As a lawyer, I'm excited about this, but there are two roadblocks that I'm not sure how Anthropic will navigate:
(1) For non-lawyers who use these skills/connectors/whatchamacallits to try to get legal advice, their communications are not protected by attorney-client privilege. This will absolutely bite some people in the ass.
(2) If a lawyer uses this with confidential client information (which, to the uninitiated, doesn't just mean SSNs and bank account numbers, but "all information relating to the representation of a client") and forgets to toggle off "Help improve Claude" in their settings, they have possibly (maybe even likely) committed malpractice.[1]
> Judge Rakoff of the Southern District of New York — addressing “a question of first impression nationwide” — ruled that written exchanges between a criminal defendant and generative AI platform Claude were not protected by attorney-client privilege or the work product doctrine.
Much more to it than this one-liner that I pulled out, but safe to say, don't rely on or put your legal defense etc. (or elements of it) into AI unless you want it discovered.
(not a lawyer, unlike OP, who might be able to refine what I highlighted with more precision)
> Much more to it than this one-liner that I pulled out, but safe to say, don't rely on or put your legal defense etc. (or elements of it) into AI unless you want it discovered.
"You are an expert defense counsel with experience in Murder 1. Do not hallucinate. Let's say tomorrow my spouse is found strangled..."
Seems like a fair trade off if I would not be able to afford a lawyer. I'd take the "AI but not 100% confidential" any time compared with no help at all.
In the US, are Google queries about the law considered attorney-client privilege? What about library records? Browser history? Google Maps / Uber / car travel history (when traveling to an attorney's office)?
If somebody Googles "best attorney for murder NYC" a day after a murder is committed but before any case is filed against them (so they clearly had some reason to expect that case), could that be used as evidence?
> exchanges between a criminal defendant and generative AI platform Claude were not protected by attorney-client privilege or the work product doctrine
Shouldn't that have been relatively clear to all parties involved? Maybe not to the defendant, who's apparently clueless.
The AI platform is not an attorney. A defendant's communications with an AI platform are therefore not communications between a client and their attorney, nor will the AI output constitute attorney "work product" because the AI platform is not an attorney.
Doesn't really come across as a novel problem, aside from AI being involved. I'm sure countless defendants have made the stupid mistake of talking about the facts of their case to persons other than their attorney, and those communications came back to bite them in the ass when discovered.
It is my understanding that they must be certified. You are allowed to represent yourself, but it is my understanding that a non-lawyer cannot represent you.
You have to be admitted to the bar to practice law. Which is to say, other lawyers must recognize you as a lawyer, and this recognition can be taken away.
More practically, this means (in America) that you need a JD degree (4 year grad school), to pass an exam, and pass a(n oftrn horrifically thorough) character background check.
For (1) it's so wild to me that if I pay a lawyer, they can run the same queries on these tools and they are protected by attorney-client privilege, but if I do it to help me prepare my defense, then the exact same queries would be subject to subpoena/discovery.
Does anyone know if there exists any OPSEC procedure for me to use third party tools like this for my own concerning legal questions that is both ethical and allows me to be confident that my interactions won't land in discovery documents?
If you are preparing for your own defense and don't have an attorney (you're acting pro se), your own LLM use would likely be protected under work product doctrine. The court would extend you some of the same protections an attorney would have, for the limited purposes of preparing your case.
This is a very narrow exemption, however.
(You would also want to make sure you're using a paid AI plan with contractually guaranteed privacy protections, otherwise it could be construed as third-party communications, which implicitly waives privilege.)
So not familiar with the caselaw around work product, but if you use an API tool directly and not the different chat tools, the queries are not permanently cached for anyone to give up in the end.
So basically if you use any of the CLI tools, there is nothing for OpenAI, Anthropic, etc. to give the courts.
Online ChatGPT (especially the free version), are apparently cached by OpenAI on their servers. (I am not sure if Claude Desktop caches the conversations locally or in the cloud as well, read the fine print if it matters!)
