AI in legal and professional services

Law firms and professional services firms use AI to review documents, draft text, and speed up research. These tools can help, but outputs must be verified. This is educational only. It is not legal advice.

What “AI in legal and professional services” means

In legal and professional services, AI often means tools that classify and summarize documents, extract clauses, and draft text. Generative AI can make up citations, as seen in Mata v. Avianca. Frameworks like NIST AI RMF can help teams think about controls.

Common uses (where it shows up)

• Contract review: find key terms, risks, and missing clauses.
• E-discovery and document classification: sort large document sets for relevance and privilege.
• Drafting assistance: draft a first pass with tools like Harvey or Spellbook (review required).
• Research summaries: summarize long materials (outputs must be verified).
• Quick brainstorming: generate questions or checklists with tools like Kira or Relativity (still verify).
• Intake and routing: route requests, with strong confidentiality warnings and data rules.

Dive deeper with BonsAI Chat

What AI is good at (and bad at)

• Good at: summarizing long documents and drafting a first pass. (NIST AI RMF)
• Good at: extracting key terms and repeated clauses.
• Bad at: guaranteeing citations are real. Verify every citation.

Risks you must take seriously

• Made-up citations: the model can invent cases and quotes. (NIST AI 600-1)
• Confidentiality: client data can leak if you paste it into the wrong tool.
• Over-trust: people can stop checking work if it sounds polished.

How to use AI safely (simple checklist)

• Do not paste client secrets unless the tool is approved for it.
• Check facts, quotes, and citations in primary sources.
• Test on edge cases and monitor errors. (OWASP LLM Top 10)

How rules and regulators think about it (high level)

• Old rules still apply (confidentiality, competence, records). (OECD AI Principles)
• For high-impact uses, people expect transparency and controls.

Questions to ask before you trust a tool

• What data did it use, and can we audit it? (NIST AI RMF)
• Can we tell when the tool is guessing?
• Can we export our data if we switch tools?

Sources

• CourtListener docket: Mata v. Avianca
• NIST: AI Risk Management Framework (AI RMF)
• NIST: AI 600-1 (Generative AI Profile)
• OWASP: Top 10 for Large Language Model Applications
• OECD: AI Principles