Sommaire
- 1 Introduction
- 2 Legal professional privilege of lawyer and intellectual property attorney
- 3 Artificial intelligence: exchanges not covered by legal privilege
- 4 How to reconcile the use of AI with confidentiality requirements in intellectual property?
- 5 Best practices to protect sensitive information
- 6 Conclusion
- 7 FAQ
Introduction
The circulation of sensitive data has accelerated significantly, alongside the widespread use of generative AI tools. This raises a key question: do information and data shared with an AI system, and subsequently with an attorney or intellectual property attorney, remain confidential ?
If communications with a legal professional are protected, the use of AI may undermine confidentiality.
Legal professional privilege of lawyer and intellectual property attorney
Legal professional privilege is a cornerstone of the relationship between a client and their lawyers or intellectual property attorney. Under French law, this protection covers:
- Legal opinions,
- Correspondence,
- Internal memoranda,
- Preparatory documents,
- All exchanges made in the context of legal advice or representation.
This protection is a matter of public policy. It is particularly critical in patent files. For example, premature disclosure of an invention may destroy its novelty and irreversibly compromise patentability. Similarly, confidentiality is essential in trademark, design, and licensing strategies, where economic value often depends on anticipation and discretion.
In practice, when a client communicates directly with an identified legal professional subject to ethical rules and professional oversight, confidentiality is legally protected and enforceable.
Artificial intelligence: exchanges not covered by legal privilege
The issue arises when the same information is first disclosed to a generative AI tool. Unlike a lawyer or intellectual property attorney, an AI system is not a legal subject bound by professional secrecy. It is a technical service operated by a provider and governed by terms of use that may allow the storage, analysis, or reuse of submitted content.
A decision of 17 February 17, 2026 (United States v. Heppner, No. 1:25-cr-00503-JSR, S.D.N.Y., Feb. 17, 2026) illustrates this issue clearly.
- Facts
In this case involving securities and electronic fraud, the U.S. government seized around thirty documents reflecting written exchanges between the defendant and the generative artificial intelligence platform “Claude,” with which he had interacted to prepare his defense.
The defendant invoked the confidential nature of these exchanges under legal professional privilege. He argued that his interactions with the AI should be protected in the same way as communications with a lawyer, insofar as they concerned legal matters. However, these exchanges had been recorded and could be accessible to third parties, particularly the service provider.
- The Decision
The court rejected this argument based on several decisive factors:
- First, the exchanges had not taken place between a client and a lawyer: an artificial intelligence system cannot be equated with a legal professional.
- Second, no reasonable expectation of confidentiality could exist, as the platform’s terms of use provided for the collection, use, and possible disclosure of data to third parties.
- Finally, the exchanges had not been conducted under the direction of a lawyer.
The court therefore concluded that submitting information to such a platform amounts to disclosing it to a third party, thereby excluding any protection under legal professional privilege.
- Scope of the Decision
This decision confirms an increasingly accepted position: the use of AI, even for legal purposes, does not preserve confidentiality. The involvement of a technical intermediary generally breaks the conditions required for legal privilege to apply.
Although rendered in a U.S. context, this ruling has broader practical implications. It highlights that information entered into AI systems may lose legal protection, regardless of its sensitivity.
In intellectual property matters, this loss of control is critical. For example:
- An undisclosed invention may lose its novelty if revealed with sufficient detail,
- An international filing strategy may be anticipated by competitors,
- Litigation arguments may be weakened if disclosed prematurely.
How to reconcile the use of AI with confidentiality requirements in intellectual property?
The use of artificial intelligence is not prohibited for lawyer, intellectual property attorney or businesses and may even offer significant productivity gains. However, such use must be governed with a level of rigor proportionate to the stakes involved. Professional ethical guidelines emphasize the need to maintain continuous human oversight, to verify the reliability of outputs, and to ensure that the confidentiality of client data is never compromised.
In practice, an appropriate framework relies on a clear distinction:
- General, non-sensitive information, such as content that does not enable the identification of a client, does not reveal a legal strategy, and does not describe an invention in a usable manner, may be used for assistance purposes.
- By contrast, personal data, detailed technical information, litigation timelines, draft patent claims, or infringement risk assessments should not be disclosed to uncontrolled public AI tools.
Where a law firm or a company seeks to integrate AI into its processes, it should prioritize secure solutions hosted in contractually regulated environments, offering guarantees against data reuse and robust confidentiality commitments. This requirement for control is consistent with the principles set out by the CNIL and, more broadly, with applicable data security obligations.
Best practices to protect sensitive information
As a general rule, publicly available AI tools should be treated as non-confidential environments. Sensitive information should not be disclosed through such platforms.
AI may assist with drafting or summarizing non-sensitive material, but legal analysis, risk assessment, and strategic decision-making must remain under the control of a qualified legal professional.
Organizations should also implement internal AI governance policies to define acceptable uses and ensure that sensitive data remains within secure channels.
Conclusion
The relationship between a client and a lawyer or intellectual property attorney remains protected by a strong legal framework. However, the use of artificial intelligence introduces a technical third party that may compromise this confidentiality.
The recent U.S. decision clearly illustrates this risk: communications with AI systems do not benefit from legal professional privilege.
Accordingly, while AI can be a valuable tool, its use must be strictly controlled to preserve the confidentiality and value of intellectual property assets.
Dreyfus & Associés assists its clients in managing complex intellectual property matters by providing tailored advice and comprehensive operational support for the full protection of intellectual property rights.
Nathalie Dreyfus with the support of the entire Dreyfus team.
FAQ
1. Is confidentiality automatically lost if information is entered into AI?
Confidentiality is not legally guaranteed when information is entered into a public AI system. Even in the absence of an actual breach, transmitting data to a technical third party may weaken protection, particularly regarding legal privilege and trade secrets.
2. Can a lawyer use AI in a case ?
Yes, provided they comply with their ethical obligations. The lawyer must retain control over the reasoning, verify outputs, and ensure that client data is not exposed in unsecured environments.
3. Can an invention described in a prompt lose its patentability?
Yes, if the description is sufficiently detailed to constitute prior disclosure. In patent law, novelty is an absolute requirement; any uncontrolled disclosure before filing may compromise protection.
4. Can data entered into AI be stored or reused?
Yes. Depending on the terms of use, data may be stored, analyzed, or reused to improve services. This increases the risk of confidentiality loss when sensitive information is shared.
5. How can AI be used without compromising confidentiality?
AI should be limited to non-sensitive tasks, without including identifying or strategic elements, and secure solutions with strong contractual guarantees regarding confidentiality and non-reuse should be preferred.
This publication provides general guidance and highlights certain issues. It is not intended to apply to specific situations or to constitute legal advice.