> Does anyone know if there exists any OPSEC procedure for me to use third party tools like this for my own concerning legal questions that is both ethical and allows me to be confident that my interactions won't land in discovery documents?
Isn't that a fundamental misunderstanding? Would "OPSEC" like that amount to destruction of evidence or contempt of court or something like that?
Like if all your incriminating documents are on some encrypted drive, it's not like that defeats discovery. You're supposed to decrypt them and hand them over.
Your only practical defence is to set up a local LLM that destroys records in a predictable way (immediately, on a time table and so forth) and then ensure however you access that doesn’t leave any traces either.
And then you need to consistently use this for purposes other than crime.
Discovery in a criminal trial is more limited than in a civil trial.
Your only real defense against discovery is to not have said it, or to have destroyed all records of it before the hint of discovery wafted on the wind.
Yes? Which makes it feel like the answer is just “No.” Unless you use Mullvad, TailsOS, and don’t log into the service. But I’m not sure if that’s “ethical” for Google/DDG searches and it’s not really possible for Claude/Kagi. I would assume that simply using a “secret” account isn't a magic way to avoid discovery either.
>For (1) it's so wild to me that if I pay a lawyer, they can run the same queries on these tools and they are protected by attorney-client privilege, but if I do it to help me prepare my defense, then the exact same queries would be subject to subpoena/discovery.
How's this any different than any professional license? You're basically paying for preferential treatment from the state in a given subject area.
> How's this any different than any professional license? You're basically paying for preferential treatment from the state in a given subject area.
Because it's got nothing to do with the professional part? Licensing should affect their practice of law, sure, but it shouldn't grant random other privileges.
If you use a stateless client (like just rawdogging cli llama.cpp) there’s nothing to discover. Setting a program with an option to have logs to not do that could conceivably get you in trouble but using a widely used program that never had logs seems like it has to be fine. Maybe they could nail you for googling “which local llm approach generates logs?” also, don’t get nailed by your bash history!
#1 is a little complicated. Communications with an AI are possibly sometimes protected by work-product doctrine... but only if you're representing yourself as a pro se litigant, and strictly limited to mental impressions and opinion work product of counsel (in this case, extended to the pro se litigant). See: Warner v. Gilbarco, Inc.
Slightly related:
Amazon’s bedrock has better privacy guarantees. This seems to be skills that can be added to Desktop app, which can connect to Bedrock for inference.
In the legal world are there certifications for handling privileged information?
For example in the medical world if you are a provider covered by HIPAA you must have a signed "Business Associate Agreement" with any party that handles the covered protected health information (PHI).
Just remember that your AI chat history is not protected like attorney client privilege and can be used as evidence against you in court. If you talk to a lawyer and they use AI, those chats are privileged.
No. If you talk to an attorney and they take reasonable precautions to maintain the integrity of the confidential attorney client relationship, the privilege is preserved. If not, not preserved.
I don’t understand this situation .. where in your court case the prosecutor asks a judge to get a warrant for your AI chat logs … this is just not gonna happen.
I'm not sure if you're joking but there's actually active court cases right now where they have done just that
Just a few of the perps: Hisham Abugharbieh (Florida student murders), Jonathan Rinderknecht (Palisades Fire arson), Phoenix Ikner (FSU shooter), Ryan Schaefer (Missouri State vandalism)
There's also that thing involving somebody I think he used to be in the NFL and he was using ChatGPT to try to hide the body of his wife or something iirc
Digital evidence is huge for the last couple of decades and this is no different...
Also there was somebody who was just recently sentenced to life in prison for AI CSAM
But yeah I'm sure "this is just not gonna happen." lol
Curious if Thomson Reuters (Westlaw) felt threatened if they were this compelled to moan about it. All it does is make me wonder how well these skills perform when paired with Lexis (if possible?) instead of Westlaw.
This is why I think many of the current application-layer AI startup valuations are a bit iffy. When the big AI companies like Anthropic start expanding their vertical products, the calculus changes.
