)	Human oversight of AI-generated work; prevent submission of fabricated citations	Texas Ethics Committee
New York	NYSBA AI Task Force Report (2025)	Phased roadmap for AI adoption; requires 2 annual CLE credits in AI competency	NYSBA
Oregon	Formal Opinion 2025-205	Comprehensive coverage: competence, confidentiality, billing disclosure, court filings, supervision	Oregon State Bar
D.C.	Rule 1.1 Comment Amendment (Apr 2025)	Adopted technology competence language matching ABA Model Rule 1.1 Comment 8	D.C. Court of Appeals
Puerto Rico	Rule 1.19 (effective Jan 2026)	Goes beyond ABA Model Rules — requires technological competence and diligence as a standalone rule	Supreme Court of Puerto Rico

The Trend Across All States

According to Justia’s 50-state survey of AI and attorney ethics rules, the trajectory is clear:

No state bar has prohibited AI use in legal practice
Multiple states require or are considering mandatory AI disclosure to clients
Florida is leading on billing transparency for AI-assisted work
New York is leading on CLE requirements for AI competence
Every state with published guidance emphasizes the same core principle: AI output must be verified by a licensed attorney

If your state hasn’t published specific AI guidance, the ABA’s Formal Opinion 512 provides the baseline framework — and your state’s adoption of Model Rule 1.1 Comment 8 (technology competence) creates an independent obligation to understand AI tools.

The Mata v. Avianca Problem — And Why It Doesn’t Apply to Contract Review

Every conversation about legal AI eventually circles back to Mata v. Avianca, Inc., No. 22-cv-1461 (S.D.N.Y. 2023). Attorney Steven Schwartz used ChatGPT to research case law, ChatGPT fabricated six non-existent cases, Schwartz submitted the brief without verifying the citations, and the court imposed $5,000 in sanctions against Schwartz and his co-counsel for violating Federal Rule of Civil Procedure 11.

Mata v. Avianca is the case that made lawyers afraid of AI. But the lesson isn’t “don’t use AI” — it’s “don’t submit AI output without verification.” Schwartz didn’t fail because he used ChatGPT. He failed because he trusted it blindly.

More importantly, contract review AI operates in a fundamentally different risk category than legal research AI:

Legal research AI generates content from scratch — case citations, legal arguments, rule interpretations. This is where hallucination risk is highest, because the AI is creating output that doesn’t exist in the input.

Contract review AI analyzes a specific document you provide. It identifies clauses in text that exists. It flags risks based on what’s actually in the contract. It detects missing provisions by comparing against a framework. It doesn’t generate legal citations, invent case law, or fabricate rules.

The hallucination risk in contract review is not zero — AI might miscategorize a clause, overstate a risk, or miss a nuance. But it’s categorically different from the kind of fabrication that led to sanctions in Mata v. Avianca. There are no citations to verify because the tool doesn’t generate citations. The output is a structured analysis of text you can see.

For a complete analysis of the distinction between research AI and review AI, see our article on the Mata v. Avianca problem and how to avoid it. For a broader comparison of purpose-built tools versus general AI for contract review, see our Clause Labs vs ChatGPT analysis.

Practical Ethics Framework for AI Contract Review

Here’s a usable five-step framework you can implement today.

Step 1: Before Adopting Any AI Tool

Verify data security: Does the tool encrypt data in transit and at rest? Does it retain data after analysis? Does it train on user-uploaded contracts? Is it SOC 2 certified or equivalent?

Understand how it works: What does the tool analyze? What’s its methodology? What are its known limitations? If you can’t explain it to a client, you’re not ready to use it.

Check your state bar guidance: Review the table above and check your state bar’s website for published opinions on AI use. If no guidance exists, use ABA Formal Opinion 512 as your baseline.

Step 2: Before Each Client Use

Assess appropriateness: Is AI contract review suitable for this contract type? Purpose-built tools handle standard commercial agreements (NDAs, MSAs, employment agreements, SaaS agreements) well. Highly bespoke or novel agreements may need more human attention.

Client consent: Does your engagement letter include AI disclosure? Does your jurisdiction require specific consent? When in doubt, disclose.

Step 3: During AI Review

Upload the contract to your approved AI tool.

Review the output clause by clause against the actual contract text. Did the AI identify clauses correctly? Are the risk assessments reasonable?

Verify “missing clause” findings. Is the clause actually missing, or is it addressed in a different section, exhibit, or referenced document?

Step 4: After AI Review

Apply professional judgment. Add business context, client-specific considerations, and negotiation strategy that the AI can’t know.

