Onyrisanitize
All articles
Guide7 min read

AI for law firms: protecting client confidentiality

A lawyer can use generative AI as long as nothing privileged reaches the model. How to anonymize a document before ChatGPT, Claude or Gemini.

By Pierre de ONYRI

A lawyer can use generative AI as long as nothing covered by professional confidentiality reaches the model. The method is one rule: anonymize the document or the prompt — replace party names, case numbers, amounts and addresses with tokens — before sending it, then restore the answer in the browser. The model reasons over a structurally identical matter without ever seeing the client's identity.

Confidentiality doesn't stop at copy-paste

Pasting a brief, a contract or an email exchange into an assistant means handing privileged information to a third party. The first ethics guidance on generative AI — such as the American Bar Association's Formal Opinion 512 (2024) — makes clear that the duty of confidentiality applies to AI tools like any other channel. In France, the Conseil national des barreaux carries the same message: technology does not suspend professional ethics.

  • Identity of the parties and of any third parties named in the matter.
  • Case numbers, internal references, docket identifiers.
  • Amounts at stake: settlements, damages, fees.
  • Strategy and exhibits: the mere structure of a case can be identifying.
Diagram: a case document whose party name and amount are replaced by tokens, next to a padlock symbolizing professional confidentiality.
Names, amounts and references become tokens before sending; confidentiality stays locked at the firm.

What to anonymize before any prompt

  1. 1Names and contact details of parties, witnesses and third parties.
  2. 2Case, docket and any internal firm references.
  3. 3Amounts, key dates and locations that could identify the matter.
  4. 4Technical data in a digital exhibit: internal URLs, identifiers, metadata.

A flow compatible with professional ethics

  1. 1Detection: the engine spots identifying elements in the document or prompt.
  2. 2Tokenization: each element is replaced with a neutral token, kept in local memory.
  3. 3Sending: only the anonymized text goes to the AI — no privileged data transits.
  4. 4Restoration: the answer is de-tokenized in your browser, ready to use.

ONYRI Sanitize detects names, contact details, amounts, references and technical secrets, then restores the answer in your browser. The firm gets AI's help to summarize, rephrase or draft an outline, without ever exposing a client's identity or the substance of a matter.

Frequently asked questions

Can a lawyer legally use ChatGPT?
Yes, under conditions. The use must respect confidentiality and data protection: no privileged, identifying information sent to a third party. Anonymizing the document before sending, and keeping a human review of the answer, makes the use compatible with professional ethics.
Is anonymization enough to protect confidentiality?
It's the most direct measure: if no identifying data reaches the model, confidentiality isn't broken. It comes with a framework — vetted tools, review, and a token ↔ value mapping that stays local and never transits.
What about a document already sent to an AI in the clear?
Treat it as a potential disclosure: document the incident, assess the sensitivity of the information involved, and adjust your procedures. Above all, tool up anonymization so it can't happen again — leaks almost always come from copy-paste.

Sources & references

Keep your sensitive data in your browser

ONYRI Sanitize detects and masks your sensitive data before it reaches the AI, then restores the answer — from names to API keys.

Anonymize my prompt

Read next