I'm just wondering how committed they'll be - I guess the edge some startups still have, is the fear that product suites from OpenAI / Anthropic / etc. will go the way of Google products, a year or two then straight to the morgue.
It's like asking what if AWS starts doing it, they have all the infrastructure in place. LLMs are just one cog. There is a lot on the application side they are not doing at all.
Every valuation in the AI space is iffy. Nobody actually has a solid business plan, only vibes, but that isn't stopping people from throwing money at them.
As someone who has represented themselves in tribunal before I'm definitely interested in this.
The only issue is that in some jurisdictions, like the UK, you can't just offer someone legal advice without being SRA accredited or FCA regulated.
I.e. this would effectively make Anthropic a claims management firm under the UK law.
> Under article 89I of Financial Services and Markets Act 2000 (Regulated Activities) Order 2001 ("The Order"), advising a claimant or potential claimant, investigating a claim and representing a claimant, in relation to a financial services or financial product claim is a defined regulated activity.
I'm a bit bothered by this line. Does it mean this is based on customer's sessions? Are they entitled to build knowledge bases for every profession, topic and workflow in the world using customer data?
Yes they are training on your business's data so that their AI can replace your business later. If you don't believe it, name one thing they didn't train on.
It definitely looks like the old tale come true - at Microsoft people would warn against using Google because then Google could figure out what we're working on, since it was pretty easy to tell where a query was coming from.
Sounded far fetched back then, and on the face of it illegal, but now it's just common sense I imagine.
I guess at some point we will have lawyers, attorneys and judges using this stuff ... at the point lawyers will become kinda "seo"/"copywriter" experts on how to better trick the others LLM.
I think the problem is that laws overlap, with decades of case law clarifying their interactions. Looking at one law probably isn't enough to determine whether an LLM is lying to you.
I wonder what clients would think if they discovered their lawyer uses a chatbot with their confidential story. Even with redaction, patterns still emerge. Certainly I wouldn't be happy in any case.
I see this as a strong case for private AI, or an in-house stack.
This is only for PR. No one checks what's in those docs, or if these are real, valid or ethical. The goal here is for all news outlets to pick them up. You're not the audience.
Given the amount of free PR they can get from some AI-generated .md files, I'd probably do the same if I was on their boat.
Right now, I don't think any other AI company generates as much as slop as Anthropic does.
Fake verticals created for no other purpose than to pad out a page in the IPO prospectus. That is literally their purpose, there is no technical or business content here worth discussing, but HackerNews is so pilled it can't help but discuss. Maybe after the 100th "Claude for dog walkers" announcement we'll catch on.
This seems like a shot across the bow for all large Claude API customers, which I'm sure they saw coming.
But still, a TSMC style pure play model provider would win huge business in the space given how many application companies are being eaten by model companies.
Harvey was never very good, or useful. It mostly exists so large law firms can say they do AI. AFAICT. I hope it dies and something useful takes over, but i doubt it :)
Keep in mind harvey starts at like 50-100k, and is well out of the cost range of the vast majority of law firms.
This will help random people dealing with small claims, people cosplaying lawyers to avoid costs, etc.
It will have no effect on the legal startups that are actually good (Eve, et al), because what this stuff does is nowhere close to what most lawyers outside of commercial contract legal counsel spend their time on. I considered doing some AI legal consulting/startups myself, and so have spent tons of time literally sitting down with lawyers in various areas outside of my own and seeing where they spend their time for real.
Let's take one area: personal injury attorneys who aren't in the volume game (which is owned by a fairly small number of large national firms) spend lots of time on case valuation, getting data, and exhibit prep.
None of this is going to help deal with getting missing medical records from places that require that you literally fax random stuff to them, and then call to followup 18 times. I wish i was kidding. Even getting electronic medical records is still a serious pain in the ass, human wise.
Or analyze the past 1000 cases you have (100-1000 documents per case), including what county, what opposing lawyer, counsel, plus the 1000 documents in this case, and give you a sense of how valuable this case is or not.
Or if you are a family lawyer, actually mediating a divorce.
Things like this are what actually useful specialized AI legal products do or at least help with.