Prepare the client deliverable. The work product is yours — signed, reviewed, and verified.

Document your process. Keep records of which tools you used, how you reviewed the output, and what professional judgment you applied. This documentation protects you against malpractice claims and bar complaints.

Step 5: Ongoing Compliance

Stay current. Subscribe to your state bar’s updates on AI ethics. Follow the ABA’s professional responsibility publications for updates to Formal Opinion 512 and related guidance.

Review your AI use policy quarterly. State rules, tool capabilities, and best practices are evolving rapidly.

Invest in CLE. New York now requires AI competency credits. Other states are likely to follow. Getting ahead of mandatory CLE requirements is both smart practice and good ethics.

The Ethics of NOT Using AI

This section makes some lawyers uncomfortable, but the argument is increasingly supported by the profession.

Model Rule 1.1 Comment 8 requires lawyers to stay current on technology that benefits their practice. When AI contract review tools can:

Identify clause types and risks in 30 seconds that manual review might miss after 90 minutes
Detect missing provisions that even experienced lawyers overlook when fatigued or rushed
Process 10 contracts in the time it takes to manually review one
Cost less than a single billable hour per month

…the question shifts from “Is it ethical to use AI?” to “Is it ethical to not even evaluate it?”

This doesn’t mean every lawyer must adopt AI tools today. But it means every lawyer should understand what AI contract review tools exist, what they can do, what their limitations are, and whether they might benefit client representation. Willful ignorance of available technology — when that technology could meaningfully improve client outcomes — sits uncomfortably with the duty of competence.

As the National Association of Attorneys General has noted, the ethical duty of technology competence is not about being an early adopter. It’s about being an informed practitioner.

Frequently Asked Questions

Do I need to disclose AI use to clients?

It depends on your jurisdiction. Florida (Opinion 24-1) requires disclosure when AI impacts billing or costs. New York’s Task Force recommends disclosure as best practice. California’s guidance emphasizes understanding the tools but doesn’t mandate specific disclosure language. The ABA’s Formal Opinion 512 recommends informed consent that goes beyond engagement letter boilerplate. When in doubt, disclose — transparency builds client trust, and over-disclosure is never an ethical violation.

Can I use ChatGPT for client contracts?

With significant caveats. ChatGPT’s default consumer tier may use your inputs for model training — a potential Rule 1.6 violation. ChatGPT’s output is inconsistent, unstructured, and prone to hallucination. And it lacks the legal framework, clause identification, and risk scoring that purpose-built tools provide. If you use ChatGPT for contract-related tasks, use the Enterprise or API tier with a data processing agreement, verify every output, and understand that you’re using a general tool for a specialized task. Purpose-built tools like Clause Labs’s free contract analyzer are designed specifically for this workflow — with structured risk output, clause-by-clause analysis, and the data handling safeguards that Rule 1.6 requires.

What if the AI makes a mistake in its analysis?

You’re responsible. Just as you’re responsible when a paralegal misreads a clause or a junior associate misidentifies a risk, you’re responsible for the final work product. This is why Rule 5.3 supervision is not optional. Review every AI output before relying on it. If you catch an error, correct it. If an error gets through because you didn’t review the output, the ethical failure is yours — not the AI’s.

Is there malpractice coverage for AI-assisted work?

Most malpractice policies don’t explicitly address AI — but they also don’t explicitly exclude it. The standard of care is the same: you must exercise the competence, diligence, and judgment expected of a reasonable lawyer. If AI helps you meet that standard (by catching issues you might have missed), it reduces malpractice risk. If you rely on AI without proper supervision and miss something, the malpractice exposure is the same as any other failure of competence. Best practice: notify your insurer that you use AI tools and get written confirmation that your coverage applies to AI-assisted work product.

Can I charge full rates for AI-assisted contract review?

If you bill flat fees: yes. The client is paying for the result, not the methodology. A thoroughly reviewed contract with flagged risks and recommended edits is worth the same to the client whether it took you 90 minutes or 30 minutes.

If you bill hourly: bill for the time you actually spend. That includes AI tool time, output review, professional judgment application, and client deliverable preparation. Do not bill 90 minutes for 30 minutes of work. Under ABA Model Rule 1.5, fees must be reasonable.

The broader trend in the profession is clear: AI-assisted efficiency should benefit both lawyer and client, and transparent billing for AI-assisted work builds trust and competitive advantage.

