Mechanism
Privileged or contractually confidential matter content reaches a third party via AI in a way that compromises privilege or breaches client obligations. Adjacent to Data leakage (RC-2) but distinct: this class names the downstream legal consequence (privilege waiver, protective-order breach, outside-counsel-guideline violation).
Evidence (what the Evidence Register holds)
Matter-level and client-level AI policy mapping; vendor approval with client-specific consent; matter intake protocol for AI restrictions; outside-counsel-guideline integration record.
Mitigation
Matter-level AI policy mapping; client-specific outside-counsel-guideline integration; matter intake screening for AI restrictions before tooling is deployed; vendor approval gated by client-specific consent.
Editorial Framing
Client confidentiality breach is the class whose consequence is highest — and whose mitigation is most procedural. Matter intake must screen for AI restrictions before tooling is deployed on the matter. Outside-counsel-guideline integration is non-negotiable: every client OCG with AI restrictions feeds the matter intake checklist.
Indicative Examples
- Privilege waiver via AI processing of privileged content
- Outside-counsel-guideline violation
- Protective-order breach
- Cross-matter information bleed via shared AI vector store