Claude is very far away from being able to handle most of these things. It is a jack of all trades tool. Will it be able to do this someday? Maybe.
Additionally, keep in mind most legal startups i've run into are based on caricatures of what lawyers do (IE startups who think that most personal injury lawyers are running around after auto cases and trying to be high volume, etc).
Any lawyer who has deal with legal startups could very quickly tell you which will make it or not, because it's pretty consistent which solve real problems that will be hard to commoditize through things like claude for legal.
While i agree for the most part, they can only cut the middle man so many times before they get themselves in antitrust trouble.
I suspect that will happen faster than they'd like, because regulators (at least outside the US) are not interested in a repeat of Google/Amazon/Facebook/etc.
It will be hilarious to see this one play out because ChatGPT and Perplexity already do wonders for small-claim issues like tenancy laws, various personal letters, etc.
It's already doing wonders for small time businesses and individuals that municipalities think they're free to jerk around because the size of the screwing they're trying to dish out isn't worth hiring a lawyer and/or fighting through court over.
I assure you, in most democracies, most people are jerked around by other people acting in bad faith far more often than their government acting in bad faith.
Landlords, tenants, vendors, business and former romantic partners, clients, banks, even your local gym is way more likely to try to fuck you over than the government is.
The government is just people. Even before the current fiasco, the government had varying degrees of incompetence and malice, and if you're poor you can't do anything about it since the government is presumed to have been operating in good faith and you can't afford a lawyer or the time off work to try to fix it pro se.
I would love this for poor people to fight giant corporations via 'lawfare'. It's largely unethical (just like many corporations) but just knowing how to file junk lawsuits that cost corporations millions to fight would be nice.
I dont mean 'frivolous' like prisoners who file pro-se about their ice cream melting [1], but a level or two above that , that costs time and money to produce records and testimony to defend, even if nary a dime is paid out. Basically ask GPT to figure out the terms and theories to file to get your lawsuit accepted, and done by poor people who cannot afford to post $ or repay if they lose. aka "asymmetric warfare" that benefits the little guy, just like the kind private equity or other terrible corporations wield against the poor via"mandatory arbitration" clauses or damages caps and similar rules that always benefit corporations.
Harvey was always an upstart in the legal tech industry. There's other companies that have a much better understanding of the market and compliance issues but you don't hear about them because nobody wants to talk about legal tech.
Does anyone find it weird that Anthropic's Github org is `anthropics` (with an 's') and the `anthropic` username is owned by some random dude in Australia? Imagine the shenanigans someone can achieve with that user.
But for a beautiful window of a few minutes absolute chaos will ensue. Seems like a huge risk. And if Github/MS have power to do what you're saying, does it feel irresponsible not to do it pre-emptively with an apparently inactive account?
(1) For non-lawyers who use these skills/connectors/whatchamacallits to try to get legal advice, their communications are not protected by attorney-client privilege. This will absolutely bite some people in the ass.
(2) If a lawyer uses this with confidential client information (which, to the uninitiated, doesn't just mean SSNs and bank account numbers, but "all information relating to the representation of a client") and forgets to toggle off "Help improve Claude" in their settings, they have possibly (maybe even likely) committed malpractice.[1]
[1] https://www.americanbar.org/content/dam/aba/administrative/p...
> Judge Rakoff of the Southern District of New York — addressing “a question of first impression nationwide” — ruled that written exchanges between a criminal defendant and generative AI platform Claude were not protected by attorney-client privilege or the work product doctrine.
Much more to it than this one-liner that I pulled out, but safe to say, don't rely on or put your legal defense etc. (or elements of it) into AI unless you want it discovered.
(not a lawyer, unlike OP, who might be able to refine what I highlighted with more precision)
"You are an expert defense counsel with experience in Murder 1. Do not hallucinate. Let's say tomorrow my spouse is found strangled..."
Discovery in China will be a tad more difficult…
If somebody Googles "best attorney for murder NYC" a day after a murder is committed but before any case is filed against them (so they clearly had some reason to expect that case), could that be used as evidence?