Ready to see what ethical AI contract review looks like in practice? Try Clause Labs free — upload any contract and get a structured risk analysis in under 60 seconds. No data retention, no model training on your documents, full encryption. Built for lawyers who take their ethical obligations seriously. Start with 3 free reviews per month, no credit card required.

This article is for informational purposes only and does not constitute legal advice. Ethics rules vary by jurisdiction, and the guidance in this article reflects the legal landscape as of February 2026. Consult your state bar’s ethics hotline or a legal ethics attorney for advice specific to your jurisdiction and practice.

February 23, 2026

Category: Legal AI Ethics

Technology Competence for Lawyers: Meeting Your Ethical Duty with AI Tools

Technology Competence for Lawyers: Meeting Your Ethical Duty with AI Tools

How Technology Competence Became an Ethical Duty

The 2012 Amendment: Comment [8] to Rule 1.1

State Adoption: A Jurisdiction-by-Jurisdiction Patchwork

What Technology Competence Means in 2026

Beyond Email and E-Filing

ABA Formal Opinion 512: The AI Competence Framework

The Competence Gap: Why It Matters Now

The Malpractice Dimension

The Client Expectation Shift

Self-Assessment Framework: Where Do You Stand?

Category 1: Practice Management Technology

Category 2: Cybersecurity and Data Protection

Category 3: AI and Legal Technology

Category 4: Electronic Communication and Discovery

Category 5: Continuing Education

CLE Requirements: What Your State Demands

Practical Steps for Compliance

Step 1: Audit Your Current Technology Stack

Step 2: Test an AI Contract Review Tool

Step 3: Develop an AI Use Policy

Step 4: Complete Technology-Focused CLE

Step 5: Build Competence into Your Workflow

The Cost of Non-Compliance vs. the Cost of Compliance

Frequently Asked Questions

Does technology competence mean I have to use AI?

Can I be disciplined for not being technology competent?

What if my state has not adopted Comment [8]?

How does Formal Opinion 512 affect my contract review practice?

What counts as technology-focused CLE?

How do I supervise AI outputs to comply with Rule 5.3?

Ethical AI Use in Legal Practice: A CLE-Eligible Guide

Ethical AI Use in Legal Practice: A CLE-Eligible Guide

Rule-by-Rule Analysis: How Each Model Rule Applies to AI

Rule 1.1 — Competence: The Dual Obligation

Rule 1.4 — Communication: When and How to Tell Clients About AI

Rule 1.5 — Fees: The Billing Ethics of AI Efficiency

Rule 1.6 — Confidentiality: The Non-Negotiable Obligation

Rule 5.3 — Supervision: AI as a “Nonlawyer Assistant”

Rules 3.1 and 3.3 — Candor: The Mata v. Avianca Warning

State Bar Guidance: A Four-State Comparison

California: Practical Principles, Not Prescriptive Rules

Florida: Four Clear Ethical Caveats

New York: The Most Comprehensive Framework

Texas: Competence Before Use, Fair Billing After

Comparison Table

Case Studies: Ethical vs. Unethical AI Use

Case Study 1: The Fabricated Citations (Unethical)

Case Study 2: The Proper Contract Review Workflow (Ethical)

Case Study 3: The Confidentiality Breach (Unethical)

The Ethical Decision Framework

Question 1: Do I Understand the Tool?

Question 2: Is the Client’s Data Protected?

Question 3: Will I Verify the Output?

Question 4: Is My Billing Honest?

Building Your Ethical AI Practice

Frequently Asked Questions

Does ABA Formal Opinion 512 require me to use AI?

Can I be disciplined for using AI tools in my practice?

How do I choose between general AI tools and purpose-built legal AI tools?

What should my firm’s AI use policy include?

Is using AI for contract review less risky than using it for litigation research?

AI-Powered Contract Review: Ethics, Best Practices, and Practical Applications

AI-Powered Contract Review: Ethics, Best Practices, and Practical Applications

Module 1: Introduction to AI in Contract Review (Fundamentals)

What AI Contract Review Actually Does

What AI Contract Review Cannot Do

The Current State of AI Adoption in Legal Practice

Module 2: The Ethical Framework for AI Use in Contract Review

ABA Formal Opinion 512: The Governing Framework

Rule 1.1 — Competence

Rule 1.4 — Communication

Rule 1.5 — Fees

Rule 1.6 — Confidentiality

Rules 5.1 and 5.3 — Supervisory Responsibilities

Rules 3.1 and 3.3 — Candor Toward the Tribunal

Module 3: Practical Application — AI-Assisted Contract Review

The VERIFY Supervision Framework