Shouldn't that have been relatively clear to all parties involved? Maybe not to the defendant, who's apparently clueless.
The AI platform is not an attorney. A defendant's communications with an AI platform are therefore not communications between a client and their attorney, nor will the AI output constitute attorney "work product" because the AI platform is not an attorney.
Doesn't really come across as a novel problem, aside from AI being involved. I'm sure countless defendants have made the stupid mistake of talking about the facts of their case to persons other than their attorney, and those communications came back to bite them in the ass when discovered.
Explains why so many let loose afterwards ;) jokes
Does anyone know if there exists any OPSEC procedure for me to use third party tools like this for my own concerning legal questions that is both ethical and allows me to be confident that my interactions won't land in discovery documents?
This is a very narrow exemption, however.
(You would also want to make sure you're using a paid AI plan with contractually guaranteed privacy protections, otherwise it could be construed as third-party communications, which implicitly waives privilege.)
See: Warner v. Gilbarco, Inc.
So basically if you use any of the CLI tools, there is nothing for OpenAI, Anthropic, etc. to give the courts.
Online ChatGPT (especially the free version), are apparently cached by OpenAI on their servers. (I am not sure if Claude Desktop caches the conversations locally or in the cloud as well, read the fine print if it matters!)
Perhaps an AI generated summary of it is.
Isn't that a fundamental misunderstanding? Would "OPSEC" like that amount to destruction of evidence or contempt of court or something like that?
Like if all your incriminating documents are on some encrypted drive, it's not like that defeats discovery. You're supposed to decrypt them and hand them over.
And then you need to consistently use this for purposes other than crime.
Your only real defense against discovery is to not have said it, or to have destroyed all records of it before the hint of discovery wafted on the wind.
We need a law where someone can clearly designate a chat privileged, with severe consequences for mis-use.
How's this any different than any professional license? You're basically paying for preferential treatment from the state in a given subject area.
Because it's got nothing to do with the professional part? Licensing should affect their practice of law, sure, but it shouldn't grant random other privileges.
There's a good summary of the current state of things here: https://www.akerman.com/en/perspectives/ai-privilege-and-wor...
Also worth noting that none of this is binding precedent, so expect this field to evolve over time.
He needs to take care of them. Snitches get stitches.
For example in the medical world if you are a provider covered by HIPAA you must have a signed "Business Associate Agreement" with any party that handles the covered protected health information (PHI).
As in "I'm excited to win a lot of money dismantling hallucinated quotations and invalid assumptions"?
Just a few of the perps: Hisham Abugharbieh (Florida student murders), Jonathan Rinderknecht (Palisades Fire arson), Phoenix Ikner (FSU shooter), Ryan Schaefer (Missouri State vandalism)
There's also that thing involving somebody I think he used to be in the NFL and he was using ChatGPT to try to hide the body of his wife or something iirc
Digital evidence is huge for the last couple of decades and this is no different...
Also there was somebody who was just recently sentenced to life in prison for AI CSAM
But yeah I'm sure "this is just not gonna happen." lol
Curious if Thomson Reuters (Westlaw) felt threatened if they were this compelled to moan about it. All it does is make me wonder how well these skills perform when paired with Lexis (if possible?) instead of Westlaw.
I'm just wondering how committed they'll be - I guess the edge some startups still have, is the fear that product suites from OpenAI / Anthropic / etc. will go the way of Google products, a year or two then straight to the morgue.
The only issue is that in some jurisdictions, like the UK, you can't just offer someone legal advice without being SRA accredited or FCA regulated. I.e. this would effectively make Anthropic a claims management firm under the UK law.
> Under article 89I of Financial Services and Markets Act 2000 (Regulated Activities) Order 2001 ("The Order"), advising a claimant or potential claimant, investigating a claim and representing a claimant, in relation to a financial services or financial product claim is a defined regulated activity.
https://www.fca.org.uk/freedom-information/dual-regulation-c...
I'm a bit bothered by this line. Does it mean this is based on customer's sessions? Are they entitled to build knowledge bases for every profession, topic and workflow in the world using customer data?
Sounded far fetched back then, and on the face of it illegal, but now it's just common sense I imagine.
I see this as a strong case for private AI, or an in-house stack.
Or I have to be missing something.
`/loop 2days /create-new-{insert-industry}-md-files`
This is only for PR. No one checks what's in those docs, or if these are real, valid or ethical. The goal here is for all news outlets to pick them up. You're not the audience.
Given the amount of free PR they can get from some AI-generated .md files, I'd probably do the same if I was on their boat.
Right now, I don't think any other AI company generates as much as slop as Anthropic does.
Each cycle gets shorter and shorter to sustain the high.
[1] https://www.youtube.com/watch?v=HUngLgGRJpo
But still, a TSMC style pure play model provider would win huge business in the space given how many application companies are being eaten by model companies.
Harvey is valued at $11b
Harvey was never very good, or useful. It mostly exists so large law firms can say they do AI. AFAICT. I hope it dies and something useful takes over, but i doubt it :)
Keep in mind harvey starts at like 50-100k, and is well out of the cost range of the vast majority of law firms.
This will help random people dealing with small claims, people cosplaying lawyers to avoid costs, etc.
It will have no effect on the legal startups that are actually good (Eve, et al), because what this stuff does is nowhere close to what most lawyers outside of commercial contract legal counsel spend their time on. I considered doing some AI legal consulting/startups myself, and so have spent tons of time literally sitting down with lawyers in various areas outside of my own and seeing where they spend their time for real.
Let's take one area: personal injury attorneys who aren't in the volume game (which is owned by a fairly small number of large national firms) spend lots of time on case valuation, getting data, and exhibit prep.
None of this is going to help deal with getting missing medical records from places that require that you literally fax random stuff to them, and then call to followup 18 times. I wish i was kidding. Even getting electronic medical records is still a serious pain in the ass, human wise.
Or analyze the past 1000 cases you have (100-1000 documents per case), including what county, what opposing lawyer, counsel, plus the 1000 documents in this case, and give you a sense of how valuable this case is or not.
Or if you are a family lawyer, actually mediating a divorce.
Things like this are what actually useful specialized AI legal products do or at least help with.
Claude is very far away from being able to handle most of these things. It is a jack of all trades tool. Will it be able to do this someday? Maybe.
Additionally, keep in mind most legal startups i've run into are based on caricatures of what lawyers do (IE startups who think that most personal injury lawyers are running around after auto cases and trying to be high volume, etc).
Any lawyer who has deal with legal startups could very quickly tell you which will make it or not, because it's pretty consistent which solve real problems that will be hard to commoditize through things like claude for legal.
A life of every thin wrapper company will be the same. Anthropic/OpenAI will just cut the middle-man as soon as they see potential.
I suspect that will happen faster than they'd like, because regulators (at least outside the US) are not interested in a repeat of Google/Amazon/Facebook/etc.
Landlords, tenants, vendors, business and former romantic partners, clients, banks, even your local gym is way more likely to try to fuck you over than the government is.
I dont mean 'frivolous' like prisoners who file pro-se about their ice cream melting [1], but a level or two above that , that costs time and money to produce records and testimony to defend, even if nary a dime is paid out. Basically ask GPT to figure out the terms and theories to file to get your lawsuit accepted, and done by poor people who cannot afford to post $ or repay if they lose. aka "asymmetric warfare" that benefits the little guy, just like the kind private equity or other terrible corporations wield against the poor via"mandatory arbitration" clauses or damages caps and similar rules that always benefit corporations.
1. https://www.deseret.com/1994/3/21/19098386/melted-ice-cream-...
First step out of line and that account along with anything remotely connected will be banned to oblivion.
Given they share models on Azure, Anthropic will have someone at Microsoft on speed dial.
I've even seen disconnected commit hashes disappear during their security responses which the repo owner has no way of removing.
I half-suspect they threatened him and he stuck to his guns.
er, wait